Saturday, October 25


OpenVZ Notes

If you're moving existing OpenVZ containers to a newer OpenVZ server, here are a couple of tips for things that might otherwise drive you insane:


OpenVZ now defaults to using Ploop rather than SimFS for storage. That means each container gets its own dedicated filesystem rather than being mapped directly onto the existing /vz filesystem. That's not a problem in itself, but if your management process (backups and migration) relies on the old SimFS behaviour, that will all break.

To fix this, just change this line in /etc/vz/vz.conf:
## Filesystem layout for new CTs: either simfs or ploop
# VE_LAYOUT=ploop


The other issue relates to firewalls. You may not need per-container firewalls, but if you do, the new default iptables configuration means that the default iptables configuration file will not load. That's less than ideal, but it's easily fixed.

In the container config file you're using, just change the line
If you also need NAT, use:
Then things will work just like they used to.

Posted by: Pixy Misa at 09:53 PM | Comments (5) | Add Comment | Trackbacks (Suck)
Post contains 167 words, total size 1 kb.

1 None of that meant a thing to me. I guess I've fallen completely behind in the last 10 years.

Posted by: Steven Den Beste at Saturday, October 25 2014 10:25 PM (+rSRq)

2 The virtualisation world is very specialised.  Lots of stuff that doesn't mean anything unless you're specifically running one particular hypervisor, whether it's OpenVZ or KVM or Xen or VMWare.

I like OpenVZ because (a) it's lightweight and (b) the hypervisor level is an ordinary Linux kernel, and lets you see everything going on in all the VMs at once.  If I was running virtual machines on someone else's platform, though, I'd want KVM or Xen precisely so they couldn't do that.

Posted by: Pixy Misa at Sunday, October 26 2014 01:01 AM (PiXy!)

3 ploop?  I'm supposed to trust my business-critical process to something that the designer couldn't even be bothered to name properly?

Do you honest to Mog think I'm going to use software designed/implemented by morons with the engineering discipline of a 3-year-old with a set of duplo's?

Posted by: dkAllen at Tuesday, October 28 2014 05:18 AM (c/F3T)

4 They had to use "ploop" because all the good names had been taken.

Posted by: Steven Den Beste at Tuesday, October 28 2014 06:28 AM (+rSRq)

5  Heh.  In fact, the Ploop system is quite good; it's a virtual filesystem with snapshot support and live migration, which is something I can't do with the current setup.

It was just that we've been running on SimFS for years, and I have migration procedures that work for that, and having the new server running Ploop by default messed that up.

Posted by: Pixy Misa at Tuesday, October 28 2014 08:42 AM (2yngH)

Hide Comments | Add Comment

Comments are disabled.
47kb generated in CPU 0.0192, elapsed 0.74 seconds.
56 queries taking 0.7275 seconds, 344 records returned.
Powered by Minx 1.1.6c-pink.