FW: Re: OT ... the new buzz word: virtualization

nega at exmachinae.net nega at exmachinae.net
Thu Mar 31 22:30:25 PST 2005


oops, should have sent this to the list too....

--- Begin Message ---



From:

<nega at xxxxxxxxxxxxxx>




Date:

Fri, 1 Apr 2005 01:32:05 -0500



Marc G. Fournier writes:
 > 
 > Everyone seems to be jumping onto this one lately, and I'm curious as to 
 > exactly what it means, and what it can do ...
 > 
 > Du to the work that has been done on the whole VFS layer, specifically the 
 > plans towards fixing unionfs, my plan is to eventually move my servers 
 > from FreeBSD 4.x to DragonFlyBSD (when, of course, depends on that unionfs 
 > code *nudge nudge* *wink wink*) ...
 > 
 > All of our clients use jail'd environments, and I've had one ask about 
 > switching to using Xen ... other then being able to run other OSs (which I 
 > don't want to do), I can't really see benefits, and only the drawback of 
 > the extra overhead I would imagine would be inherent with something like 
 > that, which I imagine would have its own kernel, and therefore, use more 
 > memory resources then our current jail'd environments ...
 > 
 > So, I guess my question is what exactly is virtualization? Is it *just* a 
 > way of running multiple operating systems on one box, and that is the only 
 > thing that makes use of it ... or woudl the operating system itself, 
 > without any "extra software" make some sort of use of that sort of thing? 
 > Is there some sort of performance benefit to it?
 > 

ugh! the evil buzzwords du jour!! (my current bane is
"operationalize".  why can't we just "make it operational"?)

let me put this out there right now. you can forget about running Xen
under DragonFly. Xen requires modifications to the host opperating
system in order to run it. so, its not like VMware which you can just
plop on as an application.

"virtualization" can have several meanings(1), but currently it focuses
on running one (or more) operating systems with in another, on a level
thats closer to the hardware than emulation would be.  i'll talk about
that here.  

if youre thinking of performance benefits as better/faster/harder/more,
then no, virtualization will bring you nothing. think about
it. running an operating system so that you can run an operating
system.  two (or more) operating systems running on the same set of
hardware at the same time. obviously there is a penalty. now, if your
performance benefit is, faster cross-compiliation, or faster crash
recovery then yes, there can definatly be a performance benefit!!!
this example is just off the top of my head... imaging compiling a
NeXTStep i386 system on i[3|4]86 hardware as opposed to on a virtual
system running on P4.(2) it could take days on the actual hardware, or
minutes on a P4. this angle seems to be benifiting the NetBSD project
greatly. (based on their recent news.)

virtualization does have some benefits when it comes to HoneyNets,
HoneyPots, Honey*, etc. the whole Honey* is something i don't want to
get into for various reasons, but i'd imagine that the HoneyNet
Project has plenty of documentation on virtualization and honeynets at
their website.

as to your question about whether or not the OS itself would make use
of virtualization, that could depend on which OS you mean. the host?
or the guest OS?

as far as the host operating system goes, the only benefit (in my
experience) occurs in MLS (Multi-Level Security) or
"compartmentalized" systems. you can argue that these systems arent
truely "virtualized" (in the sense that theyre not necessarilly
running an OS within an OS). to get a better feel about what an
MLS/compartmentalized system is, read about LSD's experiences with
Argus's Pitbull product (http://www.lsd-pl.net/argus.html). there
should be some pointers there.

now, if we're talking about the benefits for "systems" that are not
operating systems, programming languages for instance, you'll have to
decide that for yourself. (http://java.sun.com &
http://www.parrotcode.org)

this is all my 2 cents of course. if anyone has more/better/different
"pros" (as opposed to "cons"), id like to hear them. :)

(1)
back when i was studying EE, we used virtualization to decribe how we
designed and emulated hardware within software. if a system we designed was
implemented in one program it was "emulated". if it was implemented in
multiple programs that communicated w/ eachother it was "virtualized".

(2)
NeXTStep i386 (WhiteBox) could have possibly run on Pentiums. a 90MHz
Pentium was my hot new bleeding edge box the last time that i saw
NeXTStep i386 for sale. of course, i'd never run NeXTStep on anything
other than NeXT hardware! (/me pets his slabs... good, pretty
slabs...)

--- End Message ---




More information about the Users mailing list