Single Operating System – a blessing, not a curse

Virtualization technology can decrease the number of physical servers and help control server sprawl, while at the same time improving server utilization rates.

Operating system virtualization goes one step further by helping control the number of operating system instances, which improves overall manageability.

Let me explain. Because Virtuozzo virtual environments run on a single copy of the operating system, a patch only needs to be applied one time and it is propagated across all virtual environments on that server. Virtuozzo keeps operating system and application programs separated through the use of templates. Only a single template needs to be patched. This greatly simplifies manageability.

Now, let’s look at the comparison of how operating system patches get applied in virtual machine virtualization technology, employed by VMware and Xen.

Every virtual machine image contains a separate copy of the operating system, which means all operating system patches need to be applied to each image. When you consider a large enterprise with thousands of ISV and line-of-business applications, it’s easy to understand the complications of managing all this. On the one hand, virtualization technology helps control server sprawl, but the issue of applying software patches seems to become more complicated.

It’s easy to see the efficiency of the shared kernel operating system virtualization technology used in Virtuozzo.

Let me know what you think - post a comment!

eWEEK Magazine Awards SWsoft Virtuozzo Analyst’s Choice

Sorry for being a little slow, but a week ago Virtuozzo for Linux 3.0 appeared in a cover story of the eWeek magazine, where it earned the “Analyst’s Choice” rating by eWEEK Labs. Details are at http://www.eweek.com/article2/0,1895,1944593,00.asp.

eWeek put Virtuozzo through some real testing and benchmarking! Senior Analyst Jason Brooks cited Virtuozzo for its “consolidation and utilization benefits — while providing some very slick management options.”

The LinuxWorld award and now the eWeek “Analyst’s Choice” rating in one week – that feels really good :)

Virtuozzo Wins Award for Best Virtualization Solution at LinuxWorld

Hot of the presses - http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20060405006042&newsLang=en.

It feels very good indeed to receive this recognition from respected industry experts who did the judging at LinuxWorld Expo. Our Virtuozzo for Linux 3.0 with Zero-Down Time Migration has just won the “Best Virtualization Solution” award.

Our CEO, Serguei Beloussov, said the award was “testimony to the value delivered by our Virtuozzo product with its manageability and performance advantages.”

It’s energizing for all of us – no one is resting on their laurels. This is not an overnight success story. Our virtualization technology is battle-tested one customer at a time. Now, there are thousands of installations and hundreds of thousands of virtual servers around the world over the past six years.

I can feel the momentum. Can you? J

Virtual appliances with Virtuozzo

Recently, an idea of virtual appliance has been gaining popularity among the IT crowd. VMWare pioneered the idea and threw a $200,000 contest, generating a lot of buzz. The idea is very attractive – an application or a set of applications is packaged as a virtual machine image and can be quickly deployed on any computer.

For example, if you need a DNS server, LAMP application server or a browser with pre-configured settings, what you need to do is 1) create an empty VM; 2) install the OS and required applications into a VM; 3) clone the VM when you need another instance of this virtual appliance. No installation or configuration is required – it just works.

Exciting and innovative? Perhaps, but to me it’s so 90s. Here is why…

In the 90s, rack-based network and application appliances provided significant management savings compared to general-purpose stand-alone servers, but they still had a lot of redundant hardware - separate power supplies, coolers, external I/O buses, etc. As a natural evolutionary step, in the 21^st century, blades introduced hardware infrastructure sharing and drove management costs down significantly compared to rack-based servers.

Just like hardware appliances, virtual machines don’t share the underlying infrastructure. To create several (N is always a good number) “.NET application server” appliances, OS, .NET runtime, IIS, DTC, COM+ and other required components need to be installed in each VM, creating N independently configured (and licensed) instances of the OS and applications. N instances take N times longer to install, will take N times longer to patch, N times longer to start and stop for maintenance. Plus, there will be N times more potential points of failure.

To avoid this problem, Virtuozzo uses resource sharing. Instead of copying OS and application into each virtual environment, Virtuozzo keeps a single “master” copy of the OS and applications. Instead of physical files, the virtual environment only holds copy-on-write links to the “master” copy. In other words, Virtuozzo provisions OS and applications “by reference”, not “by value”. The centrally installed image of an OS or an application is called a template.

