CloudLinux OS is meant as a Linux distribution for shared hosting, for use on servers with hundreds or thousands of web sites from different customers. In this interview, Igor Seletskiy, the CEO of CloudLinux, introduces the innovations behind CloudLinux OS.
Igor Seletskiy is a CEO and founder of CloudLinux - company behind KernelCare live patching. He is a Linux enthusiast by heart, and have been programming for Linux (or Unix) for about 25 years now. About 7 years ago he decided to do KernelCare, partially because "we could", and partially because CloudLinux had so many people in a service provider space asking us for the product following Oracle acquisition of Ksplice. It has been 6 years and hundreds of thousands of servers since -- and it truly is a wild ride.
- Question 1: Can you please briefly introduce yourself to our readers? For example, how and when was the first time you got involved with Free and Open Source software.
I was introduced to Sun OS and Solaris back in 1994 while at university, and I really wanted something like that at home. By 1996, most of my waking hours were spent working on a Solaris cluster at university, and a Linux machine at home.
In 1997 I started my first company, Positive Software, creating software for the web hosting industry. The platform of choice for most companies in that space was either Linux or FreeBSD. We did have clients who ran SGI, as well as Solaris & AIX, and it was always fun to see the differences between these OS flavors.
It was a very exciting time. My company was small, and we really loved what we were doing. We had a mix of products, some open sourced, some not. We tried to give back to the community whenever it was possible. That is when we learned that committing upstream is often a challenge.
One of the most interesting products we created was FreeVPS, an implementation of linux containers. That was back in 2004. Of course, we weren't the first to come up with such a solution. Virtuozzo/OpenVZ was on the market a long time before us with an excellent product. But I was young, and was sure that we could do better. We didn’t.
- Question 2: What are the main idea and your vision behind the CloudLinux company and its operating system creation?
In 2005 I sold my first company, then went to work for the buyer. Several years later I was so bored that I decided to quit and start another company. I had kept in touch with my friends in the hosting industry, and as I talked to them I realized that the problem of isolating one customer from another was still a huge issue.
In their shared hosting environments, with hundreds of customers on each server, they couldn't use hypervisors, not even containers. It wasn't 'dense' enough, and they were really struggling. Problems with a single site could bring the whole server down.
I thought it would be a good problem to solve. Knowing the hosting industry, which is dominated by 2-3 control panels, I realized that the only way to go was to make my own OS. I wanted to make one that would be backward compatible with CentOS, which is what 90% of servers in the industry were using.
It was 2009, and the hosting industry was just entering the cloud era. AWS was starting to dominate, but the "cloud" was still mostly about hosting providers. That was the main reason we chose the name "CloudLinux"--our OS would be a Linux distribution for hosting companies.
So, I created an OS specific to the hosting industry, but I mostly wanted to have fun, work with Linux, and do something useful. That is still true 10½ years later. We have released multiple products since then, the most prominent one being live kernel updates for most major linux distributions, KernelCare.com
Whenever we create a new product, the first two questions we typically ask are: “Will it be fun to make?” and, “Is it Linux?” Only after that do we ask, “Will people buy it?” I would have done many more projects if I could stop asking the last question.
- Question 3: What is the CloudLinux operating system's intended use?
CloudLinux OS is meant as a Linux distribution for shared hosting, for use on servers with hundreds or thousands of web sites from different customers. It is not a general purpose OS, nor do we want it to be. That space is very well served by other players.
Yet for hosting companies, we are the best. That is why they are willing to pay for it. We make sure that they can switch back to CentOS at any moment and stop paying, and we make it very easy for them to do so. We focus on value and quality, and it works rather well.
Question 4: Can you name some CloudLinux operating system's core features?
The key feature is LVE, Lightweight Virtual Environments. LVE allows us to isolate workloads of one user from another. Today it’s based on cGroups and namespaces, but 10 years ago we had to do much more work to create it, such as patching the 2.18 kernel.
Of course, LVE is not just about cGroups and namespaces. It is about making sure that everything works together, and providing a layer that collects statistics, controls the limits of the hosting environment, integrates correctly with all the components, etc.
