[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] who comes from kvm?

On 2/12/2011 5:45 PM, Bhasker C V wrote:

> that's not exact since KVM doesn't run 'on top of' the Linux kernel;
> it's part of the Linux kernel. as such, it has the same 'bare metal'
> access to hardware as the rest of the kernel or the Xen hypervisor.

One differing factor is paravirtualization.  To clarify my comments
regarding KVM: I meant it runs *in* the kernel.  So, yes -- when
accessing hardware without paravirtualization, making a Linux kernel
call versus making a Xen hypervisor/micorkernel call is probably half
a dozen of one/6 of the other.  However, when running paravirtualized
guests, the dedicated nature of the Xen approach can offer better
performance.  Here's a good paper on the subject:


KVM has more limited paravirtualization -- only specific network and
IO drivers I believe (someone can clarify this perhaps).

Does it matter?  Probably not for most people.  I've considered using
KVM again and may use it on another box at some point.

Theoretically, the separation of the VMs in a dedicated hypervisor like
Xen *should* also offer better security:  The assumption being that the
more general purpose Linux kernel is more susceptible to security attacks
than the specific purpose Xen kernel.

I have, however, seen nothing that indicates any real world issues in
the security area.

Steve Sapovits  steves06@xxxxxxxxxxx 

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.