qemu discuss - Oct 2007 - QEMU/Solaris vs VMWare/Linux

Hi Folks,

As you may have seen by the last thread I have been playing with QEMU 
pretty much for my own personal VPN connectivity.

On the other hand we are starting to look at virtualizing some of our 
Dev and UAT environments to save on HW costs. One of the other 
Architects on my Team owns the project and he has been focused on 
running VMWare using RH Linux for both the Host and Guest Operating Systems.

Stanford is a Solaris/Linux/Oracle shop so the virtual environments will 
need to be Oracle RH Linux that will support an Oracle install.

Right now with this project there is the chance to better promote 
Solaris x86 and QEMU if there were strong underlying technical reasons 
why running Solarisx86 + QEMU might prove a better solution than RH 
Linux + VMWare.

So all you OpenSolaris/QEMU Gurus out there, any chance you folks could 
rattle off any Pros (or cons) why OpenSolaris + QEMU might be as good or 
better than the Linux + VMWare?

The "OpenSolaris" BrandZ stuff sounds interesting too! I wonder if 
BrandZ could run an Oracle stack?

Anyway if you folks want to help promote these technologies the more 
ammunition you can provide the better! I have always been a Solaris fan 
even back before I worked at Sun and still am trying to leverage it 
whenever possible!

Thanks!

Tom

briglia at stanford.edu said:
> On the other hand we are starting to look at virtualizing some of our  Dev
> and UAT environments to save on HW costs. One of the other  Architects on
my
> Team owns the project and he has been focused on  running VMWare using RH
> Linux for both the Host and Guest Operating Systems.
> 
> Stanford is a Solaris/Linux/Oracle shop so the virtual environments will
> need to be Oracle RH Linux that will support an Oracle install. 
Why not run Oracle on Solaris-x86 directly?  We recently consolidated
three racks of old SPARC servers, hosting 6 small instances of Oracle,
onto a single Sun X4200, with each Oracle instance in its own zone.
The DBA''s say performance is faster.

Sorry QEMU isn''t involved, but why run six separate OS instances, each
kernel taking up its own slice of RAM and disk space, each requiring
separate patching and maintenance, when you can do it with a single OS?
Solaris OS is free (even the regular Solaris-10 release, not only Open
Solaris) -- Red Hat EL is not free, even to EDU''s.  Red Hat
doesn''t
have ZFS yet, either.

Regards,

Marion

Hi Marion,

Hmmm as far as I knew Oracle is not porting all of their stuff to 
Solaris x86 and are heavily dug into RH Linux. In fact as you may know 
they have their own Distro of "Oracle Unbreakable RH Linux". This is 
what Oracle basically wants everyone to run their products on and which 
is why I did not think they were going to support much of their tech 
stack on Solaris x86. Please correct me if I am wrong though!

So you are saying that the X4200 you have is x86 based and you are 
running Oracle on Solaris x86? Are you running just the Oracle RDBMS or 
the whole Application Stack (ie: 11i)?

As for why the separate instances/environments, like I said this is for 
our Dev and UAT instances.

We have roughy 150 Prod Servers so that means we could easily use 300  
separate Dev or UAT environments. By going "Virtual" we could easily 
scale down our hardware and host those 300 environments on 100 physical 
servers each one hosting 3 qemu or vmware environments.

"Virtual" is definitely the trend lately. We probably will not run
Prod
environments on virtual hosts yet Dev and UAT will work fine.

Thx!

