Container Service

OpenVZ

OpenVZ is the free variant of a commercial product called Parallels Virtuozzo. The kernel component is available under the GPL; the source code for the matching tools under the QPL. OpenVZ runs on any CPU type, including CPUs without VT extensions. It supports snapshots of active containers as well as the live migration of containers to a different host (see the box "Live Migration, Checkpointing, and Restoring"). Incidentally, the host is referred to as the hardware node in OpenVZ speak.

vzmigrate -online target IP VEID

To be able to use OpenVZ, you will need a kernel with OpenVZ patches. One problem is that the current stable release of OpenVZ is still based on kernel 2.6.18, and what is known as the super stable version is based on 2.6.9. It looks like the OpenVZ developers can't keep pace with official kernel development. Various distributions have had an OpenVZ kernel, such as the last LTS release (8.04) of Ubuntu, on which this article is based (Figure 2).

Figure 2: openSUSE with Ubuntu: system virtualization with resource containers is an interesting option if you need to host (multiple) Linux guest systems as efficiently as possible on a Linux host system.

Ubuntu 9.04 and 9.10 no longer feature OpenVZ, apart from the VZ tools; this also applies to Ubuntu 10.04. If you really need a current kernel on your host system, your only option is to download the beta release, which uses kernel 2.6.32. The option of using OpenVZ and KVM on the same host system opens up interesting possibilities for a free super virtualization solution that administrators can experiment with.

If you are planning to deploy OpenVZ in a production environment, I suggest you keep to the following recommendations: You must disable SELinux because OpenVZ will not work correctly otherwise. Additionally, the host system should only be a minimal system. You will probably want to dedicate a separate partition to OpenVZ and to mount this below, say, /ovz. Besides this, you should have at least 5GB hard disk space, a fair amount of RAM (at least 4GB), and enough swap space.

Starting OpenVZ

Installing OpenVZ is simple. Users on RPM-based operating systems such as RHEL or CentOS can simply include the Yum repository specified in the quick install manual on the project homepage. Ubuntu 8.04 users will find a linux-openvz meta-package in the multiverse repository, which installs the required OpenVZ kernel including the kernel modules and header files (Figure 3). At the time of writing, no OpenVZ kernel was available for Ubuntu 10.04. If you are interested in using OpenVZ with a current version of Ubuntu, you will find a prebuilt deb package in Debian's unstable branch. You can install by typing:

sudo dpkg -i linux-base_2.6.32-10_all.debU
   linux-image-2.6.32-4-openvz-686_U
   2.6.32-10_i386.deb

The sudo apt-get -f install command will automatically retrieve any missing packages. You will also need to install the vzctl tool, which has a dependency for vzquota.

Figure 3: I installed OpenVZ from the package sources for Ubuntu 8.04 – the last version of Ubuntu to officially include an OpenVZ kernel. The only package needed for this was the linux-openvz meta-package.

Before setting up the containers and configuring the OpenVZ host environment, you will quickly need to modify a few kernel parameters that are necessary to run OpenVZ in the /etc/sysctl.conf file on the host system. For more detailed information on this, refer to the sysctl section in the quick install guide. This covers providing network access to the guest systems, which involves setting up packet forwarding for IPv4 as described at [5]. You then need to reboot with the new kernel. If you edit sysctl after rebooting, you can reload by typing sudo sysctl -p. Typing sudo /etc/init.d/vz start wakes up the virtualization machine.

Next, you should make sure all the OpenVZ services are running; this is easily done (on Ubuntu) by issuing the sudo sysv-rc-conf -list vz command. If the tool is missing, you can type sudo apt-get install sysconfig to install it. Debian and Red Hat users can run the legacy chkconfig tool. A check of service vz status should now tell you that "OpenVZ is running."

Container Templates

OpenVZ users don't need to install an operating system in the traditional sense of the word. The most convenient approach to setting up OpenVZ containers is using templates, that is, tarballs with a minimal version of the distribution you want to use in the container. Administrators can create templates themselves, although this is not exactly trivial [6]. It is far easier to download prebuilt templates [7] and copy them to the template folder as follows:

sudo cp path to template U
  /var/lib/vz/template/cache

Besides templates provided by the OpenVZ team, the page also offers a number of community templates (Figure 4).

Figure 4: The OpenVZ developers provide container templates for various guest systems; this makes installing a guest system a quick and easy experience.