1. Manuals
  2. Brands
  3. SWsoft Manuals
  4. Software
  5. SWsoft OpenVZ
  6. User manual

SWsoft OpenVZ User Manual

Version 2.7.0-8
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
SWsoft, Inc.
OpenVZ
User's Guide
Version 2.7.0-8
© 2005

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SWsoft OpenVZ and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Summary of Contents for SWsoft SWsoft OpenVZ

  • Page 1 SWsoft, Inc. OpenVZ User's Guide Version 2.7.0-8 © 2005...
  • Page 2 Linux is a registered trademark of Linus Torvalds. OpenVZ and Virtuozzo are trademarks of SWsoft, Inc. Red Hat is a registered trademark of Red Hat Software, Inc. UNIX is a registered trademark of The Open Group.

  • Page 3: Table Of Contents

    Contents Preface About This Guide ............................7 Who Should Read This Guide ........................7 Organization of This Guide ..........................8 Documentation Conventions.........................8 Typographical Conventions.......................9 Shell Prompts in Command Examples ....................9 General Conventions ........................10 Feedback..............................10 OpenVZ Philosophy About OpenVZ Software ..........................11 What is OpenVZ..........................11 OpenVZ Applications........................12 Distinctive Features of OpenVZ .........................12 OS Virtualization..........................13...
  • Page 4 Contents Configuring Virtual Private Server....................34 Starting, Stopping, Restarting, and Querying Status of Virtual Private Server ..........37 Listing Virtual Private Servers........................39 Deleting Virtual Private Server........................40 Running Commands in Virtual Private Server ...................41 Managing Templates Template Lifecycle .............................42 Listing Templates ............................44 Working with VPS............................45 Managing Resources What are Resource Control Parameters? ....................46 Managing Disk Quotas ..........................47...
  • Page 5 Contents Reference Configuring OpenVZ..........................81 Matrix of OpenVZ Configuration Files ...................81 Managing OpenVZ Scripts......................87 OpenVZ Command Line Interface ......................91 Matrix of OpenVZ Command Line Utilities ...................91 vzctl ..............................92 vzlist ..............................100 vzquota ............................104 Template Management Utilities ....................110 Supplementary Tools........................112 Glossary Index...
  • Page 6 Table of Figures Figure 1: OpenVZ Technology ....................15 Figure 2: Fedora Core Installation - Choosing System Type..........23 Figure 3: Fedora Core Installation - Choosing Manual Partitioning........24 Figure 4: Fedora Core Installation - Disk Druid..............25 Figure 5: Fedora Core Installation - Disabling Firewall and SELinux.........26 Figure 6: Sequence of Executing Action Scripts ..............89...

  • Page 7: Preface

    H A P T E R Preface In This Chapter About This Guide........................7 Who Should Read This Guide....................7 Organization of This Guide....................8 Documentation Conventions....................8 Feedback ..........................10 About This Guide This guide is meant to provide comprehensive information on OpenVZ– high-end server virtualization software for Linux-based computers.

  • Page 8: Organization Of This Guide

    Preface Organization of This Guide Chapter 2, OpenVZ Philosophy, is a must-read chapter that helps you grasp the general principles of OpenVZ operation. It provides an outline of OpenVZ architecture, of the way OpenVZ stores and uses configuration information, of the things you as administrator are supposed to perform, and the common way to perform them.

  • Page 9: Typographical Conventions

    Preface Typographical Conventions The following kinds of formatting in the text identify special information. Formatting Type of Information Example convention Special Bold Go to the QoS tab. Items you must select, such as menu options, command buttons, or items in a list.

  • Page 10: General Conventions

    Preface General Conventions Be aware of the following conventions used in this book. Chapters in this guide are divided into sections, which, in turn, are subdivided into subsections. For example, Documentation Conventions is a section, and General Conventions is a subsection. When following steps or using examples, be sure to type double-quotes ("), left single- quotes (`), and right single-quotes (') exactly as shown.

  • Page 11: Openvz Philosophy

    H A P T E R OpenVZ Philosophy In This Chapter About OpenVZ Software ...................... 11 Distinctive Features of OpenVZ ................... 12 Main Principles of OpenVZ Operation ................. 15 Hardware Node Availability Considerations ................ 19 About OpenVZ Software What is OpenVZ OpenVZ is a complete server automation and virtualization solution developed by SWsoft.

  • Page 12: Openvz Applications

    OpenVZ Philosophy OpenVZ Applications OpenVZ provides a comprehensive solution for Hosting Service Providers allowing them to: Have hundreds of customers with their individual full-featured virtual private servers (Virtual Private Servers) sharing a single physical server; Provide each customer with a guaranteed Quality of Service; Transparently move customers and their environments between servers, without any manual reconfiguration.

  • Page 13: Os Virtualization

    OpenVZ Philosophy OS Virtualization From the point of view of applications and Virtual Private Server users, each VPS is an independent system. This independency is provided by a virtualization layer in the kernel of the host OS. Note that only an infinitesimal part of the CPU resources is spent on virtualization (around 1-2%).

  • Page 14: Resource Management

    OpenVZ Philosophy Resource Management OpenVZ Resource Management controls the amount of resources available to Virtual Private Servers. The controlled resources include such parameters as CPU power, disk space, a set of memory-related parameters. Resource management allows OpenVZ to: Effectively share available Hardware Node resources among VPSs; Guarantee Quality-of-Service (QoS) in accordance with a service level agreement (SLA);...