Tom


Marion Hakanson wrote:
>briglia at stanford.edu said:
>  
>
>>On the other hand we are starting to look at virtualizing some of our 
Dev
>>and UAT environments to save on HW costs. One of the other  Architects
on my
>>Team owns the project and he has been focused on  running VMWare using
RH
>>Linux for both the Host and Guest Operating Systems.
>>
>>Stanford is a Solaris/Linux/Oracle shop so the virtual environments will
>>need to be Oracle RH Linux that will support an Oracle install. 
>>    
>>
>
>Why not run Oracle on Solaris-x86 directly?  We recently consolidated
>three racks of old SPARC servers, hosting 6 small instances of Oracle,
>onto a single Sun X4200, with each Oracle instance in its own zone.
>The DBA''s say performance is faster.
>
>Sorry QEMU isn''t involved, but why run six separate OS instances,
each
>kernel taking up its own slice of RAM and disk space, each requiring
>separate patching and maintenance, when you can do it with a single OS?
>Solaris OS is free (even the regular Solaris-10 release, not only Open
>Solaris) -- Red Hat EL is not free, even to EDU''s.  Red Hat
doesn''t
>have ZFS yet, either.
>
>Regards,
>
>Marion
>
>
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/qemu-discuss/attachments/20071031/cec2a54a/attachment.html>

---- "Thomas D. Briglia" <briglia at stanford.edu> wrote:
> Hi Folks,
> 
> As you may have seen by the last thread I have been playing with QEMU 
> pretty much for my own personal VPN connectivity.
I think I remember something about Cisco, and I remember several months
ago getting the current vpn code working with OpenSolaris (Solaris 10 needed
a new version of libgcrypt).
> On the other hand we are starting to look at virtualizing some of our 
> Dev and UAT environments to save on HW costs. One of the other 
> Architects on my Team owns the project and he has been focused on 
> running VMWare using RH Linux for both the Host and Guest Operating
Systems.
Why wouldn''t you use linux branded zones in Solaris 10?

> Stanford is a Solaris/Linux/Oracle shop so the virtual environments will 
> need to be Oracle RH Linux that will support an Oracle install.
so that should still work in a branded zone, right?
> Right now with this project there is the chance to better promote 
> Solaris x86 and QEMU if there were strong underlying technical reasons 
> why running Solarisx86 + QEMU might prove a better solution than RH 
> Linux + VMWare.
I''d think branded zones, then QEMU + Solaris X86...
> So all you OpenSolaris/QEMU Gurus out there, any chance you folks could 
> rattle off any Pros (or cons) why OpenSolaris + QEMU might be as good or 
> better than the Linux + VMWare?
You probably need to do a bake off to really understand those issues for
yourself.  Personally, I think you are betting off hosting with Solaris x86
than Redhat.
> 
> The "OpenSolaris" BrandZ stuff sounds interesting too! I wonder
if
> BrandZ could run an Oracle stack?
Haven''t heard any case that it *cant*.
> Anyway if you folks want to help promote these technologies the more 
> ammunition you can provide the better! I have always been a Solaris fan 
> even back before I worked at Sun and still am trying to leverage it 
> whenever possible!
I''ve been using qemu + kqemu for 6 months and think it has done
admirably well.

Ben

Hi Ben,

Thanks for the feedback! I will definitely look into the BrandZ stuff 
with Zones, that looks very interesting!

So WRT running stuff like the Cisco VPN using BrandZ, the VPN on both 
Solaris and Linux is basically a Kernel Module. So can you run apps 
using BrandZ where there is reliance on a Kernel Module being loaded and 
available?

Thx!

