OpenVZ

Screencast: OpenVZ Container Migration

|

It seems I've had a lot of questions about OpenVZ container migration lately on the #openvz IRC channel on the Freenode IRC network. While I made a silent screencast on that topic a few years ago, I thought it was time for a refreshed one so here it is. Enjoy.

What is an OpenVZ container? It is a form of virtualization where you can create a type of a virtual machine called a container that is basically a strongly isolated chroot environment with device and resource management features.

What is migration? It is the ability to easily move a container from one physical OpenVZ host to another. Live / online migration allows for no downtime and maintains existing network connections. Offline migration stops the container on the original host and starts it up on the destination host and as a result the containers uptime is reset and existing network connections are dropped. Watch the screencast for all of this in action.

You can also download this directly if desired. right-click, save link as:
openvz-vzmigrate.webm (12.8 MB)

Tales of Enterprise Linux Major Version Upgrading

| |

In the last post I mentioned that I migrated from CentOS 4.9 to Scientific 6.1... and that certain aspects of this Drupal 4.7.x site were broken because of an incompatibility with PHP 5.3.x.

Downgrading a distro

Well, I decided to move from Scientific Linux 6.1 to Scientific Linux 5.7. EL5 offers both PHP 5.1.x and PHP 5.3.x and Red Hat announced a few weeks ago that they are extending the support lifecycle of both RHEL5 and RHEL6 from 7 years to 10 years. Migrating back to EL5 fixes the issues (knock on wood) that I was having with Drupal... but yet I can easily move to PHP 5.3.x at some point in the future if I so desire.

Doing EL major version upgrades

Two friends of mine happened to have CentOS 4.9 OpenVZ containers as well. They also run a number of services I'm less familiar with and weren't really versed enough with Linux to migrate their data like I did. In an effort to help them out, I looked into how to upgrade from EL4 to EL5. That really IS NOT supported or recommended but I thought I'd give it a try and see how it went. If it failed, I'd roll back to the original system. If it succeeded I'd keep it. After much work I *THINK* I figured it out. At least it worked for me in the particular situation I was dealing with. I started off with a page on the CentOS wiki about Upgrading from 4.4 to 5. I did not do a boot media based upgrade (I'm working with containers) so I did it strictly with rpm and yum.

I followed the instructions but they were written some time ago and were a bit outdated. So the first container I did took the longest because I was finding my way. Basically this happens in a few steps.

  1. Install the EL5 repos
  2. Manually download the core packages recommended and install them.
  3. Hopefully when you are done rpm is still working. If yum is broken, manually install a few more packages to make it work.
  4. With a working yum, upgrade everything else
  5. Turn off any new services that happen to be on by default that you don't want
  6. Find any stray packages left over from the previous release
  7. Fix your service configs by comparing your original service configs with the new ones

Read on to find out more of the nitty gritty details.


Screencast: History and differences of Xen and KVM

| | | | | |

I threw together a quick screencast for Dann from the Linux Link Tech Show explaining the history of and differences between Xen and KVM. Feedback is encouraged because I'm sure I have some mistakes in there.

xen-and-kvm-history.webm (36.2 MB)

OpenVZ: Notes on Scientific Linux 6 x86 OS Template Contribution

I posted a contributed OpenVZ OS Template today. The contributed OS Template is Scientific Linux 6 32 bit and it was contributed by Vic from powerpbx.org (canuck15@hotmail.com).

I asked him to share information about he created it and this is what he replied back with via email:

I have no plans to create a x86_64 version or provide regular updates to the x86 version at this time. The only reason I created the x86 version is because I needed a RHEL (or clone) v6 template for my own use. It is easy enough to update/modify/copy by someone else now that this version is out there.

I created it using this procedure and rsync from VMWARE to OpenVZ. Then I manually went through all the installed packages and took out as much as I could to get the size down. When in doubt I compared to the installed packages in a CentOS 5 template.

Yum would not remove kernel so I had to do a "rpm -e --nodeps kernel"

In the newly rsync'ed OpenVZ container I create a file called "vz.repo" in /etc/yum.repos.d with the following text:

[vz-base]
name=vz-base
mirrorlist=http://vzdownload.swsoft.com/download/mirrors/centos-5
gpgcheck=0

[vz-updates]
name=vz-updates
mirrorlist=http://vzdownload.swsoft.com/download/mirrors/updates-released-ce5
gpgcheck=0

then "yum install vzdev vzdummy-apache vzdummy-jre-el5 vzdummy-kernel-el5"

Could not get "vzdummy-glibc" to work. It caused the template to not load on reboot. Someone smarter than me will have to figure that one out. Perhaps vzdummy-glibc needs to be updated for RHEL 6.

Additional things I ran into that appear to be RHEL v6 specific are as follows.

You must comment out "console" in /etc/init/rc.conf and /etc/init/rcS.conf

You must also delete or rename tty.conf and start-ttys.conf.


OpenVZ: Contributed Fedora 14 OS Templates

|

I noticed Kir's blog post about the updated vzctl today. Cool! Finally I can create Fedora 14 containers... and the container restart mechanism has been fixed up too.

