Author Topic: Virtuozzo tips and tricks  (Read 5837 times)

netfreak

  • Administrator
  • Sr. Member

  • Offline
  • *****
  • 299
    • View Profile
    • Higher Intellect
Virtuozzo tips and tricks
« on: December 09, 2012, 12:59:03 am »
Virtuozzo Tips and Tricks
July 13th, 2007
http://netfreak.ca

Here are some easy tips and tricks for accomplishing more with SWsoft’s Virtuozzo virtualization software. Much of the included information should also apply to the open source OpenVZ software.

Enabling TUN Access for a VE
# vzctl set <VEID> –devices c:10:200:rw –save
# vzctl exec <VEID> mkdir -p /dev/net
# vzctl exec <VEID> mknod /dev/net/tun c 10 200
# vzctl exec <VEID> chmod 600 /dev/net/tun

Shell Script: Execute command on all VEs
for i in $(vzlist -H |awk {’print $1'}); do
if [ “$i” != “1? ]; then
vzctl exec2 $i “command; next command”
fi
done ;

Setting higher iptables rules limit (for CSF, etc)
# vzctl set <VEID> –numiptent 400 –save

VZ external mount points
# mount –bind /dev/<device> /vz/root/<VEID>/<mountpath>

Setting VE Quotas
# vzctl set <VEID> –quotaguid 2000
# vzquota on <VEID> -p /vz/private -r 0 -s 1 -u 2000 -b <soft diskspace> -B <hard diskspace> -i <soft inode> -I <hard inode>

Separating RAM and SWAP in VE
This particular issue is seen within an environment. Instead of showing separate dedicated RAM and SWAP, both numbers are added together as RAM and SWAP shows as zero. SWsoft techs report that this will not cause a performance problem, but can be fixed using this command on the hardware node:
# sysctl -w slm.task_group_priv=1000


If you're using Virtuozzo or OpenVZ to run multiple containers with the intention of connecting between them internally, you'll want to add a static route for the internal network on each container:

route add -net 10.1.1.0 netmask 255.255.255.0 dev venet0

Without this, communication internally does sometimes work but seems to often timeout or fail completely posting data to an internal only container.


Another option for communicating between VEs without using public IPs is via bridge interface. The following can be used to create a bridge:

modprobe -o dummy0 dummy
ifconfig dummy0 up
brctl addbr vmbr10
brctl addif vmbr10 dummy0
ifconfig vmbr10 up