New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Only in: potential speed, ease of setup (for newbie user & for provider), and ease of overselling for provider IMHO
I would never use an OVZ for production due to my privacy paranoia.
One of the key reasons I have migrated away from OpenVZ in most cases (only ones remaining don't have privileged data). Not that providers (or someone else) can't get to the data on your KVM or Xen ... it is just a bit more inconvenient for them to do it; all other things being equal.
I love openVZ since I have one from BoltVM.
If I need to run Windows, I will go with KVM.
When I need a VPS: OpenVZ for most websites/projects.
It always makes me wonder what guys like this are up to when they are so paranoid that their provider is going to snoop their data.
The truth is that the last thing on a providers mind when they have hundreds or thousands of customers is snooping through data when they are too busy answering dumb frivolous trouble tickets in between more important behind the scenes adminstration.
If you are that paranoid get your own dedicated server and encrypt the drives or whatever.
Thanks for the advice, Einstein.
Unlike some, I value my privacy, as I consider privacy a right, not a privilege.
Placing a value on privacy does not mean you have something to hide or are doing something illegal.
BTW, I have my own colo's and also use encrypted instances wherever possible.
You ever consider that it may not just be about hosts snooping, but also about exploits between containers, compromised hosts, and protection of proprietary scripts etc?
There are many providers who will snoop on your data, very few have hundreds of thousands of customers, in fact most around here have a "couple" of servers. And yes, some do get nosey and are stupid enough to leave tracks evidencing it.
Just because you value privacy does not mean you should be viewed with suspicion.
Here's a crazy thought. Get another provider. No shortage of providers with more than just a couple servers run as a mickey mouse hobby so they can snoop peoples data....lol. If you are that concerned about privacy surely you can get someone better than that.
It is always interesting to hear the perspective of "glass house" individuals (such as sman) who think "you're just paranoid, you should have nothing to hide ....."
Why have locks on your house? Why have a root (or any user) password? Why have a chroot jail? Why password protect anything?
Because (among other things), NOT everyone has the best intentions with your stuff whether intentionally or unintentionally.
Indeed and/or if you prefer to minimize the chance of it happening go for Xen or KVM. It's personal choice at the end of the day. But still, people should not be judged on their desire to take additional steps to improve their privacy.
Go and try compromise an OVZ container from another one and then get back to me....mkay. Yes I am aware of the recent exploit. It was fixed and applied by competent providers the same day it became public. Get past it.
Look at the RHEL kernel errata. There are 'potential' exploits found in the kernel almost daily. Usually not limited to any one virtualization or even any virtualization at all. It's just a fact of life. Just because OVZ shares the kernel and folders does not automatically mean it's unsecure. That's just naive the devil you know vs the devil you don't talk.
The developers who managed the OVZ project are some of the best around. At least one of them is part of the core Linux kernel development team and has been since the 90's I think. Lots of the things that go into the OVZ kernel go into the main Linux kernel branch. In fact the stock Linux kernel has a lot of the OVZ virtualization already built in. So you can run OVZ virtualization on a stock Linux kernel. You just don't have all the features.
I'll see your OpenVZ and raise you a KVM, all day, every day. I've used a majority of the most prevalent virtualization technologies ...... and I stand firmly by my previous comments comparing the 3 asked about in this thread.
(From a security perspective) Those who don't mind living in glass houses .......... are quite happy with OpenVZ. It depends on what is important to you.
Apologies to OP for momentary derailment, and hope this thread gets back on topic.
These are more from the providers point of view because they won't help end users if the provider oversells that much more because of it. Wish they would update these to add KVM.
So now you are switching back to the provider snooping argument. The last post you said it wasn't that but inter-container. Like playing whack a mole trying to take your arguments seriously. That was my mistake.
@sman, nice try. I can see from a previous admonition from mods to you, that you like to antagonize ... sorry, but I don't have time to play childish games and I am not here to get sucked in to LowEndDrama.
You can take my feedback regarding KVM/OpenVZ/Xen or you can leave it; it won't matter to me.
Cheers
sman is superman, nothing can scare him
KVM > XEN > OPENVZ.
Reason: I prefer own not modified kernel.
ctrl+f docker
phrase not found
I myself prefer KVM in general.
Which Xen? PV or HVM? or both?
So why are you so paranoid? What exactly are you doing?
Alright, subdiscussion. Which Xen, PV or HVM? I was thinking HVM since we offer Windows with our VPS plans but if people prefer PV as well, maybe both?
I see who your getting at here... I AGREE!