Re: OT: Xen
On Tue, Apr 04, 2006 at 08:11:32AM +1000, Matthew Palmer [EMAIL PROTECTED] wrote a message of 14 lines which said: Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. Because they are different virtualisation solutions with different requirments. If you have unrelated customers, who do not trust each other, Xen (or UML) is OK. If you just want to put one service on a different machine but do not have the money (or the rack space) to dedicate a box to just DHCP, Linux Vservers or FreeBSD jails are fine.
Re: OT: Xen
On 4/3/06, Stephane Bortzmeyer [EMAIL PROTECTED] wrote: On Sat, Apr 01, 2006 at 04:51:09PM -0600, Chris Adams [EMAIL PROTECTED] wrote a message of 17 lines which said: unixshell.com claims more service (RAM, disk, monthly transfer) for less per month: http://www.unixshell.com/ Apparently, it is no based on Xen which you may find a good or a bad thing, depending on your requirments. (For instance, Unixshell's offer is limited to Linux, while Panix allows NetBSD.) Virtualization solutions are very different and comparing RAM and disk is not sufficient. According to Unixshell's website, it is, in fact, Xen. Their technology link goes to: http://www.unixshell.com/xen.html Of which the first line is unixshell# is powered by the Xen hypervisor engine.
Re: OT: Xen
Once upon a time, Stephane Bortzmeyer [EMAIL PROTECTED] said: On Sat, Apr 01, 2006 at 04:51:09PM -0600, Chris Adams [EMAIL PROTECTED] wrote a message of 17 lines which said: unixshell.com claims more service (RAM, disk, monthly transfer) for less per month: http://www.unixshell.com/ Apparently, it is no based on Xen which you may find a good or a bad thing, depending on your requirments. (For instance, Unixshell's offer is limited to Linux, while Panix allows NetBSD.) Both unixshell and Panix are using Xen. Both have a limited set of OSes they offer. It looks like Panix includes some support, while unixshell charges extra for support. Virtualization solutions are very different and comparing RAM and disk is not sufficient. No, but for companies offering similar services (e.g. Fedora on Xen if that is what you are looking for), that's a significant thing to note. -- Chris Adams [EMAIL PROTECTED] Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: OT: Xen
On Sat, 1 Apr 2006, David Lesher wrote: Panix is offering Xen-based virtual servers. I mention same here only because I've seen almost no discussion of virtualized servers, and hope to learn from the surely-resulting flameware http://www.panix.com/corp/virtuals/ Xen and similar solutions are gaining popularity because they work on a similar model as that used for ADSL: most users don't use all the resources all the time. By virtualizing, the provider can offer dedicated colocation at a somewhat lower cost to the user, and a *much* lower cost to the provider. If properly provisioned, by distributing more heavily loaded virtual machines appropriately, you can probably attain virtualization of 20-30 or more per 2-way or 2-dual-core SMP box and still have CPU left over. Note that Xen in particular has major advantages over some similar products because it eliminates CPU-consuming system trap hackery needed to emulate hardware devices and page-table mappings. Xen is not, however, backed with extensive commercial support (XenSource is still evolving at the moment), lacks easy integration into popular UI/control-panel products, and requires special kernels for the contained OS's (not such a big deal in practice). The current problems haven't stopped some early adopters from trying out Xen. By and large, those who were once using UML[*] and have now tried Xen have switched and not looked back. [*] User Mode Linux, which I went out of my way to heckle (with technically sound arguments, mind you) at an IETF when it was proposed as a method of virtualization. The sad part is, some folks bought the drivel and actually set up businesses using UML as a virtualization layer. -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: OT: Xen
Once upon a time, Todd Vierling [EMAIL PROTECTED] said: Xen is not, however, backed with extensive commercial support (XenSource is still evolving at the moment), Red Hat has announced that the next rev of their commercial OS offering, RHEL 5, will include Xen as a major component. lacks easy integration into popular UI/control-panel products, and requires special kernels for the contained OS's (not such a big deal in practice). With the right CPUs (late model Intel only at the moment), you can run an OS unmodified with a little higher overhead. This means you can run Windows on the same box as Linux on the same box as *BSD, all at the same time. Later this year, AMD's CPUs will add a similar (but different) extension. -- Chris Adams [EMAIL PROTECTED] Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: OT: Xen
On Mon, 3 Apr 2006, Chris Adams wrote: Xen is not, however, backed with extensive commercial support (XenSource is still evolving at the moment), Red Hat has announced that the next rev of their commercial OS offering, RHEL 5, will include Xen as a major component. The point is that decent commercial support is evolving and not quite Here Right Now. lacks easy integration into popular UI/control-panel products, and requires special kernels for the contained OS's (not such a big deal in practice). With the right CPUs (late model Intel only at the moment), you can run an OS unmodified with a little higher overhead. It's still some overhead because it's emulating hardware devices, but thanks to VX, it's not as bad as the classical virtualization trap hacks. Once AMD releases their counterpart version of the virtualization extensions en masse, this will probably get more steam from providers. If a Xen-instrumented kernel is available for the desired OS, that would still be preferable, of course. -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: OT: Xen
