Editing Leaflet

Jump to: navigation, search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 1: Line 1:
= Container-based virtualization for Linux. Fast, lightweight, secure. Choose three. =
 
 
 
== What is OpenVZ? ==
 
== What is OpenVZ? ==
  
 
OpenVZ is a project that combines the following container virtualization technologies for Linux:
 
OpenVZ is a project that combines the following container virtualization technologies for Linux:
  
*'''Virtuozzo kernel''', a Linux kernel with patches that implements OpenVZ kernel functionality.
+
*'''Virtuozzo kernel''' is a Linux kernel with patches that implements OpenVZ kernel functionality.
 +
 
 +
*'''Management utilities''', such as vzctl, to manage container life cycle.
 +
 
 +
*'''Checkpoint/Restore In Userspace''', or CRIU (pronounced kree-oo, IPA: /krɪʊ/, Russian: криу), is a software tool for Linux operating system. Using this tool, you can freeze a running application (or part of it) and checkpoint it to a hard drive as a collection of files. You can then use the files to restore and run the application from the point it was frozen at. The distinctive feature of the CRIU project is that it is mainly implemented in user space. Docker and LXC uses CRIU to be able to migrate containers between servers.
  
*'''Management utilities''', such as vzctl, for managing container life cycle.
+
*'''P.Haul''' is the project on top of CRIU that implements live migration usage scenario.
  
*'''Checkpoint/Restore In Userspace''', or CRIU (pronounced kree-oo, IPA: /krɪʊ/, Russian: криу), is a software tool for Linux that enables you to freeze a running application (or a part of it) and checkpoint it to a hard drive as a collection of files. You can then use the files to restore and run the application from the point it was frozen at. The distinctive feature of the CRIU project is that it is mainly implemented in userspace. Docker and LXC use CRIU for migrating containers between servers.
+
*'''LibCT''' is a container management library which provides convenient API for frontend programs to manage a container during its whole lifetime.
  
*'''P.Haul''' is the project on top of CRIU that implements the live migration usage scenario.
+
== 10 years anniversary  - short history of OpenVZ project ==
  
*'''LibCT''' is a container management library that provides a convenient API for front-end programs for managing the entire container life cycle.
+
http://openvz.org/History
  
== 10-year anniversary - a short [http://openvz.org/History history] of the OpenVZ project ==
+
1999
  
'''1999''':
+
Nov 1999: SWsoft chief scientist formulated three main components of Linux containers: set of processes with namespace isolation, file system to share code/ram and isolation in resources.
  
*Nov 1999: SWsoft chief scientist formulates three key components of Linux containers: a set of processes with namespace isolation, a file system to share code and RAM, and isolation of resources.
+
2000
  
'''2000''':
+
Feb 2000: 5 people started working on the first mockup version of Virtuozzo (namespaces, isolation, vzfs).
 +
Jul 2000: limited public beta testing: two public servers (Virtuozzo 0.1 and control panels), 5000 VEs during summer
  
*Feb 2000: A team of five people start working on the first mockup version of Virtuozzo (namespaces, isolation, vzfs).
+
2002
*Jul 2000: A limited public beta testing starts on two public servers (Virtuozzo 0.1 and control panels). The number of VEs reaches 5000 during summer.
 
  
'''2002''':
+
Jan 2002: SWsoft (now known as Odin) initially released a product for Linux named Virtuozzo.
  
*Jan 2002: SWsoft (now known as Odin) rolls out the initial release of Virtuozzo for Linux.
+
2005
  
'''2005''':
+
2005: SWsoft created the OpenVZ Project to release the core of Virtuozzo under GNU GPL.
 +
2005: SWsoft acquired a hosting/development company "Express" with their own containers for FreeBSD (it was later dropped due to small number of clients).
  
*2005: SWsoft creates the OpenVZ Project to release the core of Virtuozzo under GNU GPL.
+
2006
*2005: SWsoft acquires a hosting/development company Express with their own containers for FreeBSD (later dropped due to a small number of clients).
 
