There are many different virtualization technologies available in the market, such as OpenVZ, KVM and Xen. You may have come across these terms when trying to while trying to buy a Virtual Private Server (VPS). In this article, we will discuss and compare between all these three technologies from the perspective of buying a VPS, so that you can choose the one that is best suited to your requirements.
Virtualization and Containerization Overview
Virtualization is a technology that allows you to create multiple “virtual machines” (VMs) that run on the same hardware. Each VM acts just like a physical computer would, and you can install and run an operating system on the VMs. These VMs are managed by a “hypervisor”, which allocates a part of the base (or host) system’s resources (such as the memory, CPU and hard disk) for use by the VM.
Each VM is isolated from each other — software running on a given VM does not have access to the resources of another VM. Many VPS providers use hypervisors installed on physical servers, and provision VMs to individual users as VPSes.
A type-2 hypervisor architecture
Containerization is a very different approach from virtualization. Instead of having a hypervisor, there is an OS installed on the host system, and you can create “containers” on it. Inside these containers, you can run your own applications, and the OS takes care of allocating resources to each container. The underlying kernel and drivers are shared among all these containers.
The general architecture of a containerization system
Thus, containerization depends on the OS, and it is only possible to run programs in the container that are compatible with the host system’s OS. For example, if a containerization solution works with Linux as the host system, you can only run Linux applications inside the container. This is unlike virtualization, where it is possible to run any operating system (and thus any application) in a virtual machine. On the other hand, containerization is much more efficient than virtualization, because there is no overhead of an OS running inside a VM.
For the purposes of this article, we are going to focus on “system containerization”. This kind of containerization allows you to run an OS inside the container. However, the kernel and drivers are shared between the various operating systems inside each container.
Xen and KVM are virtualization technologies, whereas OpenVZ is a Linux-based containerization technology.
OpenVZ (or Open Virtuozzo) is a Linux-system containerization platform which enables one to run Linux-based OSes in a single host system with a shared kernel. The containers behave like an independent Linux system, with root level access, and isolation at the level of files, users/groups, processes and networking.
Server providers provision OpenVZ containers with some amount of RAM, CPU cores, hard disk space, and sell them as Linux VPSes. Some part of the CPU/memory resources are “dedicated” to a container, and some of it is “burstable” — if a container needs some additional CPU/memory apart from what has been allocated to it, it can temporarily borrow them from the unused resources of other containers.
Since OpenVZ uses a shared kernel, it is not possible to change the kernel’s settings, upgrade the kernel or use additional kernel modules. Many providers use OpenVZ 6, which uses an old Linux 2.6 kernel. Thus, you miss out on the performance benefits and newer features of newer kernels, and you’re stuck with a selection of old Linux distributions. In particular, you will be unable to run Docker, or use tools like ipset or nftables.
OpenVZ 7 is the latest version, which features a modern kernel, and can run Docker. However, there are very few providers who offer it, due to deployment issues and a lack of supporting tools.
Finally, from a server provider’s perspective, OpenVZ is easy to configure and get started with, compared to KVM and Xen. Also, since it is a containerization system, OpenVZ has much lower overhead, and thus providers can provision more VPSes out of a single physical server.
Xen is an open-source virtualization platform that originally began as a research project in the University of Cambridge. At present, the Linux Foundation helps with the development of the project.
With the help of various tools, server provider provision Xen VMs with a fixed amount of RAM, CPU cores, hard disk space and IP addresses, and offer them as VPSes.
Generally, hypervisors are categorized as Type 1 and Type 2 hypervisors. Type 1 hypervisors run directly on the host, whereas Type 2 hypervisors run on top of an existing operating system. Xen is a type 1 hypervisor.
Since Xen is a virtualization technology, a VM created in this way can run any OS — including Linux, Windows and BSD. Because each VM is running a full operating system, you can upgrade the kernel, use additional kernel modules or change low-level kernel settings.
Running a virtualization setup carries more overhead since there is the overhead of emulating certain hardware features, as well as that of running the OS. To reduce the former overhead, Xen uses a technique called “paravirtualization”. Here, the hypervisor exposes alternate ways to perform the same hardware operations, in a way that is more performant. If the guest OS knows how to make use of these alternative interfaces, it makes a “hypercall” to talk to the hypervisor. This mode of operation is called Xen Paravirtualization (Xen-PV).
When the guest OS does support paravirtualization, a different approach called Xen Hardware Virtual Machine (Xen-HVM) is used. In this mode, Xen uses QEMU to provide complete hardware emulation. To use Xen-HVM, hardware assisted virtualization should be provided by the host system.
KVM (Kernel Virtual Machine) is a Linux kernel module that provides a framework for third-party tools (such as QEMU) to provide virtualization. Since it is a kernel module, KVM reuses many functions of the Linux kernel for its purposes.
From an end-user perspective, Xen is similar to KVM, in that it allows you to run any OS and tinker with low-level kernel settings. Server providers use third-party tooling to create VMs with a fixed amount of RAM, CPU cores, hard disk space and IP addresses, and offer them as VPSes. Sometimes, VPS providers using KVM even have an option where you can upload your own ISO file to be installed on the VPS.
KVM only runs on hardware that supports hardware-assisted virtualization. Similar to Xen, KVM also provides paravirtualization for I/O devices through the “virtio” API.
Which one should you choose?
The platform that you choose ultimately depends upon your needs. If you need a Linux server for a low cost and don’t mind the old kernel version and the inability to use tools like Docker, you can use OpenVZ. If you need a different OS such as Windows, or you want to use a more recent Linux kernel, you should choose KVM or Xen.
Due to the the “burst” feature in OpenVZ, many providers oversell their systems to accommodate as many VPSes as possible on a single host. So, if too many VPSes have a demand for CPU/memory at the same time, you will get noticeably degraded performance from the VPS.
There are many providers who advertise their KVM/Xen offerings as having “dedicated resources”, but unfortunately this is also not always true. Both KVM and Xen offer a “memory ballooning” feature, where memory that’s unused by a VPS can be claimed by another VPS. A ballooning driver is installed in each VPS which aids in the process. When the hypervisor takes memory away from your VPS, from within your VPS it appears as if the ballooning driver is hogging your memory. However, it is never possible for a VPS to get more memory than it was initially allocated with.
Thus, overselling is possible on all the three platforms. However, providers typically oversell their KVM/Xen offerings a lot less than OpenVZ, due to technical limitations on hypervisor-based systems.
So, to really understand the “performance” of a VPS, you should always use benchmarking tools like bench.sh, speedtest-cli or Geekbench. Additionally, before buying a VPS based on any technology — OpenVZ, KVM or Xen, it is useful to review their pricing and what other people have to say about the company. A provider with rock-bottom pricing or with a bad reputation will have poorly performing VPSes, regardless of the technology used.