Difference between revisions of "ASL 2.2 Virtualization Notes"
m (→Development Path) |
m (→Supported Virtualization Technologies) |
||
(10 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
== Supported Virtualization Technologies == | == Supported Virtualization Technologies == | ||
− | ASL 2.2 | + | ASL 2.2 is designed to work with the following Virtualization technologies: |
[http://linux-vserver.org vserver] | [http://linux-vserver.org vserver] | ||
Line 11: | Line 11: | ||
[http://wiki.openvz.org OpenVZ] | [http://wiki.openvz.org OpenVZ] | ||
− | + | This means that you can run ASL on a virtualized machines using these technologies. The following article defines the levels of feature support as follows: | |
− | This means that you can run ASL on a virtualized | + | |
* '''Full Support''': All ASL features will work | * '''Full Support''': All ASL features will work | ||
Line 19: | Line 18: | ||
== Full Support == | == Full Support == | ||
+ | |||
+ | All Features work. | ||
ASL has full support for the following virtualization technologies: | ASL has full support for the following virtualization technologies: | ||
Line 26: | Line 27: | ||
[http://lguest.ozlabs.org/ lguest] | [http://lguest.ozlabs.org/ lguest] | ||
[http://www.vmware.com VMWare(TM)] | [http://www.vmware.com VMWare(TM)] | ||
+ | [http://www.xen.org/ Xen] | ||
− | You can install ASL and the ASL kernel inside virtualized guests using these technologies. | + | You can install ASL and the ASL kernel inside virtualized guests using these technologies, and all the features will work. |
== Built in Virtualization == | == Built in Virtualization == | ||
+ | |||
+ | All ASL Features work. | ||
[http://linux-vserver.org vserver] | [http://linux-vserver.org vserver] | ||
Line 41: | Line 45: | ||
== Works With == | == Works With == | ||
− | ASL | + | All ASL features work, however these technologies do not allow the installation of a kernel as a guest. |
+ | |||
+ | Therefore, you can not install the ASL kernel inside one of these virtual servers, as these technologies do not allow the installation of any kernel inside a VPS, these technologies do not have kernels inside the VPS itself and instead, virtual machines/servers share one kernel provided by the host: | ||
[http://www.parallels.com/products/pvc45/ Virtuozzo] | [http://www.parallels.com/products/pvc45/ Virtuozzo] | ||
[http://wiki.openvz.org OpenVZ] | [http://wiki.openvz.org OpenVZ] | ||
− | |||
− | On these systems you should expect ASL to report various vulnerabilities in the kernel. These are not false positives but are in fact vulnerabilities in those kernels. When using a virtualized machine with these technologies various other behaviours will occur, and they are covered in the article [[ASL#ASL_inside_a_VPS]]. | + | On these systems you should expect ASL to report various vulnerabilities in the kernel. VPS users share one kernel, the hosts kernel. If the host has not installed ASL on the host system you will see vulnerabilities in the kernel. These are not false positives but are in fact vulnerabilities in those kernels. When using a virtualized machine with these technologies various other behaviours will occur, and they are covered in the article [[ASL#ASL_inside_a_VPS]]. |
+ | |||
+ | We recommend you encourage your hosting provider to install ASL on the host system too. | ||
== Development Path == | == Development Path == | ||
− | OpenVz/Virtuozzo: We are currently | + | * OpenVz/Virtuozzo: We are currently finishing the addition of OpenVZ native virtualization to the ASL kernel. This will allow all OpenVZ containers to be protected by the single ASL host kernel. The ETA for this feature is in the Fall of 2011. It is in beta testing now. |
− | + | ||
− | Xen Server: We are currently exploring support for native Xen support in the ASL kernel, where the ASL kernel will act as the Xen server | + | * Xen Server: We are currently exploring support for native Xen support in the ASL kernel, where the ASL kernel will act as the Xen server. |
− | + | ||
− | + |
Latest revision as of 15:38, 19 July 2011
Contents |
[edit] Supported Virtualization Technologies
ASL 2.2 is designed to work with the following Virtualization technologies:
vserver kvm/qemu lguest VMWare(TM) Xen Virtuozzo OpenVZ
This means that you can run ASL on a virtualized machines using these technologies. The following article defines the levels of feature support as follows:
- Full Support: All ASL features will work
- Built in Virtualization: All ASL features will work, plus ASL can act as a virtualization host.
- Works With: All ASL features will work, except for features in the ASL kernel. These technologies either do not allow the replacement of the kernel (VPS) or do not work with the ASL kernel (Xen). You can not install or use the ASL kernel with these technologies.
[edit] Full Support
All Features work.
ASL has full support for the following virtualization technologies:
vserver kvm/qemu lguest VMWare(TM) Xen
You can install ASL and the ASL kernel inside virtualized guests using these technologies, and all the features will work.
[edit] Built in Virtualization
All ASL Features work.
vserver kvm/qemu lguest
You can install ASL and the ASL kernel inside virtualized guests using these technologies.
You can also use ASL to create virtual machines using these technologies. This means you can use ASL for your virtualization needs.
[edit] Works With
All ASL features work, however these technologies do not allow the installation of a kernel as a guest.
Therefore, you can not install the ASL kernel inside one of these virtual servers, as these technologies do not allow the installation of any kernel inside a VPS, these technologies do not have kernels inside the VPS itself and instead, virtual machines/servers share one kernel provided by the host:
Virtuozzo OpenVZ
On these systems you should expect ASL to report various vulnerabilities in the kernel. VPS users share one kernel, the hosts kernel. If the host has not installed ASL on the host system you will see vulnerabilities in the kernel. These are not false positives but are in fact vulnerabilities in those kernels. When using a virtualized machine with these technologies various other behaviours will occur, and they are covered in the article ASL#ASL_inside_a_VPS.
We recommend you encourage your hosting provider to install ASL on the host system too.
[edit] Development Path
- OpenVz/Virtuozzo: We are currently finishing the addition of OpenVZ native virtualization to the ASL kernel. This will allow all OpenVZ containers to be protected by the single ASL host kernel. The ETA for this feature is in the Fall of 2011. It is in beta testing now.
- Xen Server: We are currently exploring support for native Xen support in the ASL kernel, where the ASL kernel will act as the Xen server.