[CentOS-virt] i386 VM on x86_64 host in Xen

Tue Dec 11 16:55:16 UTC 2007
Daniel de Kok <danieldk at pobox.com>

On Tue, 2007-12-11 at 11:27 -0500, Scott Dowdle wrote:
> There are uses where Xen is much better suited and OpenVZ isn't even a
> viable option.  But there are other cases where OpenVZ is a better fit
> especially with regards to density and scalability.  OpenVZ is also
> very attractive in those situations where you want to isolate a single
> or a small number of services... although the vast majority if my
> deployments have a full set of services.

Yes. It's good not to underestimate OS-level virtualization. Many people
used chroot to isolate certain processes. OS-level virtualization
provides better isolation and control, at only little extra cost.

Operating systems that provide binary compatibility for other systems
(like the BSDs or Solaris) can also use OS-level virtualization to
emulate a complete enviroment that resembles the emulated system.

The downside of most (if not virtually all) current OS-level
virtualization on Linux is that they do not have proper support for
SELinux. I suppose that things get more interesting in that respect when
container features are integrated in the mainline kernel.

-- Daniel