Using OpenVZ

OS Templates – Linux Distribution Install Media

The vzctl command is used to create and configure OpenVZ containers. Before you can create a container, you need install media for the Linux distribution you want to install. OpenVZ can NOT use CD / DVD install media (NOR .iso disk image files). OpenVZ requires what it calls an OS Template to create a container for a given Linux distribution. You can download a number of pre-created OS Templates from the OpenVZ website. This is the recommended route for new OpenVZ users. Once you are more familiar with OpenVZ you may want to create your own OS Templates from scratch using a variety of recipes available on the OpenVZ wiki. You can find pre-created OS Templates provided by the OpenVZ Project here:

http://download.openvz.org/template/precreated/

You can also find community contributed OS Templates here:

http://download.openvz.org/contrib/template/precreated/

Download the desired OS Template file and place it in the /vz/template/cache directory on your CentOS 5 host node.

cd /vz/template/cache
wget http://download.openvz.org/template/precreated/contrib/centos-5-i386-default.tar.gz

 

Creating Your First Container

To create a container you use the vzctl command with the create option and a few other parameters. You will need to decide on a unique container ID number (CTID). You will also need some additional information: What OS Template do you want to install from? What IP address will it have? What hostname do you want to give it? What initial resources do you want it to have (taken from a sample configuration template)? These are all set with the following parameters:

–ostemplate {template name}
–conf {config name}
–ipadd {nn.nn.nn.nn}
–hostname {FQDN}

Here is a complete example:

vzctl create 101 \
–ostemplate centos-5-i386-default \
–conf vps.basic \
–ipadd 192.168.1.4 \
–hostname mynew.vps.com

That will create a directory named /vz/private/{CTID} and extract the OS Template into it. It will also copy the specified config file to /etc/vz/conf/{CTID}.conf to create a configuration for the container. Please note that the values given for --ostemplate and --conf do NOT match up to full OS Template nor the configuration filenames… and are somewhat truncated.

The vps.basic configuration is just that, very basic… with a somewhat conservative amount of resources given to the container. For a look at the various resource parameters and their values, feel free to have a look at the sample configuration files in the /etc/vz/conf directory. You can create your own configuration samples (as many as you like) using the vzsplit command (man vzsplit) or by copying existing config files to new files and editing them.

After you create a machine you need to set a few additional parameters using the vzctl set command. Here’s an example:

vzctl set 101 \
–name mynew \
–nameserver “205.171.2.65 205.171.3.65” \
–diskspace 10G:10G \
–save

That will update your container’s config file (in this example /etc/vz/conf/101.conf). Any time you run the vzctl set command if you don’t include the --save parameter it will not save the configuration changes to your config file… but if the container is running it will dynamically change the parameters in the running container for that session. You will almost always want to include the --save as the last parameter for the vzctl set command.

If you want to have the vm started at boot, run

vzctl set 101 –onboot yes –save

To set a hostname and IP address for the vm, run:

vzctl set 101 –hostname test.example.com –save
vzctl set 101 –ipadd 192.168.0.101 –save

Next we set the number of sockets to 120 and assign a few nameservers to the vm:

vzctl set 101 –numothersock 120 –save
vzctl set 101 –nameserver 213.133.98.98 –nameserver 213.133.99.99 –nameserver 213.133.100.100 –nameserver 145.253.2.75 –save

(Instead of using the vzctl set commands, you can as well directly edit the vm’s configuration file which is stored in the /etc/vz/conf directory. If the ID of the vm is 101, then the configuration file is /etc/vz/conf/101.conf.)