  
'''2006''':
+
Jan 2006: Rebase to kernel 2.6.15
 +
Oct 2006: Port to SPARC and PPC
 +
Nov 2006: Port to 2.6.18 kernel
 +
Nov 2006: OpenVZ adds live migration capability
  
*Jan 2006: Rebase to kernel 2.6.15.
+
2007
*Oct 2006: Port to SPARC and PPC.
 
*Nov 2006: Port to 2.6.18 kernel.
 
*Nov 2006: Live migration capability added to OpenVZ.
 
  
'''2007''':
+
Mar 2007: Port to RHEL5 kernel
 +
Mar 2007: Port to 2.6.20 kernel
  
*Mar 2007: Port to RHEL5 kernel.
+
2008
*Mar 2007: Port to 2.6.20 kernel.
 
  
'''2008''':
+
Apr 2008: Rebase to kernel 2.6.25
 +
Oct 2008: Port to ARM
  
*Apr 2008: Rebase to kernel 2.6.25.
+
2009
*Oct 2008: Port to ARM.
 
  
'''2009''':
+
Aug 2009: Parallels company is in Top 10 Linux kernel contributors with their patches for Linux containers. Our contributions to the kernel at that time was PID, IPC, and network namespaces, with the last one being the biggest.
  
*Aug 2009: Parallels is in Top 10 Linux kernel contributors with their patches for Linux containers. The contributions to the kernel include PID, IPC, and network namespaces, the last one being the biggest.
+
2011
  
'''2011''':
+
Jul 2011: Pavel Emelyanov sent initial RFC and code. The idea of CRIU of course came up earlier when we figured we (or anyone else, for that matter) can't possibly merge in-kernel checkpoint/restore. Re-implementing it in userspace looked crazy for everyone including me, and Andrew Morton's and Linus Torvalds' initial reaction was similar ("some crazy russians").
 +
Sep 2011: Cyrill Gorcunov made first commit to CRIU project
  
*Jul 2011: Pavel Emelianov sends initial RFC and code. The idea of CRIU came up earlier when OpenVZ team realized that merging in-kernel checkpoint/restore was impossible. Re-implementing it in userspace looked crazy for everyone, Andrew Morton and Linus Torvalds included ("Some crazy russians").
+
2012
*Sep 2011: Cyrill Gorcunov makes the first commit to the CRIU project.
 
  
'''2012''':
+
Jul 2012: CRIU v0.1 is available.
 +
Oct 2012: vzctl for upstream Linux kernel is available
  
*Jul 2012: CRIU v0.1 is available.
+
2014
*Oct 2012: vzctl for upstream Linux kernel is available.
 
  
'''2014''':
+
Dec 2014: Parallels announced merging OpenVZ and Parallels Cloud Server into single common open source codebase.
  
*Dec 2014: Parallels announces merging OpenVZ and Parallels Cloud Server into a single common open source codebase.
+
2015
  
'''2015''':
+
Apr 2015: Source code of RHEL7-based kernel was published and kernel development process become open.
 +
Jun 2015: Source code of most userspace utilities was published.
 +
Jul 2015: Published regularly updated yum repository with Virtuozzo RPM packages and installation ISO image.
 +
Jul 2015: Announced Virtuozzo 7 Technical Preview - Containers
  
*Apr 2015: The source code of the RHEL7-based kernel is published and kernel development process becomes open.
 
*Jun 2015: The source code of most userspace utilities is published.
 
*Jul 2015: A yum repository with Virtuozzo RPM packages and installation ISO image is published and regularly updated.
 
*Jul 2015: Virtuozzo 7 Technical Preview - Containers is announced.
 
  
 
== Frequently Asked Questions ==
 
== Frequently Asked Questions ==
Line 81: Line 82:
 
'''What is a container (Virtual Environment, Virtual Private Server)?'''
 
'''What is a container (Virtual Environment, Virtual Private Server)?'''
  
