Mark Shuttleworth | here be dragons

With the release of LXC 2.0 and LXD, we now have a pure-container hypervisor that delivers bare-metal performance with a standard Linux guest OS experience. Very low latency, very high density, and very high control of specific in-guest application processes compared to KVM and ESX make it worth checking out for large-scale Linux virtualisation operations.

Even better, the drivers to enable LXD as a hypervisor in  OpenStack, are maturing upstream.

That means you get bare metal performance on OpenStack for Linux workloads, without actually giving people the whole physical server. LXD supports live migration so you can migrate those users to a different physical server with no downtime, which is great for maintenance. And you can have all the nice Openstack semantics for virtual networks etc without having to try very hard.

By contrast, Ironic has the problem that the user can now modify any aspect of the machine as if you gave them physical access to it. In most cases, that’s not desirable, and in public clouds it’s a fun way to let the NSA (and other agencies) install firmware for your users to enjoy later.

NSA-as-a-Service does have a certain ring to it though.

This entry was posted on Wednesday, April 13th, 2016 at 3:28 pm and is filed under cloud. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.