Import substitution in practice. Part 2. Start. Hypervisor
In the previous article , the options were considered, what can replace the existing systems in the framework of the implementation of the order for import substitution. Further articles will focus on the selection of specific products to replace the currently deployed. Let's start with the point of reference - virtualization systems.
So what can you choose from? In the register of the Ministry of Communications, the choice is :
You can also take into account the hypervisors that are part of the OS delivery, or are in their repository. For example, the same Astra Linux has KVM support. And since it is included in the OS repositories, it can be considered “legitimate” for installation and use. The fact that “what can be used within the framework of import substitution and what is not,” was discussed in the previous article , so I will not dwell on this issue.
')
Upon closer inspection, we conclude that we will have to deal with only a few known hypervisors, namely:
QEMU is a free, open source program for emulating hardware of various platforms, which can work without using KVM, but using hardware virtualization greatly speeds up guest systems, so using KVM in QEMU (-enable-kvm) is the preferred option. (c) That is, QEMU is a type 2 hypervisor, which is unacceptable in a product environment. You can use it with KVM, but in this case QEMU will be used as a KVM management tool.
bhyve - hypervises of the second type. Noted
The use of the original VirtualBox in commerce is in fact a license violation : “Starting from version 4, released in December 2010, the bulk of the product is distributed free of charge under the GPL v2 license. An additional package installed on top of it, supporting USB 2.0 and 3.0 devices, remote desktop protocol (RDP), drive encryption, booting from NVMe and PXE, is distributed under a special PUEL license (for personal use and familiarization), according to which the system free for personal use, for training purposes or for evaluation before making a decision to purchase a commercial version. ”(c) Plus VirtualBox is also a type 2 hypervisor, so it also disappears.
Total: in its pure form, we have only KVM .
In case you still need to switch to the “domestic” hypervisor, you have, frankly, a small choice. It will be KVM in one or another wrapper, with certain modifications, but still it will be KVM. Good or bad - the question is different, there is still no alternative.
If the conditions are not so strict, then, as stated in the previous article : “We need to bring indicators to the established limits. In practice, this means that we must replace the existing OS with products from the registry of the Ministry of Communications and bring the number of replaced operating systems up to 80%. ... So, we can safely leave the cluster on Hyper-V, since we have it and we like it. .. ”(c) So we have a choice: Microsoft Hyper-v or KVM . KVM can be with control tools “bolted” to it, but it will still remain the same KVM .
These products were compared not just once , not twice , not three times ... Well, you understood ...
About the deployment and configuration of KVM was also written more than once , not twice , not three times and not four times ... In a word, they performed .
The same goes for Microsoft Hyper-V ..
I see no reason to repeat and describe these systems, compare, etc. You can, of course, pick out the key points from the articles, but this will be disrespect for the authors, I think. Who will have to choose - he will read not only this, but also a lot of information to decide.
The only difference I want to highlight is fault tolerant clustering. If Microsoft has it built into the OS and hypervisor functionality, then in the case of KVM you will have to use third-party software, which should be included in the OS repository. The same bunch of Corosync + Pacemaker, for example. (Almost all domestic OSs have this bundle ... maybe everyone, but I didn’t check all 100%.) There are also plenty of manuals for setting up clustering.
Well, as usual, our Kulibins did not bother, they took what was, screwed up a bit of their own, and issued a "product", which according to the documents is domestic, but in fact - OpenSource. Does it make sense to spend money from the budget for "individual" virtualization systems (read, not included in the OS)? I do not think. Since you still get the same KVM, only for it will still need to pay.
Thus, the choice of replacement for the hypervisor comes down to which server operating systems you are going to buy for the Enterprise and operate. Or, as in my case, you will remain on what you already have (Hyper-V \ ESXi \ enter_number).
1. Flour choice
So what can you choose from? In the register of the Ministry of Communications, the choice is :
- Server virtualization system " R-Virtualization " (libvirt, KVM, QEMU)
- Software complex " Brest" virtualization tools (libvirt, KVM, QEMU)
- The management and monitoring platform of the Sharx Stream virtualization environment (a cloud solution that is not suitable for government offices in 95% of cases (secrecy, etc.)
