On Fri, Jun 02, 2023 at 05:18:38PM +0200, zithro wrote:
On 02 Jun 2023 14:31, Michael Stone wrote:
I don't recommend xen for new projects. It has more pieces and tends to be more fragile than qemu+kvm, for no real benefits these days. (IMO)

Define "more pieces" and "more fragile" ?

You need to juggle kernel version, qemu version, and xen version. You need a bootable dom0 *as well as* a bootable xen hypervisor. If any of these things mismatch or stop working, things break. The xen-specific pieces are generally less well known and less operationally tested because there are fewer users. The xen developers have gone through several vm models and various deprecations in the past few years, and there have been actual breakages for users of the debian packages due to the many combinations of features which can break in the presence of changes (such as changes needed for security issues) and the difficulty (infeasibility?) of testing all the possible combinations. That would be less of an issue if rolling your own and tracking xen upstream directly, but this is a debian list, and the debian packages face a different set of constraints.

It has a really low TCB and still used by amazon for their cloud.

As a legacy service. New VMs are deployed using different technologies. They were the only major cloud service to go with xen, and their continued use seems more a matter of leaving it running for legacy instances being less work than migrating everything. (Which is basically where I still have deployed.) Amazon is also not using a xen package from a general purpose OS, and has quite a large team devoted to the care and feeding of that infrastructure. It's basically an apples to boxcars comparision unless the person trying to decide which hypervisor to go with happens to be running one of the largest clouds in the world. (Which begs the question of why on earth they'd be looking for answers on debian-user.)

You don't even need qemu if running fully virtualized guests (PV/PVH).

xen's continuing search for the next great thing (pv/hvm/pvhvm/pvh/pvhv2) has itself been a source of operational pain. From the perspective of taking the best advantage of the technology available at the time it's great, but from the perspective of wanting to set something up and just have it keep running, it's a pain. (And, to the point, kvm has been less of a pain because for better or worse its model has remained more stable.)

None of this is to say that xen is a bad project or that some people may find it the best option, but I'll continue to not recommended it as a general solution for people looking to deploy a new vm environment. It's just easier to go with kvm.

Reply via email to