Xen? (was Re: [wellylug] Mailing List & Webserver)

michael at diaspora.gen.nz michael at diaspora.gen.nz
Mon Feb 27 10:41:41 NZDT 2006


Ewen McNeill writes:
>I think we're getting quite close to the "mainframe" approach being
>practical with "PCs" -- ie, one large highly redundant box, and lots of
>virtual machines on it for most common tasks.

With the important proviso that mainframe style resource isolation is
Just Not There Yet.

Firstly, any Xen style guest instance granted access to a PCI device that
can do DMA can take over the whole machine, given a kernel compromise.

Secondly, while most of the solutions can perform resource management
of CPU and memory, I believe the only one that can reasonably resource
manage I/O and network bandwidth is Solaris Zones, courtesy of the quite
well tested Solaris Resource Manager stuff.

This can make things problematic for shared customer situations.

    -- michael.




More information about the wellylug mailing list