- Software complex virtualization servers, desktops and applications " HOST " (KVM x86)
- System of secure management of virtualization environment " Z | virt " (aka oVirt + KVM)
- System management environment virtualization " ROSA Virtualization " (aka oVirt + KVM)
- QP VMM hypervisor (too similar to the Oracle Virtual Box to be anything else)
You can also take into account the hypervisors that are part of the OS delivery, or are in their repository. For example, the same Astra Linux has KVM support. And since it is included in the OS repositories, it can be considered “legitimate” for installation and use. The fact that “what can be used within the framework of import substitution and what is not,” was discussed in the previous article , so I will not dwell on this issue.
')
In fact, here is a list of Astra Linux virtualization tools.
ROSA Linux does not have such a list, but the following packages can be found on the wiki:
Alt Linux found in the repository:
Calculate found the following:
Ulyanovsk.BSD
1.2. There is one BUT
Upon closer inspection, we conclude that we will have to deal with only a few known hypervisors, namely:
QEMU is a free, open source program for emulating hardware of various platforms, which can work without using KVM, but using hardware virtualization greatly speeds up guest systems, so using KVM in QEMU (-enable-kvm) is the preferred option. (c) That is, QEMU is a type 2 hypervisor, which is unacceptable in a product environment. You can use it with KVM, but in this case QEMU will be used as a KVM management tool.
bhyve - hypervises of the second type. Noted
The use of the original VirtualBox in commerce is in fact a license violation : “Starting from version 4, released in December 2010, the bulk of the product is distributed free of charge under the GPL v2 license. An additional package installed on top of it, supporting USB 2.0 and 3.0 devices, remote desktop protocol (RDP), drive encryption, booting from NVMe and PXE, is distributed under a special PUEL license (for personal use and familiarization), according to which the system free for personal use, for training purposes or for evaluation before making a decision to purchase a commercial version. ”(c) Plus VirtualBox is also a type 2 hypervisor, so it also disappears.
Total: in its pure form, we have only KVM .
2. Balance: KVM or KVM?
In case you still need to switch to the “domestic” hypervisor, you have, frankly, a small choice. It will be KVM in one or another wrapper, with certain modifications, but still it will be KVM. Good or bad - the question is different, there is still no alternative.
If the conditions are not so strict, then, as stated in the previous article : “We need to bring indicators to the established limits. In practice, this means that we must replace the existing OS with products from the registry of the Ministry of Communications and bring the number of replaced operating systems up to 80%. ... So, we can safely leave the cluster on Hyper-V, since we have it and we like it. .. ”(c) So we have a choice: Microsoft Hyper-v or KVM . KVM can be with control tools “bolted” to it, but it will still remain the same KVM .
These products were compared not just once , not twice , not three times ... Well, you understood ...
About the deployment and configuration of KVM was also written more than once , not twice , not three times and not four times ... In a word, they performed .
The same goes for Microsoft Hyper-V ..
I see no reason to repeat and describe these systems, compare, etc. You can, of course, pick out the key points from the articles, but this will be disrespect for the authors, I think. Who will have to choose - he will read not only this, but also a lot of information to decide.
The only difference I want to highlight is fault tolerant clustering. If Microsoft has it built into the OS and hypervisor functionality, then in the case of KVM you will have to use third-party software, which should be included in the OS repository. The same bunch of Corosync + Pacemaker, for example. (Almost all domestic OSs have this bundle ... maybe everyone, but I didn’t check all 100%.) There are also plenty of manuals for setting up clustering.
3. Conclusion
Well, as usual, our Kulibins did not bother, they took what was, screwed up a bit of their own, and issued a "product", which according to the documents is domestic, but in fact - OpenSource. Does it make sense to spend money from the budget for "individual" virtualization systems (read, not included in the OS)? I do not think. Since you still get the same KVM, only for it will still need to pay.
Thus, the choice of replacement for the hypervisor comes down to which server operating systems you are going to buy for the Enterprise and operate. Or, as in my case, you will remain on what you already have (Hyper-V \ ESXi \ enter_number).
Source: https://habr.com/ru/post/447670/
All Articles