Diving Into OpenVZ
OStatic
Home
Blog
Questions
Software
Members
 
 
 
Follow Us:
Follow us on Twitter
Subscribe to our RSS
About
Contact
Diving Into OpenVZ
by Jon Buys - Feb. 26, 2013Comments (7)
Related Blog PostsThe Rise of the Rolling ReleaseopenSUSE 12.3 in the Final StretchesOpenMandriva Honing in on LogoTorvalds' Windows 8 Secure Boot Tantrum Leads Back to MIcrosoft's MovesOpenMandriva "Secretly" Moving Forward
A few months ago I wrote an article about the conceptual superiority of FreeBSD jails compared to full virtualization platforms like VMware or Xen. In the article, I mistakenly thought that the concept of building jails into the operating system was a philosophical difference between Linux and BSD. However, as is most often the case when one claims something doesn’t work on Linux, the real answer is: “of course it does”. We have recently been struggling with deploying a web application based on PHP that is very hard on resources. We run Linux in VMware for our application servers, and bare metal for the databases. For the first time we saw both our bare metal servers and the VMware hosts max out the CPU during a particularly intense spike in traffic, the charts were enough to make everyone’s jaw drop. Obviously, we need more hardware, and since we need more hardware, we thought that this might be a good time to rethink our architecture. VMware, Xen, KVM, and other virtualization platforms are great for testing new applications, consolidating low-use servers, and spinning up new environments quickly. However, the capability comes at the cost of additional overhead, both in terms of management and physical capacity. If you are dedicating significant resources to a single application, it makes sense to forgo virtualization and revert back to bare metal. But, at times it makes sense to have a logical separation between application instances, the ability to have identical applications running simultaneously, but keeping them individualized for management. That’s easy to do in virtualization, just keep the separate instance in their own virtual machine, but harder to do on bare metal. I knew how to solve that problem with FreeBSD, but what about Linux? Enter OpenVZ. OpenVZ is container-based virtualization for Linux. OpenVZ creates multiple secure, isolated Linux containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict. Each container performs and executes exactly like a stand-alone server; a container can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files. OpenVZ, very much like FreeBSD jails, gives each container direct access to the hardware, providing the power of bare metal with the separation of virtualization. It also simplifies management. With virtualization, each virtual machine creates another install of Linux that needs to be fed and cared for. Disk space monitoring, memory use, local users, password policies, firewalls, etc… all the little things that need to be done. Using OpenVZ, we have the opportunity to rethink a lot of that. For example, one of my design goals is to only have the port needed for the application open on the container IP. No SSH, no nrpe, nothing other than Apache or nginx. All of the management can be done at the host level. If access is needed to one of the containers, the user can ssh to the host and use the vzctl tool to get a shell. Likewise, Nagios monitoring could be simplified. If I’m mainly concerned with system load, disk space, and CPU, RAM, and swap use, I can monitor all of those from the host, and write new checks to monitor the containers. So far I’m very excited about the opportunity to reimagine our architecture. I’m sure that there will be many pitfalls and setbacks along the way, but conceptually I think that the OpenVZ based system is cleaner than traditional virtualization. I would also be interested to hear if any of our readers have experience running web applications with OpenVZ. If you have any comments, questions, or suggestions, please feel free to drop me a line in the comments below.
Virtualization linux FreeBSD OpenVZ
Previous: Mozilla Doesn't Acce...Next: OpenMandriva Honing ... Browse Blog
Stacey Schneider uses OStatic to support Open Source, ask and answer questions and stay informed. What about you?
 
7 Comments
 
by Vince-0 on Feb. 27, 2013Some OpenVZ subjects I found a need to investigate further include network interfaces (venet and veth) as well as compiling guest OS software that requires kernel headers from the hardware node. Kernel timing for VoIP is particularly troublesome because of a shared kernel.
The hardware node kernel needs to be patched to be OpenVZ compatible and the latest stable kernel maintained for RHEL6 is 2.6.32 based. I've use Proxmox (Debian based) as a management system for KVM and OpenVZ with great success. openvz.org has a wealth of information on the subject.
You may consider Linux Container (LCX) as an OS level virtualization as it does not require kernel patches and is in the mainline kernel with libvirt support. The user tools don't seem as mature as with OpenVZ and there are a few differences in functionality when compared to OpenVZ but apparently OpenVZ containers can run on LXC with a few configuration changes although I am yet to test this.
Vin.
0 Votes
by Holger on Feb. 28, 2013There is no such thing as "conceptual superiority" of container virtualisation (OpenVZ, LXC, Jails) over full virtualisation (KVM, VMWare, VBox) or para-virtualisation (Xen without full hardware virtualisation provided from the host).
All three are different concepts with different pros / cons and resulting of this different use-cases.
Every solution should be choosen matching the use-case.
Examples:
- Try running a Windows host inside an OpenVZ instance
- Try installing a different Linux distro guest inside an OpenVZ instance running on a host of a different Linux distro (e.g. Guest: Suse / Host: Debian).
As in every job it is important to know your tools and for what to use them.
0 Votes
by an anonymous user on Feb. 28, 2013How about LXC? See here: http://mindref.blogspot.com/2011/01/debian-lxc-create.html
0 Votes
by Holger on Feb. 28, 2013There is no such thing as "conceptual superiority" of container virtualisation (OpenVZ, LXC, Jails) over full virtualisation (KVM, VMWare, VBox) or para-virtualisation (Xen without full hardware virtualisation provided from the host).
All three are different concepts with different pros / cons and resulting of this different use-cases.
Every solution should be choosen matching the use-case.
Examples:
- Try running a Windows host inside an OpenVZ instance
- Try installing a different Linux distro guest inside an OpenVZ instance running on a host of a different Linux distro (e.g. Guest: Suse / Host: Debian).
As in every job it is important to know your tools and for what to use them.
0 Votes
by dc on Feb. 28, 2013We've used OpenVZ with success for many years. It has excellent performances except for disk I/O; which is still much faster than Xen/VMWare/etc. anyway.
However, OpenVZ is no longer supported by Debian and you won't find a patched kernel out of Debian 7.0... This is why we decided to move all of our virtualized server under LXC. BTW, lxc doesn't have the disk I/O performance seen in OpenVZ... Lxc is like a super-chroot environment and very easy to maintain.
dc
0 Votes
by David on Feb. 28, 2013You can't run a different OS (such as Windows or BSD) or even a different Linux kernel within an OpenVZ container. But you can freely run different distributions, and if you have a 64-bit host (why wouldn't you?) you can have 32-bit and 64-bit guests.
We've been using OpenVZ for many years now. There are a few limitations about what you can have in a container, but they are minor compared to the advantages.
About the only big issue with OpenVZ is that it is based on patches to an older kernel. Even when you use the "RHEL" kernel version (which has back-ports of newer kernel features), I still miss some newer features.
Other than that, I find OpenVZ provides the best balance between easy and efficient use and virtual machine isolation for most server uses.
0 Votes
by W. Anderson on Feb. 28, 2013By coincidence I am nearing completion of a production OpenVZ container based Plone Web Content Management System (CMS) application, running on a Sabayon (Gentoo) Linux Hardened Server configuration that had OpenVZ kernel and packges binaries included with install process.
Thanks to the pre-configurations and testing done by Sabayon group, the process has been fairly painless with only issues with required libxml lbraries not working correctly at this point.
Similar setups and configurations of Python based Web CMS applications that were very successful on FreeBSD priompted me toward Sabayon (Gentoo) on this Linux project.
0 Votes
Share Your Comments
If you are a member, Sign in to have your comment attributed to you. If you are not yet a member, Join OStatic and help the Open Source community by sharing your thoughts, answering user questions and providing reviews and alternatives for projects.
Your Name
Email Address (kept hidden)
Your Comment *
Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!
 
Explore Software in this Blog Post
1
2
3
4
5
OpenVZ has 1 review2 users
1
2
3
4
5
FreeBSD has 0 reviews10 users
Your cloud solution managed 24/7
Expert cloud management & monitoring services starting at $9/mo.
Explore the plans
Featured MembersViewJesse BabsonI used to work for a large chip company here and a...
ViewStacey SchneiderFreelance internet marketer helping companies buil...
Related Questions
Browse
Get answers and share your expertise.
Have a question? Ask the community
Seriously, OSTatic! This is plain annoying!
By McKinsey - Oct 17, 2012
post answer
Installing Linux from Live CD
By Dineshrawar - Apr 09, 2012
3 answers
Any Ideas for A Virtualization project in the cloud.
By Alvin Pieterson - Jan 17, 2012
3 answers
Partner Center
Happening Now on OStatic
W. Anderson commented on A Guide to Identifying the Right Open Source CMS for You
Will Brokenbourgh commented on Every Install Should Be Minimal
anonymous commented on Every Install Should Be Minimal
Home
Blog
Software
Questions
About OStatic
Contact
Terms of Service
Privacy Policy
Send Feedback
Powered by Vox Holdings
© 2013 OStatic. Built on fine Open Source Software from projects like
Apache,
Drupal,
Java,
Linux,
MySQL and
PHP.
Sign in to OStatic
close
Username: *
Password: *
Not a member? Join NowI forgot my password