![]() ![]() bind a container to a specific set of CPUs ( -cpumask).limit number of CPU cores available to container ( -cpus).set strict CPU limits, such as 10% of a total CPU time ( -cpulimit).In addition to the above, OpenVZ provides ways to: Real CPU time will be distributed proportionally to these values. It is possible to set different values for the CPUs in each container. On the second level the standard Linux scheduler decides which process to run in that container, using standard Linux process priorities. On the first level, the scheduler decides which container it is to give the CPU time slice to, based on per-container cpuunits values. The CPU scheduler in OpenVZ is a two-level implementation of fair-share scheduling strategy. Within the container, it is possible to use standard tools to set UNIX per-user and per-group disk quotas. These resources can be changed during container run time, eliminating the need to reboot.Įach container can have its own disk quotas, measured in terms of disk blocks and inodes (roughly number of files). OpenVZ resource management consists of four components: two-level disk quota, fair CPU scheduler, disk I/O scheduler, and user bean counters (see below). IPC objects Shared memory, semaphores, messages. Devices If needed, any container can be granted access to real devices like network interfaces, serial ports, disk partitions, etc. Network Virtual network device, which allows a container to have its own IP addresses, as well as a set of netfilter ( iptables), and routing rules. PIDs are virtualized, so that the init PID is 1 as it should be. ![]() Process tree A container only sees its own processes (starting from init). ![]() Users and groups Each container has its own root user, as well as other users and groups. Each has its own:įiles System libraries, applications, virtualized /proc and /sys, virtualized locks, etc. Virtualization and isolation Įach container is a separate entity, and behaves largely as a physical server would. As of vzctl 4.0, OpenVZ can work with unpatched Linux 3.x kernels, with a reduced feature set. The modified kernel provides virtualization, isolation, resource management, and checkpointing. The OpenVZ kernel is a Linux kernel, modified to add support for OpenVZ containers. While old versions of OpenVZ used a common file system (where each virtual environment is just a directory of files that is isolated using chroot), current versions of OpenVZ allow each container to have its own file system. Memory allocation with OpenVZ is soft in that memory not used in one virtual environment can be used by others or for disk caching. However, as it does not have the overhead of a true hypervisor, it is very fast and efficient. This can be a disadvantage in situations where guests require different kernel versions than that of the host. All OpenVZ containers share the same architecture and kernel version. While virtualization technologies such as VMware, Xen and KVM provide full virtualization and can run multiple operating systems and different kernel versions, OpenVZ uses a single Linux kernel and therefore can run only Linux. OpenVZ compared to other virtualization technologies OpenVZ is similar to Solaris Containers and LXC. It allows a physical server to run multiple isolated operating system instances, called containers, virtual private servers (VPSs), or virtual environments (VEs). OpenVZ ( Open Virtuozzo) is an operating-system-level virtualization technology for Linux. ![]()
0 Comments
Leave a Reply. |