Virtualization of Linux based computers: the Linux-VServer project

(1)

Beno

î

t des Ligneris, Ph. D.

[email protected] [email protected]

Virtualization of Linux based computers:

the Linux

(2)

Objectives:

(3)

Objectives:

1)

Present the available programs that can

provide a virtualization of Linux

computers with different technologies.

(4)

Objectives:

1)

Present the available programs that can

provide a virtualization of Linux

computers with different technologies.

2)

Focus on Linux

-

VServers: a very

lightweight and effective technology for

the regular Linux user not intersted in

Kernel hacking.

(5)

Plan

(6)

Plan

●

(7)

Plan

●

Introduction

●

(8)

Plan

●

Introduction

●

Overview of the available technology

●

(9)

Plan

●

Introduction

●

Overview of the available technology

●

Classification of the problems: usage criteria

●

(10)

Plan

●

Introduction

●

Overview of the available technology

●

Classification of the problems: usage criteria

●

Comparative study of the existing technology

●

(11)

Plan

●

Introduction

●

Overview of the available technology

●

Classification of the problems: usage criteria

●

Comparative study of the existing technology

●

Technology overview of Linux

-

VServers

●

(12)

Introduction

(13)

Introduction

Why vservers?

(14)

Introduction

Why vservers?

➔

➔ Virtualization is now more and more acessible for Virtualization is now more and more acessible for

regular users given the extreme processing power of regular users given the extreme processing power of

the current computers the current computers

(15)

Introduction

Why vservers?

➔

➔ The availability of COTS multiThe availability of COTS multi--processor 64 bit processor 64 bit

architecture accelerates the needs for a mature architecture accelerates the needs for a mature

virtualization technique, as it's more and more difficult virtualization technique, as it's more and more difficult for a common application to use 100% of the available for a common application to use 100% of the available

resources resources

(16)

Introduction

Why vservers?

➔

➔ The availability of COTS multiThe availability of COTS multi--processor 64 bit processor 64 bit

architecture accelerates the needs for a mature architecture accelerates the needs for a mature

virtualization technique, as it's more and more difficult virtualization technique, as it's more and more difficult for a common application to use 100% of the available for a common application to use 100% of the available

resources resources

➔

➔ Virtualization also affect scientific computing and could Virtualization also affect scientific computing and could

become, in the near future, the corner stone of the so become, in the near future, the corner stone of the so

called

called ««grid computinggrid computing»» as it solves elegantly most of as it solves elegantly most of the problems (security, resources consumption) of the the problems (security, resources consumption) of the

current Grid technology current Grid technology

(17)

Overview of the available technology

(18)

Overview of the available technology

VMware

(19)

Overview of the available technology

VMware

plex86

(20)

Overview of the available technology

VMware

plex86

Bochs

(21)

Overview of the available technology

VMware

plex86

Bochs

Linux

(22)

Overview of the available technology

VMware

plex86

Bochs

Linux

-

VServers

User Mode Linux (UML)

(23)

Overview of the available technology

VMware

plex86

Bochs

Linux

-

VServers

User Mode Linux (UML)

Xen

(24)

Overview of the available technology

VMware

plex86

Bochs

Linux

-

VServers

User Mode Linux (UML)

Xen

QEMU

(25)

VMware

(26)

VMware

«

« Vmware workstation is a powerfull virtual machine Vmware workstation is a powerfull virtual machine software for the desktop. VMware workstation runs

software for the desktop. VMware workstation runs

multiple operating systems, including Microsoft Windows,

Linux and Novell NetWare, simultaneously on a single PC

in fully networked, portable virtual machines

in fully networked, portable virtual machines »»

http://www.vmware.com/products/

(27)

VMware

➔

Provide complete multi

-

OS emulation on x86 CPU

only

(28)

VMware

➔

Provide complete multi

-

OS emulation on x86 CPU

only

➔

The whole installation process of a Linux distribution

can be done with VMware

(29)

VMware

➔

Provide complete multi

-

OS emulation on x86 CPU

only

➔

The whole installation process of a Linux distribution

can be done with VMware

➔

Resource consumption is static (RAM, Disck, etc)

and very important (up to 50% of the available

computing power!)

