Forgot your password?
typodupeerror
Technology

Ask slashdot: Which 100+ User Virtualization Solution Should I Use? 191

Posted by samzenpus
from the best-of-virtual-class dept.
Gonzalez_S writes "Let's say you need to give access to 100+ users to create their own virtual machines and devices (eg. switches, .., ms windows or linux family) in a manageable and secure way. Which virtualization solution would you choose? There are vmware, xen, kvm, .. based solutions, but which one would you prefer and why? The solution should be stable, manageable, scriptable and preferably have ldap integration. In this case I also need to setup a playground for IT students, next to hosting production servers on the same system."
This discussion has been archived. No new comments can be posted.

Ask slashdot: Which 100+ User Virtualization Solution Should I Use?

Comments Filter:
  • by Anonymous Coward on Sunday May 26, 2013 @04:46PM (#43828971)

    Why not work with AWS to setup a "private cloud" sandbox? Reserved instances can keep your costs relatively flat, and the AWS crew seems pretty amenable to helping out when it comes to unique needs...

    • by Anonymous Coward on Monday May 27, 2013 @01:42AM (#43830969)

      You have a very good point in that Amazon is about 80% of the virtualization market and growing and are far more competent than anyone except Google. There's almost no other API it is worth dealing directly except for ones which access both EC2, Eucalyptus and OpenStack. Amazon's infrastructure is also pretty cheap as long as you are not too demanding. Certainly much cheaper than their competitors.

      There are some serious problems though. Amazon will ban you if you start to run serious security, stability or load tests on their systems. This means that whilst it may be suitable for production use (if you overload in production they will normally work with you to solve "real" problems) it is not suitable for testing or learning. Amazon's infrastructure is also pretty opaque and when you start researching into detail they may get upset. Finally, Amazon has some "interesting" performance limits which they will never care about fixing.

      This means that the correct answer to the question posed is to use Eucalyptus [wikipedia.org], which provides an Amazon compatible interface as your private cloud and to use Amazon for whatever suits the public cloud. Your research students and some of your production use which has a benefit from being private (typically needs access to large amounts of data currently locked inside your network for whatever reason) can be on the Eucalyptus.

      Eucalyptus had some stability problems which are going away. It was also delicate to configure and the configuration files are still nasty. However it's definitely the only currently functional solution to the problem set above.

      • by ron_ivi (607351)

        Amazon will ban you if you start to run serious ... load tests

        That's unlikely.

        How do you think they could they even hypothetically distinguish between your hypothetical "load test" and heavy computing that is a very typical use of their rent-by-the-hour computing resources.

  • VMWare vs Citrix (Score:5, Informative)

    by alen (225700) on Sunday May 26, 2013 @04:50PM (#43828987)

    vmware is cheaper and easier to set up
    Citrix is a lot more expensive and a PITA to set up but a lot faster since Windows 7 and later has native citrix code in it for virtualization and a lot more customization

  • by i_want_you_to_throw_ (559379) on Sunday May 26, 2013 @04:53PM (#43828995) Homepage Journal
    When my company had to come up with a solution to have all of our developers to develop in an environment that absolutely mimicked the production server we used a combination of VMWare to run a version of the Ubuntu. Puppet made creating all of this really easy. It gave us the ability to completely blow away a machine and reconstitute in very little time.
    • When my company had to come up with a solution to have all of our developers to develop in an environment that absolutely mimicked the production server we used a combination of VMWare to run a version of the Ubuntu. Puppet made creating all of this really easy. It gave us the ability to completely blow away a machine and reconstitute in very little time.

      We did the exact same thing for developing proprietary trading software, using KVM on Gentoo with Salt Stack. There are numerous free options for achievin

    • This is a dumb question, but is there a recommended way to share operating system virtual disks between VMs, so you don't need 100 copies of the same Ubuntu? I realize you could set up one server VM and advertise /usr/share over nfs or samba across a virtual switch, but are there better approaches?

      • by pnutjam (523990)
        I don't think you can safely share a running disk. You can clone to new servers. I would use a SAN to isolate my storage and simplify the management.
  • by Chirs (87576) on Sunday May 26, 2013 @04:54PM (#43828997)

    If you can get away with sharing one kernel (and ideally one distro for userspace), a container-based solution is likely going to be less resource-intensive overall.