Tom

Ben Taylor wrote:
>---- "Thomas D. Briglia" <briglia at stanford.edu> wrote: 
>  
>
>>Hi Folks,
>>
>>As you may have seen by the last thread I have been playing with QEMU 
>>pretty much for my own personal VPN connectivity.
>>    
>>
>
>I think I remember something about Cisco, and I remember several months
>ago getting the current vpn code working with OpenSolaris (Solaris 10 needed
>a new version of libgcrypt).
>
>  
>
>>On the other hand we are starting to look at virtualizing some of our 
>>Dev and UAT environments to save on HW costs. One of the other 
>>Architects on my Team owns the project and he has been focused on 
>>running VMWare using RH Linux for both the Host and Guest Operating
Systems.
>>    
>>
>
>Why wouldn''t you use linux branded zones in Solaris 10?
>
>
>  
>
>>Stanford is a Solaris/Linux/Oracle shop so the virtual environments will
>>need to be Oracle RH Linux that will support an Oracle install.
>>    
>>
>
>so that should still work in a branded zone, right?
>
>  
>
>>Right now with this project there is the chance to better promote 
>>Solaris x86 and QEMU if there were strong underlying technical reasons 
>>why running Solarisx86 + QEMU might prove a better solution than RH 
>>Linux + VMWare.
>>    
>>
>
>I''d think branded zones, then QEMU + Solaris X86...
>
>  
>
>>So all you OpenSolaris/QEMU Gurus out there, any chance you folks could 
>>rattle off any Pros (or cons) why OpenSolaris + QEMU might be as good or
>>better than the Linux + VMWare?
>>    
>>
>
>You probably need to do a bake off to really understand those issues for
>yourself.  Personally, I think you are betting off hosting with Solaris x86
>than Redhat.
>
>  
>
>>The "OpenSolaris" BrandZ stuff sounds interesting too! I
wonder if
>>BrandZ could run an Oracle stack?
>>    
>>
>
>Haven''t heard any case that it *cant*.
>
>  
>
>>Anyway if you folks want to help promote these technologies the more 
>>ammunition you can provide the better! I have always been a Solaris fan 
>>even back before I worked at Sun and still am trying to leverage it 
>>whenever possible!
>>    
>>
>
>I''ve been using qemu + kqemu for 6 months and think it has done
>admirably well.
>
>Ben
>  
>

---- "Thomas D. Briglia" <briglia at stanford.edu> wrote:
> Hi Ben,
> 
> Thanks for the feedback! I will definitely look into the BrandZ stuff 
> with Zones, that looks very interesting!
It''s probably less overhead if it will work.
> So WRT running stuff like the Cisco VPN using BrandZ, the VPN on both 
> Solaris and Linux is basically a Kernel Module. 
AFAIK, yes.  However, I''m not sure about being able to load kernel
modules from BrandZ. I haven''t tried anything like that.

Have you tried the freeware VPN software?  If you''re familiar with it,
getting it compiled was pretty easy on Solaris once I figured out i
needed an updated libgcrypt, but couldn''t effecitvely test it without
a VPN host.

> So can you run apps 
> using BrandZ where there is reliance on a Kernel Module being loaded and 
> available?
see above.  You''d probably need QEMU and a Bridge to make that work.

Regards,

Ben
> 
> Thx!
> 
> Tom
> 
> Ben Taylor wrote:
> 
> >---- "Thomas D. Briglia" <briglia at stanford.edu>
wrote:
> >  
> >
> >>Hi Folks,
> >>
> >>As you may have seen by the last thread I have been playing with
QEMU
> >>pretty much for my own personal VPN connectivity.
> >>    
> >>
> >
> >I think I remember something about Cisco, and I remember several months
> >ago getting the current vpn code working with OpenSolaris (Solaris 10
needed
> >a new version of libgcrypt).
> >
> >  
> >
> >>On the other hand we are starting to look at virtualizing some of
our
> >>Dev and UAT environments to save on HW costs. One of the other 
> >>Architects on my Team owns the project and he has been focused on 
> >>running VMWare using RH Linux for both the Host and Guest Operating
Systems.
> >>    
> >>
> >
> >Why wouldn''t you use linux branded zones in Solaris 10?
> >
> >
> >  
> >
> >>Stanford is a Solaris/Linux/Oracle shop so the virtual environments
will
> >>need to be Oracle RH Linux that will support an Oracle install.
> >>    
> >>
> >
> >so that should still work in a branded zone, right?
> >
> >  
> >
> >>Right now with this project there is the chance to better promote 
> >>Solaris x86 and QEMU if there were strong underlying technical
reasons
> >>why running Solarisx86 + QEMU might prove a better solution than RH
> >>Linux + VMWare.
> >>    
> >>
> >
> >I''d think branded zones, then QEMU + Solaris X86...
> >
> >  
> >
> >>So all you OpenSolaris/QEMU Gurus out there, any chance you folks
could
> >>rattle off any Pros (or cons) why OpenSolaris + QEMU might be as
good or
> >>better than the Linux + VMWare?
> >>    
> >>
> >
> >You probably need to do a bake off to really understand those issues
for
> >yourself.  Personally, I think you are betting off hosting with Solaris
x86
> >than Redhat.
> >
> >  
> >
> >>The "OpenSolaris" BrandZ stuff sounds interesting too! I
wonder if
> >>BrandZ could run an Oracle stack?
> >>    
> >>
> >
> >Haven''t heard any case that it *cant*.
> >
> >  
> >
> >>Anyway if you folks want to help promote these technologies the
more
> >>ammunition you can provide the better! I have always been a Solaris
fan
> >>even back before I worked at Sun and still am trying to leverage it
> >>whenever possible!
> >>    
> >>
> >
> >I''ve been using qemu + kqemu for 6 months and think it has
done
> >admirably well.
> >
> >Ben
> >  
> >
>