(30)

plex86

(31)

plex86

«

« (...) a very lightweight Virtual Machine (VM) for (...) a very lightweight Virtual Machine (VM) for running Linux/x86

running Linux/x86»»

http://plex86.sourceforge.net/ (Feb/2005)

(32)

plex86

«

➔

➔ Use the same Vmware logic but is restricted only to Use the same Vmware logic but is restricted only to

Linux OS (native OS as well as guest OS) Linux OS (native OS as well as guest OS)

(33)

plex86

«

➔

(34)

plex86

«

➔

➔ It's needed to recompile the kernel on the guest OSIt's needed to recompile the kernel on the guest OS

➔

(35)

Bochs

(36)

Bochs

«

« Bochs is a highly portable open source IABochs is a highly portable open source IA--32(x86) PC 32(x86) PC emulator written in C++, that runs on most popular

emulator written in C++, that runs on most popular

platforms. It includes emulation of the Intel x86 CPU,

common I/O devices and a custom BIOS. Currently, Bochs

can be compiled to emulate a 386, 486, Pentium, Pentium

Pro or AMD64 CPU including optional MMX, SSE, SSE2

and 3DNow instructions

and 3DNow instructions »»

http://bochs.sourceforge.net/ (Feb/2005)

(37)

Bochs

➔

➔ The performance of bochs does not compare to Vmware The performance of bochs does not compare to Vmware

or plex86 mainly because it emulates the CPU instead of or plex86 mainly because it emulates the CPU instead of using the native instruction set of the IA

(38)

Bochs

➔

➔ The performance of bochs does not compare to Vmware The performance of bochs does not compare to Vmware

or plex86 mainly because it emulates the CPU instead of or plex86 mainly because it emulates the CPU instead of using the native instruction set of the IA

using the native instruction set of the IA--32 CPUs32 CPUs

➔

(39)

The Linux

(40)

The Linux

-

VServers

«

« LinuxLinux--VServer allows you to create virtual private VServer allows you to create virtual private

servers and security contexts which operate like a normal

Linux server, but allow many independent servers to be run

simultaneously in one box at full speed

simultaneously in one box at full speed»»

http://www.linux

(41)

The Linux

-

VServers

➔

➔ The LinuxThe Linux--VServer project consists of a kernel patch and VServer project consists of a kernel patch and

installation of userland tools installation of userland tools

(42)

The Linux

-

VServers

➔

➔ It manage resources dinamically: a single kernel is in It manage resources dinamically: a single kernel is in

charge of allocating resources. charge of allocating resources.

(43)

The Linux

-

VServers

➔

➔ Priority, Memory, Disk space, CPU ticks can be managed Priority, Memory, Disk space, CPU ticks can be managed

dynamically for a given vserver. dynamically for a given vserver.

(44)

The Linux

-

VServers

➔

➔ Priority, Memory, Disk space, CPU ticks can be managed Priority, Memory, Disk space, CPU ticks can be managed

dynamically for a given vserver. dynamically for a given vserver.

➔

➔ Because only one kernel access the hardware and Because only one kernel access the hardware and

interrupts, it uses the advanced management mechanism interrupts, it uses the advanced management mechanism already present in the Linux Kernel

(45)

The Linux

-

VServers

➔

➔ As a consequence, this is a very fast and lightweight As a consequence, this is a very fast and lightweight

system as only the necessary services are run (ssh, http, system as only the necessary services are run (ssh, http, postfix, etc) and not a complete boot process.

(46)

The Linux

-

VServers

➔

postfix, etc) and not a complete boot process.

➔

➔ Additional security occurs inside a vserver; the Linux-Additional security occurs inside a vserver; the Linux

-VServer use the POSIX capabilities to increase its VServer use the POSIX capabilities to increase its security.

(47)

The Linux

-

VServers

➔

postfix, etc) and not a complete boot process.

➔

➔ Additional security occurs inside a vserver; the Linux-Additional security occurs inside a vserver; the Linux

-VServer use the POSIX capabilities to increase its VServer use the POSIX capabilities to increase its security.

security.

➔

➔ Network access, device access and many more Network access, device access and many more

capabilities can be given or taken in order to have a more capabilities can be given or taken in order to have a more secure virtual server.

