From: Björn Steinbrink (B.Steinbrink_at_gmx.de)
Date: Sun 26 Jun 2005 - 10:11:47 BST
today I've found your comparison of various virtualisation techniques on
the net. One thing I miss there is Linux-VServer, which is very much
like Solaris Zones AFAICT (I didn't use Zones myself, yet).
For the questions in the comparison table, this answers would fit
Independent File System: Yes, if needed
Shared read-only immutable File System: In various ways, just immutable
files, or immutable files that can be deleted (sharing via hardlinks)
or, with an additional patch, read-only bind mounts.
Can access raw devices: No, unless it gets the necessary device node
from the host.
Access Network resources: Yes, configurable on ip address level.
Can create or change Network Devices: No, permission can be granted.
Can access hardware devices without permission: No, permission can be
Single Point of Maintenance: I guess yes, but I don't get the question,
I'm not a native speaker ;)
Can send signals.... : No
Run's a separate kernel: No
Can monitor Processes and IO using standard tools: Needs a tool to
switch into 'watch' context, but then yes.
Light weight: Yes
Can be a NFS server: IIRC only one NFS server per real box, that one can
also be in a vserver.
Host can examine data inside the zone/chroot without special tools: Yes
Resource Control outside the Secure Area: Yes
Simple control interface: Yes (IMHO)
Configuration Application for simple setup and modification: Setup yes,
modification not yet, configuration is stored in simple files.
Linux-VServer is modular, that means process virtualization and network
virtualization are separate, you can choose between using one or both of
them. File system virtualization is done via enhanced chroot to avoid
breaking out of the chroot, either via a barrier flag on a directory or
The project's homepage is at http://linux-vserver.org/
A paper on the used concepts can be found at http://linux-vserver.org/Linux-VServer-Paper
I'd be grateful if you would add Linux-VServer to your comparison, if
there are any questions left, feel free to ask on the mailing list
(which I cc with this mail) or join the irc channel #vserver on OFTC.
Vserver mailing list