Virtual Servers Analysis and Howto

Running Multiple Server enviroments on a single machine sharing a single kernel.

Components

• FreeVSD
  • Hacked userspace ultities
  • Management (creation and qdeletion) tools
  • FreeVSD end-user management system
    • Server daemon running on the server
    • DNS Server daemon
    • FreeVSD Protocol
    • End-user client tools: Web-interface
    • Commerical ProVSD Windows client
• Vserver Patches
  • Additional Kernels calls
  • Core useful ultilites for above calls
  • Management ultilites for vservers
  • Distribution specific creation programs
• Debian Operating System
  • An installed base packages, a complete OS
  • Adaptable dbootstrap installation program

History

We want to run several indepentant virtual servers on a machine (single physical piece of hardware). The technologies around for doing this are the BSD jail() call, vmware which runs x86 on x86, Bochs, which acts as a full PC emulator, UML (User-Mode-Linux, multiple kernels) and vserver.

Two Approaches

There have been two approachs to create virtual server type environments out there;

• Patch all the userspace tools (FreeVSD)
• Patch the kernel (vserver, Virtuozo)

FreeVSD -- userspace hacks

FreeVSD provides a reasonable virtual environment that is particularly well suited to the reseller market. This is done by allocating a range of user and group IDs (uid gid) one of which is a psuedo-root user called `admin'. This user is treated no different from a normal user by the underlaying kernel or operating system. The difference however comes in the provision of patched versions of ultities such as su(1), chown(1), chmod(1), ps(1) and kill(1) that analyse the userid and allow the use of privileged operations upon other file or processes belonging to that virtual servers process range.

FreeVSD has also provided us with something much more useful--a daemon and defined communication protocol, for which there exist both open Web-based and a proprietary Microsoft Windows based client.

vserver -- kernel patches

The alternate approach is modifying the kernel to provide a partition-like environment and is based on cutting down privileges to what is safe (eg. no hardware or system-management related filesystem or kernel access). Because this requires no modifications to the userspace system we can run out-of-the-box images of Redhat and Debian, even quiet happily besides each other on the same host system.

Virtuozo néé ASPcomplete -- kernel patches

SW-Soft from Russia. Need to write now I have seen the code.

Our Approach

Virtualization

We achieve the virtualization of multiple seperate virtual machines on a single host by combining several technologies; the first is a series of extra kernel calls, some of which are now provided through the vserver kernel patches produces by Jacques.

Autonomous environment.

• chroot()

  Restrict the Filesystem

  This is the classical call that you are all familar with, it is used to start programs in a part of the filesystem and never be able to exit that area again. This is basically what the BSD jail() achieves.

• chbind()

  Restrict IP space

  (which IP addresses you can use or bind() to)

• chcontext()

  Restrict Process space

  We have a number of `contexts' on the machines, processes within one context cannot interact, control or modify those in an other context.

• drop_caps()

  Give up kernel and hardware related capabliities.

  Our root user gives up the rights to mknod() and kernel calls related to direct kernel or hardware control that could allow escaping out of our autonomous environment or for instance modifying data on a hard-disk directly resulting in privilege elevation.

• /proc, /dev/pts and IPC

  Make things a little more private.

Profitable

To make a profitable system that we can sell we need to look at what DSVR have done; they not produced a system that is a truely completely representation of virtual server or dedicated machine; but that they have produced something that is good enough and that closely cators and exceeds the requirements of most resellers.

It is this four-level pyramid system that allows us to keep focused upon technical provision and seperating the support chain so that end-users are dealt with through the reseller chain.