Home

Virtualization in Debian Etch (Part 4 - Linux-VServer)

Submitted by punkytse on June 4, 2007 - 00:54. |

In the past virtualization article series (Part 1 - UML, 2 - KVM, and 3 - Xen), we have examined how different virtualization technology available in Debian Etch. In part 4, we will explore Linux-VServer. According to its website, Linux-VServer provides virtualization by accomplishing kernel level isolation. Simply speaking, Linux-VServer virtualizes the Linux kernel so that Virtual Private Servers (VPS) run independently with no knowledge of one another. Linux-VServer achieves user-space isolation through a set of modifications to the Linux kernel.

Follow this step-by-step instructions, you will be able to:

  1. install Linux-Vserver kernel and utility tools from the Etch repository, without building from source files or compilation of kernel
  2. create virtual server and install Debian Etch on it, using the newvserver tool
  3. start, run and manage virtual server
  4. know the tuning and operation tips for running virtual server
  5. compare the performance of difference virtualization technologies - UML, KVM, Xen and Linux-VServer

1. Installing Linux-Vserver kernel and related tools

Debian Etch already include Linux-Vserver patched kernel and corresponding utility. To install, simply install the following packages: 
# apt-get install linux-image-vserver-686 util-vserver vserver-debiantools ssh
then reboot with the new kernel.

2. Create virtual server

Debian Etch comes with vserver-debiantools package providing a very useful newvserver tools to ease the creation of a new Debian virtual server: 
newvserver --vsroot /var/lib/vservers/ --hostname [Hostname] \
--domain [Domain] --ip [IP Address]/[CIDR Range] \
--dist etch --mirror [Debian Mirror] --interface [Net Interface]
I used the follow command to create a new virtual server, punknix-vserver, assign with a static IP 192.168.1.92 and install etch on it. 
newvserver --vsroot /root/vservers/ --hostname punknix-vserver \
--domain punknix.com --ip 192.168.1.92/255.255.255.0 \
--dist etch --mirror http://ftp.hk.debian.org/debian --interface br0
  • vsroot - the virtual server root is /root/vservers
  • hostname - hostname of the virtual server will be punknix-vserver
  • domain - the new virtual server will be in punknix.com domain
  • ip - 192.168.1.92/24 is the static IP address for the new virtual server
  • dist - we will create a Debian Etch virtual server
  • mirror - download Debian from http://ftp.hk.debian.org/debian mirror
  • interface - network interface of the root device on the host
After a short while, the vserver is created. The root filesystem is stored under the directory /root/vserver/punknix-vserver. Unlike UML, KVM and Xen, the virtual server image is organized in in a directory, not in a file image or LVM volume. List the directories in /root/vserver/punknix-vserver/ and you know what I mean: 
punkytse@punknix:~$ ls /root/vserver/punknix-vserver/
bin   dev  home    lib    mnt  proc  sbin  sys  usr
boot  etc  initrd  media  opt  root  srv   tmp  var

3. Start, run and manage virtual server

The vserver is another utility that enables you to control different aspects of your vservers. To start the newly created virtual server, run: 
# vserver punknix-vserver start
To shows informations about all the active virtual server contexts (each virtual server run in its own context): 
# vserver-stat

CTX   PROC    VSZ    RSS  userTIME   sysTIME    UPTIME NAME
0      281   3.5G     2G  32m00s00  10m23s75   1d21h48 root server
49155    2   3.7M   1.3M   0m00s00   0m00s00   2m31s46 punknix-vserver
At last, to enter Enter in the virtual server context and starts a shell, run 
# vserver punknix-vserver enter

4. Tuning and operation tips for running virtual server

Instead of using vserver enter, you will prefer using ssh to logon to the virtual server instead. But even if you will install ssh on your new vserver and try to ssh to it and only get the host, not your vserver. This is because the ssh port on the host system binds to the IP address 0.0.0.0, and this keeps you from installing ssh on your vserver.

Another method is to use port 2222 as ssh port on the virtual server instead. 

# apt-get install openssh-server
# vi /etc/ssh/sshd_config
...
Port 2222
ListenAddress 192.168.1.92
...
After changing the port setting and the binding address, restart sshd on the virtual server 
# /etc/init.d/ssh restart

Another problem you may encounter no enough space while running apt-get install, especially when you install/upgrade locales package. Hence, you may want assign larger tmpfs space (e.g 128MB) for /tmp. Edit fstab: 

# vi /etc/vservers/punknix-vserver/fstab
...
none    /tmp        tmpfs   size=128m,mode=1777  0 0
I have been using br0 for outbound internet network, this should work OK. But if you only have one interface (e.g. eth0) on host, this may not work as expected. Linux-VServer provides another solution for it by assigning the interface alias to your interface. 
echo eth0 > /etc/vservers/punknix-vserver/interfaces/0/dev
echo 92 > /etc/vservers/punknix-vserver/interfaces/0/name
Hence, it will tell the virtual server to create a eth0:92 alias (I used the last octect of my virtual server IP for the alias name). When virtual server is started, eth0:92 alias will be created on the host and the same interface will be created on virtual server as well. 
# ifconfig
eth0:92   Link encap:Ethernet  HWaddr 00:16:01:3E:2B:D6
          inet addr:192.168.1.92  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          Interrupt:193 Base address:0x6000

5. Performance

We benchmark Linux-VServer performance by measuring Voyage Linux kernel build time and compare the result we obtained in the past articles. Not surprisingly, Linux-VServer performance is close to Xen. Here is the result:

specrealusersys
Host OSAthlon 64 X2 4400+
Memory: 2GB Ram		8m57.566s8m13.147s0m43.487s
UMLMemory: 128MB (use tmpfs)
Swap: 256MB
Disk Image: 4GB 		18m12.380s6m36.030s2m5.140s
KVMMemory: 128MB
Swap: 240MB
QEMU Disk Image: 4GB 		24m5.904s20m0.371s3m56.707s
Xen - File ImageMemory: 128MB
Swap: 256MB
File Image: 4GB		9m15.866s8m5.950s1m1.852s
Linux-VServerMemory: --MB (shared with host)
Swap: --MB		9m22.698s8m22.807s0m48.927s

Linux-VServer, unlike Xen, does not have restricted control of resource sharing (e.g. CPU, memory) among the host and other virtual servers. Although the virtual server performance close to Xen domU, I decided to use Xen to host all of my existing UML instances. Since both UML and Xen supports loop-back file images, the transition from UML to Xen becomes easier.

Reference:

The below lists additional references for writing up this article:
http://linux-vserver.org/Installation_on_Debian
http://howtoforge.com/linux_vserver_debian_etch
http://riseuplabs.org/grimoire//vserver/preparing/#make_services_not_be_greedy
http://www.nongnu.org/util-vserver/doc/conf/configuration.html
http://www.ibm.com/developerworks/library/l-linuxvirt/index.html

» login to post comments