[Spice-devel] [Users] multiple concurrent spice consoles (was Ovirt + Spice + VDI)

John A. Sullivan III jsullivan at opensourcedevel.com
Fri Sep 14 05:28:11 PDT 2012


On Fri, 2012-09-14 at 11:49 +0200, David Jaša wrote:
> John A. Sullivan III píše v Čt 13. 09. 2012 v 12:36 -0400:
> > On Thu, 2012-09-13 at 20:16 +0430, Mohsen Saeedi wrote:
> > > 
> > > 
> > > 
> > > John A. Sullivan III <jsullivan at opensourcedevel.com> wrote on Thu, 13
> <snip>> > > 
> > > > We have also been toying with the idea of using KVM/KSM to move to a
> > > > single server per user.  This would provide much greater isolation and
> > > > non-repudiation but we are concerned about the overhead of KVM on the
> > > > KVM host and deduplication on the SAN.  Thanks - John
> > > I think so, spice has experimental feature for multiple client to
> > > single windows XP now. is it true??
> > > and what is the details for idea of using KVM/KSM to move to a single
> > > server per user? I didn't understand it very well.
> > > Thanks
> > This is something we are able to do splendidly well with VServer and
> > X2Go (an NX implementation).  With the VServer hashification feature, I
> > can have 400 VMs on a host and only take one VM's worth of space for
> > system files.
> 
> oVirt (RHEV) templates will do the same for you.
Then I had better start investigating it! Thanks.
> 
> >   Moreover, all instances in memory only take the space of
> > one instance. Thus, we get deduplication and KSM almost for free.
> 
> oVirt (RHEV) runs KSM only when the host memory gets fuller but I seem
> to remember that guys were able to have high 1000's of % of memory
> overcommit ratios
I have heard rumors of high CPU utilization with KSM but we have not
experimented enough with it ourselves to know.  Is that an issue?
> 
> BTW, how does VServer implement its memory sharing, isn't it KSM
> internally too?
No, it's a consequence of their "hashification." As an option, all
duplicate files in the file system (there is a single file system in
VServer although accessed via different namespaces) are replaced by
immutable hard links.  I'm not sure of the details but, because each of
those files shares a common inode, I believe only one instance is loaded
into memory.
> 
> > Because the additional overhead is so minuscule (minimal memory and disk
> > and almost no virtualization overhead since it is a container technology
> > instead of a hypervisor), and because there are no licensing issues for
> > our Linux desktops, it makes sense to give each user a dedicated VM.
> > Not only does that give us excellent isolation from errant processes but
> > it also means (because of the details of our implementation) that each
> > user has a consistent IP address allowing us to correlate network events
> > with specific users.
> 
> in oVirt, your guest systems have stable MAC address so with properly
> configured DHCP/DNS, you'd get the same.
> 
> David
<snip>



More information about the Spice-devel mailing list