There are a number of virtualization products for Linux and while I have used a number of them, the one that best fits my needs is OpenVZ. OpenVZ uses a form of virtualization called "process containers." OpenVZ is not a hardware emulator nor a virtual machine but a form of operating system-level virtualization that offers a way of grouping processes (running programs or system services) together to create a Virtual Environment (VE) or a Virtual Private Server (VPS).
What is OpenVZ?
OpenVZ is made up of three things: A kernel, a set of utility programs, and OS (operating system) templates.
The kernel - OpenVZ offers pre-built kernel packages for modern Red Hat Enterprise Linux systems/clones, (RHEL, CentOS and so on,) Fedora Core 5 and SUSE 10. OpenVZ has also been integrated into the lastest release of Mandriva Corporate Server and is also available for Gentoo via the Gentoo Portage system. For those who prefer to compile from source, complete source code is available in src.rpm format as well as patches and configs for the mainline Linux kernel source. The main new features provided by the OpenVZ kernel are process id virtualization (PID) and more extensive resource management (user beancounters).
The utility programs - OpenVZ provides several utility programs for creating, monitoring and managing virtual private servers (VPSes), software package management, OS template management, and taking system snapshots and live migration. vzctl is used to create, configure, modify, start and stop VPSes. The software package management tools include vzrpm and vzyum. The OS template tools include vzpkgadd and vzpkgcache. vzmigrate provides the ability to take system snapshots as well as live migration.
The templates - In an effort to make creating VPSes as easy as possible, OpenVZ includes template packages which are basically a collection of metadata used to define a Linux distribution. OpenVZ also offers pre-built distribution templates. What's the difference? The template package approach allows one to download all of the software packages that represent a given Linux distribution whereas a pre-built template is one big .tar.gz of a VPS.
Setting up an OpenVZ system is fairly quick and easy since you only have to download/install a kernel and a few additional software packages. Creating an OS template or downloading one of the pre-built OS templates can take a bit more time and bandwidth but once your template cache is setup, creating VPSes running any of the supported Linux distributions is really quick and easy. Creating a VPS and starting it can take as little as two minutes.
The process container approach
Scalability - The process container style of virtualization is very light-weight and efficient when compared to the hardware emulation (VMware and Parallels) or the para-virtualization (Xen and User-mode Linux) approaches. A VPS only takes up the resources needed to run the programs and services you want and does not have a separate kernel nor all of the underpinnings of a full OS.
As a result, OpenVZ offers native performance, dynamic resource allocation, and is exceptionally scalable. How scalable? The OpenVZ developers have done some benchmarking and claim to be able to run upto 120 basic VPSes on a single-core Pentium 4 based system with 768MB or RAM and upto 320 basic VPSes in 2GB of RAM.
No, that isn't a typo. With the other virtualization approaches, the main barrier to scalability is RAM, because each virtual machine needs the same amount of memory as a typical single machine. Since an OpenVZ VPS is just a set of processes, a VPS only consumes the CPU and RAM resources needed to run those processes. For example, a basic VPS (running Apache web-server, sshd, sendmail and syslogd) is approximately 15 processes.
Features - While OpenVZ is very light-weight, it does not skimp on the features. Functionally, a VPS is a separate machine with its own administrator (root user), users (system and user accounts), user disk quotas, services and software. OpenVZ comes with an extensive resource management system where the administrator of the host system can configure and dynamically allocate resources on a per-VPS basis. OpenVZ also offers advanced features such as system snapshots and live migration of a VPS from one physical host to another. The live migration implementation does not require shared storage, maintains network connections, and is so fast that the few seconds of downtime is often unnoticeable.
When to use OpenVZ
OpenVZ is well suited for a number of uses including server consolidation, hosting, development and testing, security, and education. If you have a number of Linux servers that are underutilized, OpenVZ can be used to consolidate them into fewer (or possibly one) physical machine(s). Hosting companies love VPSes because they can divide one single machine among many customers. Many system administrators take special care to install server applications into chrooted environments for additional security but a VPS is a much better solution for server application separation. For schools, imagine a system administration class where each student can have their own VPS.
When not to use OpenVZ
If you need to run multiple/different operating systems or kernels on a single machine, the hardware emulation or para-virtualization based virtualization methods are required as OpenVZ is a single OS (Linux), with a single kernel. OpenVZ is completely command line oriented and does not currently include any GUI based applications.. and is probably not appropriate for those who fear the shell prompt.
In the second part of this article I'll take you through the actual process of installing and using OpenVZ as well as introduce some tips and tricks for best practices.