On Fri 11/02/07 at 08:49 AM, briglia at stanford.edu
wrote:
> Hi Ben,
> 
> Thanks for the feedback! I will definitely look into the BrandZ stuff 
> with Zones, that looks very interesting!
> 
> So WRT running stuff like the Cisco VPN using BrandZ, the VPN on both 
> Solaris and Linux is basically a Kernel Module. So can you run apps 
> using BrandZ where there is reliance on a Kernel Module being loaded and 
> available?
No.  BrandZ supports user-space Linux applications only.  You are running
on top of the Solaris kernel, so you cannot load Linux kernel modules.

Nils

Thanks Nils!

This is exactly what I had initially thought after reading the BrandZ 
background info yet was not sure after multiple people suggested using it.

Regards,

Tom

Nils Nieuwejaar wrote:
>On Fri 11/02/07 at 08:49 AM, briglia at stanford.edu wrote:
>  
>
>>Hi Ben,
>>
>>Thanks for the feedback! I will definitely look into the BrandZ stuff 
>>with Zones, that looks very interesting!
>>
>>So WRT running stuff like the Cisco VPN using BrandZ, the VPN on both 
>>Solaris and Linux is basically a Kernel Module. So can you run apps 
>>using BrandZ where there is reliance on a Kernel Module being loaded and
>>available?
>>    
>>
>
>No.  BrandZ supports user-space Linux applications only.  You are running
>on top of the Solaris kernel, so you cannot load Linux kernel modules.
>
>Nils
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/qemu-discuss/attachments/20071105/b15ce614/attachment.html>

Thanks for your comments on vpnc!

I did try to compile that stuff a few weeks ago on Sol10 x86 yet 
remembered it crapped out during the compile and I thought I might be 
heading up a deadend if I opted to roll my sleeves up and brute force or 
hack the compile somehow!

I thought I might have tried the libcrypt solution myself yet cannot 
remember. I''ll take another look when I fire my laptop up later.

Thx!