  • Page 15: Main Principles Of Openvz Operation

    OpenVZ Philosophy Main Principles of OpenVZ Operation Basics of OpenVZ Technology In this section we will try to let you form a more or less precise idea of the way the OpenVZ software operates on your computer. Please see the figure below: root user root...
  • Page 16 OpenVZ Philosophy OpenVZ is installed in such a way that you will be able to boot your computer either with OpenVZ support or without it. This support is presented as “OpenVZ” in your boot loader and shown as OpenVZ Layer in the figure above. However, at this point you are not yet able to create Virtual Private Servers.

  • Page 17: Understanding Templates

    OpenVZ Philosophy Understanding Templates A template is a VPS building block. An OS template is a set of packages needed to operate a VPS. Templates are usually created right on your Hardware Node; all you need is template tools (vzpkg) and template metadata. Template metadata Template metadata are information about a particular OS template.

  • Page 18: Understanding Licenses

    OpenVZ Philosophy Understanding Licenses The OpenVZ software consists of the OpenVZ kernel and user-level tools, which are licensed by means of two different open source licenses. The OpenVZ kernel is based on the Linux kernel, distributed under the GPL terms, and is licensed under GNU version license...

  • Page 19: Hardware Node Availability Considerations

    OpenVZ Philosophy Hardware Node Availability Considerations Hardware Node availability is more critical than the availability of a typical PC server. Since it runs multiple Virtual Private Servers providing a number of critical services, Hardware Node outage might be very costly. Hardware Node outage can be as disastrous as the simultaneous outage of a number of servers running critical services.

  • Page 20: Installation And Preliminary Operations

    H A P T E R Installation and Preliminary Operations The current chapter provides exhaustive information on the process of installing and deploying your OpenVZ system including the pre-requisites and the stages you shall pass. In This Chapter Installation Requirements...................... 20 Installing and Configuring Host Operating System on Hardware Node.......

  • Page 21: Software Compatibility

    Installation and Preliminary Operations Hardware Compatibility The Hardware Node requirements for the standard 32-bit edition of OpenVZ are the following: IBM PC-compatible computer; Intel Celeron, Pentium II, Pentium III, Pentium 4, Xeon, or AMD Athlon CPU; At least 128 MB of RAM; Hard drive(s) with at least 4 GB of free disk space;...

  • Page 22: Network Requirements

    Installation and Preliminary Operations Network Requirements The network pre-requisites enlisted in this subsection will help you avoid delays and problems with making OpenVZ for Linux up and running. You should take care in advance of the following: Local Area Network (LAN) for the Hardware Node; Internet connection for the Hardware Node;...

  • Page 23: Installing And Configuring Host Operating System On Hardware Node

    Installation and Preliminary Operations Installing and Configuring Host Operating System on Hardware Node This section explains how to install Fedora Core 4 on the Hardware Node and how to configure it for OpenVZ. If you are using another distribution, please consult the corresponding installation guides about the installation specifics.

  • Page 24: Disk Partitioning

    Installation and Preliminary Operations Disk Partitioning On the Disk Partitioning Setup screen, select Manual partition with Disk Druid. Do not choose automatic partitioning since this type of partitioning will create a disk layout intended for systems running multiple services. In case of OpenVZ, all your services shall run inside Virtual Private Servers.

  • Page 25: Figure 4: Fedora Core Installation - Disk Druid

    Installation and Preliminary Operations It is suggested to use the ext3 file system for the /vz partition. This partition is used for holding all data of the Virtual Private Servers existing on the Hardware Node. Allocate as much disk space as possible to this partition. It is not recommended to use the reiserfs file system as it is proved to be less stable than the ext3, and stability is of paramount importance for OpenVZ-based computers.

  • Page 26: Finishing Os Installation

    Installation and Preliminary Operations Finishing OS Installation After the proper partitioning of your hard drive(s), proceed in accordance with your OS Installation Guide. While on the Network Configuration screen, you should ensure the correctness of the Hardware Node’s IP address, host name, DNS, and default gateway information. If you are using DHCP, make sure that it is properly configured.

  • Page 27: Installing Openvz Software

    Installation and Preliminary Operations Installing OpenVZ Software Downloading and Installing OpenVZ Kernel First all, should download kernel binary from http://openvz.org/download/kernel/. You need only one kernel RPM, so please choose the appropriate kernel binary depending on your hardware: If there is more than one CPU available on your Hardware Node (or a CPU with hyperthreading), select the vzkernel-smp RPM.
  • Page 28 Installation and Preliminary Operations # On Hardware Node we generally need # packet forwarding enabled and proxy arp disabled net.ipv4.ip_forward = 1 net.ipv4.conf.default.proxy_arp = 0 # Enables source route verification net.ipv4.conf.all.rp_filter = 1 # Enables the magic-sysrq key kernel.sysrq = 1 # TCP Explict Congestion Notification #net.ipv4.tcp_ecn = 0 # we do not want all our interfaces to send redirects...

