[OmniOS-discuss] kvm / zones
Paul B. Henson
henson at acm.org
Wed Oct 31 19:18:45 EDT 2012
Under SmartOS, every kvm instance is created in a dedicated zone. With
OI/OmniOS, is that also considered a best practice, or are people for
the most part just running qemu in the global zone?
A separate zone provides a little more isolation and separation of the
vm from anything else, and an extra buffer in case of any qemu security
issues that allow a vm to inappropriately interact with the host. As I
understand it, there are also some resource restrictions that can only
be applied to zones, which one could not avail of with a vm in the
global zone.
On the other hand, the joyent branded zone in SmartOS is a sparse zone
(with basically the read-only OS image lofi mounted from the global
zone), which is pretty low overhead. Sparse zones under OI/OmniOS aren't
currently supported (I'm not sure if there's any work underway to change
that?) so it would be a higher cost to create them for your vm's.
On another note, vmadm seems fairly powerful and useful for managing kvm
instances, more so than trying to do everything by hand. It is a bit
SmartOS centric though, I don't know if it would be useful to try to
port to other illumos-based distributions. libvirt seems fairly popular
to manage kvm under Linux, has anyone tried to get that working under
illumos?
Thanks...
More information about the OmniOS-discuss
mailing list