Herbert Poetzl
| Speaker Details | ||
|---|---|---|
| Name | Herbert Poetzl |
|
| Title | Project Leader Linux-Vserver | |
| Company | ||
| Talks | ||
Born in 1970, explored the world of integrated circuits at the age of 10, implemented his first 'computer' game on a self built micro computer in 1981 (The Game of Nim) Later switched to consumer electronics, C64, C128 and finally Amiga, developed numerous useless applications mainly in assembler language, until confronted with the colorless non intuitive PC, as a natural result, lost for some time in DOS and 8086/88 assembler, trying to write a useful operating system with a gui. This effords where dropped intantly in 1991 as his computer science studies got him access to a NeXT system which at this time was more advanced than everything else available. Prepared a course for students and taught some years object oriented Software Engineering at the Technical University of Vienna. Got first contact with Linux at the University and later, as OpenStep was discontinued slowly moved to the beautiful world of Linux and free software. While working for several smaller and some larger companies in Austria, studied the unix working environment, kernel concepts and later internals. Since November 2003 Project Leader of Linux-VServer, after more than a year of vserver development.
Interview
What is Linux-VServer exactly?
Linux-VServer is an isolation technique in concept very similar to BSD Jails or Solaris Containers, which allows multiple Linux environments to run on a single kernel side by side, with no measurable overhead.
By how many people is it developed?
http://linux-vserver.org/Developers currently lists nine people. the core team is probably Daniel and myself, but on the other hand, we have contributions from many other folks.
Who are they? (individuals, companies)
Linux-VServer is a community project, and there is no company behind it. on one side, this is a big advantage, as the project can evolve without being patronized, but on the other side, we do not receive much financial support either, so this is mainly a spare time efford :)
Why is it labeled as resource efficient?
because it is :) Linux-VServer is focusing on isolation instead of virtualization wherever possible, and if virtualization is required, then we strive to make it as performant and unintrusive as possible
Does resource efficiency mean good performance?
yes, definitely, let me give you a good example for that: we use unification to share filesystem resources across common guests (think hardlinks on steroids with copy on write behaviour), which allows to have hundreds of 'almost' identical guests (think same distro, different user data), sharing most of their on disk data. this in turn results in shared inode caches and page mappings (for libraries and executables) which reduces the memory footprint drastically, and give 'more than native' performance to those guests.
Is the isolation level sufficient? Is it secure?
yes, we think it is .. but nothing is really 'secure' in my humble opinion. I still remember the VMware(tm) exploit which allowed to gain host access via drivers, and the Xen startup script exploit which did the same ... our 'weak spot' is the kernel, but the number of actual exploits working inside a guest (and giving you access to the host) were neglectible in the past
Who is the typical user of Linux-VServer?
good question! I think, the majority are still the hosting providers, although I get the feeling that Linux-VServer gets picket up on the desktops too. but there are many other areas (think embedded systems and telephony) where Linux-VServer has a big advantage over other (heavier) solutions
Are there management tools built for Linux-VServer, to ease new instance requests/creation?
yes, there are. a variety of userspace tools, created by Enrico Scholz, Daniel Hokka Zakrisson and Benedikt Böhm allow you to create guest systems from templates and via network repositories (the usual distro repositories). of course, you can also 'copy' your existing distribution/installation from a physical machine via rsync and 'virtualize' it :)
Why isn't Linux-VServer included in the mainline Linux source code?
Linux is a little behind regarding OS Level virtualization, but fortunately it is catching up right now (recent kernels include a lot of virtualization stuff formerly maintained out of line by Linux-VServer and similar projects), so more and more code is 'moved' into mainline, but not all the nice Linux-VServer features are mainline stuff :)
What's still missing in Linux VServer?
I don't think we are missing anything important, but of course there is always room for improvement, may it be providing more features to the user or simplifying administration ...
