tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Kernel based virtual machine

Le 14/10/12 21:42, Lukas Laukamp a écrit :
I don't know if I think right, but I would say that the most work is
already done with the QEmu Port, so just the KVM core component kernel
modules must be ported. So I don't know how much the APIs, driver
structures etc. distinguish from Linux and NetBSD but I would say it
would be possible.

Also this would be a great step for NetBSD I think because then there
are Xen, QEmu and KVM are supported so there is paravirtualization, full
virtualization and emulation supported.

I don't think that having multiple OS-level virtualization technologies available is a good point. You scatter ressources that can help tremendously elsewhere.

And you forgot the biggest contender out there: VMWare.

That there is no KVM port for NetBSD is for me the only point which
prevents me to switch completely to NetBSD. I see also big potential in
the Solaris derivats but the BSDs are the best and I wan't to get away
from the very chaotic, "unstable" and very differing linux world.

PS: Sorry for my bad english

KVM and Xen are not that far away, at least in terms of functionality. Please remember that KVM turns a Linux/Solaris into an hypervisor, while with Xen it is a separate component. Other than that they have similar offerings.

The biggest advantage KVM has over Xen is its tight integration with the Linux kernel, so it makes its installation and use easier than with Xen ("just load a module"). That's a sad tendency in the Linux world though: lots of technologies have to be merged in the kernel to be successful, which tends to bloat the kernel even more.

Although this argument has been mentioned countless times by KVM-defenders, you have other technologies that are way closer to Xen in concept than KVM, and that are also very successful: VMWare.

IMHO porting the whole "turn the kernel into an hypervisor" in NetBSD will not really bring anything useful:

- NetBSD already runs a dom0 Xen; ease of use does not depends on a choice of technology, more on a matter of tight integration of tools and what they can offer to you. See VMWare. They were talks to turn Xen into a loadable module, but I lost track of it.

- KVM is fairly close to Linux kernel, and so are its internals. Unless you can dedicate man power to track and maintain these (like SmartOS), you have one more component that is bitroting on a daily basis. There is an attempt to do that though: BHyve.

- from a system and security standpoint, I believe that the hypervisor should be the only privileged component on the system. The current "state of the art" adds the whole dom0 to the TCB, making this point moot. But you can design an OS where dom0 is kept to a minimum (Qubes).

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index