(48)

User

(49)

User

-

Mode Linux (UML)

«

« UserUser--Mode Linux is a safe, secure way of running Linux Mode Linux is a safe, secure way of running Linux versions and Linux processes. Run buggy software,

versions and Linux processes. Run buggy software,

experiment with new Linux Kernel or distributions, and

poke around in the internals of Linux, all without risking

your main Linux setup

your main Linux setup»»

(50)

User

-

Mode Linux (UML)

«

http://user-mode-linux.sourceforge.net/ (Feb/2005)(Feb/2005)

➔

➔ very slow performance because only one program can very slow performance because only one program can

run in privileged mode: the host Kernel that support the run in privileged mode: the host Kernel that support the

hosted ones hosted ones

(51)

User

-

Mode Linux (UML)

«

http://user-mode-linux.sourceforge.net/ (Feb/2005)(Feb/2005)

➔

➔ very slow performance because only one program can very slow performance because only one program can

run in privileged mode: the host Kernel that support the run in privileged mode: the host Kernel that support the

hosted ones hosted ones

➔

➔ the performance penalty is very important and a complete the performance penalty is very important and a complete

boot process is necessary boot process is necessary

(52)

Xen

(53)

Xen

«

« Xen is a virtual machine monitor for x86 that supports Xen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with

execution of multiple guest operating systems with

unprecedented levels of performance and resource

isolation

isolation»»

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

(Feb/2005)

(54)

Xen

➔

➔ this is achieved by installing a king of this is achieved by installing a king of ««megamega-bios-bios»» layer layer

(Xen) that hides the physical hardware and provides (Xen) that hides the physical hardware and provides

supported OS specific

supported OS specific ««Xen driversXen drivers»» in order to interact in order to interact with the Xen abstraction layer.

(55)

Xen

➔

with the Xen abstraction layer.

➔

➔ the virtual servers interact with Xen hardware (including the virtual servers interact with Xen hardware (including

CPU) needs a specific kernel but applications can run CPU) needs a specific kernel but applications can run

unchanged. unchanged.

(56)

Xen

➔

with the Xen abstraction layer.

➔

➔ the virtual servers interact with Xen hardware (including the virtual servers interact with Xen hardware (including

CPU) needs a specific kernel but applications can run CPU) needs a specific kernel but applications can run

unchanged. unchanged.

➔

➔ a lightweight technology, but demands complete systems a lightweight technology, but demands complete systems

to be

to be ««bootedbooted»» inside the Xen domains (virtual servers) inside the Xen domains (virtual servers) so resource consumption (RAM, CPU, processes, etc) is so resource consumption (RAM, CPU, processes, etc) is

much more important than the Linux

(57)

QEMU

(58)

QEMU

«

« QEMU is a generic and open source processor emulator QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic

which achieves a good emulation speed by using dynamic

translation

translation»»

(59)

QEMU

➔

(60)

QEMU

➔

➔ emulates only the x86 family of processorsemulates only the x86 family of processors ➔

➔ supports emulation of user code on other architecture supports emulation of user code on other architecture

(ARM, SPARC, PowerPC) (ARM, SPARC, PowerPC)

(61)

QEMU

➔

➔ emulation, by default, very slow; a nonemulation, by default, very slow; a non--free layer free layer

(QEMU accelerator) gives a much better performance on (QEMU accelerator) gives a much better performance on

the same architecture (x86 emulated on x86) the same architecture (x86 emulated on x86)

(62)

QEMU

➔

➔ emulation, by default, very slow; a nonemulation, by default, very slow; a non--free layer free layer

(QEMU accelerator) gives a much better performance on (QEMU accelerator) gives a much better performance on

the same architecture (x86 emulated on x86) the same architecture (x86 emulated on x86)

➔

(63)

Classification of problems:

usage

criteria

(64)

Classification of problems:

usage

criteria

We present in the following several needs for

computer virtualization and will use those

criteria to compare the selected technology

(65)

Classification of problems:

Multi OS

usage

criteria

(66)

Classification of problems:

Multi OS

Kernel development / debugging

usage

criteria

(67)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

usage

criteria

(68)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

Resources consumption

usage

criteria

(69)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

Resources consumption

Dynamical allocation of resources

usage

criteria

(70)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

Resources consumption

Dynamical allocation of resources

Multi architecture

usage

criteria

(71)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

Resources consumption

Dynamical allocation of resources

Multi architecture

Maturity

usage

criteria

(72)

Classification of problems:

Multi OS

Kernel development / debugging

OS installation process

Resources consumption

Dynamical allocation of resources

Multi architecture

Maturity

Security

usage

criteria

(73)

Multi OS

(74)

Multi OS

➔

➔ Some virtualization technology only support a type of OS Some virtualization technology only support a type of OS

(Linux, Windows, FreeBSD, etc) while others are more (Linux, Windows, FreeBSD, etc) while others are more

generic and can run Linux on Windows, Windows on generic and can run Linux on Windows, Windows on

Linux, etc. Linux, etc.

