Centos – LVM volume group shared between KVM/libvirt host and guests: is this a bad idea

centoskvm-virtualizationlvmsoftware-raidstorage

I have just built a shiny new KVM/libvirt-based virtual machine host, containing 4 SATA II hard drives, and running CentOS 5.5 x86_64.

I have decided to create virtual machine disks as logical volumes in an LVM volume group managed as a libvirt storage pool, instead of the usual practice of creating the disks as qcow images.

What I can't decide on is whether I should create the virtual machine logical volumes in the VM host's volume group, or in a dedicated volume group.

Which method should I choose, and why?

Method 1: Use the VM host's volume group

Implementation:

small RAID1 md0 containing the /boot filesystem
large RAID10 md1 occupying the remaining space, which contains an LVM volume group vghost. vghost contains the VM host's root filesystem and swap partition
create virtual machine disks as logical volumes in vghost as required

Pros:

if the VM host's root filesystem runs out of space, I can allocate more space from vghost with relative ease
The system is already up and running (but it is no big deal to start over)

Cons:

Depsite the fact that this method seems to work, I can't shake the feeling that this is somehow a bad idea. I feel that:

this may somehow be a security risk
at some point in the future I may find some limitation with the setup, and wish that I used a dedicated group
the system (CentOS, libvirt, etc.) may not really be designed to be used like this, and therefore at some point I might accidentialy corrupt/lose the VM host's files and/or filesystem

Method 2: Use a dedicated volume group

Implementation:

same md0 and md1 as in Method 1, except make md1 just large enough to contain for the VM host (eg. 5 to 10GB)
large RAID10 md2 occuping the remaining space. md2 contains an LVM volume group vgvms, whose logical volumes are to be used exclusively by virtual machines

Pros:

I can tinker with vgvms without fear of breaking the host OS
this seems like a more elegant and safe solution

Cons:

if the VM host's filesystem runs out of space, I would have to move parts of its filesystem (eg. /usr or /var) onto vgvms, which doesn't seem very nice.
I have to reinstall the host OS (which as previously stated I don't really mind doing)

UPDATE #1:

One reason why I am worried about running out of VM host disk space in Method 2 is because I don't know if the VM host is powerful enough to run all services in virtual machines, ie. I may have to migrate some/all services from virtual machines to the host OS.

VM host hardware specification:

Phenom II 955 X4 Black Edition processor (3.2GHz, 4-core CPU)
2x4GB Kingston PC3-10600 DDR3 RAM
Gigabyte GA-880GM-USB3 motherboard
4x WD Caviar RE3 500GB SATA II HDDs (7200rpm)
Antec BP500U Basiq 500W ATX power supply
CoolerMaster CM 690 case

UPDATE #2:

One reason why I feel that the system may not be designed to use the host VG as a libvirt storage pool in Method 1 is some behaviour I noticed in virt-manager:

upon add, it complained that it couldn't activate the VG (obviously, becuase the host OS has already activated it)
upon remove, it refused to do so because it couldn't deactivate the VG (obviously, because the host OS is still using the root and swap LVs)

Best Answer

Well thought-out question!

I'd go with Method 2, but that's more of a personal preference. To me, the Method 2 Cons aren't much of an issue. I don't see the host OS outgrowing its 5-10GB partition, unless you start installing extra stuff on it, which you really shouldn't. For the sake of simplicity and security, the host OS really should be a bare minimal install, not running anything except the bare minimum needed for administration (e.g. sshd).

The Method 1 Cons aren't really an issue either, IMO. I don't think there would be any extra security risk, since if a rooted VM is somehow able to break out of its partition and infect/damage other partitions, having the host OS on a separate VG might not make any difference. The other two Cons are not something I can speak to from direct experience, but I my gut says that CentOS, LVM, and libvirt are flexible and robust enough not to worry about them.

EDIT - Response to Update 1

These days, the performance hit of virtualization is very low, especially using processors with built in support for it, so I don't think moving a service from a guest VM into the host OS would ever be worth doing. You might get a 10% speed boost by running on the "bare metal", but you would lose the benefits of having a small, tight, secure host OS, and potentially impact the stability of the whole server. Not worth it, IMO.

In light of this, I would still favour Method 2.

Response to Update 2

It seems that the particular way that libvirt assumes storage is layed out is yet another point in favour Method 2. My recommendation is: go with Method 2.

Related Solutions

Lvm – KVM + LVM: Where to put LVM

LVM's performance overhead is trivial, using it twice won't change that. Your raid-5 device is going to have a much much greater impact than lvm.

Linux – How to find the physical volume(s) that hold a logical volume in LVM

The pvdisplay command has a -m option to show the mapping of physical extents to logical volumes and logical extents.

I have set up the following situation on a test machine:

3 disks of 1GB each added to the system and used as physical volumes for vg_test
6 logical volumes made with various sizes (ranging from 300M to 1.1G) so that they are spread over the physical volumes

Running pvdisplay -m on this machine results in the following output:

[root@centos6 ~]# pvdisplay -m
  --- Physical volume ---
  PV Name               /dev/sdb
  VG Name               vg_test
  PV Size               1.00 GiB / not usable 4.00 MiB
  Allocatable           yes 
  PE Size               4.00 MiB
  Total PE              255
  Free PE               5
  Allocated PE          250
  PV UUID               eR2ko2-aKRf-uCfq-O2L0-z6em-ZYT5-23YhKb

  --- Physical Segments ---
  Physical extent 0 to 74:
    Logical volume  /dev/vg_test/one
    Logical extents 0 to 74
  Physical extent 75 to 149:
    Logical volume  /dev/vg_test/two
    Logical extents 0 to 74
  Physical extent 150 to 249:
    Logical volume  /dev/vg_test/four
    Logical extents 0 to 99
  Physical extent 250 to 254:
    FREE

  --- Physical volume ---
  PV Name               /dev/sdc
  VG Name               vg_test
  PV Size               1.00 GiB / not usable 4.00 MiB
  Allocatable           yes 
  PE Size               4.00 MiB
  Total PE              255
  Free PE               10
  Allocated PE          245
  PV UUID               rByjXK-NA6D-ifnY-lKdF-eFWg-Ndou-psGJUq

  --- Physical Segments ---
  Physical extent 0 to 124:
    Logical volume  /dev/vg_test/three
    Logical extents 0 to 124
  Physical extent 125 to 224:
    Logical volume  /dev/vg_test/five
    Logical extents 0 to 99
  Physical extent 225 to 244:
    Logical volume  /dev/vg_test/six
    Logical extents 255 to 274
  Physical extent 245 to 254:
    FREE

  --- Physical volume ---
  PV Name               /dev/sdd
  VG Name               vg_test
  PV Size               1.00 GiB / not usable 4.00 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              255
  Free PE               0
  Allocated PE          255
  PV UUID               TCJnZM-0ss9-o5gY-lgD3-7Kq6-18IH-sN04To

  --- Physical Segments ---
  Physical extent 0 to 254:
    Logical volume  /dev/vg_test/six
    Logical extents 0 to 254

As you can see, You get a nice overview of where the extents for each of the 6 logical volumes are.

Method 1: Use the VM host's volume group

Implementation:

Pros:

Cons:

Method 2: Use a dedicated volume group

Implementation:

Pros:

Cons:

VM host hardware specification:

Best Answer

Related Solutions

Lvm – KVM + LVM: Where to put LVM

Linux – How to find the physical volume(s) that hold a logical volume in LVM

Related Topic