Top VPS Hosting Provider

web hosting

Virtuozzo VPS Explained: What Is Container Based Virtualization?

by Tim Attwood on June 15, 2011

Parallels Virtuozzo ContainersAs the virtual market continues to expand, what was once the province of only a few select businesses has now transitioned into a commodity. A virtual private server or “VPS” is now something that can be purchased from a provider and used in place of a physical storage site. At a basic level, a VPS is able to lower IT costs for a business by removing the need for on-site monitoring and repair. But as this market has expanded, two dominant types of VPS options have emerged, each with their own strengths – hypervisor-based virtualization, and container-based virtualization.

Hypervisors and Container Virtualization – What’s The Difference?

Currently, the most common forms of virtual private servers being sold and used by companies are in the form of managed hypervisors. A hypervisor is conceptually one level higher than a supervisory program on a standard desktop, and oversees the running of a host computer, one that allows multiple “guests” to take advantage of the resources of the computer at once. This is the standard for virtualization as many companies understand it, with each user given what appears to be a private network, but that still shares resources with every other user on the system.

Container virtualization, meanwhile, also known as “operating system-level virtualization”, allows multiple instances to be run on the same computer, but with each one isolated from the next and sharing only a minimum of resources. In this type of virtualization, the OS of the host machine matters, as all guests must also use that same operating system. By starting at the “kernel” of the operating system rather than layering a hypervisor on top of the system, a more isolated and secure environment can be created.

The Role Of Container-Based Virtualization In The Market

According to recent paper published at Princeton University, there are scenarios in which a container-based solution will prove to be more effective than a hypervisor-based one, especially in “scenarios that require system virtualization with high degrees of both isolation and efficiency”. In publicly consumed virtualization markets, the sharing of resources does not prove to be a problem as the information shared is typically not of a sensitive nature, and performance decreases associated with multiple users all accessing the hypervisor-managed server at once are not an issue. For a number of services, however, including distributed hosting like that from Amazon or Microsoft, a container-based system will provide greater customer benefits both in terms of security and accessibility.

Types Of Container-Based Virtualization Options Available

A number of companies are currently offering this kind of virtualization, including Parallels and their multiple OS Virtuozzo VPS, along with OpenVZ VPS and their Linux-based options. These systems are able to offer a high degree of isolation, along with options such as dynamic resource management and live partitioning, and can often see server utilization two to three times greater than that offered by standard hypervisor servers.

Data from the above-mentioned Princeton study indicates that in many cases, a well-managed container-based virtualization system can outperform that of a hypervisor, but at the cost of an openness to resources.

Ongoing Changes In The Virtual Market

As the market for virtualization and cloud services evolves, options like Virtuozzo VPS and OpenVZ VPS will increase in number, as will hypervisor options to compete with them. Each type of VPS management has its strengths and weaknesses, and for many companies the choice will come down to what is the more important characteristic – multiple shared instances over one server, or the efficiency and isolation of a single-kernel VPS solution.

Related posts:

  1. Hyper-V Explained: Microsoft’s Hypervisor Based Virtualization
  2. Virtuozzo vs. Hyper-V: Comparing Container and Hypervisor Virtualization
  3. Virtuozzo OS Level Virtualization VPS Hosting vs. Other Hardware Level Virtualization
  4. Virtuozzo VPS Hosting is the New Kid on the Virtualization Block with Some Mad Skills
  5. In a Dynamic and Resource Hungry IT Environment, Virtuozzo VPS Virtualization Solutions Bring Sanity and Balance

{ 6 comments }

Randy5 June 16, 2011 at 8:36 AM

I’m surprised by the Princeton study indicating thatg in some instances a container-based system can outperform a hypervisor. I thought nothing in the world could beat them hypervisors!!

PotsNPans June 16, 2011 at 8:38 AM

This article really helped me understand a complicated and confusing subject. I’m still on the fence about which would be better for me, though!

WrigleyF June 16, 2011 at 8:39 AM

Indeed, the degree of isolation available today is remarkable, and will probably only get better in the years to come!

Stoddard July 11, 2011 at 10:55 PM

As somone who once had shared hosting and experienced countless slowdowns and crashes, I can tell you how invaluable isolation is.

OhDonna October 28, 2011 at 8:40 AM

I’m actually not surprised that container-based solutions are often more effective now than hypervisor-based ones; that seemed like the direction the technology has been taking in recent months.

Wyatt Epp November 17, 2011 at 3:16 PM

“By starting at the ‘kernel’ of the operating system rather than layering a hypervisor on top of the system, a more isolated and secure environment can be created.”

This should probably be set straight:
a) We usually don’t put the kernel in quotes because it’s not a “nickname”– that’s just the term for the core OS process (I don’t know who coined it, but it’s been in use at least since Tanenbaum’s “Operating Systems: Design and Implementation”).
b) A “container” is one of the family of Type II VMM (hypervisor). “…a Type II (extended machine host) virtual machine organization is one in which the VMM runs, not on a bare machine as the supervisor, but rather on an extended host under the host supervisor.” (Goldberg, 1973). I believe the first implementation of this type was jail in FreeBSD 4.
c) While removing the overhead of running a separate kernel process will obviously result in better performance, it’s _impossible_ for it to provide better isolation and security for your infrastructure as a whole. Because your jail-style HV is literally running on the host’s kernel; because they share the same address space there is the slim-but-very-real chance of privilege escalation that allows arbitrary code execution. There is one well-known exploit in the BSD implementation already that is usually a non-issue because it relies on a user existing in both in a jail and in the host. Of course, it goes without saying there’s no guarantee other exploits aren’t waiting to be found in other kernels.

Previous post:

Next post:

Website Hosting and Domain Hosting Email Hosting Services, Pick Up Your Email
© 2013 SoftCom Inc. All rights reserved.