(75)

Multi OS

➔

➔ Some virtualization technology only support a type of OS Some virtualization technology only support a type of OS

(Linux, Windows, FreeBSD, etc) while others are more (Linux, Windows, FreeBSD, etc) while others are more

generic and can run Linux on Windows, Windows on generic and can run Linux on Windows, Windows on

Linux, etc. Linux, etc.

➔

➔ Multi OS virtualization systems include VMware and Multi OS virtualization systems include VMware and

Xen. Xen.

(76)

Kernel development / debugging

(77)

Kernel development / debugging

➔

➔ Some users need to develop the kernel. This criteria will Some users need to develop the kernel. This criteria will

define if, yes or no, those tasks can be achieved with the define if, yes or no, those tasks can be achieved with the

chosen virtualization technique chosen virtualization technique

(78)

Kernel development / debugging

➔

➔ Some users need to develop the kernel. This criteria will Some users need to develop the kernel. This criteria will

define if, yes or no, those tasks can be achieved with the define if, yes or no, those tasks can be achieved with the

chosen virtualization technique chosen virtualization technique

➔

➔ UML has been designed for Kernel Hacking and UML has been designed for Kernel Hacking and

development development

(79)

OS installation process

(80)

OS installation process

➔

➔ Some users need to reproduce the complete installation Some users need to reproduce the complete installation

of a system (install CD, network boot, hard disk of a system (install CD, network boot, hard disk

partitioning, etc). partitioning, etc).

(81)

OS installation process

➔

➔ Some users need to reproduce the complete installation Some users need to reproduce the complete installation

of a system (install CD, network boot, hard disk of a system (install CD, network boot, hard disk

partitioning, etc). partitioning, etc).

➔

➔ VMware supports perfectly the simulation of the VMware supports perfectly the simulation of the

installation process for the supported Linux distributions installation process for the supported Linux distributions

(82)

Resources consumption

(83)

Resources consumption

➔

➔ This criteria will define how much resources a virtual This criteria will define how much resources a virtual

computer need to use in order to be fully functional. computer need to use in order to be fully functional.

(84)

Resources consumption

➔

➔ For each virtualization technique, the approximative For each virtualization technique, the approximative

resource consumption of a fully functional virtual server resource consumption of a fully functional virtual server

has been estimated. has been estimated.

(85)

Resources consumption

➔

➔ For each virtualization technique, the approximative For each virtualization technique, the approximative

resource consumption of a fully functional virtual server resource consumption of a fully functional virtual server

has been estimated. has been estimated.

➔

➔ VMware needs a lot of resources, as does UML, then VMware needs a lot of resources, as does UML, then

Xen and finally Linux

(86)

Dynamical allocation of resources

(87)

Dynamical allocation of resources

➔

➔ Some users need to dynamically change the resources Some users need to dynamically change the resources

used by a virtual computer. Some virtualization programs used by a virtual computer. Some virtualization programs

allow the user to live change the resources available for allow the user to live change the resources available for

the virtual server while others can not do this. the virtual server while others can not do this.

(88)

Dynamical allocation of resources

➔

➔ Some users need to dynamically change the resources Some users need to dynamically change the resources

used by a virtual computer. Some virtualization programs used by a virtual computer. Some virtualization programs

allow the user to live change the resources available for allow the user to live change the resources available for

the virtual server while others can not do this. the virtual server while others can not do this.

➔

➔ UML, Xen and LinuxUML, Xen and Linux--VServers can dynamically alocate VServers can dynamically alocate

resources an ensure QoS criteria between the virtual resources an ensure QoS criteria between the virtual

servers and the host system. servers and the host system.

(89)

Multi architecture

(90)

Multi architecture

➔

➔ Some virtualization technology only support a type of Some virtualization technology only support a type of

architecture, x86 for the most part. architecture, x86 for the most part.

(91)

Multi architecture

➔

➔ Some virtualization technology only support a type of Some virtualization technology only support a type of

architecture, x86 for the most part. architecture, x86 for the most part.

➔

(92)

Maturity

(93)

Maturity

➔

➔ This is a This is a relativerelative indicator of the maturity of the indicator of the maturity of the

technology. technology.

