On Tue, 2007-12-11 at 11:27 -0500, Scott Dowdle wrote:
There are uses where Xen is much better suited and OpenVZ isn't even a viable option. But there are other cases where OpenVZ is a better fit especially with regards to density and scalability. OpenVZ is also very attractive in those situations where you want to isolate a single or a small number of services... although the vast majority if my deployments have a full set of services.
Yes. It's good not to underestimate OS-level virtualization. Many people used chroot to isolate certain processes. OS-level virtualization provides better isolation and control, at only little extra cost.
Operating systems that provide binary compatibility for other systems (like the BSDs or Solaris) can also use OS-level virtualization to emulate a complete enviroment that resembles the emulated system.
The downside of most (if not virtually all) current OS-level virtualization on Linux is that they do not have proper support for SELinux. I suppose that things get more interesting in that respect when container features are integrated in the mainline kernel.
-- Daniel