Difference between revisions of "Vzctl for upstream kernel"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(enlarge, split into more sections)
(more subsections)
Line 15: Line 15:
 
* <code>stop</code>. A container can be stopped from inside (say if one is connected to CT over ssh) in case the underlying kernel supports rebooting a PID namespace (> 3.4). Using vzctl, the "stop" command is not supported, unless accompanied by the --fast switch, which will simply forceably kill all processes in the container.
 
* <code>stop</code>. A container can be stopped from inside (say if one is connected to CT over ssh) in case the underlying kernel supports rebooting a PID namespace (> 3.4). Using vzctl, the "stop" command is not supported, unless accompanied by the --fast switch, which will simply forceably kill all processes in the container.
  
 +
=== /proc and /sys ===
 
Software that depend on information supplied by the proc filesystem may not work correctly, since there is not a full solution for full /proc virtualization. For instance, /proc/stat is not yet virtualized, and top will show distorted values.
 
Software that depend on information supplied by the proc filesystem may not work correctly, since there is not a full solution for full /proc virtualization. For instance, /proc/stat is not yet virtualized, and top will show distorted values.
 +
 +
=== Resource management ===
  
 
Setting resources like --physpages and --cpuunits work, but there their effect is dependent on what the current kernel supports, through the cgroups subsystem. When a particular cgroup file is present, it will be used. Currently, vzctl will search for the following files:
 
Setting resources like --physpages and --cpuunits work, but there their effect is dependent on what the current kernel supports, through the cgroups subsystem. When a particular cgroup file is present, it will be used. Currently, vzctl will search for the following files:
** cpu.cfs_quota_us
+
* cpu.cfs_quota_us
** cpu.shares
+
* cpu.shares
** cpuset.cpus
+
* cpuset.cpus
** memory.limit_in_bytes
+
* memory.limit_in_bytes
** memory.memsw.limit_in_bytes
+
* memory.memsw.limit_in_bytes
** memory.kmem.limit_in_bytes
+
* memory.kmem.limit_in_bytes
** memory.kmem.tcp.limit_in_bytes
+
* memory.kmem.tcp.limit_in_bytes
  
 
=== Other binaries ===
 
=== Other binaries ===

Revision as of 12:55, 15 August 2012

Warning.svg Warning: Running vzctl on upstream kernels is considered an experimental feature.

With this release vzctl tool is expected to run with Upstream Linux kernels. At the moment, it provides just basic functionality. It is currently possible to create and start a container with the same steps as one would use for a normal OpenVZ container. Other functionality may be present with limited functionality, while some are not present at all.

Limitations

The following vzctl commands are not working at all:

  • quotaon/quotaoff/quotainit (vzquota-specific)
  • convert, compact, snapshot* (ploop-specific)
  • console (need a virtual /dev/console, /dev/ttyN device)
  • enter, exec and runscript (need pidns entering support)
  • chkpnt, restore (currently need OpenVZ-kernel-specific checkpointing, CRIU will be supported later)

The following commands have severe limitations:

  • stop. A container can be stopped from inside (say if one is connected to CT over ssh) in case the underlying kernel supports rebooting a PID namespace (> 3.4). Using vzctl, the "stop" command is not supported, unless accompanied by the --fast switch, which will simply forceably kill all processes in the container.

/proc and /sys

Software that depend on information supplied by the proc filesystem may not work correctly, since there is not a full solution for full /proc virtualization. For instance, /proc/stat is not yet virtualized, and top will show distorted values.

Resource management

Setting resources like --physpages and --cpuunits work, but there their effect is dependent on what the current kernel supports, through the cgroups subsystem. When a particular cgroup file is present, it will be used. Currently, vzctl will search for the following files:

  • cpu.cfs_quota_us
  • cpu.shares
  • cpuset.cpus
  • memory.limit_in_bytes
  • memory.memsw.limit_in_bytes
  • memory.kmem.limit_in_bytes
  • memory.kmem.tcp.limit_in_bytes

Other binaries

Pretty much everything else other than vzctl is not working. That includes:

  • vzlist
  • vzcalc
  • vzcfgvalidate
  • vzcpucheck
  • vzmemcheck
  • vzmigrate
  • vzeventd
  • vzpid
  • vzsplit
  • vzubc

Building and using

Upstream support is not enabled by default. To build it into vzctl, one needs to specify the --with-cgroup switch to configure:

 $ ./configure --with-cgroup --without-ploop

plus, of course, any other relevant options. Minimum versions for depencies is:

  • iproute2 >= 3.0.0 (runtime only)
  • libcg >= 0.38

For supported features, usage is expected to be the same as standard vzctl tool.

Networking

Networking is available through the switches --netdev_add, --netif_add, and their respective deletion counterparts.

IP mode networking (--ipadd / --ipdel) is currently not supported.