Home > Articles > Operating Systems, Server > Linux/UNIX/Open Source

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend

Virtualization seems to be this year's must-have feature. Every operating system is trying to make sure it runs on Xen, provides its own virtualization system, or both. DragonFly is no exception.

Jails were inherited from FreeBSD, and are basically an enhanced form of chroot. While chroot isolates a process tree in a part of the filesystem, jails also isolate processes from other aspects of the system. A company offering hosting can use this to create a virtual environment where each customer has their own root account inside a FreeBSD jail and can install arbitrary packages. All jails share the same kernel, and so there is very little overhead.

One place where DragonFly improves on this is the addition of NULLFS. The mount_null command can be used to re-mount an existing file tree. This means that all jails could share a read-only copy of the base system, for example. This can be combined with another NULLFS mount to a read-write filesystem, allowing each user to be able to modify his own filesystem tree, without being aware that he is sharing a load of static data. This mechanism can be used to very quickly create sand boxes for running untrusted applications.

Of course, while jails are nice, they are not true virtualization because they all share the same kernel. The latest release of DragonFly (1.8) adds a Virtual Kernel, a version of the DragonFly kernel that runs as a userland application, much like User Mode Linux.

The Virtual Kernel has a simulated network and hard disk, and provides a completely isolated virtual environment. The main driving force for this development was the need for a test bed for developing the clustering code. Using the virtual kernel, it is possible to quickly set up a cluster configuration on a single system. Starting a Virtual Kernel takes a lot less long than starting a real machine, making debugging much easier (particularly when a new feature needs half-dozen kernels running to test it).

  • + Share This
  • 🔖 Save To Your Account