Top.Mail.Ru
? ?

Entries by tag: openvz

Here is an example of how things are working in the free software world.

We at OpenVZ use kernels from Red Hat Enterprise Linux as a base for our OpenVZ kernels. This is because vendors such as Red Hat invest a lot of work into making their kernels really stable. The usual recipe for a super-stable kernel is to pick a mainstream kernel and marinate it in QA for at least half a year (more for the best results), doing bugfixing and cherry-picking of fixes and driver updates from the mainstream. This way one have enough time to test it, plus (at least in theory) one get new fixes but do not get new bugs slipped into one's kernel. This is what Red Hat (and other guys such as Novell/SUSE) does for their kernels, and believe me it's quite a lot of work to do, and the end result is of great value.

Here comes the beauty of free software: now everybody can use the result of Red Hat's work. Yes, this is exactly what we do. At this point you might stand up saying: all right, Red Hat invested a lot of resources into something you use for free, this does not look like a fair deal.

Fortunately I have a good answer. Here is the list of bug (i.e. software defect) reports that were fixed in Red Hat Enterprise Linux kernels thanks to OpenVZ team (in some way): #405521, #247379, #205335 , #210852, #168659, #243252, #207463, #228461, #243263, #224541, #232209, #232211, #239767, #220971, #400651, #214778, #203894, #212144, #215715, #241096, #241096, #439670. These 22 bugs are all kernel bugs, most are security-related (and therefore quite serious). Almost all the bug reports from the list include patches (i.e. changes to code to fix a problem reported), so those are not like "hey, you have a problem", but rather "you have a problem and here's the solution".

The majority of those bugs were found while testing OpenVZ kernels. This is what we contribute back. This is also a lot of work and of great value -- some of those bugs were really hard to find and/or fix.

The latest (23rd) addition to the above list is bug #454865, which is actually a regression in a new version of RHEL4 kernel. Again, this report not only includes a clear description of what's wrong, but also a test case program which reproduces the bug, and a patch to fix it. Clear test cases are very important because those can be included into a validation test suite, to make sure bugs are not popping out for the second time (which sometimes happens in the real world).

This is just one example, a close-up picture. The big picture is free software developers and users helping other developers and users. Unus pro omnibus, omnes pro uno.

Live from LinuxWorld expo

I am currently standing at the OpenVZ booth at LinuxWorld Conference and Expo, San Francisco. Today is the first day of the show, the traffic is pretty good. The only bad thing is Delta lost my bag with booth banners and rollups so the booth looks a bit empty.

Marc Perkel, Scott Dowdle and Adeel Nazir are all manning the booth, talking to existing and (I hope) future OpenVZ users. So I was able to release a new RHEL5-based kernel right from here.

Tomorrow morning at 10:15 I will be giving a talk titled "Containers, Virtualization, and Live Migration".

Containers mini-summit and Linux Symposium

While I am writing this, people are discussing the future of containers in the Linux Kernel at the containers mini-summit which is happening in Ottawa at the moment. You can check some rough notes from the event here. Three guys from OpenVZ team are there: Pavel Emelyanov, Denis Lunev, and Andrey Mirkin.

If you are attending Linux Symposium in Ottawa, note that this Friday, 25th, Andrey Mirkin will talk about containers checkpointing and live migration (12:00, Rockhopper room). It's going to be an interesting talk, do not miss it.

Also, this Wednesday, 23rd, Balbir Singh will lead a BoF on Memory Controller (17:45, Fiordland room). Memory controller is quite important for containers, and while some stuff are already in the mainline kernel, there's still lots to be discussed and developed in the area. You can think of this BoF as an extension to containers mini-summit.
I discovered three major issues in the usage scenarios of OpenVZ in the enterprise market:
  1. Installation takes time and needs Linux knowledge
  2. The missing GUI management
  3. And the inability to run unmodified guests like Windows on an OpenVZ host
I also had other wishes like integrated backup and restore, live-migration, central configuration management and integrated virtual appliances download. So I presented this last year to our development team – a few months later, we proudly presents the first release of our Proxmox Virtual Environment.

Now we have the virtualization platform for the enterprise, licensed under GNU GPLv2.

Proxmox VE is the only virtualization platform which can do all of the following on one physical host:
  • Container Virtualization (OpenVZ)
  • Full virtualization (KVM)
  • Para-virtualization (KVM)
We encourage everybody to test Proxmox VE and give feedback, for download and documentation please visit the Proxmox VE Wiki.

Feel free to get in contact with me directly - martin@proxmox.com.

Linux kernel 2.6.26-rc1 is out

Linus has released 2.6.26-rc1 yesterday. Here rc1 means this is the first "release candidate" for 2.6.26, and the merge window is now closed, so for the next two months or so before final 2.6.26 release only bugfixes will be accepted.

And I just can't resist the temptation to post my new favorite image here, so you can enjoy it too:


Click to get the hi-res image and the scripts used to produce it.


The majority of these 299 changesets that made it to 2.6.26-rc1 is about network namespaces.

Tags:

At this years Linuxfest Northwest 2008 show in Bellingham, Washington I gave a presentation entitled OS Virtualization vs. Hardware Virtualization. LFNW takes place at Bellingham Technical College and the BTC had video cameras setup in two of the presentations rooms. I was lucky enough to have my presentation streamed live as well as archived for playback anytime.

I doubt there is any new material in my presentation for readers of this blog, because it was basically an Introduction to OpenVZ. The room was full and only a couple of people had used OpenVZ before so I was presenting to a lot of potential users.



It is also available on ustream.tv. I believe the BTC folks will be offering all of the presentations for download in the near future.

Feel free to check out my slides in PDF format. Unfortunately I didn't get to the last 5 slides which are about the inclusion of cgroups/containers in the mainline kernel, the contributions made by OpenVZ/Parallels, and future uses of containers. If you look at those slides you'll see I borrow from some recent material here on this blog. Near the end, when answering someone's question I mention offline migration and mistakenly refer to checkpointing and restoring from a checkpoint... which is obviously part of online migration. Other than that mistake I was fairly happy with the presentation.

I also wrote an article entitled Linuxfest Northwest 2008 Report which includes links to all of the available presentation videos. I really recommend the Linuxfest Northwest conference... and it's free.

Tags:

As you may already know Linux kernel 2.6.25 is released today. Among many other things (see Linux 2.6.25 changelog at kernelnewbies.org for details), it moves us one step closer to having containers in the mainstream Linux. Or maybe even two steps.

First is memory controller. The code is submitted by Balbir Singh (of IBM), and is mostly based on an earlier work by Pavel Emelyanov (of OpenVZ), Balbir and some others. It uses the "control groups" (cgroups) framework introduced earlier by Paul Menage of Google. Basically, memory controller (in its current form) lets one to control the amount of physical memory used by a group of processes (i.e. by a container). This is a vital feature for containers since all the containers are using the same RAM resource, so for containers to co-exist nicely they should not be allowed to use too much memory. Now, system administrator can set a per-container memory limits. The whole technology is known as User Beancounters (or just Beancounters) in OpenVZ world -- it's just we have more different parameters (and thus knobs and dials) in OpenVZ.

But, in a sense, the memory controller that is now in mainstream is better than one we have in OpenVZ. The one in mainstream limits the amount of physical (RSS) pages used by a container, and if this limit is exceeded, pages are swapped out. Well, in fact, they are not swapped out -- this would cause the unnecessary disk I/O activity in case it's just a container limit being hit, and otherwise there is enough memory on the system. In this case container's memory pages are put to the swap cache. In case of global memory shortage this swap cache will be freed, i.e. swapped out to disk. To summarize, this cool feature allows to have containers with strict memory limits, but decent overall system behavior.

The second feature (and thus the second step) is network namespaces -- an ability to for containers to have their own network stacks. This is still a work in progress. The first bits and pieces appeared in 2.6.24. A lot of network namespaces code (more than 200 changesets I guess) now appeared in 2.6.25, and despite my earlier predictions it's still not the end of the journey. A lot more code (also about 200 changesets) is now in net-2.6.26 tree (networking subsystem branch maintained by David Miller), scheduled to be included in Linux 2.6.26. Risking to be wrong for the second time, I'm still thinking that in Linux 2.6.26 we will likely have fairly complete implementation of net namespaces. A short description of what we will try to have in 2.6.26 as it comes for networking is here.

Speaking of 2.6.26 -- looks like it will be our next base kernel. We are now maintaining 2.6.24-based development branch (which is also used for OpenVZ-enabled Ubuntu Hardy Heron kernels), and will start porting OpenVZ patchset to 2.6.26 soon.

Finally, here's the graph that shows how many changesets, per kernel release, our team has contributed. No need to comment it I guess.