I downloaded the beta OS Template that the OpenVZ Projects offers for Fedora 14, created a container, did all of the updates, removed the samba* packages, added a few packages I wanted (mc, screen, links), and modified the httpd.conf so it is more like factory. Then I disabled a few services that aren't really needed... after all, who needs xinetd running when it it doesn't have any services configured? Then I stopped the container, cleaned up the container filesystem some, and tar.gz'ed it up and uploaded it as a contrib OS Template.

I did this for both the 32-bit and 64-bit OS Templates. Enjoy!


OpenNode Status Update

| | |

I don't usually repost mailing list messages but just got this one in my inbox from the OpenNode folks. Since I'm a big virtualization geek, I'm sharing. Haven't heard of OpenNode? Here's a brief description before I get to the status update email:

OpenNode is a open source server virtualization solution providing easy to use (CentOS / RHEL based) bare-metal ISO installer and supporting both OpenVZ container-based virtualization and emerging KVM full virtualization technology on the same physical host.

So, OpenNode is a lot like Proxmox VE except OpenNode is based on CentOS and uses libvirt, virt-manager, and other Red Hat standard tools.


OpenVZ Project Update - July 2010

Just wanted to mention a few news items from the OpenVZ Project.

Updated vzctl - vzctl 3.0.24 has been released. Even though the version number only changed from 3.0.23 to 3.0.24 there are a ton of changes, fixes and some feature additions. Of special interest is the --swappages option as well as being able to refer to a container by its name rather than requiring the CTID with vzmigrate. Over all it was a long overdue, much appreciated update.

Updated Official OS Templates - The last wiki notice is dated April 27th but looking today at the dates on the OS Templates they appear to have been updated May 27th. One thing to note is that there are now OS Templates for Ubuntu 10.04 which I'm sure Ubuntu folks will be happy about.

Beta Fedora 13 OS Templates - And speaking of OS Templates, Kir just released Beta OS Templates for Fedora 13. On the day Fedora 13 was released I tried creating my own OS Templates by taking Fedora 12 containers and updating them but ran into a snag. With Fedora 13 a lot of new stuff has been added to the init setup and some of it causes a container to just hang during startup. I was glad to see the beta OS Templates released. I created containers from them, made my own changes, and then uploaded those to the contrib section.

As luck would have it, later in the afternoon the Fedora Project released a whole bunch of updates and among them was a new initscripts package. I suspected that when I upgraded my container whatever changes the OpenVZ folks had made to the init setup that made it work in a container would be wiped out and I was correct as upgrading the initscripts package did make the container get stuck in the init process upon container reboot. I ended up filing two bugs: 1566 and 1567. I joyfully await their resolution.

2.6.32 devel kernel - There have been a few releases of the 2.6.32 devel kernel and it appears to be making progress. While there have been a number of OpenVZ devel kernels that died on the vine, 2.6.32 should be different mainly because it is the kernel in the upcoming Red Hat Enterprise Linux 6, the upcoming Debian 6, and in Ubuntu 10.04. I have no guess as to when it'll be marked stable. My guess would be sometime after RHEL 6 is released.

***Please note that any URLs mentioned (and the information they contain) in this posting are time sensitive and will surely be outdated not long after posting.


Proxmox VE and Shorewall Part 2

| | | | |

Shorewall and Proxmox VE Cluster Configuration

This is a follow up article describing how to use Proxmox VE and Shorewall together. This article focus on using Shorewall within your Proxmox cluster. If you have not read the first article I recommend that you do so, it will aid your understanding with what is going in this one.

Network Layout and Shorewall Configuration

We are going to be using a bridging configuration. This is what Proxmox VE uses with by default. Bridging allows for easy migration of hosts without having to re-configure the firewall each time a machine is migrated.

Proxmox VE and Shorewall

| | | | |

Proxmox VE does not come with a firewall by default there are several solutions to this problem but the most flexible and robust is integrating the Shorewall firewall. This document assumes a basic knowledge of the Shorewall program and will not cover all of Shorewall capabilities but will give you a good working model to get you started. For more advanced topics check out the Shorewall documentation.

Shorewall will have 3 zones: 1) the fw zone which is the Proxmox host, 2) the net zone which is the Internet and 3) the dmz zone which is where the virtual machines will reside. The hardware just has one network interface card; vmbr0 is a just a bridge interface.

Video: UTOSC2009 - Intro to OS Virtualization, Containers and OpenVZ

| | |

Here is the video of my presentation from the Utah Open Source Conference 2009 entitled, "Introduction to OS Virtualization, Containers and OpenVZ". Warren Sanders manned the camera. I used Kdenlive to edit it and create the title screen. Attached below you can find PDFs for my slides, the OpenVZ Brochure we were handing out, as well as white paper from the Linux Foundation about who writes the Linux kernel.

For those interested in a much higher quality Ogg Theora version, you can find that here:
IntroductionToOSVirtualizationContainersAndOpenVZ313.ogv
(right-click, save link as...)

Syndicate content