Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

Leaflet

1,154 bytes removed, 15:21, 30 July 2015
updated description and removed command line
OpenVZ == What is an a project lightweight virtualization solution built on Linux. It creates multiple isolated, secure containers (an improved chroot providing a complete virtual environment) on a single physical server. Each container acts as a separate virtual machine, with its own process IDs, devices, network addresses and routing, and adjustable resource limits. OpenVZ can create hundreds of containers on a single physical server, each of which may be rebooted independently. Because OpenVZ uses a chroot-based mechanism to provide lightweight virtual machines, both the host and guest OS must be Linux (although each container may run a different Linux distribution). Using containers imposes only a 1-3% performance penalty compared to running the same processes on the host system.? ==
OpenVZ is free software; everyone can useэто проект, redistribute and modify it under the terms of the GNU General Public License.OpenVZ consists of a modified объединяющий технологии контейнерной виртуализации для Linux kernel plus user-level tools. The kernel adds a notion of containers, provides virtualization, isolation, resource management, checkpointing, and live migration.:
== Virtualization and Isolation =='''Virtuozzo kernel''' is a Linux kernel with patches implements OpenVZ kernel functionality.
Each '''Management utilities''' such as vzctl, to manage container has its own independent: life cycle.
* Files '''Checkpoint/Restore In Userspace''', or CRIU (pronounced kree- system libraries, applicationsoo, IPA: /proc and krɪʊ/sys, file locks* Processes - each container has its own PID 1 init* Users and groups - including root with its own UID 0* Networking - virtualized network devicesRussian: криу), IP addressesis a software tool for Linux operating system. Using this tool, per-container routing you can freeze a running application (or part of it) and checkpoint it to a hard drive as a collection of files. You can then use the files to restore and run the application from the point it was frozen at. The distinctive feature of the CRIU project is that it is mainly implemented in user space. Docker and iptables rules* IPC objects - shared memory, semaphores, messages* Filesystem - FIXMELXC uses CRIU to be able migrate containers between servers.
… and more – everything that makes it feel like a dedicated system'''P.Haul''' is the project on top of CRIU implementing live migration usage scenario.
== Resource Management =='''LibCT''' is a containers management library which provides convenient API for frontend programs to rule a container during its whole lifetime.
Kernel shares and limits containers' resources, so no single container can abuse system resources. The four main subsystems are:
* cgroups
* Fair CPU scheduler. Balances CPU time between containers according to the priorities assigned so no container can abuse the CPU. Can be used to provide hard CPU limits and guarantees.
* I/O scheduler. Distributes available I/O bandwidth between containers according to assigned priorities, with detailed statistics of I/O activity.
* Two-level disk quota. First level is per-container disk quota, second level is the standard UNIX per-user and per-group disk quota inside a container.
== Live Migration and Checkpointing 10 years anniversary - short history of OpenVZ project ==
OpenVZ can freezehttp:/save the complete state of a container into a dump file (a process known as checkpointing), then create a new container from this dump file. This is similar to suspend-to-disk on a notebook, the difference is OpenVZ only checkpoints a single container, not the whole system.The container can also be restored on a different physical server, allowing live migration which doesn't interrupt existing user sessions/openvz. org/History
== User-level Tools ==1999
'''prlctl''' is a high-level command line tool to control Nov 1999: SWsoft chief scientist formulated three main components of Linux containers and virtual machines. It can create, start, stop, delete: set of processes with namespace isolation, file system to share code/ram and set various parameters, such as IP addresses, CPU limits, disk quotas..isolation in resources.Typical prlctl commands:
# prlctl create 101 --ostemplate centos-7-x86_64 --vmtype=ct # prlctl set 101 --name virtuozzo # prlctl set virtuozzo --ipadd 10.10.2.2 # prlctl set 101 --userpasswd root:XXXXXX # prlctl set virtuozzo --diskspace 20G # prlctl start virtuozzo # prlctl exec virtuozzo ps ax # prlctl enter virtuozzo # prlctl backup virtuozzo # prlctl list -a # prlctl stop virtuozzo # prlctl delete virtuozzo2000
'''prlsrvctl''' - utility for managing Feb 2000: 5 people started working on the first mockup version of Virtuozzo(namespaces, isolation, vzfs).Jul 2000: limited public beta testing: two public servers (Virtuozzo 0.1 and control panels), 5000 VEs during summer
Typical prlsrvctl commands: # prlsrvctl info # prlsrvctl net list # prlsrvctl problem-report –send2002
'''pmigrate''' utility allows you to migrate physical servers to virtual machines and containers on Jan 2002: SWsoft (now known as Odin) initially released a node running product for Linux named Virtuozzo. For example, to move a physical server to the virtual machine, you can execute the following command: # pmigrate h 192.168.1.130 v localhost/VM
'''pstat''' - top-like utility for gathering statistics.2005
== Templates == 2005: SWsoft created the OpenVZ Project to release the core of Virtuozzo under GNU GPL.2005: SWsoft acquired a hosting/development company "Express" with their own containers for FreeBSD (it was later dropped due to small number of clients).
Templates are container images of various 2006 Jan 2006: Rebase to kernel 2.6.15Oct 2006: Port to SPARC and PPCNov 2006: Port to 2.6.18 kernelNov 2006: OpenVZ adds live migration capability 2007 Mar 2007: Port to RHEL5 kernelMar 2007: Port to 2.6.20 kernel 2008 Apr 2008: Rebase to kernel 2.6.25Oct 2008: Port to ARM 2009 Aug 2009: Parallels company is in Top 10 Linux distributions used kernel contributors with their patches for rapid container deploymentLinux containers. You can use Our contributions to the kernel at that time was PID, IPC, and network namespaces, with the last one being the biggest. 2011 Jul 2011: Pavel Emelyanov sent initial RFC and code. The idea of CRIU of course came up earlier when we figured we (or modify existing templatesanyone else, or build your own for that suits your particular needsmatter) can't possibly merge in-kernel checkpoint/restore.Re-implementing it in userspace looked crazy for everyone including me, and Andrew Morton's and Linus Torvalds' initial reaction was similar ("some crazy russians").Sep 2011: Cyrill Gorcunov made first commit to CRIU project 2012 It Jul 2012: CRIU v0.1 is easy to create your own template available.Oct 2012: vzctl for upstream Linux kernel is available 2014 Dec 2014: Parallels announced merging OpenVZ by installing a consistent set and Parallels Cloud Server into single common open source codebase. 2015 Apr 2015: Source code of packages that forms the base of operating system userlandRHEL7-based kernel was published and kernel development process become open. This can be done with the help Jun 2015: Source code of most userspace utilities such as was published.Jul 2015: Published regularly updated yum or debootstrap, depending on the distributionrepository with Virtuozzo RPM packages and installation ISO image.Precreated templates are available forJul 2015:Announced Virtuozzo 7 Technical Preview - Containers
* CentOS
* Debian
* Ubuntu
* etc.
== Frequently Asked Questions ==
OpenVZ wiki is your friend. See http://wiki.openvz.org/
 
== Use cases ==
=== Development and Testing ===
* Different distros can co-exist * A container can be created in a minute* Can have hundreds of containers * Cloning, snapshots, rollbacks * A container is a sandbox: work/play, no fear
=== Security ===
* No need for a lot of hardware
== Recently added features ==
* Rebased on RHEL 7 kernel* vcmmd – Virtuozzo containers memory management daemon* Containers CPU binding (cpumask)* PCI device delegation* NFS mount migration* Journaled per-container quota* ext4 safe writeback modeStay tuned: https://twitter.com/_openvz_