What is a container (Virtual Environment, Virtual Private Server, VPS, VE)?Edit

See Container.

What are highlights of OpenVZ technology?Edit

In short, OpenVZ is the only highly scalable virtualization technology with near-zero overhead, strong isolation and rapid customer provisioning that's ready for production use right now. Deployment of OpenVZ improves efficiency, flexibility and quality of service in the enterprise environment.

Who needs OpenVZ? How it can be used?Edit

See Use cases.

What applications can run inside an OpenVZ container?Edit

Most applications can be installed to a container without any modifications. Oracle, DB/2, Weblogic, Websphere and other big applications run just fine inside an OpenVZ container. Applications and services do not have to be aware of OpenVZ. However, direct access to hardware is not available by default.

How is OpenVZ different from other technologies?Edit

See Introduction to virtualization.

How is OpenVZ secured & updated?Edit

See Security.

How scalable is OpenVZ?Edit

OpenVZ technology scales as well as standard Linux kernel — up to thousands of CPUs and terabytes of RAM. Besides, a single container could be scaled up from taking a little fraction of available resources up to all resources available dynamically — you do not even have to restart the container. For example, containers can natively use up to all available CPUs which is different from hypervisor technology which requires special tricks like co-scheduling and even the best hypervisors are inefficient with more then 4-8 vCPUs.

How does OpenVZ improve efficiency of services?Edit

For existing hardware, OpenVZ allows to utilize its processing power better by improving average load from 3-5% to at least 30-50%, while still providing ability to handle peak loads. To decrease complexity, OpenVZ provides standardized and centralized server management, logically decoupled from actual hardware. And when its time to buy new servers, you can now use few more powerful servers instead of many little ones — with added benefits of better reliability, better peak performance and typically longer lifespan.

How does OpenVZ improve flexibility of services?Edit

By providing unified scalable platform with such unique features as rapid application and updates provisioning. Each container is hardware independent and can be moved to another OpenVZ-based system in seconds over the network. This allows for ease of hardware maintenance (move out all containers and do whatever you need with the box) and improved availability (keep a synchronized copy of your container elsewhere and start it up when primary service failed). If your old box is not able to cope with peak load anymore, just move your containers to a new one.

What is the performance overhead?Edit

Near zero. There is no emulation layer, only security isolation, and all checking is done on the kernel level without context switching.

What are performance expectations?Edit

Peak performance is achieved when only one container has active tasks. In this case, it could use 100% of available resources: all CPUs, all physical memory, all disk and network bandwidth. OpenVZ is not limiting you to a single-CPU virtual machine.

I want to show my appreciation to OpenVZ and put some logo to my site. Where to get it?Edit

See Artwork.

Are there any control panels available for OpenVZ?Edit

See Control_panels. OVZ Web panel is recommended.

What kind of documentation is available?Edit

Aside from this wiki, which contains lots of information, you can check extensive manual pages.

What hardware is supported by OpenVZ kernel?Edit

See Virtuozzo HCL.

Why there are different kernel flavours available and what do they mean?Edit

See Different kernel flavors (UP, SMP, ENTERPRISE, ENTNOSPLIT).

How do I rebuild the kernel?Edit

See Kernel build.

What does 021stab018 in OpenVZ kernel version mean?Edit

See Kernel versioning.

How can I check package signatures?Edit

See Package signatures.

Is it possible to run x86 container on a x86_64 arch?Edit

Sure :) We actually did some work on that to enable migration of x86 container from x86 to x86_64 and back, and to enable using 32-bit iptables in 32bit container on an x86_64 system.

What filesystems should I choose for saving my containers?Edit

Currently, ext4 is recommended. Any filesystem which supports Unix style permissions is usable, such as Ext3 or ReiserFS. XFS works, but does not have support for disk quotas inside containers.

How do I set up VPN for a container?Edit

See VPN via the TUN/TAP device.

What is veth and how do I use it?Edit

See Virtual Ethernet device.

Why doesn't net-snmpd work on my containers?Edit

See SNMPD in container.

Can I use private IPs for my containers?Edit

See NAT.

What are those User Beancounters?Edit

See UBC.

What units are UBC parameters measured in?Edit

See UBC parameter units.

How do I set up a container which is able to get X Mb of RAM?Edit

See Setting UBC parameters.

I can not start a program in container: it reports out of memory. What do I do?Edit

See Resource_shortage.

How can I reset failcnt in /proc/user_beancounters?Edit

See UBC failcnt reset.

My kernel crashed. What should I do?Edit

See When you have an oops.

I see a lot of processes in D state. What does that mean?Edit

See Processes in D state.

My container cannot access the internet. What should I do?Edit

If you can ping the host node but receive an error similar to:

[root@test /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Host Prohibited

then likely the host node has an active firewall. Running the command

[root@host ~]# /etc/init.d/iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]

will turn it off. If that works, then you know iptables firewall needs to be configured.