  • Page 29: Downloading And Installing Openvz Packages

    Installation and Preliminary Operations Downloading and Installing OpenVZ Packages After you have successfully installed and booted the OpenVZ kernel, you can proceed with installing the user-level tools for OpenVZ. You should install the following OpenVZ packages: vzctl: this package is used to perform different tasks on the OpenVZ Virtual Private Servers (create, destroy, start, stop, set parameters etc.).
  • Page 30 Installation and Preliminary Operations You can also use one of the already pre-cached OS templates available at http://openvz.org/download/template/cache/ for the VPS creation. To this effect, you should download the corresponding OS template and place it to the /vz/template/cache directory on the Node.

  • Page 31: Operations On Virtual Private Servers

    H A P T E R Operations on Virtual Private Servers This chapter describes how to perform day-to-day operations on separate Virtual Private Servers taken in their wholeness. Note: We assume that you have successfully installed, configured, and deployed your OpenVZ system.

  • Page 32: Choosing Virtual Private Server Id

    Operations on Virtual Private Servers Choosing Virtual Private Server ID Every Virtual Private Server has a numeric ID, also known as VPS ID, associated with it. The ID is a 32-bit integer number beginning with zero and unique for a given Hardware Node. When choosing an ID for your Virtual Private Server, please follow the simple guidelines below: ID 0 is used for the Hardware Node itself.

  • Page 33: Choosing Os Template

    Operations on Virtual Private Servers Choosing OS Template Next, you shall decide on which OS template you want to base the new VPS. There might be several OS templates installed on the Hardware Node; use the vzpkgls command to find out the templates installed on your system: # vzpkgls fedora-core-3...

  • Page 34: Configuring Virtual Private Server

    Operations on Virtual Private Servers In principle, now you are ready to start your newly created Virtual Private Server. However, typically you need to set its network IP address, host name, DNS server address and root password before starting the Virtual Private Server for the first time. Please see the next subsection for information on how to perform these tasks.

  • Page 35: Setting Network Parameters

    Operations on Virtual Private Servers Setting Network Parameters In order to be accessible from the network, a Virtual Private Server shall be assigned a correct IP address and host name; DNS server addresses shall also be configured. The session below illustrates setting the Virtual Private Server 101 network parameters: # vzctl set 101 --hostname test101.my.org --save Hostname for VPS set: test101.my.org...

  • Page 36: Setting Root Password For Vps

    Operations on Virtual Private Servers Setting root Password for VPS By default, the root account is locked in a newly created VPS, and you cannot log in. In order to log in to the VPS, it is necessary to create a user account inside the Virtual Private Server and set a password for this account or unlock the root account.

  • Page 37: Starting, Stopping, Restarting, And Querying Status Of Virtual Private Server

    Operations on Virtual Private Servers Starting, Stopping, Restarting, and Querying Status of Virtual Private Server When a Virtual Private Server is created, it may be started up and shut down like an ordinary computer. To start Virtual Private Server 101, use the following command: # vzctl start 101 Starting VPS ...
  • Page 38 Operations on Virtual Private Servers vzctl has a two-minute timeout for the VPS shutdown scripts to be executed. If the VPS is not stopped in two minutes, the system forcibly kills all the processes in the Virtual Private Server. The Virtual Private Server will be stopped in any case, even if it is seriously damaged. To avoid waiting for two minutes in case of a Virtual Private Server that is known to be corrupt, you may use the --fast switch: # vzctl stop 101 --fast...

  • Page 39: Listing Virtual Private Servers

    Operations on Virtual Private Servers Listing Virtual Private Servers Very often you may want to get an overview of the Virtual Private Servers existing on the given Hardware Node and to get additional information about them - their IP addresses, hostnames, current resource consumption, etc.

  • Page 40: Deleting Virtual Private Server

    Operations on Virtual Private Servers Deleting Virtual Private Server You can delete a Virtual Private Server that is not needed anymore with the vzctl destroy VPS_ID command. This command removes the Virtual Private Server private area completely and renames the VPS configuration file and action scripts by appending the .destroyed suffix to them.

  • Page 41: Running Commands In Virtual Private Server

    Operations on Virtual Private Servers Running Commands in Virtual Private Server Usually, a Virtual Private Server administrator logs in to the VPS via network and executes any commands in the VPS as on any other Linux box. However, you might need to execute commands inside Virtual Private Servers bypassing the normal login sequence.

  • Page 42: Managing Templates

    H A P T E R Managing Templates A template is basically a set of packages from some Linux distribution used to populate a VPS. An OS template consists of system programs, libraries, and scripts needed to boot up and run the system (VPS), as well as some very basic applications and utilities.
  • Page 43 Managing Templates List of packages this template comprises Locations of (network) package repositories Scripts needed to be executed on various stages of template installation Public GPG key(s) needed to check signatures of packages Additional OpenVZ-specific packages In order to operate with a template, you should first create its metadata (available from http://openvz.org/download/template/metadata/).

  • Page 44: Listing Templates

    Managing Templates Listing Templates The vzpkgls utility allows you to list the templates installed on the Hardware Node. They may be already used or not used by certain VPSs: # vzpkgls fedora-core-4 centos-4 As you see, the fedora-core-4 and centos 4 templates are available on the Hardware Node.

