Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: KVM Architecture

  1. #1
    Join Date
    Aug 2014
    Beans
    8

    KVM Architecture

    Looking for some insight from you seasoned KVM experts. Been using Ubuntu Server for a few years on bare metal, going to give KVM a try on my next Ubuntu provisioning.



    I've just started reading about KVM; from what I've gathered so far, Ubuntu server is initially installed which acts as the host OS, then separate VM's are built as guest OS's that run 'inside' the host installation. If this is the case, my question is this: what's the general opinion regarding VM architecture on the host installation? To elaborate, I want to start with two server instances; one will be used as a file server, and a separate one to be used for various development work. Should I:



    1. Install Ubuntu as the host, then set up two VM's (using KVM), one for the file server and the other for development, or


    2. Install Ubuntu as the host and configure it for the file server, then build a single VM for development?


    I'm curious that if the host OS is configured to perform some function how it might affect the VM's inside? Maybe its best to minimize functionality of the host installation and let the VM's have all the processing power?



    Any thoughts?

  2. #2
    Join Date
    Mar 2010
    Location
    Metro-ATL; PM free zone.
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: KVM Architecture

    The answer is "it depends". Too many unknowns to provide any good answer. Sorry.
    Sometimes doing it "1" way makes sense. Other times doing it "2" way makes sense. It depends.

    If you want to virtualize a desktop, take a look at VirtualBox instead. If you want to virtualize servers, then stay with KVM and don't load any GUI libraries. - Server on Server VMs are great with KVM. Desktop on Desktop VMs are ok on virtualbox, not so great on KVM.

    Oh - and you won't be happy with whatever decision you make. The first few years doing this stuff, we were stuck with few options. Now there are too many options and sometimes they aren't all good for any specific situation.

    So ... try what you think is best, if there are issues, come back and look for help with a specific situation. The best learning comes from failure or struggles.

  3. #3
    ibjsb4 is offline Ubuntu addict and loving it
    Join Date
    Sep 2012
    Beans
    5,003

    Re: KVM Architecture

    Quote Originally Posted by TheFu View Post
    Desktop on Desktop VMs are ok on virtualbox, not so great on KVM.
    Why is that?

  4. #4
    Join Date
    Mar 2010
    Location
    Metro-ATL; PM free zone.
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: KVM Architecture

    Quote Originally Posted by ibjsb4 View Post
    Why is that?
    The default graphical video connection to KVM is VNC - which sucks. It is fine for LAN-based office-productivity things. I wouldn't use it over an internet connection (x2go is sooooooo much better and has ssh-tunnel built-in). X2go (or freeNX on 12.04 and older) are 2x (or more) faster than VNC/RDP solutions. Still - none of these handles video well even on a GigE wired network. X2go audio does work fine from anywhere in the world in my experience.

    Most people expect a desktop to play hidef video without stuttering, without artifacts, and by default without any complicated tweaking. That just isn't the situation with KVM today.

    I'd hoped that Spice would allow the video stuff to work better in 14.04. It doesn't and the setup for a secure connection is non-trivial (multiple ports/channels needed), so it is only useful on the LAN unless a full VPN already exists.

    VirtualBox includes an impressive guestOS-to-hostOS video driver that DOES handle video with 2D (windows only) and 3D GPU acceleration. Hence, my recommendation above.

    Oh - and a few people will say that PCI passthru is an option for nearly native graphics performance - the setup for that stuff is still a black art and not suitable for average users - even then - it appears there are 98% failures and only 2% success with the attempts for people with the right BIOS, CPUs, motherboards, and multiple GPUs in their VM host.

    Did I get anything wrong?
    Last edited by TheFu; August 26th, 2014 at 10:19 PM.

  5. #5
    ibjsb4 is offline Ubuntu addict and loving it
    Join Date
    Sep 2012
    Beans
    5,003

    Re: KVM Architecture

    Did I get anything wrong?
    You took it as a challenge? Funny

    I think its time to move away from vBox.

