A System Administrator’s Diary

Free Virtualisation at its best!

Did you realise that VMware released ESXi for nothing recently? If not, get it and try it! All you need is a server with full KVM access (either over IP or locally) including the opportunity to install CD images (remotely). In my case, I went for a neat SuperMicro machine from SoftLayer, which offers full KVM-over-IP with remote CD mounts (ISO images on network storages or on the client computer). But that’s not important here, although they actually offer Double-RAM/Double-Drive deals, so that I am paying only US$ 311 for a Quad-Core Xeon, 6GB of RAM and 2×146 GB SAS at an Adaptec RAID controller. It’s an awesome offer, especially because they have an incredible user interface and are extremely flexible when it comes to updates/changes. Okay, okay. Enough advertising

This article is about virtualisation. Caution: Long article!

As I am professionally dealing with all sorts of Linux flavours (Debian/Ubuntu, RedHat, CentOS, Fedora) and BSD/Unix derivates (Solaris, FreeBSD, OpenBSD), I have always been keen on a real virtualisation solution. I have come across many different (para-)virtualisation solutions in desktop and server environments over the last couple of years. Just to give an outline, I will now list all of them (without any particular order). I’d like to give an overview of the main differences later. So here’s the list for virtualisation approaches:

• VMware ESXi / VMware Server
• XEN
• OpenVZ (Virtuozzo open source fork)
• Sun xVM (for some reason, many people do not see this one)
• QEMU (honestly, who of you knows that one? )
• FreeBSD jails
• Linux vserver
• VMware Fusion for Mac
• Parallels Desktop for Mac
• Linux Virtual Server (LVS)

Okay, here we have a bunch of different things in one big pot… First, we have a couple of desktop based products (Parallels Desktop, VMware Fusion). I am not going to go into details about them. Personally I think that for professional testing/dev environments, VMware Fusion is slightly better than Parallels Desktop, because its networking components are more sophisticated and also allow to boot via PXE/tftp from within a virtual machine! On the other hand Parallels Desktop is said to be slightly ahead regarding graphics performance. I did not see much difference. Apart from that, both do pretty much the same and allow to run a variety of operating systems on top of the MacOS platform. I am using both heavily and have never had any real problems (tested with Windows XP, FreeBSD, Solaris and a bunch of Linuxes as guests). Okay, enough about Desktop virtualisation, especially as neither VMware Fusion nor Parallels Desktop are for free. Well, they are almost and definitely worth the money. Should you ever need to run different OS on your Mac, I can recommend both.

Sun’s xVM sits somewhere in between desktop and server virtualisation. The Mac implementation is not yet very mature, so it is out of question for me. But on Linux it is known to run quite well. Certainly better than the Wine patchwork thingy.

And here we go. Finally, eh? How to virtualise your server for developement, testing, or production use…

The rising star and increasingly popular is certainly XEN. I used to work with it way back in the past (early 2.x, if I remember correctly). That time, it was hardly more than an experimental virtualisation. It was great to use for running a couple of Linux instances on one machine. But you could not expect much more from it. Quite annoying was the fact that you had to patch the host and guest kernels. Also, it was anything but well documented. As it is becoming more and more popular, I would expect that it has become more mature over time. For sure I can tell that it performed quite well. When it comes to more than “just” Linux guests, XEN does not have much to offer. Support for Windows seems to become better, but FreeBSD or Solaris are still out of question.

If I needed to go for a para-virtualisation which allows to run Linux guests only, I would go for OpenVZ. It is documented very well and offers loads of opportunities to assign ressources to its guests. As an Open Source fork of Virtuozzo, it moreover has proven reliability very well. It comes with pre-compiled Linux kernels and a couple of tools. All of them are easy to install and work right out of the box. As from my experience, the performance is awesome.

Neither XEN nor OpenVZ do have their own graphical interface. That’s where a tool named HyperVM kicks in. It’s not for free but claims to be the only graphical front-end for both XEN and OpenVZ. I’ve never tried it, but people who fancy graphical tools rather than command line tweaking, might want to give it a go.

Other Linux-only virtualisation approaches are Linux Virtual Server and Linux vServer. I’ve tested both in an early stage, but they really did not convince me. None of them was capable of assigning resources to guests (resources in terms of at least RAM and CPU soft and hard limits). OpenVZ does that much better, as it enables you to limit almost everything. However, Linux vServer at least runs very stable (we used that on Ubuntu Server production machines in the last company I worked for).

A bit of a special role takes QEMU. Unlike the other mentioned virtualisation approaches, it does not need any kernel manipulation or sophisticated configuration. It’s merely a userland program which provides an environment for a single virtual computer. This is great if you quickly want to test something on another platform. “Quickly” in terms of easy to set up, not in terms of performance. Compared to kernel-level virtualisations it performs rather poorly. Where that isn’t important, it however is a great tool.
I used it to prepare FreeBSD images for a server which I did not have KVM access to. After preparing the images on my local client, I uploaded them to the rescue system on the server (booted via PXE) and then wrote the image directly to disk. Those days, there was no other way for me to do it; and it worked unexpectedly great!

Another special approach can be found on FreeBSD: so-called jails. It is pretty similar to Linux-only virtualisation on Linux systems, although it’s obviously for FreeBSD only. You get fully separated guests (jails), which have to get an IP address assigned (kind of bridged mode) and operate completely independently from the host system. Together with layered file-systems, read-only and null mounts, you can set up very slim but secure guests. Also, it is possible to run guests on higher secure-levels (a FreeBSD thing), and make them extraordinary safe. They perform incredibly well.

And here we go: VMware Server and ESXi Installable. It’s not a secret that I like them more than any other virtualisation approach, because they allow to run any imaginable operating system as guests. Moreover they offer extremely good tools to create and manage guests and to overlook the health and performance. With the VMware Converter, it is possible to transfer guests between different dedicated servers. All of this for free!

When ESXi 3.5 was released for free on Monday, July 28th, I decided to install it immediately on a private server, because I wanted to find out in which way it differs from VMware Server (which has been for free since its first release).
First of all, it does not depend on the host operating system, because it is just a hypervisor which then allows to install any operating systems as guests. So basically, we do not have a host operating system at all here, which certainly improves stability, performance and maybe also security. Secondly, it allows to set up a virtual network infrastructure as well. Virtual switches, VLANs,… Basically it means, that ESXi allows you to run a small data centre virtually. This of course offers great opportunities for a variety of testing scenarios.

Apart from that, it does not really differ from VMware Server. Both ESXi and Server can be maintained either through Perl scripts (remotely) or through the VMware Infrastructure Client (also free, but requires Windows to run). It’s needless to say that VMware products are rock-solid and reliable due to the fact that they are widely spread and have been available for many years. Only the EULA of VMware ESXi and Server is still a bit mistakebly. I started a discussion thread in the VMware community forum to get that clarified.

In another blog entry, I’d like to explain why virtualisation is much more interesting for many people than they might think. And I’ll also give an example with my own private server setup.