Date: Sun, 16 Mar 2008 17:12:00 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Igor Shmukler <shmukler@mail.ru> Cc: jgordeev@dir.bg, "Andrey V. Elsukov" <bu7cher@yandex.ru>, Robert Watson <rwatson@freebsd.org>, freebsd-hackers@freebsd.org Subject: Re: Re[2]: vkernel & GSoC, some questions Message-ID: <200803170012.m2H0C02i009972@apollo.backplane.com> References: <20080316122108.S44049@fledge.watson.org> <E1JatyK-000FfY-00.shmukler-mail-ru@f8.mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:Given the fact that there are not as many developers as needed, what would be a practical purpose of vkernel?
:
:UML is typically used to debug drivers and/or for hosting. Now that Linux about to have or already has container technology, hosting on UML makes little sense.
The single largest benefit UML or a hardware emulated environment has
over a jail is that it is virtually impossible to crash the real kernel
no matter what you are doing within the virtualized environment. I
don't know any ISP that is able to keep a user-accessible (shell prompt)
machine up consistently outside of a UML environment. The only reason
machines don't crash more is that they tend to run a subset of available
applications in a subset of possible load and resource related
circumstances.
Neither jails no containers nor any other native-kernel technology will
EVER solve that problem. For that matter, no native-kernel technology
will ever come close to providing the same level of compartmentalization
from a security standpoint, and particularly not if you intend to run
general purposes applications in that environment.
The reason UML is used, particularly for web hosting, is because
web developers require numerous non-trivial backend tools to be installed
each of which has the potential to hog resources, crash the machine,
create security holes, or otherwise create hell for everyone else. The
hell needs to be restricted and narrowed as much as possible so human
resources can focus on the cause rather then on the collateral damage.
For any compute-intensive business, collateral damage is the #1 IT issue,
the cost of power is the #2 issue, and network resources are the #3
issue. Things like cpu and machines... those are in the noise. They're
basically free.
With a virtual kernel like UML (or our vkernel), the worse that happens
is that the vkernel itself crashes and reboots in 5 seconds (+ fsck time
for that particular user). No other vkernel is effected, no other
customer is effected, no other compartmentalized resource is effected.
Jails are great, no question about it, and there are numerous applications
which require the performance benefits that running in a jail verses
an emulated environment provides, but we will never, EVER see jails
replace UML. This is particularly true considering the resource being
put into improving emulated environments. The overhead for running an
emulated environment ten years from now is probably going to be a
fraction of the overhead it is now, as hardware catches up to desire.
-Matt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803170012.m2H0C02i009972>