Today marks the fifth year that this blog has existed on the internet. I bought the domain on February 14th, 2007 and tossed together a quick WordPress installation (I can't even remember the version now!) to hold my notes that I was gathering at work.
Photo credit:
At the time, I had recently parted ways with a very small internet startup and joined the ranks at as an entry-level Linux system administrator. The abrupt change from «top dog at the startup» to «wow, I don't know anything about Linux» caught me by surprise and I was trying to stuff as much knowledge into my brain as quickly as I could. My teammates at Rackspace were eager to show me the ropes of wrangling servers and supporting customers.
As I mentioned already, the blog started out just as a place to stuff my notes from the things I learned at work. I figured that it would be nice to store it in a searchable format but it would also be great if I could link other people to certain posts if they needed more information to fix a problem. It was a way to retain knowledge but yet give it back to the people around me who needed it.
The blog has hit 456 posts (this one is #457) and it's gone from a few page views per day to just over 20,000 per day. Here are the top five most accessed posts (since I've been keeping stats):
I'd like to send out a big thanks to the people who read this blog, add comments (or complaints!), and suggest new topics. You are the reason why I take the time to keep this blog going.
is a post from: Major Hayden's blog.
Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.
A videographer from CNN Money stopped by the office today to ask about what makes Rackspace a unique place to work. As soon as we got started, everyone started to make as many distractions as they could to crack me up. Very few succeeded.
Thanks to for snapping the photo.
is a post from: Major Hayden's blog.
Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.
Quite a few people who couldn't make it to this year asked me to write a post summarizing my takeaways from the event. I'm not generally one to back down from peer pressure, so read on if you're interested about the discussions at this year's Summit.
The feeling I had at last year's summit is that Xen was on the verge of losing traction in the market. Very few distributions still had Xen support going forward and much of the discussion was around the lack of dom0 support in upstream Linux kernels. Distribution vendors were hesitant to drag patches forward into modern kernels and this made it much more difficult to get Xen working for many people.
This year was quite different. The number of attendees was up, the , and there was an obvious buzz of energy in the room. As many of the presenters noted, this excitement stemmed from the . This inclusion is a huge win and it helps to drive Xen forward since the developers don't have to worry about dragging patches forward. They can focus on improving performance, adding features, and tightening security.
Many of the discussions this year focused on security and performance. Ian Pratt discussed Xen's ability to view memory pages of virtual machines via an API to detect malware running inside the instance. Memory pages could be identified and marked as not executable or applications could be triggered when a VM attempts to touch a particular memory page. Also, the whole VM could be frozen if needed.
There's also a big push to bring code out of the dom0 and push it into utility VM's. Driver domains could manage the network or I/O infrastructure and this would further reduce the amount of privileged code actively running in dom0. There is already very little code required for the Xen hypervisor itself (much much less than the Linux kernel — I'm looking at you, ) and this reduces the attack surface for potential compromises of the hypervisor. Some projects even aim to restart driver domains multiple times per minute to ensure that any malicious code injected into those virtual machines can't exist for long periods.
Pradeep Vincent from talked about how Amazon uses Xen and the pain points they have with its current architecture. Much of his discussion was around scaling problems (and we see many of the same issues at ). Higher performance could easily be gained by multi-threaded operations in dom0 when attaching block devices and creating virtual network interfaces. He also saw some areas for performance gains in the pvops I/O code.
Quite a few of the talks centered on the ARM architecture and what Xen is able to do on those systems after . HVM is on the way for ARM and it might even show up in Xen 4.2. Some demos of Xen on mobile phones from Samsung were amazing. They showed how an attacker could compromise the web browser on the phone with a keylogger, but that application was running in a VM. Once the user switched back to the phone's main menu, the keylogger couldn't access the keystrokes any longer. After that, a simple close of the browser killed the VM and destroyed the malicious code.
Xen 4.2 should be available in early 2012 and the feature list is staggering. Improvements to libxenlight, pvops performance (even in HVM), and guest memory sharing should be available with the new release. Nested virtualization (run a hypervisor inside a hypervisor) is also coming in Xen 4.2 and I'm sure Xzibit will be a huge fan. This should streamline hypervisor testing, allow for embedded hypervisor options and extend the capabilities of client hypervisors. Remus should be available in 4.2 as well, but it might be marked as experimental. OVMF will be added as a BIOS option for UEFI (along with the standard SeaBIOS) and this should allow for Mac OS X guests. UEFI allows Windows to boot faster since it switches to PV mode sooner and it allows for simpler platform certification for software vendors.
Mike McClurg's presentation on was pretty important to me since Rackspace is a big consumer of . If you're not familiar with XCP, it's basically open-source XenServer which runs on bleeding edge (and sometimes unstable) components. XCP 1.5 and XenServer 6 should be available in November with Xen 4.1 and Linux 2.6.32. GPU passthrough, up to 1TB RAM, and disaster recovery will be available. Another goal for the XCP team is to work closely with OpenStack via Project Olympus. Mike's vision is to have XCP become the configuration of choice for open source clouds. was also extremely interesting. It's essentially XCP's XenAPI stack running on Debian and Ubuntu. You'd be able to install either OS on a physical server and run XCP's services on it for a fully OSS hypervisor.