    • by gl4ss (559668)

      If you can get away with sharing one kernel (and ideally one distro for userspace), a container-based solution is likely going to be less resource-intensive overall.

      well, he needs virtual switches and routers so they can ditch the physical networks learning lab.

  • Hyper-V or vSphere. (Score:5, Informative)

    by tysonedwards (969693) on Sunday May 26, 2013 @04:55PM (#43829001)
    Considering that you are likely out of an educational institution, Microsoft likely provides you with free licenses for their products. As such, Hyper-V and SystemCenter would provide you with a fairly good experience that is easy to manage and automatically deploy based off of Active Directory. It is a solution that will likely meet all of your stated requirements and your other likely needs and wants in a package that is "good enough".

    If you have a budget, consider VMware's vSphere offering. It can get pretty expensive (license costs greater than that of your physical hardware) however it is currently best-in-class and provides some truly amazing administration tools.
    • by Monoman (8745)

      Free = ESXi = HyperV
      Managed = not free = vSphere = Virtual Machine Manager

      Microsoft's Virtual Machine Manager is not free and has other component requirements that will significantly add to your implementation costs unless you are already running Systems Center and SQL.

      The last time we tried HV & VMM was Windows 2008 R2 w/ VMM 2010. MS brought in a partner to set it up as a direct comparison to our production vSphere plant. It was a joke.

      I think we had to stand up 2 or 3 extra servers (VMs) to manag

  • by Anonymous Coward

    I'd consider openstack for this.

  • Proxmox (Score:5, Informative)

    by Anonymous Coward on Sunday May 26, 2013 @05:00PM (#43829029)

    It's free and offers higher performance than VMWare (which as far as ESXi 5 goes) sucks.

    You can create users with privilege levels as expected and you may also cluster several servers together (as you can with other solutions).

    You can also do containers OR a full virtual machine depending upon the OS you are trying to emulate.

    Give this a shot before paying for any of the software others have recommended. Our company has switched all virtualized servers to run on Proxmox hosts and the uptime is 100% with MANY users.

    • by toygeek (473120)

      I came here to say this. Proxmox is very cool. I haven't had the opportunity to use it in a production environment, but the testing I did with it left me impressed with its simplicity and capability. It has node management built in and is laid out very logically. Definitely worth a look!

    • Yes, +1 to Proxmox. Runs on commodity hardware, performance is good, cluster and backups haven't given me a headache yet. I'm running 100+ VMs across 5 machines, with about a dozen users, and it feels nowhere near its limit.
    • by jon3k (691256)
      Got some numbers to back up that claim?
    • by Melkman (82959)

      I agree with the Proxmox sentiment. It has served us very well and continues to do so.

  • KVM (Score:5, Informative)

    by Zeromous (668365) on Sunday May 26, 2013 @05:01PM (#43829031) Homepage

    End of story, everything else here is overkill. KVM sounds just about right for your needs and is very stable and FREE.

    You can provide people with a variety of images and single command to deploy them (without root). It's not even that hard to setup. The hard part really is setting up an LDAP server to meet your needs.

    • Re:KVM (Score:5, Informative)

      by DarkOx (621550) on Sunday May 26, 2013 @05:21PM (#43829117) Journal

      KVM is great for a environment where everyone is being cooperative; and sorta knows what they are doing. It lacks the resource management and isolation features you'd want in an academic lab. You need to be able control how much storage I/O a single vm can use. You might have someone learning about networking even doing things purposefully that are going to slam CPU resources like creating loops in Ethernet topologies.

      Yes you might be able to get some Linux hosts with KVM to what you need with cgroups, and limits, etc but its going to be anything but simple and manageable across multiple physical hosts without tons of scripting and testing on your part. Libvirt is still a moving target, so keeping everything working is going to be adventure as well. All the precursors to provide the experience vSphere and Xen offer are there but lets not kidd anyone about the work that is still needed to get there. It would be wonderful if original poster could offer the resources to do that and even better if it could get contributed back to the community but its a tall order.