  • Page 45: Working With Vps

    Managing Templates Working with VPS If you need to update an already existing VPS with the newer packages available from distribution repositories or install some packages that are not part of the template, use the vzyum command, which is a simple yum wrapper. For example, to update the VPS with ID 123, run: # vzyum 123 update This will find, download, and install all the available updates.

  • Page 46: Managing Resources

    H A P T E R Managing Resources The main goal of resource control in OpenVZ is to provide Service Level Management or Quality of Service (QoS) for Virtual Private Servers. Correctly configured resource control settings prevent serious impacts resulting from the resource over-usage (accidental or malicious) of any Virtual Private Server on the other Virtual Private Servers.

  • Page 47: Managing Disk Quotas

    Managing Resources System This group of parameters defines avnumproc, numproc, Managing numtcpsock, various aspects of using system System numothersock, memory, TCP sockets, IP packets and Parameters vmguarpages, kmemsize, like parameters by different VPSs. tcpsndbuf, tcprcvbuf, othersockbuf, dgramrcvbuf, oomguarpages, lockedpages, shmpages, privvmpages, physpages, numfile,...

  • Page 48: What Are Disk Quotas

    Managing Resources What are Disk Quotas? Disk quotas enable system administrators to control the size of Linux file systems by limiting the amount of disk space and the number of inodes a Virtual Private Server can use. These quotas are known as per-VPS quotas or first-level quotas in OpenVZ. In addition, OpenVZ enables the Virtual Private Sever administrator to limit disk space and the number of inodes that individual users and groups in that VPS can use.

  • Page 49: Turning On And Off Per-Vps Disk Quotas

    Managing Resources Turning On and Off Per-VPS Disk Quotas The parameter that defines whether to use first-level disk quotas is DISK_QUOTA in the OpenVZ global configuration file (/etc/sysconfig/vz). By setting it to “no”, you will disable OpenVZ quotas completely. This parameter can be specified in the Virtual Private Server configuration file (/etc/sysconfig/vz-scripts/vpsid.conf) as well.

  • Page 50: Setting Up Per-Vps Disk Quota Parameters

    Managing Resources Setting Up Per-VPS Disk Quota Parameters Three parameters determine how much disk space and inodes a Virtual Private Server can use. These parameters are specified in the Virtual Private Server configuration file: DISKSPACE Total size of disk space that can be consumed by the Virtual Private Server in 1- Kb blocks.

  • Page 51: Turning On And Off Second-Level Quotas For Virtual Private Server

    Managing Resources Turning On and Off Second-Level Quotas for Virtual Private Server The parameter that controls the second-level disk quotas is QUOTAUGIDLIMIT in the VPS configuration file. By default, the value of this parameter is zero and this corresponds to disabled per-user/group quotas.

  • Page 52: Setting Up Second-Level Disk Quota Parameters

    Managing Resources Setting Up Second-Level Disk Quota Parameters In order to work with disk quotas inside a VPS, you should have standard quota tools installed: # vzctl exec 101 rpm -q quota quota-3.12-5 This command shows that the quota package is installed into the Virtual Private Server. Use the utilities from this package (as is prescribed in your Linux manual) to set OpenVZ second- level quotas for the given VPS.

  • Page 53: Checking Quota Status

    Managing Resources Checking Quota Status As the Hardware Node system administrator, you can check the quota status for any Virtual Private Server with the vzquota stat and vzquota show commands. The first command reports the status from the kernel and shall be used for running Virtual Private Servers. The second command reports...
  • Page 54 Managing Resources cpuunits This is a positive integer number that determines the minimal guaranteed share of the CPU time the corresponding Virtual Private Server will receive. cpulimit This is a positive number indicating the CPU time in per cent the corresponding VPS is not allowed to exceed.

  • Page 55: Managing System Parameters

    Managing Resources Managing System Parameters The resources a Virtual Private Server may allocate are defined by the system resource control parameters. These parameters can be subdivided into the following categories: primary, secondary, and auxiliary parameters. The primary parameters are the start point for creating a Virtual Private Server configuration from scratch.
  • Page 56 Managing Resources tcprcvbuf The total size of receive buffers for TCP sockets, i.e. the amount of kernel memory allocated for the data received from the remote side, but not read by the local application yet. othersockbuf The total size of UNIX-domain socket buffers, UDP, and other datagram protocol send buffers.

  • Page 57: Monitoring System Resources Consumption

    Managing Resources Monitoring System Resources Consumption It is possible to check the system resource control parameters statistics from within a Virtual Private Server. The primary use of these statistics is to understand what particular resource has limits preventing an application to start. Moreover, these statistics report the current and maximal resources consumption for the running Virtual Private Server.
  • Page 58 Managing Resources # for res in tcpsendbuf tcprcvbuf unixsockbuf sockrcvbuf kmemsize; \ do echo;echo "$res usage for all VEs, in MB:";cat \ /proc/user_beancounters |grep $res|sed "s/[[:digit:]]\+://g" \ |awk 'BEGIN{ cur=max=lim=0; } { cur+=$2; max+=$3;lim+=$5 } \ END {print "held:",cur/1024/1024, "max:", max/1024/1024, \ "limit:", lim/1024/1024}';...