Tom


Ben Taylor wrote:
>---- "Thomas D. Briglia" <briglia at stanford.edu> wrote: 
>  
>
>>Hi Ben,
>>
>>Thanks for the feedback! I will definitely look into the BrandZ stuff 
>>with Zones, that looks very interesting!
>>    
>>
>
>It''s probably less overhead if it will work.
>
>  
>
>>So WRT running stuff like the Cisco VPN using BrandZ, the VPN on both 
>>Solaris and Linux is basically a Kernel Module. 
>>    
>>
>
>AFAIK, yes.  However, I''m not sure about being able to load kernel
>modules from BrandZ. I haven''t tried anything like that.
>
>Have you tried the freeware VPN software?  If you''re familiar with
it,
>getting it compiled was pretty easy on Solaris once I figured out i
>needed an updated libgcrypt, but couldn''t effecitvely test it
without
>a VPN host.
>
>
>  
>
>>So can you run apps 
>>using BrandZ where there is reliance on a Kernel Module being loaded and
>>available?
>>    
>>
>
>see above.  You''d probably need QEMU and a Bridge to make that
work.
>
>Regards,
>
>Ben
>
>  
>
>>Thx!
>>
>>Tom
>>
>>Ben Taylor wrote:
>>
>>    
>>
>>>---- "Thomas D. Briglia" <briglia at stanford.edu>
wrote:
>>> 
>>>
>>>      
>>>
>>>>Hi Folks,
>>>>
>>>>As you may have seen by the last thread I have been playing with
QEMU
>>>>pretty much for my own personal VPN connectivity.
>>>>   
>>>>
>>>>        
>>>>
>>>I think I remember something about Cisco, and I remember several
months
>>>ago getting the current vpn code working with OpenSolaris (Solaris
10 needed
>>>a new version of libgcrypt).
>>>
>>> 
>>>
>>>      
>>>
>>>>On the other hand we are starting to look at virtualizing some
of our
>>>>Dev and UAT environments to save on HW costs. One of the other 
>>>>Architects on my Team owns the project and he has been focused
on
>>>>running VMWare using RH Linux for both the Host and Guest
Operating Systems.
>>>>   
>>>>
>>>>        
>>>>
>>>Why wouldn''t you use linux branded zones in Solaris 10?
>>>
>>>
>>> 
>>>
>>>      
>>>
>>>>Stanford is a Solaris/Linux/Oracle shop so the virtual
environments will
>>>>need to be Oracle RH Linux that will support an Oracle install.
>>>>   
>>>>
>>>>        
>>>>
>>>so that should still work in a branded zone, right?
>>>
>>> 
>>>
>>>      
>>>
>>>>Right now with this project there is the chance to better
promote
>>>>Solaris x86 and QEMU if there were strong underlying technical
reasons
>>>>why running Solarisx86 + QEMU might prove a better solution than
RH
>>>>Linux + VMWare.
>>>>   
>>>>
>>>>        
>>>>
>>>I''d think branded zones, then QEMU + Solaris X86...
>>>
>>> 
>>>
>>>      
>>>
>>>>So all you OpenSolaris/QEMU Gurus out there, any chance you
folks could
>>>>rattle off any Pros (or cons) why OpenSolaris + QEMU might be as
good or
>>>>better than the Linux + VMWare?
>>>>   
>>>>
>>>>        
>>>>
>>>You probably need to do a bake off to really understand those issues
for
>>>yourself.  Personally, I think you are betting off hosting with
Solaris x86
>>>than Redhat.
>>>
>>> 
>>>
>>>      
>>>
>>>>The "OpenSolaris" BrandZ stuff sounds interesting too!
I wonder if
>>>>BrandZ could run an Oracle stack?
>>>>   
>>>>
>>>>        
>>>>
>>>Haven''t heard any case that it *cant*.
>>>
>>> 
>>>
>>>      
>>>
>>>>Anyway if you folks want to help promote these technologies the
more
>>>>ammunition you can provide the better! I have always been a
Solaris fan
>>>>even back before I worked at Sun and still am trying to leverage
it
>>>>whenever possible!
>>>>   
>>>>
>>>>        
>>>>
>>>I''ve been using qemu + kqemu for 6 months and think it has
done
>>>admirably well.
>>>
>>>Ben
>>> 
>>>
>>>      
>>>
>
>  
>

---- "Thomas D. Briglia" <briglia at stanford.edu> wrote:
> 
> Thanks for your comments on vpnc!
> 
> I did try to compile that stuff a few weeks ago on Sol10 x86 yet 
> remembered it crapped out during the compile and I thought I might be 
> heading up a deadend if I opted to roll my sleeves up and brute force or 
> hack the compile somehow!
> 
> I thought I might have tried the libcrypt solution myself yet cannot 
> remember. I''ll take another look when I fire my laptop up later.
Cool.  I was able to get it compiled using the latest libgcrypt from
blastwave (well, sometime in the spring anyway).  If you have 
success getting it working, I''m sure a lot of folks would be 
interested in knowing that it does work.