      • by Coram (4712)

        kvm itself doesn't really give you anything in terms of control or management features. That all comes from libvirt or ganeti or whatever you've got. We've been using ganeti for a while and it does a reasonable job for our purposes but it is still a long way off from being something i'd feel comfortable deploying for customer use.

      • by cmorriss (471077)

        If you want KVM with the manageability of VMWare, then oVirt is what you're looking for. Fee as well, open source and RedHat is investing heavily in it as they base their RedHat Enterprise Virtualization Manager product on it.

        http://www.ovirt.org/ [ovirt.org]

  • If you ask me (Score:2, Informative)

    by Anonymous Coward

    Xen with paravirtualized guests would be stable and scale well, as I understand it. There is Xen Center to do this, or you could get the new Debian 7, which is supposed to have good support for that out of the box as well. It has good manageability as I understand it.

    But yeah, I'd be of the inclination to do your research rather than have us make the choice for you. We can only offer suggestions, but you need a good idea of what you want to do too. For example, IT students often don't have a good understand

  • by gweihir (88907) on Sunday May 26, 2013 @05:03PM (#43829049)

    Virtualization will not isolate them against each other. For example, it is quite easy to saturate I/O from the playground. Then your production performance goes down the drain as well. Also, basically no plain virtualization is really secure, these things are fat too complex. Another reason not to mix different classification levels like production and playground. Maybe if you really, really carefully isolate them with SE-Linux, but then you still have things like VM-to-VM crypto-key leakage.

    • by cultiv8 (1660093)
      Vagrant + Chef + Git. git clone, cd to directory, then vagrant up. Problem solved!
    • by mysidia (191772)

      Virtualization will not isolate them against each other. For example, it is quite easy to saturate I/O from the playground.

      That is an architecture issue. Implement Vsphere Enterprise+ with Network I/O control, Storage I/O control.

      Put the playground on different SAN LUNs from the production LUNs.

      Place the playground LUNs backed by different physical disks on separate vFilers, and/or use FlexShare [netapp.com] to prioritize production workloads.

      Leverage vShield App / vCloud networking and security, to ensure I

      • by gweihir (88907)

        The timing and cache attacks are very much non-academic, unfortunately. As are the problems of generating good key-material in virtualized environments in the first place.

        Your SAN proposal should solve the I/O issues, but it makes everything that more complicated as this has to be configured right, and that is _not_ easy and requires quite a bit of experience and skill. If it can be done at all without having the thing fail regularly for a while. It would be far easier to just have on production cluster and

  • by Heebie (1163973) on Sunday May 26, 2013 @05:23PM (#43829125) Homepage
    I think the closest thing you'll get to "out of the box" for what you're looking for is Apache Cloudstack running on Citrix XenServer for a hypervisor. With basic networking, you can keep things pretty simple. With advanced networking, you can allow your users to build virtual data centres. It can be 100% free open-source software as well, although if you get Citrix CloudPlatform, you get a couple of extra features, and support, but you pay for the support. You could be something similar with other products, but CloudStack actually has a pretty amazing amount of stuff that is just there already, and doesn't need configuring.
  • A REAL Answer.. (Score:4, Informative)

    by Anonymous Coward on Sunday May 26, 2013 @05:26PM (#43829141)

    There are a lot of options, and the OP is just asking for a general structure. Classic /. community fail to assume we are even dealing with someone that will be doing with implementation. This could be the director trying to get a ballpark before sinking their teeth in or a under-paid teacher, with little time, whto wants to make their students' learning environment better. I was the only one with a VPS in my classes, and thus the only one, in the end, who actually knew how to get anything done, outside of theory.

    My rant to /. is over. Now to answer the OP:

    The easiest way to get started would be Xen Cloud Platform + Citrix Xen Center. That alone will get you a free robust virtual hosting environment, but this will require you to set up a few VM templates and manually deploy to students. You can take this one step further by using OpenStack + XCP which will give you an API which you can use to build a web-front for student deployment. Some might already exist, but all the ones I am aware of are built around payment models.

    As for users managing switches, I have no clue and good luck there. IMHO, I would VLAN and let OpenStack manage it. You can use the US Navy's network simulator [navy.mil] to teach concepts if you like. It even allows using tools like wireshark for real-world analysis experience.

