Linux-VServer

Linux-VServer

Infobox Software
name =



caption =
developer = Herbert Pötzl (Community Project)
operating_system = Linux 2.6 and 2.4
platform = x86, x86 64, SPARC/64, PA-RISC, S390/x, MIPS/64, ARM, PowerPC/64
genre = OS-level virtualization
license = GNU GPL v.2
website = [http://linux-vserver.org/ Linux-VServer.org]

Linux-VServer is a virtual private server implementation done by adding operating system-level virtualization capabilities to the Linux kernel. It is developed and distributed as open source software, licensed under the terms of the GNU General Public License (GPL).

The project was started by Jacques Gélinas. It is now maintained by Herbert Pötzl of Austria and is not related to the Linux Virtual Server project, which implements network load balancing.

Linux-VServer is a jail mechanism in that it can be used to securely partition resources on a computer system (such as the file system, CPU time, network addresses and memory) in such a way that processes cannot mount a denial-of-service attack on anything outside their partition.

Each partition is called a "security context", and the virtualized system within it is the "virtual private server". A chroot-like utility for descending into security contexts is provided. Booting a virtual private server is then simply a matter of kickstarting init in a new security context; likewise, shutting it down simply entails killing all processes with that security context. The contexts themselves are robust enough to boot many Linux distributions unmodified, including Debian and Fedora Core.

Virtual private servers are commonly used in web hosting services, where they are useful for segregating customer accounts, pooling resources and containing any potential security breaches. To save space on such installations, each virtual server's file system can be created as a tree of copy-on-write hard links to a "template" file system. The hard link is marked with a special filesystem attribute and when modified, is securely and transparently replaced with a real copy of the file.

Linux-VServer provides two branches, stable (2.2.x), and devel (2.3.x) for 2.6-series kernels and a single stable branch for 2.4-series. A separate stable branch integrating the grsecurity patch set is also available.

Similar virtualization mechanisms

Other implementations of operating system-level virtualization technology are OpenVZ, Parallels Virtuozzo Containers, the FreeBSD jail mechanism, Solaris Containers, and FreeVPS (an early fork of Linux-VServer).

Advantages

* Virtual servers share the same system call interface and do not have any emulation overhead.
* Virtual servers do not have to be backed by opaque disk images, but can share a common file system and common sets of files (through copy-on-write hard links). This makes it easier to back-up a system and to pool disk space amongst virtual servers.
* Processes within the virtual server run as regular processes on the host system. This is somewhat more memory-efficient and I/O-efficient than whole-system emulation, which cannot return "unused" memory or share a disk cache with the host and other virtual servers.
* Processes within the virtual server are queued on the same scheduler as on the host, allowing guests processes to run concurrently on SMP systems. This is not trivial to implement with whole-system emulation.
* Networking is based on isolation rather than virtualization, so there is no additional overhead for packets.

Disadvantages

* Requires that the host kernel be patched.
* All virtual servers share the same kernel and potentially share related bugs and security holes.
* No clustering or process migration capability is included, so the host kernel and host computer is still a single point of failure for all virtual servers.
* Networking is based on isolation, not virtualization. This prevents each virtual server from creating its own internal routing or firewalling setup.
* Some system calls (mostly hardware-related: e.g. real-time clock) and parts of the /proc and /sys filesystems are left unvirtualized.
* Does not allow disk I/O bandwidth to be allocated on a per-virtual server basis.

External links

* [http://linux-vserver.org Project homepage]
* [http://www.13thfloor.at/vserver/project/ Official releases]
* [http://linux-vserver.org/Linux-VServer-Paper Implementation paper]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Linux-vserver — Dernière version 2.2 [+/−] Environnement …   Wikipédia en Français

  • Linux-VServer — Dernière version 2.2 [+/−] …   Wikipédia en Français

  • Linux-VServer — Entwickler Herbert Pötzl (Community Projekt) Betriebssystem Linux 2.6 und 2.4 Kategorie Virtualisierung Lizenz GPL 2 (Freie Software) …   Deutsch Wikipedia

  • Linux-VServer — es una implementación de servidor privado virtual hecha por el agregado de capacidades de virtualización en el ámbito de Sistema Operativo y distribuida como software libre, licenciada bajo GPL. El proyecto fue iniciado por Jacques Gélinas. Ahora …   Wikipedia Español

  • VServer — Linux VServer Linux VServer Dernière version 2.2 [+/−] Environnement …   Wikipédia en Français

  • Vserver — Als Host (engl. Wirt, Gastgeber) wird ein in einem Rechnernetz eingebundenes Betriebssystem bezeichnet, das Server oder Clients beherbergt. Neben komplexen Betriebssystemen von Computern können auch spezialisierte Betriebssysteme von… …   Deutsch Wikipedia

  • Vserver — Virtualisation VirtualBox En informatique, on tente de définir la virtualisation comme un ensemble de techniques matérielles et/ou logicielles qui permettent de faire fonctionner sur une seule machine plusieurs systèmes d exploitation et/ou… …   Wikipédia en Français

  • Cooperative Linux — Cooperative Linux, ou coLinux pour faire court, est un bout de logiciel libre qui permet au noyau Linux de tourner sous Microsoft Windows sans perte significative de performances. Sommaire 1 Description 2 Considérations techniques 3 Architecture …   Wikipédia en Français

  • User Mode Linux — Pour les articles homonymes, voir UML. User Mode Linux ou UML est un noyau Linux compilé qui peut être exécuté dans l espace utilisateur comme un simple programme. Il permet donc d avoir plusieurs systèmes d exploitation virtuels sur une seule… …   Wikipédia en Français

  • User-mode Linux — (UML, Линукс пользовательского режима)  вариант ядра Linux, который позволяет запустить несколько виртуализованных Линукс систем (т. н. гостевых от англ. guests) в качестве обычных приложений в основной Linux‐системе (т. н.… …   Википедия

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”