  • Page 59: Monitoring Memory Consumption

    Managing Resources Monitoring Memory Consumption You can monitor a number of memory parameters for the whole Hardware Node and for particular Virtual Private Servers with the help of the vzmemcheck utility. For example: # vzmemcheck -v Output values in % veid LowMem LowMem...

  • Page 60: Managing Vps Resources Configuration

    Managing Resources The union of RAM and swap space is the main computer resource determining the amount of memory available to applications. If the total size of memory used by applications exceeds the RAM size, the Linux kernel moves some data to swap and loads it back when the application needs it.

  • Page 61: Splitting Hardware Node Into Equal Pieces

    Managing Resources 2 Using OpenVZ specialized utilities for preparing configuration files in their entirety. The tasks these utilities perform are described in the following subsections of this section. 3 The direct creating editing corresponding configuration file (/etc/sysconfig/vz-scripts/VPS_ID.conf). This can be performed either with the help of any text editor.

  • Page 62: Validating Virtual Private Server Configuration

    Managing Resources Validating Virtual Private Server Configuration The system resource control parameters have complex interdependencies. Violation of these interdependencies can be catastrophic for the Virtual Private Server. In order to ensure that a Virtual Private Server does not break them, it is important to validate the VPS configuration file before creating VPSs on its basis.

  • Page 63: Advanced Tasks

    H A P T E R Advanced Tasks In This Chapter Determining VPS ID by Process ID..................64 Changing System Time from VPS ..................64 Obtaining Hardware Node ID from Inside Virtual Private Server........65 Accessing Devices from Inside Virtual Private Server ............66 Moving Network Adapter to Virtual Private Server .............

  • Page 64: Determining Vps Id By Process Id

    Advanced Tasks Determining VPS ID by Process ID Each process is identified by a unique PID (process identifier), which is the entry of that process in the kernel's process table. For example, when you start Apache, it is assigned a process ID. This PID is then used to monitor and control this program.The PID is always a positive integer.

  • Page 65: Obtaining Hardware Node Id From Inside Virtual Private Server

    Advanced Tasks root@vps101's password: Last login: Mon Oct 28 23:25:58 2002 from 10.100.40.18 [root@vps101 root]# date Mon Oct 28 23:31:57 EST 2002 [root@vps101 root]# date 10291300 Tue Oct 29 13:00:00 EST 2002 [root@vps101 root]# date Tue Oct 29 13:00:02 EST 2002 [root@vps101 root]# logout Connection to ve101 closed.

  • Page 66: Accessing Devices From Inside Virtual Private Server

    Advanced Tasks Accessing Devices from Inside Virtual Private Server It is possible to grant a Virtual Private Server read, write, or read/write access to a character or block device. This might be necessary, for example, for Oracle database software if you want to employ its ability to work with raw disk partitions.
  • Page 67 Advanced Tasks primary partition (1-4) Partition number (1-4): 2 First cylinder (256-2231, default 256): Using default value 256 Last cylinder or +size or +sizeM or +sizeK \ (256-2231, default 2231): +100M Command (m for help): p Disk /dev/sdb: 255 heads, 63 sectors, 2231 cylinders Units = cylinders of 16065 * 512 bytes Device Boot Start...

  • Page 68: Moving Network Adapter To Virtual Private Server

    Advanced Tasks Moving Network Adapter to Virtual Private Server By default, all the VPSs on a Node are connected among themselves and with the Node by means of a virtual network adapter called venet0. Still, there is a possibility for a VPS to directly access a physical network adapter (for example, eth1).

  • Page 69: Enabling Vpn For Vps

    Advanced Tasks Enabling VPN for VPS Virtual Private Network (VPN) is a technology which allows you to establish a secure network connection even over an insecure public network. Setting up a VPN for a separate VPS is possible via the TUN/TAP device. To allow a particular VPS to use this device, the following steps are required: Make sure the tun module is already loaded before OpenVZ is started: # lsmod | grep tun...

  • Page 70: Loading Iptables Modules To Hardware Node

    Advanced Tasks Loading iptables Modules to Hardware Node To have certain iptables modules loaded on the Hardware Node startup, you should provide their names value parameter IPTABLES_MODULES /etc/sysconfig/iptables-config file. The default value of this parameter is the following: IPTABLES_MODULES="ip_tables ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"...

  • Page 71: Rebooting Virtual Private Server

    Advanced Tasks Rebooting Virtual Private Server When you issue the reboot command at your Linux box console, the command makes the reboot system call with argument ‘restart’, which is passed to the computer BIOS. The Linux kernel then reboots the computer. For obvious reasons this system call is blocked inside Virtual Private Servers: no Virtual Private Server can access BIOS directly;...

  • Page 72: Troubleshooting

    H A P T E R Troubleshooting This chapter provides the information about those problems that may occur during your work with OpenVZ and suggests the ways to solve them. In This Chapter General Considerations ......................73 Kernel Troubleshooting ......................75 Problems With VPS Management ..................

  • Page 73: General Considerations

    Troubleshooting General Considerations The general issues to take into consideration when troubleshooting your OpenVZ system are listed below. You should read them carefully before trying to solve more specific problems. You should always remember where you are located now in your terminal. Check it periodically using the pwd, hostname, ifconfig, cat /proc/vz/veinfo commands.
  • Page 74 Troubleshooting Nmap run completed -- 1 IP address (1 host up) scanned in 169 seconds to check if any ports are open that should normally be closed. That could however be a problem to remove a rootkit from a VPS and make sure it is 100% removed.

