Open Source Hypervisors: do we really have them? do we really need them?

scottalanmiller

@matteo-nunziati you also have an assumption that developers from a vendor work on a product because they are at that vendor. While that can be true, it often is not and is not an assumption that you can make. Your assertion is that because developers work at Red Hat or have worked there, that it is Red Hat having them work on the project. Often it is because they work on the project that Red Hat hires them. Your basis for believing that a vendor is tied to a project because they employ or have employed people who work on their pet projects isn't based in reality. That certainly does happen, but the opposite happens quite commonly, too. This is open source, but you are still thinking of the risks as if it was closed source. Or you keep saying it is not open to your standards, but you are defining open in a way that has no connection to open source software. Once you realize these are really open, none of your concerns exist.

But ALL of your concerns DO apply to all closed sourced software. So if you read your concerns carefully, they all explain why Xen and KVM matter so much. You're actually making a great argument for why open source is critical, but because you keep thinking that Xen and KVM are not open, you aren't seeing how you are proving their value and how they protect you against the concerns you are having.

stacksofplates

@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@msff-amman-Itofficer said in open source hypervisors: do we really have them? do we really need them?:

If you want to bypass all this just get ESXi licensed, and your set.

Doing all that is easier than getting the license, I've tried.

If you want the power of KVM without the complexity, Scale HC3 is the way to go.

I don't think KVM has any complexity. I always thought XenServer was too complex to manage. Cross referencing UUIDs to image names is annoying. Not being able to store images in whatever directory you want is annoying. Not being able to store ISOs on your host is annoying (not using XO).

KVM is stupid simple. Click the hypervisor role on CentOS install. Done. You can store images in 1000 different directories if you want. Virsh and the virt tools (virt-sysprep, virt-customize, virt-builder, etc) give you so much power. Networking is done with dns-masq so it's easy to set reservations and do DNS within the host.

Single host deployments are stupid easy. More than one host deployments add some complexity but using orchestration it makes everything easy.

FATeknollogee

@stacksofplates said in open source hypervisors: do we really have them? do we really need them?:

More than one host deployments add some complexity but using orchestration it makes everything easy.

Details, please?

stacksofplates

@FATeknollogee said in open source hypervisors: do we really have them? do we really need them?:

@stacksofplates said in open source hypervisors: do we really have them? do we really need them?:

More than one host deployments add some complexity but using orchestration it makes everything easy.

Details, please?

You just manage the host like anything else. I ship the template to each host. I clone the template with the correct MAC and it gets whatever reservation it's supposed to. Then Ansible does all of the work. 99% of my systems don't get backed up because it's all code based. The 1% that do have backing stores and agent based backups that are orchestrated and are part of the code base for that VM.

stacksofplates

You essentially treat your hosts like data center regions on a cloud provider. VMs replicate within themselves. The hosts are just a place for them to run. There is nothing special about any of the hosts.

FATeknollogee

@stacksofplates said in open source hypervisors: do we really have them? do we really need them?:

VMs replicate within themselves.

On a single host or across multiple hosts?

stacksofplates

@FATeknollogee said in open source hypervisors: do we really have them? do we really need them?:

@stacksofplates said in open source hypervisors: do we really have them? do we really need them?:

VMs replicate within themselves.

On a single host or across multiple hosts?

Across multiple. This has to be set up obviously. I usually use floating IPs and if there is stateful data that needs replicated I'll use Gluster. But if it's just stateless data I'll just use floating IPs.

FATeknollogee

@stacksofplates said in open source hypervisors: do we really have them? do we really need them?:

Across multiple.

Thx, kinda what I thought.

...if there is stateful data that needs replicated I'll use Gluster.

I think I'm going to revisit oVirt

StorageNinja

@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@FATeknollogee said in open source hypervisors: do we really have them? do we really need them?:

Just want to make sure I'm following this correctly. Is this the "Xen" that you guys are referring to ? https://www.xenproject.org/

If yes, what "GUI's" are available to manage Xen?

XenCenter, Xen Orchestra, OpenStack, AWS, RS, and many more. No shortage of options

OpenStack is really a CMP, than just a hypervisor GUI.

StorageNinja

@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@matteo-nunziati said in open source hypervisors: do we really have them? do we really need them?:

KVM/libvirt is basically a Red Hat show. If Red Hat will drop KVM there will really be someone which will step up and will continue the development?

It's not owned by or controlled by RH. RH is not likely to drop it, less likely that MS dropping Hyper-V. Knowing that someone else will pick it up and that all they will do is lose control is one of the many benefits of open source to us, the consumers. It keeps RH from dropping things in a way that we don't have protection with for closed source.

KVM is part of Linux, not RH. It's heavily contributed to by Canonical and Suse but, more importantly, IBM. Even if RH walked away today, KVM is not in the slightest danger. If MS did that to Hyper-V, it would be over - period.

So yes, the open source nature here provides us the most extreme level of benefits and protection that exist in the industry.

