Saturday, October 25
OpenVZ Notes
If you're moving existing OpenVZ containers to a newer OpenVZ server, here are a couple of tips for things that might otherwise drive you insane:
Comments are disabled.
If you're moving existing OpenVZ containers to a newer OpenVZ server, here are a couple of tips for things that might otherwise drive you insane:
Ploop
OpenVZ now defaults to using Ploop rather than SimFS for storage. That means each container gets its own dedicated filesystem rather than being mapped directly onto the existing /vz filesystem. That's not a problem in itself, but if your management process (backups and migration) relies on the old SimFS behaviour, that will all break.
To fix this, just change this line in /etc/vz/vz.conf:
## Filesystem layout for new CTs: either simfs or ploop
# VE_LAYOUT=ploop
VE_LAYOUT=simfs
IPTables
The other issue relates to firewalls. You may not need per-container firewalls, but if you do, the new default iptables configuration means that the default iptables configuration file will not load. That's less than ideal, but it's easily fixed.
In the container config file you're using, just change the line
NETFILTER="stateless"To:
NETFILTER="stateful"If you also need NAT, use:
NETFILTER="full"Then things will work just like they used to.
Posted by: Pixy Misa at
09:53 PM
| Comments (5)
| Add Comment
| Trackbacks (Suck)
Post contains 167 words, total size 1 kb.
1
None of that meant a thing to me. I guess I've fallen completely behind in the last 10 years.
Posted by: Steven Den Beste at Saturday, October 25 2014 10:25 PM (+rSRq)
2
The virtualisation world is very specialised. Lots of stuff that doesn't mean anything unless you're specifically running one particular hypervisor, whether it's OpenVZ or KVM or Xen or VMWare.
I like OpenVZ because (a) it's lightweight and (b) the hypervisor level is an ordinary Linux kernel, and lets you see everything going on in all the VMs at once. If I was running virtual machines on someone else's platform, though, I'd want KVM or Xen precisely so they couldn't do that.
I like OpenVZ because (a) it's lightweight and (b) the hypervisor level is an ordinary Linux kernel, and lets you see everything going on in all the VMs at once. If I was running virtual machines on someone else's platform, though, I'd want KVM or Xen precisely so they couldn't do that.
Posted by: Pixy Misa at Sunday, October 26 2014 01:01 AM (PiXy!)
3
ploop? I'm supposed to trust my business-critical process to something that the designer couldn't even be bothered to name properly?
Do you honest to Mog think I'm going to use software designed/implemented by morons with the engineering discipline of a 3-year-old with a set of duplo's?
</rant>
Do you honest to Mog think I'm going to use software designed/implemented by morons with the engineering discipline of a 3-year-old with a set of duplo's?
</rant>
Posted by: dkAllen at Tuesday, October 28 2014 05:18 AM (c/F3T)
4
They had to use "ploop" because all the good names had been taken.
Posted by: Steven Den Beste at Tuesday, October 28 2014 06:28 AM (+rSRq)
5
Heh. In fact, the Ploop system is quite good; it's a virtual filesystem with snapshot support and live migration, which is something I can't do with the current setup.
It was just that we've been running on SimFS for years, and I have migration procedures that work for that, and having the new server running Ploop by default messed that up.
It was just that we've been running on SimFS for years, and I have migration procedures that work for that, and having the new server running Ploop by default messed that up.
Posted by: Pixy Misa at Tuesday, October 28 2014 08:42 AM (2yngH)
48kb generated in CPU 0.0216, elapsed 0.214 seconds.
56 queries taking 0.2018 seconds, 331 records returned.
Powered by Minx 1.1.6c-pink.
56 queries taking 0.2018 seconds, 331 records returned.
Powered by Minx 1.1.6c-pink.