Also, here's the list of top10 contributors to the Linux 2.6.25. Our company is #7.
Top changeset contributors by employer
(None)                    1188 (9.3%)
Red Hat                   1181 (9.3%)
Novell                     817 (6.4%)
IBM                        703 (5.5%)
Intel                      472 (3.7%)
Bartlomiej Zolnierkiewicz  307 (2.4%)
Parallels                  278 (2.2%) <---
Oracle                     255 (2.0%)
bunk@kernel.org            227 (1.8%)
(Academia)                 225 (1.8%)


Pavel Emelyanov has made it to top10 of developers.
Developers with the most changesets
Bartlomiej Zolnierkiewicz  307 (2.4%)
Adrian Bunk                234 (1.8%)
Patrick McHardy            225 (1.8%)
Ingo Molnar                213 (1.7%)
Paul Mundt                 207 (1.6%)
Greg Kroah-Hartman         172 (1.4%)
Thomas Gleixner            166 (1.3%)
Jesper Nilsson             166 (1.3%)
Pavel Emelyanov            160 (1.3%) <---
Harvey Harrison            150 (1.2%)

Another prominent OpenVZ guy is Denis Lunev, who is number 26 in the list with 87 changesets. The full list of people contributed to this release is more than 1200 lines long.

Tags:

SCALE6x and Florida Linux Show

Better late than never, these are my impressions about SCALE and Florida Linux Show we (me and my colleague, an OpenVZ kernel developer Andrey Mirkin) went to in February.

Back in 2006 I was a speaker at SCALE4x, so I can compare and say SCALE is getting bigger and better! This time it was three days, with three parallel conference tracks and about 80 booths, one of which was OpenVZ.

The booth traffic was moderate to high, we were busy explaining OpenVZ to people, distributing booklets and live CDs, and burning more CDs. For the first time we used lightscribe to have a nice image on CDs, and I can say it works pretty well, but requires about 15 minutes for the image to be "scribed" (and about the same time for the actual data).

Also we did a talk on live migration which was quite technical and interesting. Talk was mostly delivered by Andrey, and this is the first time he did a talk in English. I hope that SCALE people will upload the audio/video from the talk -- it should be interesting enough. Unfortunately we were not able to listen to any other talks -- this is the price for having own booth.

Last day of the show was Sunday, and overnight we flew to another coast, to deliver the OpenVZ talk to participants of the Florida Linux Show. FLS is (I hope yet) much smaller than SCALE, and it is one day only, but the organisation is about the same: the expo floor and the conference tracks. My talk was attended by about 50 people, of which about 15 were asking good questions.

I managed to show the live migration of a container running pacman xscreensaver, but it was interrrupted when I raised a hand with the second notebook to show it -- apparently both the power supply and the battery got disconnected so it suddenly switched off. I continued with the slides while Andrey fixed the notebook, and then I showed the demo (without touching the second notebook this time). This "demo effect" happens from time to time, and the more people are attending the more the probability that it will happen. Anyway, all's well that ends well.

In the evening we had a dinner with some FLS participants, including Jon "maddog" Hall who was the keynote speaker, and Dan Trevino, a member of local Ubuntu community who helps us with OpenVZ/Ubuntu integration.

Next day we were in New York and met with Vasily Tarasov, our colleague who is now taking the post graduate courses in Stony Brook University. He is working on various kernel-related projects and maybe will help us a bit with OpenVZ.

For those of you who are not yet aware, Linux kernel 2.6.24 is finally out.

OpenVZ is (and has been, for the past few years) a good contributor to the mainline kernel. But in this release we are really doing better than before: 215 patches written by OpenVZ people submitted to the 2.6.24 kernel during the period of its development (i.e. last 3½ months). This is about 2% of all the patches that were merged into 2.6.24.

Most of that patches are for PID namespaces, preliminary support for net namespaces (i.e. network stack virtualization for containers), and various bugfixes.

PID namespace is now almost complete and quite usable, although it's marked as "experimental" for now. For the technical description of the feature, see this lwn.net article.

Net namespace is a work-in-progress, and there are already a lot of patches stacked in Dave Miller's net-2.6.25 tree for future inclusion into the 2.6.25 mainline kernel. The feature is expected to be complete and usable by 2.6.25 kernel release, with IPv6 support coming a bit later.

Jon Corbet of LWN.net also wrote about the 2.6.24 kernel statistics (back when it was still at a RC stage) here. Note that OpenVZ's Pavel Emelyanov is number 5 in "Most active developers" (by changeset) list, with 146 patches contributed.

Tags:

Daniel Robbins, the man who started Gentoo (one of my favorite Linux distros which I use on my notebook and a few boxes at home), blogs about OpenVZ and offers Gentoo templates for OpenVZ that he created here.

I like the way he summarizes what OpenVZ is: "a really fantastic lightweight Linux virtualization technology that doesn't have the performance overhead of full OS virtualization systems".

Gentoo templates and other OpenVZ-related stuff from Daniel can be downloaded from www.funtoo.org/linux/openvz/

Tags:

Latest Month

July 2016
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Syndicate

RSS Atom

Comments

Powered by LiveJournal.com
Designed by Tiffany Chow