Since version 4.0, {{DISPLAYTITLE: vzctl tool can be used with for upstream (non-OpenVZ) Linux kernels (that essentially means any recent 3.x kernel). At the moment, it provides just basic functionality.It is currently possible to create and start a container with the same steps as one would use for a normal OpenVZ container. Other features may be present with limited functionality, while some are not present at all.}}
{{Warning|'''This article describes using OpenVZ tool vzctl as an alternative to LXC tools.''' Recent vzctl releases (starting from version 4.0) can be used with upstream (non-OpenVZ) Linux kernels (that essentially means any recent 3.x kernel). At the moment, it provides just basic functionality.It is currently possible to create, start and stop a container with the same steps as one would use for a normal OpenVZ container. Other features may be present with limited functionality, while some are not present at all. We appreciate all bug reports, please file to [http://bugzilla.openvz.org/enter_bug.cgi?component=vzctl bugzilla]. Running vzctl on upstream kernels is considered an experimental feature. See [[#LimitatonsLimitations]] below.}}
== Installation ==
=== Networking ===
{{Note|IP mode networking (--ipadd / --ipdel) is currently not supported}}
Networking is available through the switches <code>--netdev_add</code>, <code>--netif_add</code>, and their respective deletion counterparts.
Unfortunately now it requires some manual configuration.
Networking is available through the switches --netdev_add, --netif_add, and their respective deletion counterparts.In this case [[Virtual Ethernet device]] is added in [[CT]].== Bridged networking ==
One life hack may be useful while "vzctl enter" doesn't work. If The following example assumes* you use DHCP and don't know which an IP address already have a bridge configured on the host system* bridge interface name is in virbr0* CT, you can find it in /vz/root/[CTID]/var/log/message.is running Red Hat like distro (CentOS)
IP mode networking ( vzctl set $CTID --netif_add eth0,,,,virbr0 --ipadd save echo "NETWORKING=yes" > /vz/private/$CTID/etc/sysconfig/network cat << EOF > /vz/private/$CTID/etc/sysconfig/ network-scripts/ifcfg-ipdel) is currently not supported.eth0 DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes EOF vzctl start $CTID After this, you can find CT IP using this: # ip netns exec $CTID ip address list
== Limitations ==
{{Note|We recommend using [[Download/kernel/rhel6|OpenVZ kernel]] for features, stability and security}} The following vzctl commands are not working at allwith the non-OpenVZ kernel:
* <code>quotaon</code>/<code>quotaoff</code>/<code>quotainit</code> (vzquota-specific)
* <code>convert</code>, <code>compact</code>, <code>snapshot*</code> (ploop-specific)
* <code>console</code> (needs a virtual /dev/console, /dev/ttyN device)
* <code>enter</code>, <code>exec</code> and <code>runscript</code> (need pidns entering support)* <code>chkpnt</code>, <code>restore</code> (currently need OpenVZ-kernel-specific checkpointing, [http://cruicriu.org/ CRIU] will be supported later) The following commands have severe limitations:* <code>stop</code>. A container can be stopped from inside (say if one is connected to CT over ssh) in case the underlying kernel supports rebooting a PID namespace (> 3.4). Using vzctl, the "stop" command is not supported, unless accompanied by the --fast switch, which will simply forceably kill all processes in the container.
The following binaries are not ported to work on top of upstream kernel:
=== Resource management ===
Setting With non-OpenVZ kernel, setting resources like <code>--ram</code> and <code>--cpuunits</code> workworks, but there their effect is dependent on what the current kernel supports, through the cgroups subsystem. When a particular cgroup file is present, it will be used. Currently, vzctl will search for the following files:
* cpu.cfs_quota_us
* cpu.shares
* memory.kmem.tcp.limit_in_bytes
== Building ==
== Building ==In case you don't want to use packages provided by OpenVZ (available from [[Download/vzctl]]), but rather would like to compile vzctl from sources, read on.
=== Dependencies ===
If you are living on the bleeding edge, get vzctl sources from git. Then run autogen.sh to recreate auto* files:
git clone git<nowiki>https://gitsrc.openvz.org/pubscm/ovzl/vzctl.git</nowiki>
cd vzctl
./autogen.sh
=== Compile ===
Usual <code>./conficonfigure && make</code> should do. But you probably want to specify more options. It makes sense to: * enable cgroup support* add <code>--without-ploop</code> (unless you want [[ploop]] compiled it) because otherwise you will need ploop lib headers (available from [[Download/ploop]]).* enable bash completion support* set prefix to /usr See <code>./configure --help</code> output for more details and options available. So, the command will look like: $ ./configure --with-cgroup --without-ploop --enable-bashcomp --prefix=/usr $ make -j4 === Install === # make install vzctl is also bundled in some Linux distributions, so you can install vzctl using native distro tools (i.e. your package manager): * vzctl in [https://launchpad.net/ubuntu/+source/vzctl Ubuntu Linux] [https://help.ubuntu.com/community/OpenVZ Description]* vzctl-core in [https://apps.fedoraproject.org/packages/vzctl-core Fedora Linux] [https://fedoraproject.org/wiki/QA:Testcase_vzctl_base Description]* sys-cluster/vzctl in [http://packages.gentoo.org/package/sys-cluster/vzctl Gentoo Linux]* vzctl in [https://packages.debian.org/search?keywords=vzctl Debian Linux]* vzctl in [http://packages.altlinux.org/vzctl ALT Linux] ([http://altlinux.org/OpenVZ description]) == Known issues and workarounds == === A container doesn't boot and udevd is in a process list ===udev doesn't work, because <code>uevent</code>s are not virtualized yet. If you don't know how to disable it, you can remove the udev package. === <code>vzctl enter</code> doesn't work === You see this when trying to use <code>vzctl enter</code>: Unable to open pty: No such file or directory If a CT is executed in a user namespace, devpts must be mounted with the newinstance option. You can add this option in container's <code>/etc/fstab</code> file.
t makes sense to add <code>--without-ploop</code> (unless you want ploop compiled it) because otherwise you will need ploop lib headers.== See also ==
$ ./configure --* [[OpenVZ with-cgroup --without-ploopupstream kernel]]