Linux kernel-level virtual environment analysis (1)

Choosing an appropriate virtual host solution can effectively use the resources of various servers, facilitating cost saving and simplifying hardware environment maintenance. At the same time, it also provides an effective solution for isolating service modules, and enhances the security of the system to a certain extent.

The following describes three different virtual methods. Next, we will detail the common kernel-level virtual hosts in the production environment.

Emulation hardware virtual

It is possible to run a non-modified operating system in a virtualized environment. This type of implementation includes from pure virtualization to allowing some code to be executed directly on the CPU to improve performance. The biggest drawback of such implementation is low performance and low density. Common desktop virtual machines, such as VMware products, QEmu, Bochs, and Parallels.

Parallel Virtualization

It can be used to run multiple operating systems in a set of management programs or virtual host controllers. This type of implementation includes Xen and UML. Compared with hardware virtualization, parallel virtualization provides better performance.

Operating system virtualization

This method implements multiple independent program running environments in a system kernel, which can be understood as the implementation of chroot at a lower level. This method has the optimal performance and density, and allows the dynamic management of resources. In this way, multiple virtual hosts share the same system kernel. FreeBSD Jail, Linux-VServer, OpenVZ, and kerberozzo belong to this type. Examples used in production environments are common.

OpenVZ is common among Redhat series hosts (official support for this release), and Vserver is popular among Debian series (official support for this implementation of Debian ). OpenVZ adopts the kernel of SWsoft's Virutozzo virtualization server software product. Virutozzo is a commercial virtualization solution provided by SWsoft, and OpenVZ is its open-source solution. Compared with [url = admon.org] Vserver [/url], OpenVZ has more rigorous tests and improved security framework models. The management and maintenance methods of Vserver and OpenVZ are similar. Most commands are used in a similar way. The installation of vserver is more concise, and it does not need to use the operating system template to simplify the installation.

The following uses OpenVZ as an example to describe the specific implementation:

Structure of OpenVZ

For OpenVZ installation, refer to here. After the installation is complete, log on to the system with vzctl enter VPS-NAME. After logging on, you will see a complete system. It shares all hardware resources with the main system, including CPU, memory, and disk space (the size can be specified, and quota is supported ), and can have its own IP address. If you want to migrate the services in the main system to VPS, You need to bind the services to the specified IP address. If it is not bound, services that access the same port (such as SSH) will actually access the main system.

OpenVZ consists of three parts: kernel, hypervisor, and operating system template. Before installation, make sure that the kernel is supported by OpenVZ, which is officially provided by OpenVZ.

Tool Program-OpenVZ provides several tool programs to create, monitor, and manage virtual servers, software packages, and operating system templates. It also provides system snapshots and hot migration. Hot migration does not require shared storage, maintains network connections, and completes in a few seconds that are hard to detect. Vzctl is used to create, configure, modify, start, and disable VPS.

Template-to make VPS creation easier, OpenVZ provides a template package that defines metadata for common Linux releases. as long as you download or install a kernel and some additional software packages, it is fast and easy to build an OpenVZ system. Creating an operating system template or downloading a pre-created operating system template requires a lot of time and bandwidth. However, once you set template instructions, creating VPS running on any supported Linux version is fast and easy. It takes less than two minutes to create a VPS and start it.