|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen or LXC/LXD?
On 2016-04-21 18:03, Rich Wales wrote: Like everyone else, I can't really give much specific advice without knowing what type of usage you are planning for the system in question. That said, I can give some general advice.Hi. I'm just starting to put together a new server which will run the new Ubuntu 16.04 LTS. I had planned to use Xen, but I'm wondering if I should use LXC/LXD instead of Xen. What issues should I consider? The biggest difference is that LXC (and any other container option) shares the host kernel. This results in a couple of important distinctions: 1. Containers (usually) have less overhead than virtulization because you're only running the one kernel, and don't need to emulate devices. PV domains in Xen can usually get equivalent (and sometimes even better) performance to most container options, but still have higher memory overhead. 2. Kernel bugs tend to have a higher impact on container based systems. If you hit a kernel bug in a container, it's likely to impact the whole system, whereas a kernel bug in a VM is probably only going to impact that VM. 3. Because there really isn't a hypervisor involved in containers, there's less software involved that could trigger bugs. On the other hand though, the small size of a good hypervisor such as Xen, there's less potential for bugs at that level. 4. Containers usually require more setup on the guest side. A VM can run a pretty much unmodified guest OS without any difficulty, whereas a container needs a bunch of changes both in the init system, and in some cases the application software. 5. Depending on the software and hardware involved, containers can be better or worse at handling hardware errors. In this case, I'd say that Xen and Linux are equally good at handling hardware errors, although Linux (and by extension LXC) allows more options for how to handle them. 6. Full virtulization requires hardware support, whereas paravirtulization (like Xen PV domains) and containers only need it for certain things. This isn't going to be an issue if you are using either server grade hardware or high-quality newer desktop hardware, but is worth mentioning for completeness. This is by no means an exhaustive list of differences, but it covers what I feel are the most important points. FWIW, in my use case (mostly automated regression testing, plus heavy isolation of network services and untrusted code), containers would be stupid, as I absolutely need the isolation provided by virtulization because I'm testing code that's liable to panic the kernel and don't want to bring the entire system down. However, there are plenty of cases where virtulization is not a good fit, such as hosting HPC workloads, or needing to be able to upgrade the hosting software without bringing the entire system down (at the moment, the only container software that I know of that can do this is lmctfy from Google). _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |