openVZ installation, basic operation, howto, resource management

by iman

installation (debian wheezy)

  1. It is recommended to use a separate partition for containers (by default /var/lib/vz) and format it to ext4.
  2. apt pre-setup
    cat << EOF > /etc/apt/sources.list.d/openvz-rhel6.list
    deb http://download.openvz.org/debian wheezy main
    # deb http://download.openvz.org/debian wheezy-test main
    EOF
  3. wget http://ftp.openvz.org/debian/archive.key apt-key add archive.key
  4. apt-get update
  5. Kernel installation
    apt-get install linux-image-openvz-amd64
  6. add these parameters to /etc/sysctl.conf
    # On Hardware Node we generally need
    # packet forwarding enabled and proxy arp disabled
    net.ipv4.ip_forward = 1
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv4.conf.default.proxy_arp = 0

    # Enables source route verification
    net.ipv4.conf.all.rp_filter = 1

    # Enables the magic-sysrq key
    kernel.sysrq = 1

    # We do not want all our interfaces to send redirects
    net.ipv4.conf.default.send_redirects = 1
    net.ipv4.conf.all.send_redirects = 0

  7. tools installation :

    apt-get install vzctl vzquota ploop vzstats

  8. Now reboot the machine and choose an entry with word “openvz” in the boot loader menu (it should be default choice).

 

basic operations

  1. template: # vzctl create CTID –ostemplate osname

    # vzctl set CTID –ipadd a.b.c.d –save

    # vzctl set CTID –nameserver a.b.c.d –save

    # vzctl start CTID

  2.  samples:    vzctl create 101 –ostemplate fedora-core-5-myTEST (don’t add .tar[.gz] )
  3. vzctl set 101 –ipadd 10.1.2.3 –save (set ip address )
  4. vzctl set 101 –nameserver 10.0.2.1 –save ( add nameserver )
  5. vzctl start 101
  6. vzctl exec CTID ps ax ( to see its processes; )
  7. vzctl enter CTID (Enter to container)
  8. exit (exit from container)
  9. vzctl stop CTID ( stop container )
  10. vzctl destroy CTID (destroy container )
  11.  vzctl status CTID;    vzlist 101;     cat /proc/vz/veinfo     ;    vzctl restart CTID   ;  vzlist -a

howto make a new OpenVZ template from an existing template

We assume container is running under the VMID of 100 .

  1. turn off container : vzctl stop 100
  2. cd/var/lib/vz/private/100
  3. tar -cvzpf /var/lib/vz/template/cache/operatingsystem-version-archtype-description.tar.gz .
        tar -cvzpf /var/lib/vz/template/cache/oracle-6-x86_64-intitial.tar.gz  .

howto backup current container with vzdump

  1. vzdump CTID
  2. to see log files of containers, goto :
    /var/lib/vz/dump

Resource management

cpu :

CPU units: a proportional “weight” of a container. The more units a container has, the more CPU it will get. Assuming we have 2 containers with equal CPU units, when both containers want CPU time (e.g. by running busy loops), each one will get 50%. In case we will double CPU units of one container, it will have two times more CPU (i.e. 66%, while another will take 33%). Note however that if other containers are idle, a single container can have as much as 100% of available CPU time.

  • CPU limit: a hard limit on a share of CPU time. For example, if we set it to 50%, a container will not be able to use more than 50% of CPU time even if CPU will be idle otherwise. By default, this limit is not set, i.e. a single container can have as much as 100% of available CPU time.
  • CPU mask: tells the kernel the exact CPUs that can be used to run this container on. This can also be used as a CPU limiting factor, and helps performance on a non-uniform memory (NUMA) systems.
  • VCPU affinity: tells the kernel a maximum number of CPUs a container can use. The difference from the previous option is you are not able to specify the exact CPUs, only the number of those, and then the kernel dynamically assigns / adjusts CPUs between containers based on current load.
  1. VCPU affinity: set the number of available CPUs in CT by –cpus command:
    vzctl set <CTID> –cpus <NUM>
    vzctl set     101    –cpus      8   –save      (use –save option to save new config to CTID.conf file in /etc/vz)
  2. VCPU mask: set which cpu to use (–cpumask)
    vzctl set <CTID> –cpumask <i,j,k | m-n>
    vzctl set     101    –cpumask        0,1,2   –save      (use –save option to save new config to CTID.conf file in /etc/vz)
  3. VCPU limit: absolute maximum limit for a container to a percent value
    vzctl set <CTID> –cpulimit PRECENTE
    vzctl set  101   –cpulimit   25  –save      (use –save option to save new config to CTID.conf file in /etc/vz)
    says that container 101 cannot ever have more than 25 percent of a CPU even if the CPU is idle for the other 75% of the time.
  4. cpuunits: example:
    vzctl set 101 –cpuunits 1000 –save
    vzctl set 102 –cpuunits 2000 –save
    vzctl set 103 –cpuunits 3000 –save
    If we started a CPU intensive application on each CT, then 103 would be given 3 times as much cpu time as 101 and 102 would get twice as much as 101, but some fraction of what 103 got. Here’s how to determine what the real ratios are.

    Add the three units, 1000+2000+3000 = 6000
    101 gets 1000/6000 or 1/6th of the time. (16%)
    102 gets 2000/6000 or 1/3rd of the time. (34%)
    103 gets 3000/6000 or 1/2 of the time. (50%)

  5. combined example : vzctl set 101 –cpus 8   –cpumask 0,1,2,4-8   –cpuunit 1000   –cpulimit 95   –save