UBC configuration examples

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
User Beancounters
General information
Units of measurement
Parameters description
Primary parameters
numproc, numtcpsock, numothersock, vmguarpages
Secondary parameters
kmemsize, tcpsndbuf, tcprcvbuf, othersockbuf, dgramrcvbuf, oomguarpages, privvmpages
Auxiliary parameters
lockedpages, shmpages, physpages, numfile, numflock, numpty, numsiginfo, dcachesize, numiptent, swappages
User pages accounting
RSS fractions accounting
On-demand accounting
UBC consistency
Consistency formulae
System-wide configuration
Configuration examples
Intermediate configurations
List of parameters
Parameter properties
Config examples

Table UBC configuration examples table contains example settings of the system resources parameters. There are 4 example configurations — A, B, C and D, in the order of increasing container power.

“Power” represents the power of the container. It is shown as the RAM size of the computer slash number of containers of this type that can be run on such a computer.

In all examples it's assumed, that the system has swap space twice bigger than the RAM, so total virtual memory size is 3*(RAM size). But it's not OpenVZ specific requirement to have so much swap space - you can configure your swap as you usually do in linux and even don't have it at all.

“Helper values” are intermediate values, produced during computation of the resource control parameter limits. These values help to understand the process of computing the limits and verify the result. “Total mem” represents the total amount of RAM allowed to be used to each Virtual Environment, “kernel mem” is its kernel fraction (consisting of kmemsize and all socket buffers) and “user mem” is the memory allowed to be allocated to processes. Avnumproc is the expected avarage number of processes, as used in recommendations in UBC consistency check.

For parameters having distinctive barrier and limit the values of the barrier and the limit are shown separated by “/” sign.

All values are given in their “natural units of measurement” (except were the units are explicitly specified). The natural units of measurement are the units in which the values are accepted by vzctl command and stored in container configuration file.

For parameters with names ending in “pages” the natural units of measurement are pages. For other memory parameters (kmemsize, dcachesize and all socket buffers) the units are bytes. For the remaining parameters (such as numproc) the units are items.

Explanation of the examples[edit]

Example A[edit]

This is a configuration of a most “light” container. It has 15 processes on average and can have up to 40 network connections. This configuration allows to run a simple Web server, handling static and dynamic pages produced by simple scripts and accessible over ssh and ftp. Configurations of apache and FTP servers must be adjusted to reduce the number of spawned processes and memory consumption.

A computer with 2GB of RAM (+ 4GB swap) can run up to 400 of such containers.

Here is an example pstree(1) output inside such a container:

[root@test /root]# pstree

Example B[edit]

Example B is a configuration for a not “heavy” and not very loaded server. It can be a dynamic Web server, mail, FTP or DNS server (but not a combination of them). The configuration assumes 40 processes on average and up to 80 network connections.

A computer with 2GB of RAM (+ 4GB swap) can run up to 120 of such containerrs.

Example C[edit]

A configuration for a “heavy” server: Web application server with a database backend or any other server consuming a considerable amount of memory and other resources. Mail and FTP servers having up to 200 simultaneous clients can also work with this configuration. The configuration is designed for 200 processes on average, up to 500 network connections and about 250MB of RAM for each container.

Example D[edit]

Example D is a configuration for 1 container on a computer and emulates a stand-alone server. It roughly corresponds to the default configuration of a stand-alone Linux system.

Caution: it is not a safe configuration. Like a stand-alone Linux system, it can hang if too much memory is consumed. It isn't a security problem, because it is a configuration for only 1 container on a computer. However, to make the configuration more robust and protect the system from silent hangs, numproc, kmemsize and other parameters should be limited to lower values. For example, a configuration produced by multiplying the limits from Example C by 4 is a safe configuration.

Not specified values[edit]

For compatibility with future versions, the limits of vmguarpages, oomguarpages, physpages should be set to LONG_MAX. The barrier of physpages should be set to 0.