FreeBSD virtualization

From ISPWiki

Jump to: navigation, search

FreeBSD virtualization used in VDSmanager is based on so called "jail". "Jail" is included into the standard set of the operating system and provides minimal virtualization possibilities. A number of changes was made by our specialists.

Contents

File system

  • Additional level of disk quotas that allows to set limits on the number of files for each virtual environment (jail).
  • Common system of disk quotas (user group) is unique for each virtual environment.
  • The template file system allows both to save disk space and provide centralized update of the software.

Principles of operation. When creating a virtual server, the structure of the disk template directory is recreated, and all the files are created by means of hard links. When attempting to open a file or edit its attribute, while a virtual server is running, a hard link is broken and a file is copied to the user's disk. Thus, it is a private file of a virtual server, rather than a template file.

VDSmanager-FreeBSD uses only UFS2.

Limit on memory

We tried to do our best to make limits and virtual server performance closer to a real situation.

  • Limit on real memory - limits real memory, i.e. the number of real memory pages used will be calculated. A Libc library that is used practically by all running applications will be calculated only once, rather than for each application, as other virtualization systems do.
  • Limit on swap - specifies the size of real memory that can be exceeded. Real swap may not be used (the disk subsystem should not be slowed down). If you use real memory instead of swap, the performance of your virtual server is slowed down artificially: the more you exceed, the longer the delay is.
  • Exceeding all limits. When you exceed the limit on both real memory and swap, new processes won't start (fork will return the error), memory won't be allocated (malloc will return the error) and a process that uses the largest amount of memory will be killed (kill -9).

Other limits

  • Limit on CPU
  • Limit on the number of processes
  • Limit on the number of open descriptors (open files and sockets)

Other cahnges

  • Personal data SysV (shm sem msg)

Network stack

There is a new fully virtualized network stack in the standard kernel, so we did not have to improve anything. Currently this feature is being tested and we would not recommend that you use it.

When running VDSmanager, you can decide whether to use this option or not. A regular mode is used by default, the virtual server does not allow to use applications that require low-level access to the network. To enable VNET, add the following line to the config:

Option vnet

and describe the network used

DefaultNetmask 255.255.xxx.0
DefaultGateway xxx.xxx.xxx.xxx

We would not recommend that you use this operating mode on commercial servers.

With all the tests completed, we detected several minor routing problems, as well as memory deallocation when destroying the virtual network stack (suspending the virtual server). Consequently, you may suffer a lack of kernel memory, and the server will restart.

Was this helpful? Yes | No
Views
Personal tools