Konrad Wilk gave an update on Linux pvops and it appears there is a shift to get Xen working well on a desktop. This includes 3D graphics support, S3/hibernate capabilities and various bug fixes. There's also a push to get PV functionality into HVM and get HVM functionality into PV. Driver/device domains were discussed again in Patrick Kolp's talk and he had plenty of graphs showing performance changes when regularly restarting device domains. The performance dips were almost negligible with 10 second restarts and the security gains were significant.
There were several other great presentations on other topics like , , and (from the NSA!). If these types of things interests you, keep your eyes peeled for Xen Summit 2012 next year. The is well worth the trip.
is a post from: Major Hayden's blog.
Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.
When it comes to e-reader advertising, what do you expect to see on its screen? That's right, some trendy titles, I bet they simply browse popular e-reading resources (I won't mention them here to avoid shilling and luring) and choose some titles from best-selling top ten. There still are open minded and I'd rather dare to call them alternative folks, who put there OpenVZ users guide for the demo on the main page! Also it's good bearing O.Henry's company on that screen! I tried to understand why the users guide. Is it «buy-this-one-because-you're-geeky»? Or this is because OpenVZ manuals are as popular as Stieg Larsson endless series? Or perhaps someone wanted to cheer OpenVZ team up? Whatever the purpose was, they did cheer us up. Hurray!
When it comes to e-reader advertising, what do you expect to see on its screen? That's right, some trendy titles, I bet they simply browse popular e-reading resources (I won't mention them here to avoid shilling and luring) and choose some titles from best-selling top ten. There still are open minded and I'd rather dare to call them alternative folks, who put there OpenVZ users guide for the demo on the main page! Also it's good bearing O.Henry's company on that screen! I tried to understand why the users guide. Is it «buy-this-one-because-you're-geeky»? Or this is because OpenVZ manuals are as popular as Stieg Larsson endless series? Or perhaps someone wanted to cheer OpenVZ team up? Whatever the purpose was, they did cheer us up. Hurray!
Today I came across which compares OpenVZ to KVM to Xen. Leaving Xen aside, from that one it looks like KVM is ways better, it got all the green pluses, while OpenVZ got all the dull minuses, except for a few features where it says «limited support».
For example, from the author's POV, KVM supports cool features such as «Independent kernel» and «Independent kernel modules» , while OpenVZ lacks all that. I am not mentioning «Full control on sockets and processes» — definitely, such things as sockets and processes are completely out of control when you use OpenVZ, to the extent that you can not distinguish between a process, a socket, and a potato! ( in fact I don't have an idea of what do they mean by that statement...)
But such a comparison is inspiring, so I invested 15 minutes of my time and made my own, titled . It clearly states that a car is better than a bike — its capacity is higher and it doesn't require lots of muscle power. After all, it has powered steering wheel (not mentioning powered windows) and can come with an automatic gearbox, air conditioning and even a sunroof! A bike, from the other side, is missing a lot of features — even windshield wipers are absent which are standard for every car since about 1925!
Actually, I didn't stop there and made yet another comparison, titled . Now it's perfectly clear that a bike is a better choice than a car, since it's cheaper, ecologically clean, and you can even take it with you on a train! A car is big and heavy, it requires periodical refuelling and a parking spot.
Both comparisons are on the openvz wiki, so feel free to edit and add more features!
Today I came across which compares OpenVZ to KVM to Xen. Leaving Xen aside, from that one it looks like KVM is ways better, it got all the green pluses, while OpenVZ got all the dull minuses, except for a few features where it says «limited support».
For example, from the author's POV, KVM supports cool features such as «Independent kernel» and «Independent kernel modules» , while OpenVZ lacks all that. I am not mentioning «Full control on sockets and processes» — definitely, such things as sockets and processes are completely out of control when you use OpenVZ, to the extent that you can not distinguish between a process, a socket, and a potato! ( in fact I don't have an idea of what do they mean by that statement...)
But such a comparison is inspiring, so I invested 15 minutes of my time and made my own, titled . It clearly states that a car is better than a bike — its capacity is higher and it doesn't require lots of muscle power. After all, it has powered steering wheel (not mentioning powered windows) and can come with an automatic gearbox, air conditioning and even a sunroof! A bike, from the other side, is missing a lot of features — even windshield wipers are absent which are standard for every car since about 1925!
Actually, I didn't stop there and made yet another comparison, titled . Now it's perfectly clear that a bike is a better choice than a car, since it's cheaper, ecologically clean, and you can even take it with you on a train! A car is big and heavy, it requires periodical refuelling and a parking spot.
Both comparisons are on the openvz wiki, so feel free to edit and add more features!
Disclaimer:This post is not really related to OpenVZ, but who cares? I don't... So from now on I will be writing more here, on just about everything.
In UNIX systems, system time is accounted as a number of seconds since so-called «» — 1 January 1970 00:00:00 UTC. This number of seconds is returned by system call time (), plus there are library routines to convert it to more human-appealing formats.
You can guess the number is pretty big nowdays, incrementing every second. In fact, it's already over a million seconds, and in about 1 hour it will be equal to 1234567890. For some people this is a good enough reason to have a beer or two in a good company. Check for 1234567890 parties around the globe. As for myself, I will just watch the number growing. Some kind of a meditation, similar to staring at an open fire, or flowing water, or people at work... I can do that for hours! Just kidding...
On Linux, you can see the current time () using date +%s command. Enjoy.
So from now on I will be writing more here, on just about everything.