Linux heavies plan lightweight virtualization
Novell and Red Hat have concrete plans to build "container" virtualization into their Linux products.
- Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.
Xen is a "hypervisor" that lets a single computer run several operating systems simultaneously, using an idea called "virtualization." This enables companies to use a single server more efficiently--something that could save them money. Now "containers," a higher-level virtualization approach that makes a single operating system look like many, is also getting traction.
Specifically, containers are likely to appear in the next major versions of Red Hat Enterprise Linux (RHEL) and Novell's Suse Linux Enterprise Server (SLES). The technology could even be added before those updates, company executives said.
Two projects are under way to bring containers to Linux: Vserver and OpenVZ, the latter backed by a company called SWsoft. Overall, their prospects look bright.
"I think the big advantage of a containers approach, compared to a hypervisor, is a lot less overhead. You get much higher performance," Gabriel Consulting Group analyst Dan Olds said.
Containers are increasingly popular. Sun Microsystems introduced its own container technology in 2005 with Solaris 10. And Microsoft is working on an adaptation of existing technology.
They are not suited to all tasks. Containers require all applications to use the same copy of the underlying operating system, for example. Xen and the established virtualization leader, EMC's VMware, don't have that requirement. Nevertheless, containers are desirable.
Next on the agenda
"It's something that we want to see happen," Red Hat's chief technology officer, Brian Stevens, said in an interview here during the LinuxWorld Conference & Expo. Red Hat hasn't decided whether to use OpenVZ or Vserver, he added.
Xen is the priority for RHEL 5, due to arrive at the end of the year, but after that will come containers, Stevens said. "I'm looking at that as a RHEL 6 thing," he said.
Novell, which wants to maintain Suse's reputation as the first place to find advanced new features for Linux, is more eager and is considering adding OpenVZ in Service Pack 1 of SLES 10. "We are still evaluating if this is something we can take into SP1," said Holger Dyroff, vice president of Linux product management.
If containers don't arrive with SLES 10 Service Pack 1, Novell will urge SWsoft to work with Linux programmers so that the software can be easily added to SLES 11, Dyroff said.
Debian Linux, a noncommercial version of the open-source operating system, added OpenVZ to its "Sid" development version in August.
And some work being done for Xen will help pave the way for containers. Specifically, this will provide management tools that let customers start, stop and otherwise control virtual machines. The same technology can be used to control containers, Stevens said.
"It'll be a lot easier next time. We'll be able to just plug it in. There already will be tools to manage it," Stevens said.
But SWsoft, the company that is sponsoring the OpenVZ and that sells a fuller-featured commercial version called Virtuozzo, sees things the other way around. Last week, the company announced that its container management tools will also be able to manage Xen virtual machines, said Chief Executive Serguei Beloussov.
On a diet
The main reason to use containers is because they require fewer computing resources than full-fledged virtual machines.
For example, the many components of an operating system and its applications must be loaded into memory only once, and multiple containers can use the same copy. However, containers still need unique memory for their own data storage.
Another advantage is that some processor resources are used more efficiently with containers, said Don Becker, Penguin Computing's CTO and a Linux supercomputing expert. For example, a chip's translation lookaside buffer (TLB), which converts an operating system's memory addresses into the physical locations that the computer actually uses to fetch needed information, is dramatically more useful with containers, he said.
Sun's containers, also called "zones," take only an extra 60MB of memory apiece, said John Clingan, a Sun engineer who has seen just how many he can squeeze onto a single server.
"Zones are very lightweight," he said. "I fit 600 containers running Apache on an 8GB four-processor box," referring to Web server software.
Flip side
XenSource CTO Simon Crosby agreed that containers are useful but that they're not a miracle cure.
"The container-style virtualization is fabulous when you don't need a different operating-system image for each application," he said. That circumstance is common, for example, at Web site-hosting companies where SWsoft's Virtuozzo--a big brother to OpenVZ--is popular.
"Where it falls short is where IT has legacy applications or a diversity of operating systems, and each one of those needs its own wrapper--its particular version of the operating system and drivers," Crosby said.
But Xen's hypervisor virtualization has its constraints, too. In practical terms, there are initial limits to Xen's ability to permit different operating systems to run. For example, Novell has said its Xen-based SLES 10 servers won't provide enterprise support for the use of RHEL, Microsoft Windows, Solaris or earlier versions of SLES until early 2007.
Even then, that support will be offered only when customers are running unmodified operating systems (which Xen can do with appropriate hardware support in the latest Intel and Advanced Micro Devices chips). Support for "paravirtualized" operating systems, which have been explicitly modified for virtualization so that they run faster, won't be supported until later in 2007, Novell said.
As for Red Hat, it will support RHEL 4 and RHEL 5 running paravirtualized on Xen, the company said. It isn't yet clear whether SLES will work on those RHEL servers. In addition, Red Hat will certify the stability of the Xen Foundation's products on only machines running fully virtualized operating systems, leaving it to individual operating-system providers to certify that their products actually work in that situation.
Political obstacles
Whether a customer uses Xen, VMware or containers, the rationale for the adoption is the same: efficiency. When IBM monitored a sample of its customers' x86 servers, it found that the machines' processors showed an average of 6 percent utilization. The best company hit 13 percent average utilization, he said--still a very low number. "That's what needs to get fixed," Gabriel Consulting Group analyst Olds said.
Ultimately, technology limits and efficiency incentives are only part of the picture. Virtualization means that computing resources move from the domain of departments and divisions and become the purview of centralized administrators.
"Anything that is a loss of control is a loss of budget and loss of power," Olds said. "The real hurdle to virtualization is less technical, and more cultural and political."