Proxmox VE 1.5: combining KVM and OpenVZ

Now that virtualization is widespread, it becomes more important to have an easy-to-use, turnkey solution. The big hypervisor vendors are all working on their own virtualization management solutions, but one can also find interesting solutions in independent open source projects. One of these projects is Proxmox VE (Virtual Environment). Its unique selling point is that it marries the KVM hypervisor with OpenVZ virtual containers.

Proxmox VE makes it really easy to deploy a virtualization server. Users can download the ISO, burn it to a CD, put it in their server, answer a few questions the installer asks, and start serving virtual machines right away. Just be aware that the installer doesn't allow customizing the partitioning setup; it claims the whole hard drive. The system runs headless and can be configured using a web interface. Proxmox VE requires a 64-bit CPU with Intel VT or AMD-V instruction set and at least 2 GB of RAM if the user plans to run more than a handful of virtual machines.

Proxmox VE 1.5 is a heavily tweaked Debian Lenny (5.0) x86_64 distribution that partitions the hard drive with LVM2, installs a web-based management interface, and is optimized for use as a virtualization environment. Proxmox uses Debian Lenny's main and contrib repositories, as well as the security.debian.org repository with security updates. It adds its own download.proxmox.com repository that supplies custom kernels and some management tools. Proxmox VE is GPLv2-licensed and the German company Proxmox Server Solutions offers commercial support.

KVM and OpenVZ

Users can launch two sorts of virtual machines. First, one can use KVM for full virtualization. This allows the user to run a lot of operating systems, such as Windows, Linux, the BSDs, etc., because the operating system in the virtual machine runs on virtualized hardware that looks like real hardware. Proxmox VE also supports KVM with paravirtualization for device drivers to improve I/O performance, e.g. with paravirtualized network drivers for Windows guests.

The other flavor consists of OpenVZ containers, a form of operating system-level virtualization. Applications within a container appear to be on a standalone system, because processes in different containers are completely isolated from each other. Although each container appears as a standalone operating system, in reality they share a single instance of the Linux kernel: the Proxmox KVM/OpenVZ kernel. This also means that OpenVZ containers are lightweight. Users can download so-called OpenVZ templates, which are essentially gzipped tar files that contain a pre-installed image of a Linux system.

The combination of KVM and OpenVZ in one kernel is a major feat. It took an explanation by Proxmox VE's project lead Martin Maurer for your author to understand the challenges. Proxmox publishes three kernel branches, each one with minor feature differences. By default, Proxmox VE uses a 2.6.18 kernel, based on the latest Red Hat Enterprise Linux 5 kernel with the stable OpenVZ patches (which are also based on the 2.6.18 kernel) and backported KVM patches. The Proxmox developers added some minor driver updates and did a lot of integration and testing to combine both virtualization technologies in one kernel.

The second kernel version that Proxmox maintains is 2.6.24, based on the Ubuntu 8.04 (LTS) kernel but with driver updates and KVM patches. This kernel only exists for historical purposes, because Proxmox VE 0.9 beta until 1.4 used 2.6.24. However, the OpenVZ part is no longer maintained by the OpenVZ project, so while this kernel has KVM and OpenVZ support, all OpenVZ users should use the 2.6.18 kernel in Proxmox VE now. Last but not least, Proxmox VE also maintains a 2.6.32 kernel, based on the Ubuntu 10.04 (LTS) kernel but with some additional driver updates. It lacks OpenVZ support (because the stable OpenVZ version doesn't support this kernel), but it is interesting for users that want to have the latest KVM features, such as KSM (Kernel Samepage Merging).

Hands-on virtualization

Administering Proxmox is done by using the web interface, which is also lightweight. It doesn't use the Java-based Tomcat like VMware Server does, but just Apache with HTML pages that use the Prototype JavaScript library and the SOAP::Lite Perl library. The user can manage virtual machines, migrate them to other hosts, backup the system, monitor all running virtual machines, and do a slew of other management tasks.

Before starting a virtual machine, the user has to upload the ISO file or OpenVZ template. In the web interface, this can be done by clicking on "Virtual Machines - Create", selecting the image from local storage or from the host machine's CD-ROM drive, and then filling in the required information. The other solution is to scp the image over to /var/lib/vz/template/cache (for an OpenVZ template) or /var/lib/vz/template/iso (for an ISO image to start a KVM machine). But the user can also download pre-defined OpenVZ templates from within the web interface.

If the user wants a graphical window for a virtual machine, this can be done too: the Proxmox VE web interface has an embedded Java applet which launches a VNC console window on the client machine. Of course users are free to use their own favorite VNC client.

Proxmox VE has an integrated backup feature: VZDump, a utility that makes consistent backups of running virtual machines, be it OpenVZ containers or KVM guests. To make this possible for an online guest without downtime, VZDump uses the LVM2 storage to create a snapshot of the guest's virtual disk. The user can configure backups from within the web interface by defining the location of the remote storage and scheduling the cron job for the backup.

Users can also create a Proxmox VE Cluster that consists of one master node and one or more slave nodes, all running Proxmox VE. Users can then manage the virtual machines on all their Proxmox VE servers from one web interface, but they can also migrate their virtual machines between hosts, even live (that is, without recognizable downtime). Live migration is a standard feature of both KVM and OpenVZ, and both are supported in Proxmox.

OpenVZ containers have to be stored on local storage, but for KVM guests Proxmox VE adds a flexible storage model. From within the web interface, users can add iSCSI targets, NFS shares, LVM groups on shared storage, and locally mounted Samba shares. Thanks to the Debian base it also supports ATA over Ethernet (AoE) and replicated DRBD devices.

Ready-made appliances

The Proxmox developers have released several virtual appliances, which are ready-made OpenVZ templates that can be downloaded directly from within the Proxmox web interface. There are operating system appliances with a standard Debian 4.0, 5.0 or 6.0 installation, an Ubuntu 8.04 installation, a CentOS 4 or 5 installation or a Fedora 9 installation, but there are also so-called application appliances. These are tailored to a specific task, such as the Proxmox Mail Gateway, Acquia Drupal, SugarCRM, Zenoss, MediaWiki, Joomla!, WordPress, Zimbra, and so on. Proxmox has also created a script to automate the creation of custom OpenVZ appliances based on Debian, the Debian Appliance Builder.

Roadmap

Given that Proxmox VE has only been public for less than two years (0.9 was released in April 2008), the project has already an impressive feature list. Additionally, the developers have plans for much more: the roadmap for the 2.x releases mentions high-availability for KVM guests, advanced user management, more pre-built virtual appliance downloads, resource monitoring and a firewall. The future also promises a more pleasant marriage of KVM and OpenVZ, Martin explains:

All in all, Proxmox VE is a nicely integrated solution to run and manage virtual machines: what sets it apart from many other solutions is not only that it runs both KVM and OpenVZ, but also that it's not just a web interface or just a kernel that you install on an existing Linux installation. Instead it's a whole collection of components that gives the user a running system in a few minutes. So even for users that don't need both KVM and OpenVZ, Proxmox should be on their shortlist of virtualization platforms to try.