The question is often asked whether OpenVZ or Xen, two of the most common hypervisors in VPS web hosting, provides a faster hosting environment.
The most common answer to this question is that “OpenVZ is faster,” even though this is not strictly true. OpenVZ’s virtualization is managed at the operating system (OS) level, compared to Xen’s paravirtualized or fully hardware-virtualized environments. Hence, OpenVZ requires slightly less resource overhead, and can be seen as a more resource-efficient hypervisor — but not necessarily a “faster” one.
Compared to performance that would be measured for an application running directly on the physical server, all virtualization techniques will result in at least a small loss in performance due to the hypervisor’s resource overhead. Since most VPS hosts power their host servers with high-quality hardware, this loss in performance is hardly perceptible.
However, the question remains as to whether the Xen or OpenVZ hypervisor achieves better performance. The simple answer is that there are a great number of factors which could determine an answer one way or another, but there are certain key factors which set the two system apart.
It is important to note the methods Xen and OpenVZ use to assign resources to VEs. On an OpenVZ host server, where all of the server’s physical hardware resources “belong” to the host server and VEs differ only in the operating systems they are running, each VE will essentially have access to the entire server’s resources. Although there are “soft limits” placed for each VE to prevent over-usage of RAM, disk, and other resources, these limits can be (and are frequently) bypassed and abused. For this reason, the performance of an OpenVZ VPS can vary wildly depending on how many other VEs are on the same host, and what they are doing.
In contrast to OpenVZ’s OS-level virtualization, Xen virtualizes hardware and network resources at a deeper level, and provides near-total isolation for each individual VE. It is well-known that Xen VPS instances can run their own isolated kernels, but this more advanced hypervisor confers other benefits as well. A Xen VPS is guaranteed its resource allocations in such a way that it is impossible for neighboring VEs to “steal” them, which means that Xen environments are far more reliably stable than OpenVZ environments.
Resource Over-commitment (Overselling)
A side-effect of these virtualization techniques is that Xen host servers cannot be oversold, while OpenVZ host servers are frequently oversold (in fact, this is why OpenVZ hosting is typically less expensive than Xen). Overselling is the practice of over-committing the host server’s resources in such a way that the server could not actually sustain itself if each VE requested 100% of the resources it is “guaranteed.” Since Xen dedicates resources to each VE which are then no longer available to the host system or any neighboring VEs, it is not possible to over-commit a Xen host’s resources.
Security & Stability
For the same reasons mentioned above — namely, that OpenVZ containers take their resources freely from a “pool,” while Xen containers have their own dedicated resources — OpenVZ is also prone to flaws impacting system security and stability.
Since OpenVZ virtualizes at the OS level, all hosted VEs essentially share the same host-level kernel. Because of this, a kernel exception caused by one container can crash the entire host server, affecting all other co-hosted VEs. Similarly, OpenVZ hosts use a single iptables and single network interface to mediate incoming/outgoing connections, as well. The results are easy to imagine: if one VE pushes too hard (even accidentally), the others will suffer.
Each Xen environment is “locked in” to its container, which makes it comparatively impossible to abuse the host system in a way that would affect neighboring VEs. For this reason, Xen VPS are considered far more reliable and secure, and can be likened more to dedicated servers in terms of their structure and features.
With all of this in mind, it becomes clear why OpenVZ is often said to be faster than Xen, and sometimes even appears that way in benchmarks — the benchmarks compare [b]empty OpenVZ systems to empty Xen systems, as would be typical in an objective, testing environment.
In a real web hosting environment, however, host servers will be bustling with activity by the time you get there, which makes a Xen VPS is a much better guarantee to have — it means having the peace of mind knowing that the resources you need will be there when you need them.
Although it is true that OpenVZ is marginally “faster” due to the hypervisor’s decreased resource overhead, this difference is not tangible in actual usage, and will manifest only as a slightly smaller amount of available RAM on freshly installed Xen VEs.
So, here is the final answer:
In Theory, OpenVZ provides a faster virtualized environment due to the fact that the VE is directly supported by the host system, and therefore uses less of its own resources to maintain its OS.
In Practice, Xen reliably outperforms OpenVZ, especially among budget-oriented web hosts where practices like resource over-commitment are common