A container (CT) is an isolated entity which works exactly like a standalone server. Containers can be rebooted independently and have root access, users/groups, IP addresses, memory, processes, files, applications, system libraries, and configuration files.
+
A container (CT) is an isolated entity which performs and executes exactly like a stand-alone server. Containers can be rebooted independently and have root access, users/groups, IP address(es), memory, processes, files, applications, system libraries and configuration files.
  
 
'''What is a virtual machine?'''
 
'''What is a virtual machine?'''
  
A virtual machine (VM) is an emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software, or a combination of both.
+
Virtual machine (VM) is an emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software, or a combination of both.
  
 
'''What are the highlights of OpenVZ technology?'''
 
'''What are the highlights of OpenVZ technology?'''
  
OpenVZ is a highly scalable virtualization technology for Linux with near-zero overhead, strong isolation and rapid customer provisioning that is ready for production use out of the box. Deployment of OpenVZ improves efficiency, flexibility, and quality of service in the enterprise environment.
+
OpenVZ is highly scalable virtualization technology for Linux with near-zero overhead, strong isolation and rapid customer provisioning that's ready for production use right now. Deployment of OpenVZ improves efficiency, flexibility and quality of service in the enterprise environment.
  
 
'''How is OpenVZ different from other technologies?'''
 
'''How is OpenVZ different from other technologies?'''
  
Virtual machines boot separate kernels on emulated hardware instances. OpenVZ runs all containers under a single Linux kernel. OpenVZ offers a much higher density, enabling to host thousands of containers on a single physical server, but can only run Linux in those containers. Virtual machine solutions usually top out at a few dozen instances, but can run different operating systems in each.
+
Virtual Machines boot separate kernels on emulated hardware instances. OpenVZ runs all containers under a single Linux kernel. OpenVZ offers much higher density, hosting thousands of containers on a single physical server, but can only run Linux in those containers. Virtual machine solutions usually top out at a few dozen instances, but can run different operating systems in each.
  
 
'''What is the relationship between OpenVZ and LXC?'''
 
'''What is the relationship between OpenVZ and LXC?'''
  
OpenVZ develops a new container technology that then goes upstream into the vanilla Linux kernel. OpenVZ has an about 5 year head start on LXC, but is actively feeding the technology upstream into vanilla containers. Several internal details currently differ (OpenVZ adds new system calls, vanilla uses the cgroups filesystem, new clone flags, and other mechanisms).
+
OpenVZ develops new container technology that then goes upstream into the vanilla Linux kernel. OpenVZ has about a 5 year headstart on LXC, but is actively feeding technology upstream into vanilla containers. Several internal details currently differ (OpenVZ adds new system calls, vanilla uses the cgroups filesystem, new clone flags, and other mechanisms).
 
+
What applications can run inside an OpenVZ container?  
'''What applications can run inside an OpenVZ container?'''
+
Applications and services do not have to be aware of OpenVZ, and most install without any modifications: Java, Oracle, DB/2, Weblogic, Websphere and many other big applications run just fine inside OpenVZ containers. However, direct access to hardware is not available by default; if required it must be provided by the system administrator.
 
 
Applications and services do not have to be aware of OpenVZ, and most are installed without any modifications: Java, Oracle, DB/2, Weblogic, Websphere, and many other big applications run just fine inside OpenVZ containers. However, direct access to hardware is not available by default; if required it must be provided by the system administrator.
 
  
 
'''How scalable is OpenVZ?'''  
 
'''How scalable is OpenVZ?'''  
  
OpenVZ scales as well as Linux does: we've tested 64 CPUs with 128 GB of RAM. It scales down to embedded devices like smart phones or plug computers. A single container can dynamically scale to take from a tiny fraction to all available resources and that can be adjusted without restart.
+
OpenVZ scales as well as Linux: we've tested 64 CPUs with 128 GB of RAM. It scales down to embedded devices like smart phones or plug computers. A single container can dynamically scale from taking a tiny fraction to all available resources, and may be adjusted without restarting it.
  
 
'''How does OpenVZ improve efficiency?'''
 
'''How does OpenVZ improve efficiency?'''
  