  6. #6
    Join Date
    Mar 2010
    Location
    Metro-ATL; PM free zone.
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: KVM Architecture

    Quote Originally Posted by ibjsb4 View Post
    You took it as a challenge? Funny

    I think its time to move away from vBox.
    As you know, virtualization is a huge topic and things change all the time. It is impossible for anyone to try every tool, every 3 months, to see what may or may not have changed. That was the point of my question.

    I've never been able to use virtualbox on a Linux host. It wasn't stable when I tried, the system crashed within 24 hrs every time - THE HOST OS - without running any VMs at all. I moved on over that. At the time, I had Xen, KVM, ESXi VM hosts and a Windows box running vbox which was working ok.

    OTOH, with a Windows hostsOS and vbox, it worked fine after the 1st year Win7 was released. Under XP, Vista stability was less than 7 days. A year after Win7 was released - stability was from patch-tues to patch-tues. Good enough for desktop-on-desktop.

    Servers running either Xen or KVM have uptimes in months and only get rebooted when there is a critical server kernel update. I am a little nervous about Canonical's choice of 3.13.xx kernels. This is a development tree, not meant for stable deployments. I don't know what they were thinking. https://www.kernel.org/category/releases.html Hopefully, Canonical will push to the 3.14 or 3.16 lines ASAP. OTOH, a few 14.04 KVM servers here have been working non-stop since late May without issue.

    Should people use virtualbox for desktop-on-desktop needs, I can't say. I think it is the least of the evil options (anything from Oracle is still evil, just less than VMware-anything or MS-anything) where playback of video is required in a virtual environment. For server-on-anything, I would NOT select vbox.
    Last edited by TheFu; August 27th, 2014 at 12:24 AM.

  7. #7
    ibjsb4 is offline Ubuntu addict and loving it
    Join Date
    Sep 2012
    Beans
    5,003

    Re: KVM Architecture

    Thanks and back to Marty

  8. #8
    Join Date
    Aug 2014
    Beans
    8

    Re: KVM Architecture

    Thanks Fu.

    After reading your message and giving it some thought, I think I'll build host install as a file server and then run a single KVM VM for development. The file server portion will be there long term, the development instances will come and go as needed.

    I guess the thing that I'm having a tough time wrapping my head around is having a host machine that can fully function as a server and then the VM instances which also function as servers. Not that I don't understand the concept of virtualization... its just that nearly all my experience has been with VMWare, with hosts built upon ESXi, and then the guests run as VM instances. The hosts' only function is to support the guests. Pretty much all host resources are allocated to the VM's.

    I am guessing that with Ubuntu server and KVM, the host OS is essentially treated as a VM right along with the guest OS's when it comes to allocating resources like cores, memory, storage, etc.?

    Marty

  9. #9
    Join Date
    Mar 2010
    Location
    Metro-ATL; PM free zone.
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: KVM Architecture

    Sounds like a good plan.
    Only 1 caution - do not allow any internet facing services on the hostOS. It that instance is hacked - all other VMs are gone too.

    No - the hostOS is NOT like any other guestOS.
    http://blog.jdpfu.com/2013/11/03/set...virtualization may be helpful.
    Last edited by TheFu; August 27th, 2014 at 02:42 PM.

  10. #10
    Join Date
    Aug 2014
    Beans
    8

    Re: KVM Architecture

    Thanks again, Fu. Good blog article. One more question though (if I may)....

    You mentioned in your last message to "not allow any internet facing services on the hostOS". I'd like some more info on how to harden the host OS when running VM's, but I'm particularly curious why the host OS is especially vulnerable to malicious activity. Is the host OS more vulnerable when running VM's (e.g. via KVM) than, say, running a single Ubuntu Server instance without KVM installed? Maybe the need for some type of DMZ is required for externally-facing ports to the Internet?

    If you have any recommended reading on the security issues of the host OS, please share a link or two. I'd appreciate it.

    Thanks again,
    Marty

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •