[Users] Big comparison Ploop and ext4 vs simfs vs ZFS
Hello, folks! Big thanks for your attention to my work about ZFS: https://github.com/pavel-odintsov/OpenVZ_ZFS And I would like to share with community our own ZFS tests from FastVPS Eesti OU experience (fastvps.ru). We are company with 5 year experience with OpenVZ in heavy production usage. We have used ploop, simfs and ZFS for many years together. And we operate about 1PB (yep, it's single pe-ta-by-te) of customer's data with great care. So, we could share this article: http://www.stableit.ru/2015/07/effectiveness-of-zfs-usage-for-openvz.html which shown how ZFS bit ext4 and ploop. Feedback and another tests are welcome! Cheers! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Big comparison Ploop and ext4 vs simfs vs ZFS
Hello! Completely agree with you. With old style filesystems we use so much non uniform crap like mdraid, dm raid and hardware solutions like lsi and adaptec. There are so much different tools, so much details and really complex configurations. With ZFS we have only singletool (ring!) for ewerything! We expect so much data corruptions, downtimes for fsck and even full data losses with ext3 and ext4. And hardware RAID is too buggy (adaptec is real bunch of bugs) But there are no any issues regarding customer data with zfs. On Friday, July 24, 2015, Dietmar Maurer diet...@proxmox.com wrote: The point is that in your use case ZFS works very well and saves you 1TB of disk space. Great for you. For my use case the overhead of learning and deploying ZFS greatly outweighs the handful of GBs I might potentially save in disk space. Don't get me wrong, but zfs is totally simply to use and deploy - much simpler than anything else (considering all the great feature it provides). ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Big comparison Ploop and ext4 vs simfs vs ZFS
Hello! Thanks for feedback! We have more details in Git repository page. But actually we haven't performance tests for this benchmarks because they are executed few months ago ;) On Friday, July 24, 2015, Kirill Kolyshkin kolysh...@gmail.com wrote: Pavel, Thanks for sharing. I have a few comments. 1. The article only compares disk space usage and nothing else. Performance, memory footprint, maintainability etc are all left aside. If this is the only optimization criteria for you, it's fine, but usually such comparison won't work. Say, you compare two Linux distros by their installation time and find out that Gentoo is the worst of all, and any live CD based one is the best (as it doesn't require installation at all, so installation time is zero). So, due to the fact you only have one criterion in your comparison, the conclusions you came to are also incorrect, at least from my POV. It can be something like you can achieve disk space savings with ZFS, while with ploop there is a certain overhead or so. 2. due to ploop bugs — the term bugs is obviously used incorrect here. On Jul 24, 2015 01:28, Pavel Odintsov pavel.odint...@gmail.com javascript:_e(%7B%7D,'cvml','pavel.odint...@gmail.com'); wrote: Hello, folks! Big thanks for your attention to my work about ZFS: https://github.com/pavel-odintsov/OpenVZ_ZFS And I would like to share with community our own ZFS tests from FastVPS Eesti OU experience (fastvps.ru). We are company with 5 year experience with OpenVZ in heavy production usage. We have used ploop, simfs and ZFS for many years together. And we operate about 1PB (yep, it's single pe-ta-by-te) of customer's data with great care. So, we could share this article: http://www.stableit.ru/2015/07/effectiveness-of-zfs-usage-for-openvz.html which shown how ZFS bit ext4 and ploop. Feedback and another tests are welcome! Cheers! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:_e(%7B%7D,'cvml','Users@openvz.org'); https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
[Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Hello, folks! I have just found this article: https://openvz.org/OpenVZ_with_upstream_kernel And I enough upset with it because I need to install Commercial Paid Software (CloudLinux) for running open source OpenVZ. From my point of view, it's not OK to ask for license for external license. I could buy something from Odin/Parallels but I do not want to buy additional tools from another company which is completely not related with OpenVZ project. That's all. -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Actually I want to make feature request for ability to run open source OpenVZ on normal open source distro like CentOS or Debian where I can be sure about really _clean_ code from viruses and backdoors. On Tue, Jun 30, 2015 at 10:50 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, folks! I have just found this article: https://openvz.org/OpenVZ_with_upstream_kernel And I enough upset with it because I need to install Commercial Paid Software (CloudLinux) for running open source OpenVZ. From my point of view, it's not OK to ask for license for external license. I could buy something from Odin/Parallels but I do not want to buy additional tools from another company which is completely not related with OpenVZ project. That's all. -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Thanks for answer Kristian! But my question about another case. I can't find CentOS 7 here. From my opinion it means I can't send bugs to bugzilla because you have used not recommended distribution. It's normal practice for big vendors and I really scary about it. On Tue, Jun 30, 2015 at 11:15 AM, Kristian Marcroft k...@kwm-web.info wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, that page indicated it is recommended, not it's required? You should be able to use CentOS as an OS? I don't think that will change. I do think that Odin will actually give out recommendations and that Odin will support their recommendations in their commercial Product Virtuozzo. Regards, Kristian Marcroft Am 30.06.2015 um 09:57 schrieb Pavel Odintsov: Actually I want to make feature request for ability to run open source OpenVZ on normal open source distro like CentOS or Debian where I can be sure about really _clean_ code from viruses and backdoors. On Tue, Jun 30, 2015 at 10:50 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, folks! I have just found this article: https://openvz.org/OpenVZ_with_upstream_kernel And I enough upset with it because I need to install Commercial Paid Software (CloudLinux) for running open source OpenVZ. From my point of view, it's not OK to ask for license for external license. I could buy something from Odin/Parallels but I do not want to buy additional tools from another company which is completely not related with OpenVZ project. That's all. -- Sincerely yours, Pavel Odintsov -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJVklA2AAoJECFUP413Yj6juPkH/2sm7AlGfWfnjzJyDxy/5x7i K9v9jZDr2f2BNyoAYMF0KB8Q4RJ5SZcfsYeNpgjZqNwbEyWKoVXgjak7m6znmjyc 2MjxubcMour3Xw+d2Tr3RFqoxzKj6sQEXUSwUQBTofXofqmU0tG8QISWUlQZCx/o 3MkLNe8VWNmNWlxjmN3fd7ZzoTF59cx5oKwejTE6B8n9HH35CnaxO+s8b89QyC5S 9hnWfhjGw41U2OAbHt6AfCo/eBxHLLn9nQ3YbmqsJKEvO1BlxXMkLBnCr5WoB4Xd b6TROeGc/mlR0M4KXByXgd3feKyYDn3lYQt7hAbzYHHq+h+K5rK45L2p/dV29ow= =jYj1 -END PGP SIGNATURE- ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Thank you for detailed answer. I haven't questions anymore! Awesome! On Tue, Jun 30, 2015 at 3:11 PM, Sergey Bronnikov serg...@openvz.org wrote: Let me explain and answer on your questions (inline). As we announced earlier we have following plan: - publish source code of closed components from commercial product (Virtuozzo aka PCS 6) - publish RPM packages for each component - publish test builds for Virtuozzo 7 distribution as installation ISO image We made all our planned action items. Binary builds are available right now and announce about it will follow (I believe this week). Preferred and recommended way to use our containers is installation of Virtuozzo 7 distribution on bare metal. Why we recommend to use our own distribution? - distribution includes kernel with additional patches for containers which are still absent in vanilla kernels: * ploop * veth patches * io limits * iops limits * new memory management for containers are in upstream, but few patches are still not committed * /dev/console * virtualization of tmpfs - Virtuozzo distribution includes Cloud Linux packages with our patches. Sometimes during testing we found bugs which requires changes in standard Linux components. In such situation we make patch and try to put in upstream. It is quite long process, but we do our best to make it done. Thus Cloud Linux is our upstream Linux distribution. Examples of components with our patches: * grub * parted (global sync patch) * upstart * anaconda + pykickstart * gcc Again, we can only recommend to use Cloud Linux with our containers and virtual machines but we cannot forbid you to use our tools with other Linux distributions. Also you can build your own distribution with our VZ components and name it for example BolgenOS Containers. You can sell it and provide support for money. It is a main idea of opensource - you can do with opensource components everything you want, if these action doesn't violate license. P.S. Cloud Linux is the same Linux distribution as RHEL, CentOS or Scientific Linux. But we can rely on developers from Cloud Linux unlike CentOS community or RedHat. SRPMs for Cloud Linux distribution are public available. See http://koji.cloudlinux.com/cloudlinux/7/os/Sources/ So your complains about closed Cloud Linux are not acceptable. On 12:01 Tue 30 Jun , Pavel Odintsov wrote: Very hard to run something now... So much if / should and it's not working yet. I prefer wait until time when everything will be work. Actually there are no profit from open sourcing project at this time. Because so much heritage from Commercial world which I do not like at all. I do not want to be part of test monkeys for commercial project. I want to be part of community and I want to contribute to community.But it's real nightmare because I'm from another world. And closed CloudLinux means for me keep away from this project, it's not true open source. Finally, I really appreciate moving to open source. But I do not like steps of Odin company and community manager here. 1) They offer test kernels with no sources. I.e. there are no way to build RHEL7 kernel manually from open code Really? Could you provide more details? 2) They offer closed source distribution with bunch of crap instead 3) They put bunch of code to src.openvz.org but this code lacks os docs, manuals and any help! We tried to build few tools for few weeks and it's really HARD challenge. Wow! Would be nice to hear your experience. Please share! 4) They offer Debian 8 templates but do not provide any references How you can build template manually. Ask not what OpenVZ can do for you but what you can do for OpenVZ? We have quite limited engineering resources and huge plans for upcoming Virtuozzo 7. For resources I mean smart people who works under Vz7 for money and other staff which works for full time, make the best containers and publish these work for everyone. If you found something absent in open project you can implement it yourself. Odin, folks. If you put code to somewhere in Internet do not mean doing open source. Open source is: 1) Share ideas https://openvz.org/Wishlist More ideas will come with OpenVZ Jira. We are preparing it right now and will migrate all OpenVZ issues from Bugzilla to Jira soon. 2) Offer help and documentation What kind of help do you expect? We plan to publish documentation for Vz7, but it will be quite similar to PCS 6 documentation published on site http://www.odin.com/products/virtuozzo/documentation/ 3) Mind about community, not about commercial success. Sure. It was a reason why we gathered community feedback in OpenVZ survey. I really can spent my time and my engineers time for doing Virtuozzo better but you do not hear me. Unfortunately. Very sad. Thanks for your oppinion
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Thank you so much for support :) Really, I want to do more with OpenVZ and really want to get new features from RHEL7 kernel. And I have full understanding of this very long and deep process. And we need so huge time (one or two years) for stable RHEL7 release. Thats why I want to build test env in my Company ASAP for help OpenVZ team with bug hunting and load testing. But I can't do it without documentation. That's my main complain and main idea of all this speech. On Tue, Jun 30, 2015 at 12:55 PM, Kristian Marcroft k...@kwm-web.info wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I think you are personally expecting to much in to short time. Actually I think that most of the stuff shared publicly is not finished yet. But you now have the chance to at least look into some stuff Odin is doing and maybe even the community can help to create documentation. You will also have to respect, that Odin still has a commercial interest behind all of this. Basically nothing is changing. The Kernel base of OpenVZ has always been the base for Virtuozzo (or the other way round?) Now Odin is starting to release some tools and more features. Instead of bulling them to do more, you should remember that as far as I know there are only limited resources provided by Odin and most contributions are actually also done in their free time. Currently, the stable version is CentOS 6 with RHEL-6 based Kernel. You can stick with that and just wait until the rest matures. I do understand you want to use a recent OS such as CentOS 7, but that is not ready for use yet. That's what one would call development in progress I guess :) So just give it all a bit more time and all will be fine. Regards, Kristian Am 30.06.2015 um 11:01 schrieb Pavel Odintsov: Very hard to run something now... So much if / should and it's not working yet. I prefer wait until time when everything will be work. Actually there are no profit from open sourcing project at this time. Because so much heritage from Commercial world which I do not like at all. I do not want to be part of test monkeys for commercial project. I want to be part of community and I want to contribute to community.But it's real nightmare because I'm from another world. And closed CloudLinux means for me keep away from this project, it's not true open source. Finally, I really appreciate moving to open source. But I do not like steps of Odin company and community manager here. 1) They offer test kernels with no sources. I.e. there are no way to build RHEL7 kernel manually from open code 2) They offer closed source distribution with bunch of crap instead 3) They put bunch of code to src.openvz.org but this code lacks os docs, manuals and any help! We tried to build few tools for few weeks and it's really HARD challenge. 4) They offer Debian 8 templates but do not provide any references How you can build template manually. Odin, folks. If you put code to somewhere in Internet do not mean doing open source. Open source is: 1) Share ideas 2) Offer help and documentation 3) Mind about community, not about commercial success. I really can spent my time and my engineers time for doing Virtuozzo better but you do not hear me. Unfortunately. Very sad. On Tue, Jun 30, 2015 at 11:45 AM, Kristian Marcroft k...@kwm-web.info wrote: Hi, CentOS 7 should be supported once Virtuozzo 7 is released. As far as I know Odin is porting their OpenVZ/Virtuozzo patches to the RHEL 7 Kernel at the moment. Currently they use RHEL 6/Cloud Linux 6 as a base. This will change with Virtuozzo 7. This is what the Versions actually mean. Regards, Kristian Am 30.06.2015 um 10:29 schrieb Pavel Odintsov: Thanks for answer Kristian! But my question about another case. I can't find CentOS 7 here. From my opinion it means I can't send bugs to bugzilla because you have used not recommended distribution. It's normal practice for big vendors and I really scary about it. On Tue, Jun 30, 2015 at 11:15 AM, Kristian Marcroft k...@kwm-web.info wrote: Hi, that page indicated it is recommended, not it's required? You should be able to use CentOS as an OS? I don't think that will change. I do think that Odin will actually give out recommendations and that Odin will support their recommendations in their commercial Product Virtuozzo. Regards, Kristian Marcroft Am 30.06.2015 um 09:57 schrieb Pavel Odintsov: Actually I want to make feature request for ability to run open source OpenVZ on normal open source distro like CentOS or Debian where I can be sure about really _clean_ code from viruses and backdoors. On Tue, Jun 30, 2015 at 10:50 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, folks! I have just found this article: https://openvz.org/OpenVZ_with_upstream_kernel And I enough upset with it because I need to install Commercial Paid Software (CloudLinux) for running open source OpenVZ. From my
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
Scott, I could ask you one simple thing. Please read this ticket https://bugzilla.openvz.org/show_bug.cgi?id=3227 and share your experience here. If you think it's OK to offer _official_ templates with bunch of security issues I could agree with you and revoke all my complains. But I'm really sure about inadmissibility of issues like this. That's why I really interested in completely open source _automatic_ template build system for my company. On Tue, Jun 30, 2015 at 1:05 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you so much for support :) Really, I want to do more with OpenVZ and really want to get new features from RHEL7 kernel. And I have full understanding of this very long and deep process. And we need so huge time (one or two years) for stable RHEL7 release. Thats why I want to build test env in my Company ASAP for help OpenVZ team with bug hunting and load testing. But I can't do it without documentation. That's my main complain and main idea of all this speech. On Tue, Jun 30, 2015 at 12:55 PM, Kristian Marcroft k...@kwm-web.info wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I think you are personally expecting to much in to short time. Actually I think that most of the stuff shared publicly is not finished yet. But you now have the chance to at least look into some stuff Odin is doing and maybe even the community can help to create documentation. You will also have to respect, that Odin still has a commercial interest behind all of this. Basically nothing is changing. The Kernel base of OpenVZ has always been the base for Virtuozzo (or the other way round?) Now Odin is starting to release some tools and more features. Instead of bulling them to do more, you should remember that as far as I know there are only limited resources provided by Odin and most contributions are actually also done in their free time. Currently, the stable version is CentOS 6 with RHEL-6 based Kernel. You can stick with that and just wait until the rest matures. I do understand you want to use a recent OS such as CentOS 7, but that is not ready for use yet. That's what one would call development in progress I guess :) So just give it all a bit more time and all will be fine. Regards, Kristian Am 30.06.2015 um 11:01 schrieb Pavel Odintsov: Very hard to run something now... So much if / should and it's not working yet. I prefer wait until time when everything will be work. Actually there are no profit from open sourcing project at this time. Because so much heritage from Commercial world which I do not like at all. I do not want to be part of test monkeys for commercial project. I want to be part of community and I want to contribute to community.But it's real nightmare because I'm from another world. And closed CloudLinux means for me keep away from this project, it's not true open source. Finally, I really appreciate moving to open source. But I do not like steps of Odin company and community manager here. 1) They offer test kernels with no sources. I.e. there are no way to build RHEL7 kernel manually from open code 2) They offer closed source distribution with bunch of crap instead 3) They put bunch of code to src.openvz.org but this code lacks os docs, manuals and any help! We tried to build few tools for few weeks and it's really HARD challenge. 4) They offer Debian 8 templates but do not provide any references How you can build template manually. Odin, folks. If you put code to somewhere in Internet do not mean doing open source. Open source is: 1) Share ideas 2) Offer help and documentation 3) Mind about community, not about commercial success. I really can spent my time and my engineers time for doing Virtuozzo better but you do not hear me. Unfortunately. Very sad. On Tue, Jun 30, 2015 at 11:45 AM, Kristian Marcroft k...@kwm-web.info wrote: Hi, CentOS 7 should be supported once Virtuozzo 7 is released. As far as I know Odin is porting their OpenVZ/Virtuozzo patches to the RHEL 7 Kernel at the moment. Currently they use RHEL 6/Cloud Linux 6 as a base. This will change with Virtuozzo 7. This is what the Versions actually mean. Regards, Kristian Am 30.06.2015 um 10:29 schrieb Pavel Odintsov: Thanks for answer Kristian! But my question about another case. I can't find CentOS 7 here. From my opinion it means I can't send bugs to bugzilla because you have used not recommended distribution. It's normal practice for big vendors and I really scary about it. On Tue, Jun 30, 2015 at 11:15 AM, Kristian Marcroft k...@kwm-web.info wrote: Hi, that page indicated it is recommended, not it's required? You should be able to use CentOS as an OS? I don't think that will change. I do think that Odin will actually give out recommendations and that Odin will support their recommendations in their commercial Product Virtuozzo. Regards, Kristian Marcroft Am 30.06.2015 um 09:57
Re: [Users] OpenVZ templates
Scott, my users use about ~25 different templates just because they can. And I have so much tasks which not related with OpenVZ and templates and I can't spent my time for rebuilding templates every day. I have completely automatic Cloud Management System builded on top of OpenVZ. And we host dozens of thousands VE's without any human help. Indeed! And I want to build my templates with already stable and reliable system which offer Odint in source code. It's much times more reliable and stable than yet another hand made script. They have really awesome system and I use it in Commercial OpenVZ with pleasure. And I just ask to help from Community and Odin to do templates better! :) Actually, I could offer free servers and grant they to Community for reproducibly template rebuild for OpenVZ. Thats my contribution. On Tue, Jun 30, 2015 at 1:30 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - I have nice idea. What about week of templates for OpenVZ? I really want to setup my own server for building Debian-8 templates. But there are no docs. Actually we have HUGE experience with PCS templates system and could share this experience. But we need help from OpenVZ folks with some information how you are building templates for OpenVZ. Then we could offer good docs :) The place to start is: http://wiki.openvz.org/Category:Templates You may have already looked through some of that... but yeah... most all of that was contributed by community folks... and the bulk of it is outdated and not well maintained. That is mostly the fault of the community. The instructions for contributing an OS Template say to create a forum thread with details on how it was done... but no one has really followed those documentation instructions for a while now... and I'm guilty of that myself. The gist of it is that you can use a distro's regular package management tools to install a base / minimal system in a separate directory... and once done... just tar.gz|xz it up. The official OS Templates from the OpenVZ Project tend to add a few vz-sourced stub packages to replace some bulky and/or unneeded packages (like a kernel package for example) but those really are not required. Feel free to take a look at an example of my contributed Fedora OS Templates. http://download.openvz.org/template/precreated/contrib/fedora-21-x86_64-20150323.tar.xz In particular, notice the two files I've included within it to generate the regular and minimal flavors: /root/create-fedora21-ostemplate.sh /root/create-fedora21minimal-ostemplate.sh Basically whenever I want to update my contributed OS Templates, I just create a container from the current OS Template and then run those scripts within... as they basically just download the latest packages for everything, install them in a temporary directory, make a few minor changes to the install tree... and then tar.xz it up. I did make an attempt to build a Debian 8 OS Template because someone requested one in IRC prior to the release of the beta and later official OS Template by the OpenVZ Project. Unfortunately I didn't include the little build script I cooked up for that within it like I do with the Fedora ones... and that was an oversight on my part. It was basically the same thing though only substituting the apt-get commands for the yum/dnf ones. I'd love to be more helpful... but I'm not that advanced of a Debian user. :( Hopefully that's enough to get you started. How does the newer vztt OS Template build system do what it does? I don't know yet... but I'm guessing there is no magic... that it uses the native packaging tools... downloads a minimal set of packages from a distro's official repos... extracts them to a temporary directory... does some rudimentary clean up and optimization (turning off undesired / unworking-in-a-container services, etc)... and then just tar.gz's it up. It probably put some effort into abstracting how to specify repo URLs and package lists... but other than that... that fancy stuff is just icing. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
I have nice idea. What about week of templates for OpenVZ? I really want to setup my own server for building Debian-8 templates. But there are no docs. Actually we have HUGE experience with PCS templates system and could share this experience. But we need help from OpenVZ folks with some information how you are building templates for OpenVZ. Then we could offer good docs :) On Tue, Jun 30, 2015 at 12:16 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - But where we can get documentation about this format? In search I see only like http://kb.odin.com/en/924 http://download.swsoft.com/virtuozzo/virtuozzo4.0/docs/en/lin/VzLinuxReference/14325.htm , yet. vzpkg is basically dead because of bit rot. The Odin folks did release the source code to the OS Template packaging tool that come from Virtuozzo which has been used by them to build the official OpenVZ OS Templates for a few years now. The name of the tool is vztt. For more information see: http://lists.openvz.org/pipermail/announce/2015-June/000592.html So far as documentation goes... I haven't really looked for docs on vztt... but since they released the source code... at the very least that is a form of documentation. I haven't had time (and probably don't the skills) to look into vztt and what it takes to actually start using it... and would just love to see some enterprising OpenVZ user get it figured out for me and write up a wiki post all about it. So far that hasn't happened. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Why open source OpenVZ project require commercial CloudLinux as platform?
I do not want to be not polite. And I'm so sorry if somebody take offense by my speech. Sorry, folks! On Tue, Jun 30, 2015 at 12:43 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - Very hard to run something now... So much if / should and it's not working yet. I prefer wait until time when everything will be work. Actually there are no profit from open sourcing project at this time. Because so much heritage from Commercial world which I do not like at all. I do not want to be part of test monkeys for commercial project. I want to be part of community and I want to contribute to community.But it's real nightmare because I'm from another world. And closed CloudLinux means for me keep away from this project, it's not true open source. Finally, I really appreciate moving to open source. But I do not like steps of Odin company and community manager here. 1) They offer test kernels with no sources. I.e. there are no way to build RHEL7 kernel manually from open code 2) They offer closed source distribution with bunch of crap instead 3) They put bunch of code to src.openvz.org but this code lacks os docs, manuals and any help! We tried to build few tools for few weeks and it's really HARD challenge. 4) They offer Debian 8 templates but do not provide any references How you can build template manually. Odin, folks. If you put code to somewhere in Internet do not mean doing open source. Open source is: 1) Share ideas 2) Offer help and documentation 3) Mind about community, not about commercial success. I really can spent my time and my engineers time for doing Virtuozzo better but you do not hear me. Unfortunately. Very sad. I find your lack of knowkedge and history (at least as you have articulated your position in this thread) insulting and somewhat offensive. OpenVZ has been around for a long time... almost a decade in fact. It started off with an EL4-based kernel (EOL'ed now)... then EL5-based kerne (still supported)... then EL6-based kernel (still supported and the current stable platform)... and they are working on the EL7-based platform. There have been a number of issues between the OpenVZ Project and the commercial project it comes from as explained rather well in this video (als mentioned in my last post): https://www.youtube.com/watch?v=ylNX4gEIJEc Yes the direction ahead looks to be a bumpy one but it makes a lot of sense to me... and that road ahead is the merging of the OpenVZ Project with the open sourcing of much of the Virtuozzo stuff... bringing the two projects closer together... and making it easier for folks to migrate from one to the other if desired. How long before the EL7-based setup is done and deemed stable and the preferred platform over the current EL6-based one? No idea... but yeah, they continue to maintain the EL6-based stable setup and all of the source code is available for it. I think your problem is that you have somehow gotten confused and think that OpenVZ/Odin is pushing the EL7-based branch as the stable / preferred platform now... and that is in no way the case at all. So far as documentation is concerned... it is not uncommon for a project in the development stages to not have manuals... and even when they have gone stable... to not have much documentation. I believe OpenVZ has had rather good (but not perfect) documentation for EL4, EL5, and EL6... and it remains to be seen how that will turn out for EL7. If the commercial oriented side of the project (that has been doing the vast majority of the work on the EL7 effort) can't get good docs for the EL7 stuff done... then of course it is up to the community to take a run at it. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
