[CoLoCo] virtualization in hardy: kvm

[Soren Hansen]

On Fri, Mar 14, 2008 at 02:57:27PM -0600, Kevin Fries wrote:
>> > KVM just does not work as advertised across different platforms.
>> What are you specific problems? I'd love to hear about them.
> Every problem it has, always has the same end result.  The kernel mod
> does not load.  KVM unlike VBox (same qemu/kqemu solution, only much
> better implemented... yes folks, VBox is qemu) or the old qemu/kqemu
> solution, once the module fails, it will not fall back to a usable
> solution.  As a matter of fact, I have been able to use VBox, where
> KVM will not load.

Er.. That's hardly surprising. kvm depends on the availability of VT-x
or SVM extensions available in newer Intel or AMD processors (quite a
bit of KVM's simplicity can be attributed to this requirement,
actually). This is *very* well documented.

What hardware have you attempted this on? Which distribution and
version? Did you use said distribution's shipped version of kvm?

> On the few times I fought with it enough to get it running, the
> performance was better than qemu (and lets face it, that aint hard),
> but no where near what VBox can do.

A standard build of KVM will - if the CPU extensions are not available -
fall back to non-accelerated mode, which *is* qemu. If that feels faster
than qemu, that's not much more than a statistical anomaly, I think.  I
have no benchmarks to back this up, but KVM and VirtualBox should
provide about the same performance.

>>> Essentially KVM is QEMU with the accelerator built in.
>> That's a rather simplistic (read: wrong) description. kvm is a
>> virtualisation solution that happens to use qemu's device model (and
>> really not much else). 
> No, the only difference is that the module was pulled into the
> project, and pushed to ring-0, rather than trying to load dynamically
> from user space.

"the module"? "the project"? "load dynamically from user space"?

Is "the module" the kvm kernel module, and "the project" qemu? And what
is that was attempted to be loaded from user space?

>>> so they decided to force QEMU to use it or fail, then forced the
>>> accelerator code into a kernel module, maintained at the kernel
>>> project. 
>> Your use of the word "force" suggests that this was an unwise
>> decision.  However, the way to interact with hardware happens to be
>> through the kernel. That -- or so I'm told -- is one of the main
>> purposes of the kernel? How would you suggest it done differently?
> Failover!  When you have a technology that does not work reliably as
> kqemu did not, changing the VMM from optional to required use of it in
> my opinion is very unwise.

So your problem with KVM is that it requires hardware support?

>> Could you be a tad more specific about the problems you're seeing?
>> To be honest, I'm quite new to this list (just subscribed 17 minutes
>> ago), so in case you've elaborated on the subject on previous
>> occasions, I'm afraid I've missed it.
> There are a number of features inherit into QEMU that really are
> fantastic.  However, the setup, configuration, resources, and overall
> performance are not among its assets.  Qemu will actually work on
> pretty much any machine, will expose the local file directory to the
> VM, and will even emulate a P4 Mac or an ARM/XScale.  However, Qemu
> has never gotten their acceleration stable.  And KVM suffers from this
> stability problem.

Look... The CPU emulation code in QEMU is not used *at* *all* in kvm.
Any issues in kvm and qemu w.r.t. cpu emulation are entirely unrelated.

> I guess my biggest complaint about KVM is that its half the product of
> VBox, at the same price, free.  InnoTek uses their commercial sales to
> spur their open source product.  This model keeps getting attacked as
> "propietary" when its not.  Its the same exact model as Sendmail, and
> MySQL (another Sun product).

Er... No. VirtualBox OSE is not the same as VirtualBox. MySQL, however,
is (not surprisingly) the same as MySQL.
 
>>> VMWare server is free to use, period.  
>> If you accept the terms of use and obtain a license key, yes.
>> Exclamation point![1]
> So what!!!

Er... So it's not "free to use, period.". If you don't care about the
difference between free beer and free speech, that's your "problem".
 
> I put this into the same category as Acrobat.  Evince does not do as
> nice a job, but everyone fawns over it because its open source.  Again,
> so what!  Instead, I guess I take a more broad look at these types of
> things...

