Xen Virtaul Machine

I have been using UML for quite a while now. Unlike most people my main reason for using it is security. You can run a UML instance inside a chrooted env as an unpriviledged user which is a bonus because it’s still a grey area if people can break out of a UML instance over the wire and remain connected (correct me if I am wrong). Breaking out into a chroot (/) as a user with no privs would definitely add another barrier to entry (I am not saying it can’t be broke, just that the guy cracking it is on a differnt level from the normal script kiddie at least until it becomes common knowledge how to do it).
Of course using UML has a price. Its slow. The main problem with UML Is IO. It’s really crap with high IO applications like databases. I tried it with PostgreSQL and it was awfull. Too much context switching.
I had heard of Xen on the grapevine and decided to have a look at it to see if it would be any faster and I was pleasently suprised to find that it is as easy to install as a new kernel. It was at this point that I really kicked myself, Xen as it stands today (version 2.0.7) does not support SMP. So I would be losing a processor using it. Unfortunately this is not acceptable on the machine I am on so I decided to postpone my foray into Xen and stick with UML for the time being on this box or at least until Xen domain 0 can support an SMP machine.
I am however tempted to invest in a single proc machine and run Xen on it. I am confident that Xen does what it says on the tin and that performance gains are substantial over UML but I would rather run a vanilla machine on a dual proc than lose one of them.

Please follow or like:

Leave a Reply

Your email address will not be published. Required fields are marked *