On Tue, 2007-12-11 at 11:27 -0500, Scott Dowdle wrote: > There are uses where Xen is much better suited and OpenVZ isn't even a > viable option. But there are other cases where OpenVZ is a better fit > especially with regards to density and scalability. OpenVZ is also > very attractive in those situations where you want to isolate a single > or a small number of services... although the vast majority if my > deployments have a full set of services. Yes. It's good not to underestimate OS-level virtualization. Many people used chroot to isolate certain processes. OS-level virtualization provides better isolation and control, at only little extra cost. Operating systems that provide binary compatibility for other systems (like the BSDs or Solaris) can also use OS-level virtualization to emulate a complete enviroment that resembles the emulated system. The downside of most (if not virtually all) current OS-level virtualization on Linux is that they do not have proper support for SELinux. I suppose that things get more interesting in that respect when container features are integrated in the mainline kernel. -- Daniel