I'm struggling to figure out why you work on Linux?

> It is for this reason that I use nVidia video cards, I use Firefox web
> browser, I use OpenOffice productivity suite, I use Adobe Acrobat to
> view PDF files, and I use VBox (i.e. to run a Windows instance on my
> desktop using the seamless mode feature so I can run Visio) and VMWare
> (generally for virtual servers on a dedicated Linux server).

What is this seamless mode of which you seem to be so fond?

>>> Of course, all the really cool tools are in the paid version.
> I don't know about that... 

Er... You wrote that, didn't you? Or did I get my quoting messed up?

> I have some pretty cool crap running in my lab.  It does the job, it
> does it for free, and it does it on machines that will not run KVM.
> So your complaint is?

I'm not sure I've complained yet. I'm warming up to do so, though. Wait
for it...

> KVM is refusing to load, but VMWare loads, and is running 4 virtual
> private networks consisting of 11 machines on a single machine with 2
> cores and 2GB of ram. 

Good for you. I'm not sure what your point is.

> You are touting a product that will not run, 

Erm... Please tell that to the 10 virtual machines I have running here
on my laptop. In kvm, that is.

> over a product that does because the program that does run won't show
> you their code...

I happen to be in the free software business. Your signature suggests
you are, too? 

>>> VMWare compared to KVM is like comparing a Ferrari to a 1976 Ford
>>> Pinto.  Both are cars (or VMMs) but only one has all the modern
>>> features; and only one has fine grained level of controls managing
>>> its operations; and only one is reliable enough to be useful.
>>> Fedora went down this road a few years ago, and it failed badly.
>>> Never let it be said that the Ubuntu group is willing to learn from
>>> the mistakes of others.  It failed miserably in Fedora, its going to
>>> fail in Ubuntu also.  KVM has always been, and has shown no ability
>>> to be, anything but a series of bad practices over hyped.

I'm not very good at car analogies. While I do own a car, I don't even
have a license to conduct any type of motorised vehicle. When people
asks me what type of car we've got, I always need to check with my wife,
but ok, I'm game... I think kvm most closely resembles Wibble 2008,
which is a not very well-known car that only works on very new roads.
Magically,  you can easily fit a dozen Wibble 2008's driving in parallel
on a two-lane road. It also has a cool radio, green tyres, and drives
sideways if you know how. I'm not sure what these last few things
translate to in terms of virtualisation, but I can make something up if
you insist on it.

>> Being a non-native speaker, I'm unable to express how much I'm
>> looking forward to some form of substantiation to this fud. All I can
>> say is that it's "a lot".
> Qemu will run on most any machine.  So will VirtualBox.  So will
> VMWare.  And, So will Xen (though it won't support Windows unless the
> vt flag is set on the CPU).  Howerver KVM will not, it fails far too
> often and blames the hardware for its bad programming practices. 

It's interesting that you've been able to figure out that whether "the
vt flag is set" (a rater unfortunate wording, but let's go with it)
means something for Xen, but you somehow seem to think that whether kvm
will run is completely random and unrelated to whether "the vt flag is
set". (Well, not completely random, as you've found that the algorithm
seems to favour "fail to run" over "ok, go!")

It never ceases to amaze me how you can get completely focused on one
shortcoming of something and thus conclude that said something is
completely and utterly broken. For added hilarity, this alleged
"shortcoming" of kvm is a deliberate design choice of kvm's authors. 

> Call it fud it you want... I work with this stuff every day, and I
> know crap when I see it.

Yes, I listen to crap every day, too. Today, slightly more than usual. 

> The accelerator does not belong in the kernel, it belongs between the
> kernel and the user space.
> 
> Putting stuff you cant get to work correctly into ring-0 is what got
> Microsoft into trouble.  This is a bad program; badly implemented.
> And if you want to talk about internals, and proper programming
> practices, I will gladly take this offline.  But this forum has
> suffered enough of both of our rantings.

I suggest kvm-devel?

-- 
Soren Hansen
Ubuntu Server Team
http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-us-co/attachments/20080314/54caf7e6/attachment.pgp