Datasheet
Chapter 1: Overview of Virtualization
9
such as Fibre Channel ( http://en.wikipedia.org/wiki/Fibre_Channel ) and InfiniBand
(
http://en.wikipedia.org/wiki/InfiniBand ) to provide the high levels of throughput and
general performance that are most desirable when many systems share access to block - or protocol - level
networked storage.
Newer technologies such as iSCSI (Internet Small Computer Systems Interface,
http://en.wikipedia
.org/wiki/ISCSI
) and AoE (ATA over Ethernet, http://en.wikipedia.org/wiki/ATA_over_
Ethernet
) provide less expensive mechanisms for getting block - level access to networked storage
devices. As the name suggests, iSCSI supports the use of the SCSI protocol over TCP/IP networks, and
requires a special type of network controller. AoE provides block - level access to suitable ATA devices
using only a standard Ethernet connection. As you ’ d expect, both of these perform better on
higher - bandwidth networks such as Gigabit Ethernet networks, although they are certainly usable on
100 - megabit networks. iSCSI and AoE are making networked storage a very real possibility for most of
today ’ s data centers and IT infrastructure of any size, and are discussed in more detail in the section
“ Using Xen and Networked Storage Devices ” in Chapter 10 .
System - Level or Operating System Virtualization
The system - level virtualization, often referred to as, operating system virtualization, describes various
implementations of running multiple, logically distinct system environments on a single instance of an
operating system kernel. System - level virtualization is based on the change root (chroot) concept that is
available on all modern UNIX - like systems. During the system boot process, the kernel can use root
filesystems such as those provided by initial RAM disks or initial RAM filesystems to load drivers and
perform other early - stage system initialization tasks. The kernel can then switch to another root
filesystem using the chroot command in order to mount an on - disk filesystem as its final root filesystem,
and continue system initialization and configuration from within that filesystem. The chroot mechanism
as used by system - level virtualization is an extension of this concept, enabling the system to start virtual
servers with their own sets of processes that execute relative to their own filesystem root directories.
Operating within the confines of their own root directories and associated filesystem prevents virtual
servers from being able to access files in each others ’ filesystems, and thereby provides basic protection
from exploits of various server processes or the virtual server itself. Even if a chroot ’ ed server is
compromised, it has access only to files that are located within its own root filesystem.
The core differentiator between system - level and server virtualization is whether you can be running
different operating systems on different virtual systems. If all of your virtual servers must share a single
copy of an operating system kernel, as shown in Figure 1 - 1 , this is system - level virtualization. If different
virtual servers can be running different operating systems, including different versions of a single
operating system, this is server virtualization, sometimes also referred to as machine virtualization.
Virtualization solutions such as FreeBSD ’ s chroot jails, FreeVPS, Linux VServer, OpenVZ, Solaris Zones
and Containers, and Virtuozzo are all examples of system - level virtualization. FreeBSD jails can run
logically distinct versions of FreeBSD user - space on top of a single FreeBSD kernel, and can therefore use
different instances or versions of libraries, server processes, and applications. Solaris containers and
zones all share the same underlying version of Solaris, and can either use completely distinct root
filesystems or share portions of a filesystem. Linux - VServer, FreeVPS, and OpenVZ can run different
Linux distributions in their virtual servers, but all share the same underlying kernel. All of these are
discussed in more detail in the section “ Other Popular Virtualization Software ” in Chapter 2 .
c01.indd 9c01.indd 9 12/14/07 3:57:21 PM12/14/07 3:57:21 PM