OpenVZ improves utilization of existing hardware by increasing average load while still providing the ability to handle peak loads. When buying new servers, using a few powerful boxes instead of many small ones allows better reliability, better peak performance and typically longer lifespan.
+
OpenVZ improves utilization of existing hardware by increasing average load while still providing the ability to handle peak loads. When buying new servers, using a few powerful boxes instead of many little ones allows better reliability, better peak performance and typically longer lifespan.  
  
 
'''How does OpenVZ improve flexibility of services?'''
 
'''How does OpenVZ improve flexibility of services?'''
  
Each container is hardware-independent and can be moved to another OpenVZ-based system over network in seconds. This eases hardware maintenance (move out all containers and do whatever you need with the box) and improves availability (keep a synchronized copy of your container elsewhere and start it up if primary service fails). When your old box can no longer cope with peak load, you can live migrate your containers to a new one.
+
Each container is hardware independent, and can be moved to another OpenVZ-based system over the network in seconds. This eases hardware maintenance (move out all containers and do whatever you need with the box) and improves availability (keep a synchronized copy of your container elsewhere and start it up if primary service fails). When your old box can no longer cope with peak load, live migrate your containers to a new one.  
  
 
'''What is the performance overhead?'''  
 
'''What is the performance overhead?'''  
  
Near zero. There is no emulation layer, only security isolation and resource accounting. All checking is done in the kernel without context switching.
+
Near zero. There is no emulation layer, only security isolation and resource accounting. All checking is done in the kernel without context switching.  
  
 
'''Where do I get (or put) more answers?'''
 
'''Where do I get (or put) more answers?'''
Line 127: Line 126:
 
=== Server Consolidation ===
 
=== Server Consolidation ===
  
* Uniform management.
+
* Uniform management  
* Easy to upgrade from Virtuozzo OpenVZ edition to the commercial Virtuozzo.
+
* Easy to upgrade from Virtuozzo OpenVZ edition to commercial Virtuozzo
* Scalable.
+
* Scalable  
* Fast migration.
+
* Fast migration  
  
 
=== Development and Testing ===
 
=== Development and Testing ===
  
* Different distros can co-exist.
+
* Different distros can co-exist  
* A container can be created in a minute.
+
* A container can be created in a minute
* A server can have hundreds of containers.
+
* Can have hundreds of containers  
* Cloning, snapshots, rollbacks are available.
+
* Cloning, snapshots, rollbacks  
* A container is a sandbox: one can work and play without fear.
+
* A container is a sandbox: work/play, no fear  
  
 
=== Security ===
 
=== Security ===
  
* Give each app its own isolated container.
+
* Give each app its own isolated container  
* Security hole in an app will not affect others.
+
* Security hole in an app will not affect others  
* Dynamic resource management controls runaway processes.
+
* Dynamic resource management controls runaway processes
  
 
=== Hosting ===
 
=== Hosting ===
  
* Users are isolated.
+
* Isolated users
* A container is like a real server, just cheaper.
+
* A container is like a real server, just cheaper  
* Much easier to administer.
+
* Much easier to admin
  
 
=== Education ===
 
=== Education ===
  
* Every student can have root access.
+
* Every student can have root access
* Different distributions are supported.
+
* Different distributions are supported
* Low hardware requirements.
+
* No need for a lot of hardware
  
  
Line 162: Line 161:
  
 
Stay tuned: https://twitter.com/_openvz_
 
Stay tuned: https://twitter.com/_openvz_
 
== See also ==
 
 
* [https://github.com/fedoradesign/flock2015booklet Fedora Flock 2015 booklet]
 
 
[[Category:Events‏‎]]
 
[[Category:Design]]
 

Please note that all contributions to OpenVZ Virtuozzo Containers Wiki may be edited, altered, or removed by other contributors. If you don't want your writing to be edited mercilessly, then don't submit it here.
If you are going to add external links to an article, read the External links policy first!

To edit this page, please answer the question that appears below (more info):

Cancel Editing help (opens in new window)