Attempt to dispel the myths about OpenVZ, or VPS on OpenVZ vs Xen / KVM / Hyper-V / etc

Attempt to dispel the myths about OpenVZ, or VPS on OpenVZ vs Xen / KVM / Hyper-V / etc

For some incomprehensible reason for me, Habrahabr has a negative attitude towards OpenVZ technology in general, and OpenVZ hosting in particular. This post is an attempt to dispel the myths concerning OpenVZ hosting, Although in my opinion, OpenVZ is also perhaps the best solution for separating monogenic (Linux-only services) within the enterprise on its own servers.

I am not an interested person, I am writing a post not on behalf of my employer, but on myself.
')
So, the thesis: budget Linux VPS on OpenVZ, as a rule, work faster and more stable than budget VPS using hypervisors. Expensive VPS on hypervisors, in “clouds” or with a fixed tariff plan, better than expensive VPS on OpenVZ.



Since the topic is published not only in the Virtualization hub, I ask you not to be offended by those who administer farms with a large number of virtual machines and nodes: I have to remind less professional readers what VPS is

So what is a VPS, and what are they? A VPS is a Virtual Dedicated Server, which can be conventionally considered a “real” dedicated server, while the VPS administrator has full (UNIX / Linux root) access to the VPS server, and can install any software compatible with the operating system chosen for the VPS, and used virtualization technology.
A synonym for the term VPS is VDS. On the "bourgeois" VPS is decrypted as a Virtual Private Server, and VDS as a Virtual Dedecated Server.

The word VPS means, rather, not technology, but a service provided by a hosting provider. In this technology for the implementation of services can be applied fundamentally different.

There are two groups of technologies for the implementation of the VPS service:

a) Virtualization
b) Containers

Virtualization creates a full-fledged virtual machine for the client, with its own kernel, the ability to use VPS based on a large number of different operating systems, while the isolation based on the current implementation of virtualization technology on hypervisors is maximum.

The most popular hypervisors: VmWare ESXi (outside the world of the hosting leading virtualization solution), Xen, KVM, Hyper-V.

Containers do not create, in contrast to virtualization, their own full-fledged operating system for each VPS, but create a large number of isolated environments on one core (name spaces), which allows not wasting server resources for nothing, but sending them directly to the VPS. Also plus containers
lies in the fact that memory and other resources, such as disk space, are not allocated to the guest system as a whole (for example, the size of lun given to a virtual machine as a disk cannot be reduced).

The most popular (as well as technologically leading, and leading in the number of installations) container VPS technologies are Parallels Virtuozzo Containers and OpenVZ.

The main disadvantages are that container-based VPS can be provided only on the same system as the host system (for OpenVZ and Virtuozzo, this is Linux, in principle, and so is the most popular OS for VPS, based on any
technologies).

In general, based on hypervisors, you can build a VPS service that is better, more stable and more powerful than renting a dedicated server:

A powerful host system with top-end CPUs, divided by a hypervisor into a dozen or one-and-a-half parts, with external disks on a fast disk shelf with dozens of spindles, and a High Available solution restarting the VPS on a new node
in case of a hardware failure of the host system, it is known that it is more stable, more productive, more scalable (you can always go to the next tariff plan, or order a new VPS, which you can deploy in minutes from the template) than, perhaps, the most expensive physical server that you can rent : large operators generally prefer to rent “servers”, collecting them from desktop components, even without ECC memory support, and selling megahertz desktop processors, such as Corei7, to not-great-minded people, while maintaining stability Such iron in 7/24 mode is not their problem.

At the same time, such VPS are often naturally, as the best service, turn out to be more expensive than dedicated servers, and the cost of equipment adequately organized hosting on hypervisor technology requires very small ones, therefore services such as Amazone EC2, or, for example, VPS from Leaseweb on VmWare ESXi with disks on SAN with raid60 and are expensive: the hoster cannot sell the service below its cost.

Unfortunately, among the users of the VPS service, the myth prevails, which we will now debunk:

“VPS on Xen is better than VPS on OpenVZ / Virtuozzo”

The question “the better” is usually answered that “the hoster on OVZ oversells, and it lies, and sells my resources, honestly purchased, by the consumer, to other customers, so everything slows down! You can't oversell Xen! ”

Usually, people do not understand that the hosting provider always has the opportunity to deceive a client by a hundred points, and the technology has nothing to do with it ...

This myth is artificially warmed up by some probably not very conscientious companies that provide cheap Xen hosting.
The fact is that it is impossible to get high-quality VPS on hypervisors, for the same money that VPS is selling on OpenVZ.

During the operation of hosting servers, there is often a need, for example, to turn off the physical machine for prevention, transport to another data center, upgrade, to provide more resources to customers at new rates,
since computing technology continues to evolve according to Moore's law, doubling the computing power every two years), and even if the server is unstable, it would be nice to transfer the VPS clients to the new server. More often there is a need for load balancing: on one node VPS sold too much, and on the other too little. cheap Xen hosters are forced to either turn off some clients, and transport them offline to an underloaded server, or not to pay attention to customer complaints on an overloaded server : maybe someone will leave and stop the rest of the VPS from stopping!

