| 1 |
"J. Roeleveld" <joost@××××××××.org> writes: |
| 2 |
|
| 3 |
> On Thursday, April 23, 2015 11:03:53 PM lee wrote: |
| 4 |
>> "J. Roeleveld" <joost@××××××××.org> writes: |
| 5 |
>> >> |
| 6 |
>> > I disagree. Been using Xen for over 10 years now and find it very easy to |
| 7 |
>> > use. The documentation could be better on the Xen site itself, but there |
| 8 |
>> > is plenty of decent documentation available via Google. |
| 9 |
>> Then we just disagree about this. |
| 10 |
> |
| 11 |
> Do you have anything that you find insufficiently documented or is too difficult? |
| 12 |
|
| 13 |
sure, lots |
| 14 |
|
| 15 |
>> >>Virtualization with containers is basically as simple as running just |
| 16 |
>> >>another daemon. |
| 17 |
>> >> |
| 18 |
>> > Not quite. I use virtualization to minimizer the physical hardware. Xen is |
| 19 |
>> > easy for that. Containers are what chroot jails should have been. But |
| 20 |
>> > there is no simple method to set these up when security isolation is your |
| 21 |
>> > goal. |
| 22 |
>> Containers or chroots? |
| 23 |
> |
| 24 |
> Containers. |
| 25 |
> Chroots don't have much when it comes to isolation. |
| 26 |
|
| 27 |
What exactly are the issues with containers? Ppl seem to work on them |
| 28 |
and to manage to make them more secure over time. |
| 29 |
|
| 30 |
>> >>Which the "better" tool, or combination of tools is, depends on what |
| 31 |
>> >>you |
| 32 |
>> >>want to accomplish. You could use containers in a VM, too, or use |
| 33 |
>> >>virtualbox along with containers to run the odd VMs that require full |
| 34 |
>> >>virtualzation. |
| 35 |
>> >> |
| 36 |
>> > Virtualbox is nice for a quick test. I wouldn't use it for production. |
| 37 |
>> |
| 38 |
>> Why not? |
| 39 |
> |
| 40 |
> Several reasons: |
| 41 |
> |
| 42 |
> 1) I wouldn't trust a desktop application for a server |
| 43 |
|
| 44 |
So that's a gut feeling? |
| 45 |
|
| 46 |
> 2) The overhead from Virtualbox is quite high (still better then VMWare's |
| 47 |
> desktop versions though) |
| 48 |
|
| 49 |
Overhead in which way? I haven't done much with virtualbox yet and |
| 50 |
merely found it rather easy to use, very useful and to just work fine. |
| 51 |
|
| 52 |
Compared to containers, the overhead xen requires is enormous, and it |
| 53 |
doesn't give you a stable system to run VMs on because dom0 is already |
| 54 |
virtualized itself. I don't know how that compares to virtualbox --- I |
| 55 |
didn't have time to look into it and it just worked, allowing me to run |
| 56 |
a VM on the fly on the same machine I'm working on without any ado. |
| 57 |
|
| 58 |
That VM was simply a copy of a VM taken from a vmware server, and the |
| 59 |
copy could be used without any conversion or anything. You can't do |
| 60 |
that with xen because you'll be having lots of trouble to convert the |
| 61 |
VM, to convert the machine you're working on to xen and to get it to |
| 62 |
work, to work around all the problems xen brings about ... Some days |
| 63 |
later you might finally have it working --- which is out of the question |
| 64 |
because the VM is needed right away. And virtualbox does just that. |
| 65 |
|
| 66 |
I was really surprised that virtualbox worked that well. Maybe xen will |
| 67 |
get there some time. |
| 68 |
|
| 69 |
|
| 70 |
-- |
| 71 |
Again we must be afraid of speaking of daemons for fear that daemons |
| 72 |
might swallow us. Finally, this fear has become reasonable. |
Archives