  • Page 75: Kernel Troubleshooting

    Troubleshooting Kernel Troubleshooting Using ALT+SYSRQ Keyboard Sequences Press ALT+SYSRQ+H (3 keys simultaneously) and check what's printed at the HN console, for example: SysRq : HELP : loglevel0-8 reBoot tErm Full kIll saK showMem Nice powerOff showPc unRaw Sync showTasks Unmount This output shows you what ALT+SYSRQ sequences you may use for performing this or that command.

  • Page 76: Saving Kernel Fault (Oops)

    Troubleshooting Saving Kernel Fault (OOPS) You can use the following command to check for the kernel messages that should be decoded and reported to OpenVZ developers: grep -E "Call Trace|Code" /var/log/messages* Then you should find these lines in the correspondent log file and figure out what kernel was booted when the oops occurred.

  • Page 77: Finding Kernel Function That Caused D Process State

    Troubleshooting Finding Kernel Function That Caused D Process State If there are too many processes in the D state and you can't find out what is happening, issue the following command: # objdump -Dr /boot/vmlinux-`uname -r` >/tmp/kernel.dump and then get the process list: # ps axfwln F UID PPID PRI NI...

  • Page 78: Failure To Start Vps

    Troubleshooting Failure to Start VPS An attempt to start a Virtual Private Server fails. Solution 1 If there is a message on the system console: parameters missing, and the list of missed parameters follows the message, set these parameters using the vzctl set --save command (see Configuring Virtual Private Server on page 34 for instructions).

  • Page 79: Failure To Log In To Vps

    Troubleshooting Solution 2 Make sure the routing to the Virtual Private Server is properly configured. Virtual Private Servers can use the default router for your network, or you may configure the Hardware Node as rooter for its VPSs. Failure to Log In to VPS The Virtual Private Server starts successfully, but you cannot log in.

  • Page 80: Reference

    H A P T E R Reference In order to make OpenVZ successfully accomplish its tasks you need to understand how to configure OpenVZ correctly. This section explains what configuration parameters OpenVZ has and how they affect its behavior. In This Chapter Configuring OpenVZ ......................

  • Page 81: Configuring Openvz

    Configuring OpenVZ In order to make OpenVZ successfully accomplish its tasks you need to understand how to configure OpenVZ correctly. This chapter explains what configuration parameters OpenVZ has and how they affect its behavior. Matrix of OpenVZ Configuration Files There are a number of files responsible for the OpenVZ system configuration. These files are located in the /etc directory on the Hardware Node;...

  • Page 82: Global Openvz Configuration File

    Global parameters Parameter Description Default value VIRTUOZZO This can be either “yes” or “no”. OpenVZ System V startup script checks this parameter. If set to “no”, then OpenVZ modules are not loaded. You might set it to “no” if you want to perform system maintenance and do not want to bring up all VPSs on the Hardware Node.
  • Page 83 Reference Disk quota parameters allow you to control the disk usage by the Virtual Private Servers: Parameter Description Default value DISK_QUOTA DISK_QUOTA defines whether to turn on disk quota for Virtual Private Servers. If set to “no” then disk space and inodes accounting will be disabled.

  • Page 84: Vps Configuration File

    Reference Supplementary parameters define other OpenVZ settings: Parameter Description Default value VZWDOG Defines whether the vzwdog module is loaded on OpenVZ startup. This module is responsible for catching messages from the kernel. It is needed in case you configure the serial Monitor Node for OpenVZ.
  • Page 85 Reference Resource management parameters control the amount of resources a VPS can consume. They are described in the Managing Resources chapter in detail; here is only a list of parameters allowed in VPS configuration file. All resource management parameters can be subdivided into the general, disk, and system categories for your convenience.
  • Page 86 Reference AVNUMPROC Number of processes expected to run in the Virtual 0…NUMPROC Private Server on average. This is informational parameter used by utilities like vzcfgvalidate in order to ensure configuration correctness. NUMTCPSOCK 40…500 Number of TCP sockets (PF_INET family, SOCK_STREAM type). This parameter limits the number of TCP connections and, thus, the number of clients the server application can handle in parallel.

  • Page 87: Managing Openvz Scripts

    Reference NUMFILE Number of files opened by all VPS processes. 512…8192 NUMFLOCK Number of file locks created by all VPS processes. 50…200 – 60…220 NUMPTY 4…64 Number of pseudo-terminals. For example, ssh session, screen, xterm application consumes pseudo-terminal resource. NUMSIGINFO 256…512 Number of siginfo structures (essentially this parameter limits size of signal delivery queue).

  • Page 88: Openvz Action Scripts

    Reference Overview Along with OpenVZ configuration files responsible for the OpenVZ system configuration, there are a number of OpenVZ scripts allowing you to customize the VPS behaviour in different ways. These are the following scripts: Script Name Description /etc/sysconfig/vz- VPS private action scripts. These scripts allow to run user- scripts/VPS_ID.action defined actions on particular events.