Who outside of google project zero is really doing this though? No F1000 I worked for ever did their own open source audit.

scottalanmiller

@John-Nicholson said in open source hypervisors: do we really have them? do we really need them?:

@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@matteo-nunziati said in open source hypervisors: do we really have them? do we really need them?:

KVM/libvirt is basically a Red Hat show. If Red Hat will drop KVM there will really be someone which will step up and will continue the development?

It's not owned by or controlled by RH. RH is not likely to drop it, less likely that MS dropping Hyper-V. Knowing that someone else will pick it up and that all they will do is lose control is one of the many benefits of open source to us, the consumers. It keeps RH from dropping things in a way that we don't have protection with for closed source.

KVM is part of Linux, not RH. It's heavily contributed to by Canonical and Suse but, more importantly, IBM. Even if RH walked away today, KVM is not in the slightest danger. If MS did that to Hyper-V, it would be over - period.

So yes, the open source nature here provides us the most extreme level of benefits and protection that exist in the industry.

Who outside of google project zero is really doing this though? No F1000 I worked for ever did their own open source audit.

All of them that I've worked for do. Including smaller non-F1000. It's actually quite common.

scottalanmiller

What's awesome about open source is that even if only a few big companies do audits, everyone benefits. It's not necessary for every company to do it, every company that does it is one company more than closed source has.

black3dynamite

I seriously think that open source hypervisors scares the hell out of decision makers and most IT people in general.

scottalanmiller

@black3dynamite said in open source hypervisors: do we really have them? do we really need them?:

I seriously think that open source hypervisors scares the hell out of decision makers and most IT people in general.

Which is bad, because the reaction should be the other way... closed source is scarier because it lacks the protections of open source.

black3dynamite

@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@black3dynamite said in open source hypervisors: do we really have them? do we really need them?:

I seriously think that open source hypervisors scares the hell out of decision makers and most IT people in general.

Which is bad, because the reaction should be the other way... closed source is scarier because it lacks the protections of open source.

I was one those people that was either fearful or confused about open source OS or hypervisors back in the day.
Unlike today's, I'm fully capable of figure it out on my own or with the help of a huge amount of resource available to me compare to back then.

mlnews

https://mangolassi.it/topic/14363/open-source-protects-the-omnios-project

Perfect timing as OmniOS must be something like .001% the usage and interest of a Xen or KVM and even less market need.

StorageNinja

@msff-amman-itofficer said in Open Source Hypervisors: do we really have them? do we really need them?:

my take on this:

ESXi free is limited, 8 vcpu per VM and that limit can be easily reached limit.

It's easily reached if you starve a VM of IOPS or RAM and it's spinning cycles waiting on IO. In reality VERY few things need 8 vCPU. I've seen The ONLY exchange server for 5000 users not need that many resources.

Given modern Skylake hardware, and 4Ghz Intel Xeon Cores's if your hitting the 8vCPU limit I'm REALLY curious why your not willing to spend the one time ~$200 per host that is the Essentials bundle to get some more features is a rounding error in your budget (it's like less than a $1 a day per host).

StorageNinja

@scottalanmiller said in Open Source Hypervisors: do we really have them? do we really need them?:

HA-Lizard

HA lizard scares me. DRDB in the hands of people who don't understand it, and deploy it with a SINGLE IP ping for quorum (Stateless, and solo) is a recipe for split brain disaster.

Scale HC3 isn't OpenSource. It and Nutanix are closed source management and storage layers for KVM.

scottalanmiller

@john-nicholson said in Open Source Hypervisors: do we really have them? do we really need them?:

@msff-amman-itofficer said in Open Source Hypervisors: do we really have them? do we really need them?:

my take on this:

ESXi free is limited, 8 vcpu per VM and that limit can be easily reached limit.

It's easily reached if you starve a VM of IOPS or RAM and it's spinning cycles waiting on IO. In reality VERY few things need 8 vCPU. I've seen The ONLY exchange server for 5000 users not need that many resources.

Given modern Skylake hardware, and 4Ghz Intel Xeon Cores's if your hitting the 8vCPU limit I'm REALLY curious why your not willing to spend the one time ~$200 per host that is the Essentials bundle to get some more features is a rounding error in your budget (it's like less than a $1 a day per host).

Keep in mind it is not per hosts, but ~$600 per three hosts, so for much of the SMB that's either $300 or $600 per host and makes things like future upgrades potentially a problem. And $600 per host is enormous for the SMB market. Absolutely staggering. Given that 90% of the market can't even cost justify a server, let alone a server with that much additional licensing.

On a single host, how much value is that $600 getting an SMB versus getting free, unlimited use virtualization with $600 of faster hardware? When we are talking a $3,000 server, an extra $600 is anything but trivial.

The "only $200 per host" is really "holy crap, $200 per host with a minimum of three!!" That's not at all a small number, not in the SMB market. And especially not in an SMB market outside of the US.