(94)

Maturity

➔

➔ VMware is very mature (but not well supported with 2.6 VMware is very mature (but not well supported with 2.6

kernel and more experimental kernels) kernel and more experimental kernels)

(95)

Maturity

➔

(96)

Maturity

➔

➔ UML and LinuxUML and Linux--VServer are production readyVServer are production ready ➔

(97)

Security

(98)

Security

➔

➔ While all virtualization techniques increases security While all virtualization techniques increases security

by allowing system administrators to cleanly by allowing system administrators to cleanly

separate services on different virtual servers, some separate services on different virtual servers, some of them offers additional protections with rules/roles of them offers additional protections with rules/roles

and additional security models that can make a and additional security models that can make a

virtual server more robust than a real one. virtual server more robust than a real one.

(99)

Security

➔

➔ LinuxLinux--VServer share some code with the guest OS VServer share some code with the guest OS

and this can be considered as a vulnerability. and this can be considered as a vulnerability.

(100)

Security

➔

➔ LinuxLinux--VServer share some code with the guest OS VServer share some code with the guest OS

and this can be considered as a vulnerability. and this can be considered as a vulnerability.

➔

➔ We did not consider this as a vulnerability because We did not consider this as a vulnerability because

we consider that if a security problem occurs in the we consider that if a security problem occurs in the

kernel in a primitive method used by a Linux kernel in a primitive method used by a Linux-

-VServer (chroot, chcontext, chbind, etc) then every VServer (chroot, chcontext, chbind, etc) then every

Linux server (vserver or not) has this problem and Linux server (vserver or not) has this problem and

has to be upgraded. has to be upgraded.

(101)

Security

➔

➔ In this context, the LinuxIn this context, the Linux--VServer project is the VServer project is the

more

more ««security orientedsecurity oriented»» because it offers because it offers

additional security features (POSIX capabilities). additional security features (POSIX capabilities).

(102)

Security

➔

➔ In this context, the LinuxIn this context, the Linux--VServer project is the VServer project is the

more

more ««security orientedsecurity oriented»» because it offers because it offers

additional security features (POSIX capabilities). additional security features (POSIX capabilities).

➔

➔ The other technologies do not provide additional The other technologies do not provide additional

security. security.

(103)

Comparative study of the

existing technology

(104)

Comparative study of the

existing technology

➔

➔ Only the major virtualization techniques will be Only the major virtualization techniques will be

analyzed

(105)

Comparative study of the

existing technology

➔

➔ Only the major virtualization techniques will be Only the major virtualization techniques will be

analyzed

➔

➔ The Bochs and plex86 projects will not be The Bochs and plex86 projects will not be

compared with the others as they are not yet

fully functional

(106)

Comparative study of the

existing technology

Kernel Intall Dynamical

Name Multi OS Development Process Resources Resources Sercurity Maturity Architecture

Vmware Yes No Yes 2 Gb No No Good x86

Linux-VServer No No No 256 Mb Yes Yes Excelent x86, IA64, x86_64

UML No Yes No 1 Gb No No Good x86, IA64, x86_64

Xen Yes Exp. Yes 1 Gb No No Young x86

(107)

Comparative study of the

existing technology

➔

➔ Based on the needs from the user, one should Based on the needs from the user, one should

be able to easily choose the best suited

virtualization technique

(108)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

(109)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

(110)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

• HostingHosting •

(111)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

• Testing one applicationTesting one application •

(112)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

• Build environment or development environmentBuild environment or development environment •

• Testing distributed application and/or complex Testing distributed application and/or complex

upgrade process upgrade process

(113)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

(114)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

• Security usageSecurity usage •

(115)

➔

In order to facilitate this process, we have

established some basic use

-

cases for the

virtualization of computers:

•

• Security usageSecurity usage •

• High availabilityHigh availability •

(116)

Hosting

(117)

Hosting

➔

➔ An Internet provider or someone that simply have to An Internet provider or someone that simply have to

provide access to one or several hosts on a real provide access to one or several hosts on a real

system. system.

(118)

Hosting

➔

system. system.

➔

➔ The resources consumption is very small because The resources consumption is very small because

only the needed processes are started on the only the needed processes are started on the

vservers. vservers.

(119)

Hosting

➔

system. system.

➔

➔ The resources consumption is very small because The resources consumption is very small because

only the needed processes are started on the only the needed processes are started on the

vservers. vservers.

➔

➔ Additional security is provided by the POSIX Additional security is provided by the POSIX

capabilities capabilities

(120)

Hosting

➔

➔ On demand servers can be created in seconds and On demand servers can be created in seconds and

delivered to the customer. delivered to the customer.