Ben
> 
> Thx!
> 
> Tom
> 
> 
> Ben Taylor wrote:
> 
> >---- "Thomas D. Briglia" <briglia at stanford.edu>
wrote:
> >  
> >
> >>Hi Ben,
> >>
> >>Thanks for the feedback! I will definitely look into the BrandZ
stuff
> >>with Zones, that looks very interesting!
> >>    
> >>
> >
> >It''s probably less overhead if it will work.
> >
> >  
> >
> >>So WRT running stuff like the Cisco VPN using BrandZ, the VPN on
both
> >>Solaris and Linux is basically a Kernel Module. 
> >>    
> >>
> >
> >AFAIK, yes.  However, I''m not sure about being able to load
kernel
> >modules from BrandZ. I haven''t tried anything like that.
> >
> >Have you tried the freeware VPN software?  If you''re familiar
with it,
> >getting it compiled was pretty easy on Solaris once I figured out i
> >needed an updated libgcrypt, but couldn''t effecitvely test it
without
> >a VPN host.
> >
> >
> >  
> >
> >>So can you run apps 
> >>using BrandZ where there is reliance on a Kernel Module being
loaded and
> >>available?
> >>    
> >>
> >
> >see above.  You''d probably need QEMU and a Bridge to make that
work.
> >
> >Regards,
> >
> >Ben
> >
> >  
> >
> >>Thx!
> >>
> >>Tom
> >>
> >>Ben Taylor wrote:
> >>
> >>    
> >>
> >>>---- "Thomas D. Briglia" <briglia at
stanford.edu> wrote:
> >>> 
> >>>
> >>>      
> >>>
> >>>>Hi Folks,
> >>>>
> >>>>As you may have seen by the last thread I have been playing
with QEMU
> >>>>pretty much for my own personal VPN connectivity.
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>I think I remember something about Cisco, and I remember
several months
> >>>ago getting the current vpn code working with OpenSolaris
(Solaris 10 needed
> >>>a new version of libgcrypt).
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>On the other hand we are starting to look at virtualizing
some of our
> >>>>Dev and UAT environments to save on HW costs. One of the
other
> >>>>Architects on my Team owns the project and he has been
focused on
> >>>>running VMWare using RH Linux for both the Host and Guest
Operating Systems.
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>Why wouldn''t you use linux branded zones in Solaris
10?
> >>>
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>Stanford is a Solaris/Linux/Oracle shop so the virtual
environments will
> >>>>need to be Oracle RH Linux that will support an Oracle
install.
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>so that should still work in a branded zone, right?
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>Right now with this project there is the chance to better
promote
> >>>>Solaris x86 and QEMU if there were strong underlying
technical reasons
> >>>>why running Solarisx86 + QEMU might prove a better solution
than RH
> >>>>Linux + VMWare.
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>I''d think branded zones, then QEMU + Solaris X86...
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>So all you OpenSolaris/QEMU Gurus out there, any chance you
folks could
> >>>>rattle off any Pros (or cons) why OpenSolaris + QEMU might
be as good or
> >>>>better than the Linux + VMWare?
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>You probably need to do a bake off to really understand those
issues for
> >>>yourself.  Personally, I think you are betting off hosting with
Solaris x86
> >>>than Redhat.
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>The "OpenSolaris" BrandZ stuff sounds interesting
too! I wonder if
> >>>>BrandZ could run an Oracle stack?
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>Haven''t heard any case that it *cant*.
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>Anyway if you folks want to help promote these technologies
the more
> >>>>ammunition you can provide the better! I have always been a
Solaris fan
> >>>>even back before I worked at Sun and still am trying to
leverage it
> >>>>whenever possible!
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>I''ve been using qemu + kqemu for 6 months and think it
has done
> >>>admirably well.
> >>>
> >>>Ben
> >>> 
> >>>
> >>>      
> >>>
> >
> >  
> >
>