  • Page 89: Figure 6: Sequence Of Executing Action Scripts

    Reference The normal order of executing action scripts is shown in the figure below. The mount and umount scripts run in the context of the Host OS rather than in the Virtual Private Server. vzctl mounts vzctl dismounts private area private area Execution of global Execution of global...
  • Page 90 Reference Action scripts are located in the same directory as VPS configuration files and have names like vpsid.action. The global scripts are named vps.mount and vps.umount, and the other scripts have the corresponding VPS ID as part of their name. As the names of the global scripts are fixed, they are called when any VPS is started or stopped.

  • Page 91: Openvz Command Line Interface

    OpenVZ Command Line Interface OpenVZ is shipped with a number of command line tools. This chapter documents the utilities, which are supported in OpenVZ. For every utility, all available command-line options and switches are described. Matrix of OpenVZ Command Line Utilities The table below contains the full list of OpenVZ command-line utilities.

  • Page 92: Vzctl

    Reference vzctl vzctl is the primary tool for Virtual Private Server management. To use it, you have to log in to the Hardware Node as the root user. The syntax of vzctl is: vzctl [verbosity-options] command vpsid [command-specific-options] Where command can be one of the following: create Used to create Virtual Private Servers and base for Shared Virtual Private Servers destroy...

  • Page 93: Vzctl Create

    Reference vzctl create This command is used to create a new Virtual Private Server. It has the following syntax: vzctl create vpsid [--ostemplate name] [--config name] [--private path] [--root path] With this command, you can create Virtual Private Servers. Virtual Private Server ID vpsid is required for this command and shall be unique for the Hardware Node.

  • Page 94: Vzctl Destroy

    Reference vzctl destroy The syntax of this command is: vzctl destroy vpsid This command is used to delete a Virtual Private Server, which is no longer needed. It physically removes all the files located in VPS private area (specified as VE_PRIVATE variable configuration file) renames...

  • Page 95: Vzctl Mount And Vzctl Umount

    Reference You should use action scripts (mount/umount and start/stop) if you would like to carry out some actions upon VPS startup/shutdown. The vzctl restart vpsid command consecutively performs the stopping and starting of the corresponding VPS. The vzctl status vpsid command shows current VPS state. It outputs the following information: whether the VPS private area exists, whether it is mounted and whether the VPS is running as in the example below: # vzctl status 101...
  • Page 96 Reference --noatime yes|no Sets the noatime flag (do not update inode access times) on the VPS file system. The default is yes for a Class 1 VPS, and no otherwise. --devnodes device:r|w|rw|none Lets the VPS access the specified devices in the specified mode - read-only, write-only, or read-write - or denies any access.
  • Page 97 Reference Resource management settings control the amount of resources a VPS can consume. If the setting has bar:lim after it than this setting requires specifying both barrier and limit values separated by colons. --applyconfig name This option lets you set the resource parameters for the VPS not one by one, but by reading them from the VPS sample configuration...
  • Page 98 Reference --othersockbuf bar:lim Total size in bytes of UNIX-domain socket buffers, UDP and other datagram protocol send buffers. --dgramrcvbuf bar:lim Total size in bytes of receive buffers of UDP and other datagram protocols. --oomguarpages bar:lim Out-of-memory guarantee, in 4 Kb pages. Any VPS process will not be killed even in case of heavy memory shortage if the current memory consumption (including both physical memory and swap) does not reach the...
  • Page 99 Reference --diskspace bar:lim Total size of disk space consumed by VPS, in 1 Kb blocks. When the space used by a Virtual Private Server hits the barrier, the VPS can allocate additional disk space up to the limit during grace period specified by the --quotatime setting.

  • Page 100: Vzlist

    Reference vzctl exec, vzctl exec2, and vzctl enter These commands are used to run arbitrary commands inside a Virtual Private Server being authenticated as root on the Hardware Node. The syntax of these commands is as follows: vzctl exec|exec2 vpsid command vzctl enter vpsid where command is a string to be executed in the Virtual Private Server.

  • Page 101: Vzlist Output Parameters And Their Specifiers

    Reference -o parameter[.specifier] This option is used to display only particular information about the VPSs. The parameters and their specifiers that can be used after the -o option are listed in the following subsection. To display a number of parameters in a single output, they should be separated with commas, as is shown in the synopsis above.
  • Page 102 Reference kmemsize .m, .b, KMEMSIZE Size of unswappable kernel memory (in bytes), allocated for internal kernel structures .l, .f of the processes of a particular VPS. Typical amounts of kernel memory are 16…50 Kb per process. lockedpages .m, .b, LOCKEDP Memory not allowed to be swapped out (locked with the mlock() system call), in 4- .l, .f...
  • Page 103 Reference numpty .m, .b, NPTY Number of pseudo-terminals. For example, ssh session, screen, xterm application .l, .f consumes pseudo-terminal resource. numsiginfo .m, .b, NSIGINFO Number of siginfo structures (essentially this parameter limits size of signal delivery .l, .f queue). tcpsndbuf .m, .b, TCPSNDB Total size (in bytes) of send buffers for TCP...

  • Page 104: Vzquota

    Reference cpulimit none CPULIM This is a positive number indicating the CPU time in per cent the corresponding VPS is not allowed to exceed. cpuunits none CPUUNI Allowed CPU power. This is a positive integer number, which determines minimal guaranteed share of the CPU the Virtual Private Server will receive.

