Sam followed on from Ewen, giving a talk on Linux vServers. This is, in Sam?s words, a UNIX virtualisation technology rather than a kernel virtualistion technology. In other words, it?s more similar to FreeBSD?s jails or Solaris containers than it is to Xen or Qemu.
The implementation seems to be conceptually similar to a more restrictive chroot environment. The superuser in the virtual environment can be stripped of some of their powers, process limits can be applied to the virtual server as a whole, and files can be safely shared between multiple virtual servers. The Wikipedia entry has more info, see http://en.wikipedia.org/wiki/Linux-VServer.
As the kernel?s not
virtualised, it?s shared between the host and all of the virtual servers. This leads to very high efficiency; apparently it?s very hard to measure the inefficiency. It also has some disadvantages compared to kernel virtualisation (as per Xen or UML) as there are some aspects of the system that just aren?t virtualised. They also place some restrictions on the type of system that can be virtualised. vServers also apparently play nicely with other virtualisation technology; they are self hosting, and there?s a proof?of?concept patch allowing vServers to be run in a Xen user domain.
Sounds rather cool. Thus far, the patches aren?t integrated into the kernel, and the last attempt to see them integrated met with no response. The patch isn?t terribly invasive, but to paraphrase Sam, it patches the bits of Linux that would be the kernel if Linux was a microkernel; it also apparently patches many of the filesystems. Still, it?s quite an interesting technology, and Sam?s talk was a nice, interesting spot for second thing Monday morning (if a little hampered by a slow ?net connection).