So, in order not to shut down the service for several hours for clients, a live migration technology is needed, but it is not compatible with cheap Xen VPS, because it requires the host to invest in SAN and data network, and then it makes no sense buy cheap servers: VPS on hypervisors, or as they often say now, in the “clouds” is a better and “advanced” service than a regular server, and not at all a competitor to the “container” VPS, primarily for the price.

OpenVZ and Virtuozzo containers allow transparently for customers, online, to transfer VPS from a physical server to a physical server without costly investment in storage area network.

As for “overselling,” this is a myth, since, on the contrary, the opportunity for overselling is good for the hosting client, since not a single VPS, if it works stably, is not 100% of the time near the limits of its tariff plan (otherwise the services on the VPS will be unstable and slowly, and the tariff plan was chosen incorrectly).

When using regular, dedicated, non-virtualized servers (colocation or dedicated), most of the server resources are also idle, and the client pays for these idle cycles.

If a hoster is not blatantly lying to you, and the physical server has enough resources, the opportunity for the end client to transfer unused resources to another VPS without degrading the quality of service to the end client is good for both the hoster and the client, since the hoster will increase its profitability and may, for example, or purchase more powerful servers, so that your nominal megahertz people would mean more, or lower prices, or increase salaries for support.

With dozens of VPS per physical server, the likelihood that all clients will simultaneously require their resources tends to zero. But it is often significant when the number of VPS is up to ten to fifteen per server, which is often found in Xen hosts, thus overselling the CPU for an “honest” hoster Xen is much more likely than overselling in memory for the OpenVZ hoster

It can be added that, within the framework of container technology, performance is higher, as there is no overhead for launching guest cores and switching contexts: for example, you can see HP's Xen vs OpenVZ benchmark in which you can see that the difference is very, very significant:
www.hpl.hp.com/techreports/2007/HPL-2007-59R1.pdf

Also, Xen is often criticized about the performance of the disk subsystem, even from the developers of other hypervisors, the same KVM, and Xen-hosters are often cunning: overselling on the CPU in Xen is also possible.

In addition, VPS on Xen, KVM, Hyper-V with local disks, without SAN, is always catastrophically slower than VPS on OpenVZ with local disks due to vzswap technology.
I would say that vzswap is such a Uber feature of OpenVZ VPS, which, however, is not included with all OVZ hosters.
A client who has bought a VPS on the hypervisor does the swap file on his computer. When his VPS "falls" from, for example, a powerful DDoS, its applications go to the swap, neighbors in the physical server suffer from intensive I / O. It is very hard to prevent your physical machine neighbor from creating such a file.
Let me remind you, if someone does not know, or forgot, virtual memory can be represented as RAM (DDR / DIMM / SIMM memory bars on x86 / x86_64 computers) + swap (file or swap partition).
In the OpenVZ technology, swaping is performed centrally by the kernel, the client is allocated virtual memory as “RAM” and ... virtual memory as “swap”. Memory vzswap is also virtual! Only artificially slowed down, and usually is not in the physical swap, but in the physical RAM. When a VPS starts to DDoS, and it goes into a swap from tens to hundreds of Apache processes, or hundreds of thousands of sql queries, the VPS naturally slows down, since vzswap is slow memory! But the disk of the physical server is not used, since the kernel will only dump data that has not been used for a long time, which will drastically affect I / O performance for all VPS.

In conclusion, I would like to remind you of the paradox of prisoners from the Theory of Games, the text from Wikipedia:

Two criminals, A and B, got caught at about the same time on similar crimes. There is reason to believe that they acted in collusion, and the police, isolating them from each other, offered them the same deal: if one testifies against the other, and the latter remains silent, the first is released for helping the investigators, and the second gets the maximum time imprisonment (10 years). If both are silent, their action takes place under a lighter article, and each of them is sentenced to 0.5 years. If both testify against each other, they receive a minimum period (2 years each). Each prisoner chooses to keep quiet or testify against another. However, none of them knows exactly what the other will do. What will happen?

Hate to overselling, and negative to the hoster’s desire to sell other customers those resources that you don’t use anyway, while according to probability theory, when you need them, you’ll almost always get them, is, in my opinion, the most the worst variant of the Paradox of Prisoners game: preventing the hoster from earning more money, you interfere first of all with yourself, since the hoster is profitable, so that you earn and pay for services, and it is profitable for you, so that the hosting is profitable and it has more money on equipment, for charge technical support, and so on.

Here, some Xen-hosters, attacking OpenVZ, often use the basest inclinations of human nature, the desire to play selfishly in the “paradox of prisoners” game, and also lie, slyly silent about the fact that they overclock the processor: they can have CPUs on one core several VPS that will interfere with each other.

Summarizing, for today the best choice of a budget VPS is only OpenVZ / Virtuozzo, and the “hypervisor” and “cloud” VPS are already pushing the service of renting physical dedicated servers: if you need flexibility and stability of the service, and there is a budget for the project, there are such VPS think now.

UPDATE Judging by the comments, and the negative that I wrote in a personal, not everyone understood that this topic is not against Xen, Kvm, VmWare and other hypervisors in hosting, it is the opposite for them when hosting uses SAN or at least DAS , the topic is a little bit against cheap Xen hosters, and first of all, the topic is written for OpenVZ