    Good luck, I hope you use this to make students more ready for the real world.

    • As for users managing switches, I have no clue and good luck there. IMHO, I would VLAN and let OpenStack manage it.

      VLAN used to be the common solution for networking with OpenStack. Though there are major drawbacks with that (limitation in the number of VLAN, hardware needs to support it, etc.), so these days, mostly everyone (me included) prefer the GRE tunnel solution.

  • by Anonymous Coward on Sunday May 26, 2013 @05:32PM (#43829165)

    I ran redhat 6.0 with virtualbox to 60 plus student doing computer science projects. The base was on a quad core with 16 Gb and local Tb storage. this worked great with ssh access. Adim was via nomachine and ssh.

    Try the same in redhat 6.3 with redhat virtualization.

  • OpenStack (Score:5, Informative)

    by subreality (157447) on Sunday May 26, 2013 @05:57PM (#43829311)

    The specific virtualization system you use doesn't really matter. You're looking for ways to manage it.

    If you want to run your own cluster, check out http://en.wikipedia.org/wiki/OpenStack [wikipedia.org] , specifically the Nova, Quantum, and Keystone components.

    If you want to do it efficiently you might also want to consider using it as a service. Other people are already selling OpenStack on a massive scale with levels of efficiency that you'll never touch. Rent what you need, see what works, and then start building your own in-house when (or if) you find things you need to improve.

  • oVirt (Score:5, Informative)

    by Anonymous Coward on Sunday May 26, 2013 @06:03PM (#43829351)

    www.ovirt.org

    Full VM solution, for free. What more do you want. Easy to setup, easy to use, easy to control. It has LDAP integration.

  • oVirt (Score:3, Interesting)

    by new23d (2504790) on Sunday May 26, 2013 @06:04PM (#43829357)
    oVirt, of course. It is the upstream of RHEV - which is Red Hat's offering, well polished and what not.
  • by buss_error (142273) on Sunday May 26, 2013 @06:17PM (#43829423) Homepage Journal

    What about Open Stack? For production, don't oversubscribe RAM. For a play ground, isolate them to one physical machine and let that machine over subscribe. I'm guessing but you can host about 20-25 virtual servers per compute node, you'll need a physical management machine, and if you do a lot of different images/want backups, you'll need a machine with a bunch of disk space or a iSCSI appliance. The open stack doc will tell you which iSCSI system will work.

  • VMware - best in class but can be hideously expensive if you start using vsphere, but support is great
    Hyper-V - probably the most sensible way to go if you're just virtualizing windows
    OracleVM - immature for prime-time on commodity hardware, but free to implement
    SmartOS - is an OpenIndiana based solution where the whole stack runs in memory.
    RedHat has implementations of their own virtualisation stack, and they also do openstack as well.

    • by mysidia (191772)

      VMware - best in class but can be hideously expensive if you start using vsphere, but support is great

      I get the idea you have some issue with VMware's pricing?

      Of course their per-2 CPU up front software license costs for vSphere Enterprise Plus at $6,990, and probably closer to $8k per host after SnS are higher than the cost of paying $2500 for a basic XenEnterprise license, or nothing for Hyper-V.

      The Hyper-V solution is more appropriate for running a very large number of cheap servers with local s

      • >Stop considering license prices, and start considering Total cost of ownership

        That's OK if the organization has deep pockets, deadlines, and defined SLAs, and you happen to be an outside contractor who is called in to make a solution where he/she has to be able to walk away from whatever solution is in place at the end of the day, and have it supportable by other people.

        However, at some places where they pay in-house admins, they might have carte-blanche to hack together whatever solution they like in w

        • by mysidia (191772)

          However, at some places where they pay in-house admins, they might have carte-blanche to hack together whatever solution they like in whatever timeframe they like, to get something that's functional

          In other words: "We'll make look X more expensive on paper by displacing costs for Y into other more discrete forms such as admin workload".

          If your sysads are so idle, they can use company time without additional cost, maybe you need to cut their hours and hire an outsourced IT firm --- incremental co

      • by drsmithy (35869)

        [...]or nothing for Hyper-V
        Just a point that if you want feature equivalence with vSphere, Hyper-V is not free because you have to pay for all the management bits and pieces that go along with it.