Hi, Speaking of commercial support, I have been looking really closely at using Solaris 10 which includes Zones. I am not so much concerned about the OS games, but very much concerned about the HW % utilization issue that this could help solve. From what I have found with Solaris Zones it is VERY easy to setup and configure. The question that I got flamed on a while back for being off topic, how do you get two different DHCP addresses from difference sources on the same interface, can be solved by using Zones for example. But there has been so much press lately about Xen. And from what I read in Linux mag recently there is HW support that totally changes how efficient Xen can be. So one thing I am wondering, with Zones you can setup a new instance that is a copy of another pretty much instantly. Does Xen offer the same thing? Or do you still have to go through an install process for example? I am esp wondering about this with something like XP.. Thanks, Eric At 07:00 AM 4/3/2006, Todd Vierling wrote: On Mon, 3 Apr 2006, Chris Adams wrote: Xen is not, however, backed with extensive commercial support (XenSource is still evolving at the moment), Red Hat has announced that the next rev of their commercial OS offering, RHEL 5, will include Xen as a major component. The point is that decent commercial support is evolving and not quite Here Right Now. lacks easy integration into popular UI/control-panel products, and requires special kernels for the contained OS's (not such a big deal in practice). With the right CPUs (late model Intel only at the moment), you can run an OS unmodified with a little higher overhead. It's still some overhead because it's emulating hardware devices, but thanks to VX, it's not as bad as the classical virtualization trap hacks. Once AMD releases their counterpart version of the virtualization extensions en masse, this will probably get more steam from providers. If a Xen-instrumented kernel is available for the desired OS, that would still be preferable, of course. -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: OT: Xen
On Mon, 3 Apr 2006, [EMAIL PROTECTED] wrote: Solaris shops are going to find Zones useful. Linux shops are going to find Xen useful. However, I severely doubt that Zones are going to attract any Linux shops, or that Xen will be enough to make Solaris shops convert. Xen's bigges strength really is in the colocation business. With VX-enabled machines, it is capable of running instrumented OS's (Linux, Free/NetBSD) at almost native speeds, and non-instrumented OS's (Windows, Solaris) with a couple-% hit. It's that flexibility that leads to colo as the market where Xen shines. If it really were an OS-specific issue, then Linux shops might as well use UML. (cough shudder) -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: OT: Xen
On Mon, 3 Apr 2006, Eric Frazier wrote: Now that is what I have in mind. For me this is esp important where I have something nasty like a guy hosting a bunch of forums that are always not getting updated and getting defaced or worse. Until now I have had a dirty machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really? This is now straying really OT. I answered some of this offlist, but generally, the best place for technical background on Xen is its home: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: OT: Xen
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote: machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really? Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. To get into the host, you'd need to subvert one of the backend drivers via the guest in such a way that you got the ability to run some sort of subversive command in the host. The possibility of a DoS (crash) is much higher than a take-over compromise, but even then it's not something I'd be inclined to worry about deeply. - Matt
Re: OT: Xen
On Mon, Apr 03, 2006 at 08:50:51AM -0700, Eric Frazier wrote: Xen can be. So one thing I am wondering, with Zones you can setup a new instance that is a copy of another pretty much instantly. Does Xen offer the same thing? Or do you still have to go through an install process for example? I am esp wondering about this with something like XP.. Xen itself: no. But LVM is a wonderful thing. - Matt
Re: OT: Xen
On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said: Best is: You dont run anything that is not needed. If you run only a single application, your system is not worth the time it takes to hack it :) For the benefit of people reading the archives in search of clue: There's a smiley on that, because Peter knows full well that the single biggest security problem on the Internet is boxes that are running one application, or end-user boxes, that aren't run in a secure manner because there's nothing of interest on the box. If the box has an IP address, and an Internet connection, it's *always* of interest, if only as a zombie or a steppingstone box to launder a connection. pgpcNGxvH6xTD.pgp Description: PGP signature
OT: Xen
Panix is offering Xen-based virtual servers. I mention same here only because I've seen almost no discussion of virtualized servers, and hope to learn from the surely-resulting flameware http://www.panix.com/corp/virtuals/ -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: OT: Xen
Once upon a time, David Lesher [EMAIL PROTECTED] said: Panix is offering Xen-based virtual servers. I mention same here only because I've seen almost no discussion of virtualized servers, and hope to learn from the surely-resulting flameware http://www.panix.com/corp/virtuals/ unixshell.com claims more service (RAM, disk, monthly transfer) for less per month: http://www.unixshell.com/ -- Chris Adams [EMAIL PROTECTED] Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.