To start the vm, run

vzctl start 101

To set a root password for the vm, execute

vzctl exec 101 passwd

You can now either connect to the vm via SSH (e.g. with PuTTY), or you enter it as follows:

vzctl enter 101

To leave the vm’s console, type

exit

To stop a vm, run

vzctl stop 101

To restart a vm, run

vzctl restart 101

To delete a vm from the hard drive (it must be stopped before you can do this), run

vzctl destroy 101

To get a list of your vms and their statuses, run

vzlist -a

[root@server1 cache]# vzlist -a
      VEID      NPROC STATUS  IP_ADDR         HOSTNAME
       101         18 running 192.168.0.101   test.example.com
[root@server1 cache]#

To find out about the resources allocated to a vm, run

vzctl exec 101 cat /proc/user_beancounters

[root@server1 cache]# vzctl exec 101 cat /proc/user_beancounters
Version: 2.5
       uid  resource           held    maxheld    barrier      limit    failcnt
      101:  kmemsize        1508202    1661695   11055923   11377049          0
            lockedpages           0          0        256        256          0
            privvmpages        5430       7102      65536      69632          0
            shmpages            381        381      21504      21504          0
            dummy                 0          0          0          0          0
            numproc              19         21        240        240          0
            physpages          2489       2775          0 2147483647          0
            vmguarpages           0          0      33792 2147483647          0
            oomguarpages       2489       2775      26112 2147483647          0
            numtcpsock            5          5        360        360          0
            numflock              3          4        188        206          0
            numpty                0          1         16         16          0
            numsiginfo            0          2        256        256          0
            tcpsndbuf         44720          0    1720320    2703360          0
            tcprcvbuf         81920          0    1720320    2703360          0
            othersockbuf      13144      14356    1126080    2097152          0
            dgramrcvbuf           0       8380     262144     262144          0
            numothersock         11         13        120        120          0
            dcachesize            0          0    3409920    3624960          0
            numfile             503        531       9312       9312          0
            dummy                 0          0          0          0          0
            dummy                 0          0          0          0          0
            dummy                 0          0          0          0          0
            numiptent            10         10        128        128          0
[root@server1 cache]#

The failcnt column is very important, it should contain only zeros; if it doesn’t, this means that the vm needs more resources than are currently allocated to the vm. Open the vm’s configuration file in /etc/vz/conf and raise the appropriate resource, then restart the vm.

To find out more about the vzctl command, run

man vzctl

What if yum is missing in my container?

The pre-created OS Templates provided by the OpenVZ Project do not have yum installed (contrib OS Templates are more likely to have yum installed) and that seems to miff a lot of users. The reason is that some OpenVZ system administrators prefer to use a tool on the host node named vzyum that allows them to do yum type operations on containers from the host node. Why would you want to do that? Because the yum database and file caches can sometimes take up a significant amount of diskspace (and bandwidth) if each container has its own copy of yum. Using vzyum on the host node, there is a single yum database / cache and the software packages only have to be downloaded once.

There have been some technical issues using vzyum on CentOS 5 x86_64 host nodes (it worked flawlessly in CentOS 4) and as a result vzyum has fallen somewhat out-of-favor with CentOS 5… but the official pre-created OS Templates are still optimized for those using vzyum.

There is a wiki page on the OpenVZ wiki that explains how to install yum in a container if you want it. Basically you download all of the rpm packages needed for yum and install them with rpm.

In Closing

This article has only covered the very basics of OpenVZ. Topics not covered include container monitoring / resource management, configuration file editing / creation (see the vzsplit man page), the container filesystem, or any additional tasks necessary to become a productive OpenVZ system administrator. Also note that OpenVZ has two types of network adaptors and only the basic / default venet was covered. The veth network adaptor has a wider range of capabilities.

The documentation provided by the OpenVZ Project is really good and there is plenty of it. Be sure and read the Users Guide PDF guide for the most comprehensive documentation. The Users Guide is a little dated though as it was written before the addition of the veth network device, checkpointing and migration. Also available are the man pages for all of the various commands. When you want to get into container migration be sure and read the vzmigrate man page.

You are encouraged to get involved and participate in the OpenVZ project by visiting the OpenVZ website, using the forums, the IRC channel (#openvz on the Freenode IRC network), as well as filing bugs if you run across any at bugzilla.openvz.org. Get familiar with the OpenVZ website as there is a lot of material there.

Additional Resources

OpenVZ Project website
Interview with OpenVZ Project Manager
OS Virtualization vs. Hardware Virtualization video presentation from Linuxfest Northwest 2008
Container migration demo video
Performance evaluation of Xen vs. OpenVZ by HP Labs
OpenVZ blog
Parallels Inc.
Linux-VServer website
Interview with Linux-VServer Project Leader