An attempt to debunk the myths about OpenVZ, or VPS on OpenVZ vs Xen / KVM / Hyper-V / etc

An attempt to debunk the myths about OpenVZ, or VPS on OpenVZ vs Xen / KVM / Hyper-V / etc

For some reason that is not clear to me, Habrahabr has developed a negative attitude towards OpenVZ technology in general, and OpenVZ hosting in particular. This post is an attempt to debunk the myths regarding OpenVZ hosting, although in my opinion, OpenVZ is also perhaps the best solution for sharing monogenic (Linux-only services) within an enterprise on its own servers.

I am not an interested person, I am writing a post not on behalf of my employer, but on my own behalf.

So, the thesis: low-cost Linux VPS on OpenVZ, as a rule, work faster and more stable than low-cost VPS using hypervisors. Expensive VPS on hypervisors, in the "clouds" or with a fixed tariff plan, is better than expensive VPS on OpenVZ.



Since the topic is published not only in the Virtualization hub, I ask you not to be offended by those who administer farms with a large number of virtual machines and nodes: I must remind less professional readers what VPS is.

So what is VPS, and what are they? VPS is a Virtual Dedicated Server, which can conditionally be considered a “real” dedicated server, and the VPS administrator has full (on UNIX / Linux root) access to the VPS server, and can install any software compatible with the operating system selected for VPS, and virtualization technology used.
A synonym for the term VPS is VDS. In bourgeois, VPS stands for Virtual Private Server, and VDS stands for Virtual Dedecated Server.

The word VPS means, rather, not a technology, but a service provided by a hosting provider. At the same time, fundamentally different technologies can be used to implement the service.

There are two groups of technologies for implementing the VPS service:

a) Virtualization
b) Containers

Virtualization creates a full-fledged virtual machine for the client, with its own core, the ability to use VPS based on a large number of different operating systems, while isolation based on the modern implementation of virtualization technology, on hypervisors, maximum.

Most popular hypervisors: VmWare ESXi (the leading virtualization solution outside the world of hosting), Xen, KVM, Hyper-V.

Containers do not create, in contrast to virtualization, for each VPS their own full-fledged operating system, but create on a single core a large number of isolated spaces (name spaces), which allows the server to not waste server resources, but give them directly to VPS. Also, the advantage of containers
is that memory and other resources, such as disk space, are not allocated to the guest system as a whole (for example, the size of the lun given to the virtual machine as a disk can no longer be reduced).

The most popular (as well as technologically leading, and leading in the number of installations) container VPS technologies are Parallels Virtuozzo Containers and OpenVZ.

The main disadvantages are that on the basis of containers you can provide VPS only on the same system as the host system (for OpenVZ and Virtuozzo it is Linux, in principle, and the most popular OS for VPS based on any
technology).

In general, on the basis of hypervisors it is possible to build a VPS service that is better, stable and powerful than renting a dedicated server:

A powerful host system with top-end CPUs, divided by a hypervisor into dozens and a half parts, with external disks on a fast disk shelf with dozens spindles, and High Available solution, restarting VPS on a new node in
in case of a host system hardware failure, it is obviously more stable, more efficient, more scalable (you can always go to the next tariff plan, or order a new VPS that will be deployed to you in minutes from the template) than, possibly, any most expensive physical server that you can rent : large operators generally prefer to lease “servers”, collecting them from desktop components, even without ECC memory support, and selling megahertz desktop processors such as Corei7 to not very knowledgeable people, while stability such iron in 7/24 mode is not their problem.

At the same time, such VPS are often naturally, as the best service, turn out to be more expensive than dedicated servers, and the cost of equipment adequately organized hosting with hypervisor technology requires not very small ones, therefore such services as Amazone EC2, or, for example, VPS from Leaseweb on VmWare ESXi with disks on a SAN with raid60 are not cheap: a hoster cannot sell a service below its cost.

Unfortunately, among the users of the VPS service, the myth that we are debunking now prevails:

“VPS on Xen is better than VPS on OpenVZ / Virtuozzo”

The question “what is better” is usually answered that “the OVZ hoster oversell and it’s lying and selling mine , honestly purchased, by the consumer of the service resources to other customers, so everything slows down! You can't oversell on Xen! ”

Usually people don’t understand that the hoster always has the opportunity to deceive the client for a hundred points, and the technology has nothing to do with it ...

This myth is artificially fueled by some, probably not very conscientious companies that provide cheap Xen hosting.
The fact is that it’s impossible to get high-quality VPS on hypervisors for the same money that VPS is sold on OpenVZ.

When using hosting servers, there is often a need, for example, to turn off the physical machine for prevention, transportation to another data center, upgrade, to provide more resources to customers at new tariffs,
since computing technology continues to develop according to Moore’s law, doubling the computing power every two years), and even if the server behaves unstable, it would be nice to transfer VPS clients to the new server. Even more often, there is a need for load balancing: on one node, VPS sold too much, and on the other too little. cheap Xen hosters are forced to either turn off part of the clients, and transport them offline to the underloaded server, or not pay attention to customer complaints on the overloaded server : maybe someone will leave and the rest of the VPS will stop braking!