We do other things, too, such as backport security fixes into old versions of PHP, because some people don't update their sites for a decade or more. Also, we have our own PHP module that speeds up serving PHP and minimizes memory usage, but only when you need to serve PHP for hundreds of different user accounts.
So, yes, our OS features are somewhat weird for generic use cases, but very much needed by our customer base.
Question 5: Is the CloudLinux OS developed from scratch, or is it based on another GNU/Linux operating system?
It is a RHEL fork. We are trying to stay as close to RHEL as we can, while letting ourselves diverge any time we can serve our customer base better.
Question 6: Is it possible to deploy the LVE feature on other GNU/Linux operating systems such as Ubuntu Linux or SLES?
We have never ported LVE features on other GNU/Linux operating systems - as we never had enough demand. As such, it would not be possible today.
Question 7: Which web hosting control panels are supported by Cloudlinux OS?
Out of the box CloudLinux works with cPanel, Plesk, DirectAdmin, ISPmanager, CentOS WebPanel, CyberPanel. It will also work with Webmin/Virtualmin. Several companies added integration with their own control panels as well.
Yes, and that is how most of our new customers start. They would have a production server with CentOS. They would execute our "conversion" script, reboot -- and now they are running CloudLinux OS server. No data migration, nothing -- it is a very simple and painless process.
It is very similar to RHEL - we follow RHEL major/minor releases. The main difference is that our tools that make us different from RHEL are available across all versions (CloudLinux 6, 7, 8). So, everything related to limits, statistics, multiple PHP versions, etc… will be the same - no matter which CloudLinux version the customer runs.
No, not at all. Everything that can be done through web UI -- can be done through CLI.
We are still working on improving isolation between users on a single instance of MySQL database. We can already limit CPU & IO, and it works, but there is room for improvement due to the way locking is done in MySQL.
We have a fixed per server / per month licensing model.
Yes, a 30 days license is available.
We provide unlimited 24/7 tech support via helpdesk to all customers.
One of the key new developments is KernelCare+ - ability to livepatch shared libraries. When a shared library is updated (typically via RPM) -- the files on the disk are updated. Yet, if any process in memory is already using that shared library - they will continue using the old version, until the process is killed. This means that without knowing - people often run vulnerable software - even though vulnerability scanners will show that everything is updated.
What makes the problem even harder is that it is fairly difficult to figure out which software needs to be restarted when a shared library is updated. We have developed a technology that detects & patches such shared libraries -- in a way similar to how kernel live patching works.
This is something we are testing now on CloudLinux OS, but will be available for other distributions as well.
Question 8: Given that the Cloudlinux OS is an RHEL spin-off, is it possible to convert an existing RHEL/CentOS installation into Cloudlinux OS?
Question 9: What is the CloudLinux OS release cycle, and how do you manage system upgrades?
Question 10: Is the hosting control panel a requirement? Or is it possible to run and use Cloudlinux's features without, e.g. cPanel?
Question 11: In terms of workload isolation, are there currently any limitations of the LVE feature that you are aware of and work towards its resolution/improvement?
Question 12: How is the Cloudlinux OS licensed? Do you grant a one-time license per core, device or CPU or is similar to, e.g. Red Hat's subscription-based model?
Question 13: Do you provide a trial license for potential customers?
Question 14: Do you offer additional technical assistance to Cloudlinux OS users and who is eligible for support?
Question 15: Can you share with our readers what you guys are currently working on what features we might expect in the upcoming Cloudlinux release?
About Igor Seletskiy
Igor Seletskiy is a CEO and founder of CloudLinux - company behind KernelCare live patching. He is a Linux enthusiast by heart, and have been programming for Linux (or Unix) for about 25 years now.
About 7 years ago he decided to do KernelCare, partially because "we could", and partially because CloudLinux had so many people in a service provider space asking us for the product following Oracle acquisition of Ksplice. It has been 6 years and hundreds of thousands of servers since -- and it truly is a wild ride.