        • by mysidia (191772)

          Hyper-V is not free because you have to pay for all the management bits and pieces that go along with it.

          One of the supposed selling points of Hyper-V is you can perform live migrations directly between a pair of hosts without having to have a central management server, and you can write custom scripts to accomplish what vCenter would do for VMware.

          • by drsmithy (35869)

            There's a lot more to vSphere than vMotion.
            You can write custom scripts for ESXi to "accomplish what vCenter would do for VMware" as well, but by the time you did, you would have spent more on person time than you would have on just buying vSphere.

            • by mysidia (191772)

              You can write custom scripts for ESXi to "accomplish what vCenter would do for VMware" as well, but by the time you did, you would have spent more on person time than you would have on just buying vSphere.

              Very true, but there are people in organizations that fail to acknowledge this, and they feel that "writing the custom scripts" instead of buying the overpriced management tool is a better decision, because maintaining their own scripts lets them avoid showing a tangible cost for the management capab

            • by mysidia (191772)

              There's a lot more to vSphere than vMotion.

              I'm aware of this... vMotion is cheap anyways; you just need ESS+ or vSphere standard licenses, and a vCenter foundation for vMotion on 3 hosts.

              Even if you did go Ent Plus...

              Have you people seen the cost of Windows CALs lately? :)

  • by shentino (1139071) on Sunday May 26, 2013 @07:26PM (#43829645)

    Look into solutions that make use of nested virtualization.

    If you want to create an IT playground that itself involves virtualization, being able to have nested virtualization will let you use VMs to confine the playground without taking away the VM toys.

  • I would point the best of breed solution for Tier1 production use, and getting the most out of your hardware: VMware vSphere vCloud Suite.

    With other hypervisors, you get less hardware efficiency, because limited/less good overcommit options, more limited ability to efficiently mediate contention, and greater overheads.

    Products:

    Virtualization hosts: VMware vSphere ESXi Enterprise Plus with Distributed vSwitch -- provides you options that you can use to run production and IT playground side-by-side

  • Will you just run Windows and Linux? If not, what? What is your budget? How complex will your virtual network be? What are your security requirements? What are your performance requirements? Are the vms more for desktop user or will they be network server? Do you need high-availability and live vm migration? Does your virtualization setup need to work with an existing storage solution? If you simply don't know, and want to get something quick, the easy, but expensive, way to go is vmware.
  • Someone - I think Cisco - has a server based application very similar to Cisco's PacketTracer - server based virtualization for both machines and networking equipment. Forget the name of it though.

  • I'd suggest taking a look at Eucalyptus [eucalyptus.com], an open-source cloud management system that's compatible with the Amazon EC2 APIs and thus pretty easy to script and automate for production resources and any of the students who want to play with features like on-demand load balancing.

  • Asking this is much like asking 'which is the best linux distro'. You won't get one answer. What type of system are you most comfortable with operating? If it is Microsoft system (for example) you have already got you answer. Are you are looking for a bare-metal hypervisor? Do you need GUI-heavy management tools? What sort of hardware are you going to use (old/new?). Probably looking at a comparison chart would be your best option. I could tell you what I use and why but that won't do you a bit of good. (
  • That's easy: Choose the one your distro of choice recommends - I'm presuming you're using Linux here.
    Otherwise I'd recommend you switch to it before virtualising things - my fairly safe blind guess is that the custom-virtualisation-setup-community is by far the largest for x86 Linux.

    If you run into troubles you can't get a grip on, start switching through the ones the most helpful people in the forums/irc channels you're using recommend.

    Good luck.

  • SmartOS is pretty amazing. You can create virtual environments that share a kernel space, meaning that YOUR os is running directly on the hardware, making it _extremely_ fast with almost no overhead. The file system (ZFS) is also 'shared' using zones and pools so there's almost no cost there either. Migration a vm between SmartOS hosts is also a pretty amazing thing. And finally, DTrace allows you to figure out exactly why something is slow... There's a huge library of DTrace scripts available on the intern

There are never any bugs you haven't found yet.

Working...