Unique features of OpenVZ

The architecture of OpenVZ Virtual Private Servers is different from the traditional virtual machines architecture because it always runs the same OS kernel as the host system (while still allowing multiple Linux distributions in individual VPSs). This single-kernel implementation technology enables running Virtual Private Servers with a near-zero overhead. Thus, OpenVZ VPSs offer an order of magnitude higher efficiency and manageability than traditional virtualization technologies.

OS Virtualization

From the point of view of applications and Virtual Private Server users, each VPS is an independent system. This independency is provided by a virtualization layer in the kernel of the host OS. Note that only a negligible part of the CPU resources is spent on virtualization (around 1-2%). The main features of the virtualization layer implemented in OpenVZ are the following:

  • Any VPS looks and behaves like a regular Linux system. It has standard startup scripts; software from vendors can run inside a VPS without OpenVZ-specific modifications or adjustment;

  • A user can change any configuration file and install additional software;

  • Virtual Private Servers are completely isolated from each other (file system, processes, Inter Process Communication (IPC), sysctl variables);

  • Processes belonging to a VPS are scheduled for execution on all available CPUs. Consequently, VPSs are not bound to only one CPU and can use all available CPU power.

Network virtualization

The OpenVZ network virtualization layer is designed to isolate VPSs from each other and from the physical network:

  • Each VPS has its own IP address; multiple IP addresses per VPS are allowed;

  • Network traffic of a VPS is isolated from the other VPSs. In other words, Virtual Private Servers are protected from each other in the way that makes traffic snooping impossible;

  • Firewalling may be used inside a VPS (the user can create rules limiting access to some services using the canonical iptables tool inside the VPS). In other words, it is possible to set up firewall rules from inside a VPS;

  • Routing table manipulations and advanced routing features are supported for individual VPSs. For example, setting different maximum transmission units (MTUs) for different destinations, specifying different source addresses for different destinations, and so on.

Resource Management

OpenVZ Resource Management controls the amount of resources available for Virtual Private Servers. The controlled resources include such parameters as CPU power, disk space, a set of memory-related parameters, etc. Resource management allows OpenVZ to:

  • Effectively share available Hardware Node resources among VPSs:

  • Guarantee Quality-of-Service (QoS);

  • Provide performance and resource isolation and protect from denial-of-service attacks;

  • Collect usage information for system health monitoring.

Resource Management is much more important for OpenVZ than for a standalone computer since computer resource utilization in a OpenVZ-based system is considerably higher than that in a typical sys

http://openvz.org/documentation/tech/features

你可能感兴趣的:(Unique features of OpenVZ)