So, in order not to turn off the service for customers for several hours, you need live migration technology, and it is not compatible with cheap Xen VPS, as it requires the host to invest in a SAN and a data network, and then there is no sense buy cheap servers: VPS on hypervisors, or as they often say now, in the “clouds” it is a better and more “advanced” service than a regular server, and is not at all competitive with the “container” VPS, primarily for the price.

OpenVZ and Virtuozzo containers allow transparent, online clients to transfer VPS from a physical server to a physical server without costly investment in a storage network.

As for “overselling”, this is a myth, since on the contrary, the possibility of overselling for the hoster's client is good, since no VPS, if it works stably, is 100% of the time near the limits of its tariff plan (otherwise services on VPS will be unstable and slowly, and the tariff plan was chosen incorrectly).

When using regular, dedicated, non-virtualized servers (colocation or dedicated), most of the server’s resources are also idle, and the client pays for these idle clock cycles.

If the hoster is not blatantly lying to you, and the physical server has enough resources, the ability to transfer resources that it does not use to another VPS without compromising the quality of service for the end client is good for both the host and the client, as the host will increase its profitability, and, for example, or buy more powerful servers, so that your nominal megahertz value more, or lower prices, or increase support salaries.

With dozens of VPSs per physical server, the likelihood that all clients will simultaneously need their resources tends to zero. But it is often significant when the number of VPS is up to ten to fifteen per server, which is often found in Xen hosters, so CPU overselling for an “honest” Xen host is much more likely than memory overselling for an OpenVZ hoster

We can add that in terms of container technology, productivity is higher, since there is no overhead for launching guest cores and switching contexts: for example, you can see the HP Xen vs OpenVZ benchmark, in which you can see that the difference is very, very significant:
www.hpl .hp.com / techreports / 2007 / HPL-2007-59R1.pdf

Also, Xen often receives criticism about the performance of the disk subsystem, and even from the developers of other hypervisors, the same KVM, and Xen hosts often cunning: CPU overselling in Xen is also possible.

In addition, VPS on Xen, KVM, Hyper-V with local disks, without SAN, is always catastrophically slower than VPS on OpenVZ with local disks due to vzswap technology.
I would say that vzswap is such an uber feature of OpenVZ VPS, which, however, is not included in all OVZ hosts.
The client who bought the VPS on the hypervisor makes a swap file. When its VPS “lies down” from, for example, powerful DDoS, its applications go to swap, neighbors on the physical server suffer from intensive input-output. It is very difficult to prevent your physical machine neighbor from creating such a file.
Let me remind you, if someone doesn’t know or forgot, virtual memory can be represented as RAM (memory strips DDR / DIMM / SIMM on x86 / x86_64 computers) + swap (file or swap partition).
In OpenVZ technology, swapping is performed centrally by the kernel, the client is allocated virtual memory as "RAM" and ... virtual memory as "swap". Vzswap memory is also virtual! It is only artificially slowed down, and is usually located not in physical swap, but in physical RAM. When VPS starts DDoS, and it swaps away from tens or hundreds of Apache processes, or hundreds of thousands of sql queries, VPS naturally slows down because vzswap is slow! But the physical server disk is not used at the same time, since the kernel will dump into the real swap only the data that has not been used for a long time, which will have a drastic effect on the I / O performance for all VPS.

In conclusion, I would like to recall the paradox of prisoners from Game Theory, a text from Wikipedia:

Two criminals, A and B, were caught at about the same time on similar crimes. There is reason to believe that they acted in collusion, and the police, isolating them from each other, offer them the same deal: if one speaks against the other, and he remains silent, then the first is released for helping the investigation, and the second receives the maximum term imprisonment (10 years). If both are silent, their deed takes place under a lighter clause, and each of them is sentenced to 0.5 years. If both testify against each other, they receive a minimum term (2 years). Each prisoner chooses to be silent or testify against the other. However, none of them knows exactly what the other will do. What will happen?

Hatred of overselling, and a negative attitude to the hoster's desire to sell to other customers those resources that you still don’t use, despite the probability theory that when you need them, you will almost always get them, in my opinion, is the most the worst version of the Prisoners Paradox game: if you stop the hoster from making more money, you bother yourself first of all, as it’s beneficial for the hoster to earn and pay for services, and it’s beneficial for the hosting provider to be cost-effective and have more money for equipment, for charge technical support, and so on.

Here, some Xen-hosters, attacking OpenVZ, often use low-lying inclinations of human nature, the desire to play selfishly in the “prisoner paradox” game, and they also lie, slyly silent about the fact that they oversell the processor: they can have a CPU on one core several VPS that will interfere with each other.

Summarizing, today only OpenVZ / Virtuozzo is the best choice for a budget VPS, while “hypervisor” and “cloud” VPS are already restricting the service of leasing physical dedicated servers: if you need flexibility and stability of the service, and there is a budget for the project, there are such VPS think about it now.

UPDATE Judging by the comments and the negativity that they wrote to me in PM, not everyone understood that this topic is not against Xen, Kvm, VmWareand other hypervisors in hosting, it is the other way around for them, when hosting uses a SAN or at least DAS, the topic is a bit against cheap Xen hosts, and first of all, the topic is written for OpenVZ