  • Page 105: Vzquota Init

    Reference OpenVZ quota works on a file system sub-tree or area. If this area has additional file systems mounted to its subdirectories quota will not follow this mount points. When you initialize quota, you specify the file system sub-tree starting point for the quota. Quota keeps its current usage and settings for a Virtual Private Server in the /var/vzquota/quota.vpsid file.

  • Page 106: Vzquota Drop

    Reference -e, --block-exptime time Required. Expiration time for excess of the block soft limit. Time can be specified in two formats: dd:hh:mm:ss For example: 30 - 30 seconds; 12:00 - 12 minutes; 20:15:11:00 - 20 days, 15 hours, 11 minutes xxA, where A - h/H(hour);...

  • Page 107: Vzquota On And Vzquota Off

    Reference vzquota on and vzquota off These commands are used to turn quota on and off. Their syntax is as follows: vzquota [options] on vpsid [command-options] vzquota [options] off vpsid [-f] [-c quota_file] vzquota off turns the quota off for the file system tree specified in quota file given with an optional –c switch.
  • Page 108 Reference -b, --block-softlimit num These options are optional for the vzquota on command. -B, --block-hardlimit num However, at least one of these options or -u, --ugid- -e, --block-exptime time limit num must be specified. These options are described -i, --inode-softlimit num in the vzquota init subsection.

  • Page 109: Vzquota Stat And Vzquota Show

    Reference vzquota stat and vzquota show These commands are used for querying quota statistics. The syntax is as below: vzquota [options] show vpsid [-t] [-f] [-c quota_file] vzquota [options] stat vpsid [-t] [-c quota_file] The difference between the vzquota stat and vzquota show commands is that the first one reports usage from the kernel while the second one reports usage as written in the quota file.

  • Page 110: Template Management Utilities

    Reference Template Management Utilities A template is basically a set of packages from some Linux distribution used to populate a VPS. An OS template consists of system programs, libraries, and scripts needed to boot up and run the system (VPS), as well as some very basic applications and utilities. Applications like a compiler and an SQL server are usually not included into an OS template.
  • Page 111 Reference vzpkgcache This utility creates/updates template caches for OS templates. You should run this utility before you can use a newly installed OS template for creating Virtual Private Servers. It has the following syntax: vzpkgcache [-f|--force] [osname ...] vzpkgcache -r|--remove osname [...] This utility checks the metadata for all the templates installed on the Hardware Node and if it finds an OS template for which no cache exists, it starts downloading and installing all packages listed in the configuration file and creates a cache at the end.

  • Page 112: Supplementary Tools

    Reference Supplementary Tools vzdqcheck This utility counts inodes and disk space used using the same algorithm as OpenVZ quota. It has the following syntax: vzdqcheck [options] path The command traverses directory tree given as the path argument and calculates space occupied by all files and number of inodes.
  • Page 113 Reference Quotas must be turned off when the vzdqload utility is working. Mind that only 2nd-level disk quotas are handled by the utilities. vzcpucheck This utility displays the current Hardware Node utilization in terms of allocated CPU units as well as total hardware node CPU units capacity. It has the following syntax: vzcpucheck [-v] Without arguments, the utility prints the sum of CPU units of all running Virtual Private Servers and total Hardware Node capacity.
  • Page 114 Reference vzsplit This utility is used to generate a sample VPS configuration file with a set of system resource control parameters. The syntax of this command is as follows: vzsplit [-n num] [-f sample_name] [-s swap_size] This utility is used for dividing Hardware Node into equal parts. It generates a full set of Virtual Private Servers system resource control parameters based on the total physical memory of the Hardware Node it runs on and the number of Virtual Private Servers the Hardware Node shall be able to run even if the given number of Virtual Private Servers consume all allowed...

  • Page 115: Glossary

    Glossary Glossary Hardware Node (or Node) is a computer where OpenVZ is installed for hosting Virtual Private Servers. HN is an abbreviation of Hardware Node. Host Operating System (or Host OS) is an operating system installed on the Hardware Node. MAC address stands for Media Access Control address, a hardware address that uniquely identifies each Node in a network.
  • Page 116 Glossary VPS is an abbreviation of Virtual Private Server. VENET device is a virtual networking device, a gateway from a VPS to the external network. Virtual Private Server (or VPS) is a virtual private server, which is functionally identical to an isolated standalone server, with its own IP addresses, processes, files, its own users database, its own configuration files, its own applications, system libraries, and so on.

  • Page 117: Index

    Index Failure to Start VPS • 78 Feedback • 10 Finding Kernel Function That Caused D About OpenVZ Software • 11 Process State • 77 About This Guide • 7 Finishing OS Installation • 26 Accessing Devices from Inside Virtual Private Server •...
  • Page 118 Index Matrix of OpenVZ Command Line Utilities • Supplementary Tools • 112 System Requirements • 20 Matrix of OpenVZ Configuration Files • 81 Monitoring Memory Consumption • 59 Monitoring System Resources Consumption • Template Lifecycle • 42 Template Management Utilities • 110 Moving Network Adapter to Virtual Private Templates •...
  • Page 119 Index What are Disk Quotas? • 48 What are Resource Control Parameters? • 46 What is OpenVZ • 11 Who Should Read This Guide • 7...

Table of Contents