(121)

Hosting

➔

➔ Every LinuxEvery Linux--VServer consist only of files that can be VServer consist only of files that can be

easily backuped and restored on another server if easily backuped and restored on another server if

needed. needed.

(122)

Hosting

➔

➔ Every LinuxEvery Linux--VServer consist only of files that can be VServer consist only of files that can be

easily backuped and restored on another server if easily backuped and restored on another server if

needed. needed.

➔

➔ Unification is a mechanism at the package level that Unification is a mechanism at the package level that

allows Linux

allows Linux--VServers to share programs and VServers to share programs and library

(123)

Testing one application

(124)

Testing one application

➔

➔ Perform stress tests or unitary testing on one Perform stress tests or unitary testing on one

application. application.

(125)

Testing one application

➔

➔ Is easy to move a LinuxIs easy to move a Linux-VServer on different -VServer on different

hardware to compare performance. hardware to compare performance.

(126)

Testing one application

➔

➔ Is easy to move a LinuxIs easy to move a Linux-VServer on different -VServer on different

hardware to compare performance. hardware to compare performance.

➔

➔ Because the regular device drivers are used, the Because the regular device drivers are used, the

virtualization layer impact on performance virtualization layer impact on performance measurement is expected to be nebligible. measurement is expected to be nebligible.

(127)

Build environment or development

environment

(128)

Build environment or development

environment

Easily to create on deman different versions of

distributions from a host system

(129)

Build environment or development

environment

Development starting from a clean virtual

server:

Easily to create on deman different versions of

distributions from a host system

(130)

Build environment or development

environment

➔

➔ Greatly increases bug reproducibility and process of Greatly increases bug reproducibility and process of

Development starting from a clean virtual

server:

Easily to create on deman different versions of

distributions from a host system

(131)

Build environment or development

environment

➔

➔ Greatly increases bug reproducibility and process of Greatly increases bug reproducibility and process of

Development starting from a clean virtual

server:

➔

➔ When a bug is found, the vserver where the bug When a bug is found, the vserver where the bug

can be triggered can be easily copied and

can be triggered can be easily copied and ««givengiven »» to the developer in charge.

to the developer in charge.

Easily to create on deman different versions of

distributions from a host system

(132)

Testing distributed application and/or

complex upgrade process

(133)

Testing distributed application and/or

complex upgrade process

➔

➔ One of the problems for complex applications is the One of the problems for complex applications is the

fact that it is very difficult to reproduce, in the fact that it is very difficult to reproduce, in the

laboratory, an evironment similar to the production laboratory, an evironment similar to the production

one. one.

(134)

Testing distributed application and/or

complex upgrade process

➔

one. one.

➔

➔ As a consequence, and while this is certainly not As a consequence, and while this is certainly not

the best practices, developers often need to the best practices, developers often need to

develop on or

(135)

Testing distributed application and/or

complex upgrade process

➔

one. one.

➔

➔ As a consequence, and while this is certainly not As a consequence, and while this is certainly not

the best practices, developers often need to the best practices, developers often need to

develop on or

develop on or ««nearnear»» the production systems.the production systems.

➔

➔ With one of the virtualization techniques it is very With one of the virtualization techniques it is very

easy to duplicate the production environment in the easy to duplicate the production environment in the

laboratory: just copy your production virtual laboratory: just copy your production virtual

computer on a development system. computer on a development system.

(136)

Security usage

(137)

Security usage

➔

➔ The KISSThe KISS11 principle encourages the deployment of principle encourages the deployment of

simple systems that only deliver one service per simple systems that only deliver one service per

system. system.

1

(138)

Security usage

➔

system. system.

➔

➔ This principle is rarely used on the field because This principle is rarely used on the field because

this will lead to a very big increase of the physical this will lead to a very big increase of the physical

computers number. computers number.

(139)

Security usage

➔

system. system.

➔

➔ This principle is rarely used on the field because This principle is rarely used on the field because

this will lead to a very big increase of the physical this will lead to a very big increase of the physical

computers number. computers number.

➔

➔ In turn, because modern computers have a huge In turn, because modern computers have a huge

computing power, those computers will be under computing power, those computers will be under-

-used used

(140)

High availability

(141)

High availability

➔

➔ While Xen is presently one of the first to manage While Xen is presently one of the first to manage

load balancing between lives computers, one can load balancing between lives computers, one can

easily set up a high availability system with any easily set up a high availability system with any

virtualization technique. virtualization technique.