At Fri, 15 Apr 2022 07:36:15 +0200, Matthias Petermann <mp%petermann-it.de@localhost> wrote: Subject: Status of NetBSD virtualization roadmap - support jails like features? > > My motivation: I am looking for a particularly high performance > virtualization solution on NetBSD. Especially disk and network IO > plays a role for me. In my experience nothing beats I/O performance of Xen with LVM in the dom0 and the best/fastest storage available for the dom0, especially now there's SMP support for dom0. That's anecdotal though -- I haven't done any real comparisons. I just know that NFS in domUs is a lot slower than using LVMs via xbd(4), no matter where/how-fast the NFS server is! If I'm not too far out of touch I think there's still a wee bit more SMP support needed in the networking code to make it possible for dom0 to also give the best network throughput, but it's really not horrible as-is. In theory NVMM with QEMU and virtio(4) should be about the same I would guess, with potential for some improvement in some micro-benchmarks, but for production use the maturity and completeness of the provisioning support offered by Xen still seems far superior to me. > Regardless, I still think it wouldn't hurt > if NetBSD could implement some sort of > jail. I'm not convinced "jails" (at least in the FreeBSD form I'm most familiar with) actually buy much without also increasing complexity and/or introducing limitations on both the provisioning and the "virtual" side. With a full virtualisation as in Xen the added complexity is very well partitioned between the provisioning side and the VMs, and there are almost no limitations inside the VMs (assuming you are virtualising something that fits well into a virtualised environment, i.e. with no special direct hardware access needs) -- everything looks and feels and is managed almost as if it is running on bare hardware and so the management of the VM is exactly as if it were running on separate hardware; except of course some aspects are actually easier to manage, such as provisioning direct console access and control. There's really nothing new to learn other than how to spin up a new domU (and possibly how to use LVM effectively). However FreeBSD-style jails do offer their own form of flexibility that seems to be worth having available, and it would be nice for jails to be available on NetBSD as well. The impact inside the OS (kernel and userland) is quite high though, and is itself a form of complexity nightmare all its own, though perhaps not so horrible as Linux "cgroups" and some other related Linux kernel namespaces are. -- Greg A. Woods <gwoods%acm.org@localhost> Kelowna, BC +1 250 762-7675 RoboHack <woods%robohack.ca@localhost> Planix, Inc. <woods%planix.com@localhost> Avoncote Farms <woods%avoncote.ca@localhost>
Attachment:
pgpsiwvhWQjz2.pgp
Description: OpenPGP Digital Signature