The process of creating a Virtuozzo-based virtual appliance is 1) install the required OS and application templates on a Virtuozzo machine; 2) create a new virtual environment using the desired OS template; 3) provision the required application templates into the virtual environment; 4) clone the virtual environment when you need another instance of this virtual appliance. Now, let’s see how templates make the process of building and managing a virtual appliance a lot more efficient.

A template consists of

·         Files – The OS template contains all the files that can be found on a machine right after the clean OS installation[1]. An application template contains all the files that an application adds to the system during its installation.

·         Registry - On Windows, the registry needs to be taken into account. The Windows OS template contains all the entries that the registry contains after a clean Windows install. An application template contains all the entries that application installer adds to the registry. Registry entries are written into the virtual environment’s registry when the template is provisioned.

·         Links - Besides the actual files, template contains VZFS[2] symbolic links. A link maps file locations on the target virtual environment file system to the file in the template[3].

Creating a template

The template creation process is relatively straightforward.

On Linux, to build an application template you need to create a configuration file that enumerates high-level application packages and a URL of the package repository. Virtuozzo will automatically download all dependent packages and add them to the template along with those you specified. OS template creation is a bit more tedious due to the more complex dependencies and large number of packages. The best way to create an OS template is to modify one of those shipped with Virtuozzo.

Windows doesn’t have “distributions,” so we simply ship all Windows OS templates with Virtuozzo. Application templates are created by a special tool that records all the file and registry writes during the installation of an application.

Provisioning a template - To provision a template, Virtuozzo copies all links from the template to the target virtual environment. The process takes very little time, since no data is physically copied. The result is that the target virtual environment has copy-on-write links to all the files in the template. Since the links are implemented by VZFS, and not the underlying OS file system, there is no way for an application to distinguish the link from a real file. From an administrator standpoint, provisioning a template to a virtual environment is as simple as running a single command.

Patching - Patching is extremely efficient. On Linux, updates are fully automatic. The same tool that downloads all dependent packages when the template is created will download new versions and update them in the template. Old files are not overwritten; instead links are re-mapped to new versions of the files stored side-by-side. On Windows (due to the registry), the process is a bit more involved.

In any case, once a file is updated in the template, all virtual environments will have the updated version of the file[4]. Regardless of how many virtual environments are running on the machine or the number of virtual environments where an application is running, a patch is only applied once per machine. Also, Virtuozzo can instantly roll-back a “bad” patch by re-mapping the links to the “good” versions of the files.

In addition to template-based application management, Virtuozzo provides the following advantages:

Backup/restore – Virtual environment images are very compact – 10-100 times smaller than the similar VM image - because OS and most applications are stored in the templates. Because of this small size, deployment, backup, restore and migration take very little time compared to VM.

Migration - Virtuozzo for Linux can migrate a virtual environment from one machine to another live, without service interruption. No SAN storage is required. Virtuozzo will move the data over a regular Ethernet connection. After all, there is not that much data.

Start/stop time - Starting and stopping a virtual environment is very quick because the lengthy OS start-up process is not repeated.

Resource management - Virtuozzo has an advanced resource management feature, including limits and guarantees for CPU, memory, network and I/O bandwidth and disk storage space. A virtual environment is guaranteed to get resources according to the SLA.

Scalability and performance - Virtuozzo does not virtualize or emulate hardware. Also, a single virtual environment can use all resources of the machine. At last, you can now have Exchange, AD or SQL Server blades.

I hope by now you’re convinced that the ideal platform for building and running virtual appliances is Virtuozzo. Looking forward to your comments!

---

[1] On Windows, the host OS itself serves as OS template. On Linux, where kernel is clearly separated from the rest of OS, only the kernel file (vmlinuz) resides in the host OS. All other system files reside in an OS template.

[2] VZFS stands for Virtuozzo File System.

[3] In future releases Virtuozzo will support folder links in addition to file links.

[4] An OS update requires re-start of the entire virtual environment. Application updates only require re-start of the application.