Awesome!!! On Monday, June 29, 2015, Sergey Bronnikov serg...@openvz.org wrote: https://src.openvz.org/projects/OVZT/repos/debian-8.0-x86_64-ez/browse https://src.openvz.org/projects/OVZT/repos/ubuntu-14.04-x86_64-ez/browse On 21:03 Tue 23 Jun , Pavel Odintsov wrote: Hello! What about Debian-like distros? On Tuesday, June 23, 2015, Sergey Bronnikov serg...@openvz.org javascript:; wrote: On 02:46 Wed 20 May , Gena Makhomed wrote: build scripts for creating OpenVZ templates now are close source. are any plans exists to make these build scripts open source ? We opened sources of OS templates: https://src.openvz.org/projects/OVZT You are welcome to contribute new OS templates. mainly for audit all changes made in OpenVZ templates, second reason - for creating own OpenVZ templates. this feature already exists and open source in Docker, and it is very useful for Docker users. -- Best regards, Gena ___ Users mailing list Users@openvz.org javascript:; javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- https://openvz.org/Contribute -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
Hello! What about Debian-like distros? On Tuesday, June 23, 2015, Sergey Bronnikov serg...@openvz.org wrote: On 02:46 Wed 20 May , Gena Makhomed wrote: build scripts for creating OpenVZ templates now are close source. are any plans exists to make these build scripts open source ? We opened sources of OS templates: https://src.openvz.org/projects/OVZT You are welcome to contribute new OS templates. mainly for audit all changes made in OpenVZ templates, second reason - for creating own OpenVZ templates. this feature already exists and open source in Docker, and it is very useful for Docker users. -- Best regards, Gena ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
And I should remark one very interestiong point here. Each openvz (open source) template have builded from proprietary (I speaking about Debian templates in this moment) manifests. And you are trying to sell me these sources of already open surce project (???) ? From conmunity side I have HUGE contribution to your product quality assurance. Is it OK for me? Additinally, I have agreement with Odin for few Parallels Cloud licenses. Finally, I have openvz maintenatce subscription from Odin. Its ok or I should pay more money for really open source project? On Tuesday, June 23, 2015, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - On 21:03 Tue 23 Jun , Pavel Odintsov wrote: What about Debian-like distros? Published OS templates is a contribution of Odin company to OpenVZ project. Odin company paid time of developers and QA engineers to made working templates. Odin published source code of these templates and made it available for everyone. And where is your contribution? Well, I think their point was... that when one clicks on the link given ( https://src.openvz.org/projects/OVZT) the only thing listed is CentOS 5, 6 and 7. The OpenVZ Project distributes a number of other official OS Templates including Fedora, Ubuntu and Debian... but those aren't listed... so it seems like a partial dump of materials rather than a complete one. But I better not forget... Thanks Odin for releasing those!. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
Not a good idea to contribute already implemented by somebody (Odin) feature. On Tuesday, June 23, 2015, Sergey Bronnikov serg...@openvz.org wrote: On 21:03 Tue 23 Jun , Pavel Odintsov wrote: Hello! What about Debian-like distros? Published OS templates is a contribution of Odin company to OpenVZ project. Odin company paid time of developers and QA engineers to made working templates. Odin published source code of these templates and made it available for everyone. And where is your contribution? On Tuesday, June 23, 2015, Sergey Bronnikov serg...@openvz.org javascript:; wrote: On 02:46 Wed 20 May , Gena Makhomed wrote: build scripts for creating OpenVZ templates now are close source. are any plans exists to make these build scripts open source ? We opened sources of OS templates: https://src.openvz.org/projects/OVZT You are welcome to contribute new OS templates. mainly for audit all changes made in OpenVZ templates, second reason - for creating own OpenVZ templates. this feature already exists and open source in Docker, and it is very useful for Docker users. -- Best regards, Gena ___ Users mailing list Users@openvz.org javascript:; javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- https://openvz.org/Contribute -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
Hello! Nice feedback folks! Completely agree ;) Will be fine to build some sort of official templates for Debian without any proprietary parts with debootstrap ;) On Wed, Jun 24, 2015 at 12:22 AM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - Its ok or I should pay more money for really open source project? I don't speak for Odin... because I'm just a member of the user community... but just wanted to clarify that open source nor free software is about price. You can chill now... I think he just misunderstood what you said at first (I did). ...but yeah, give them more money if you can spare it! :) While I'm definitely glad to see more and more of the proprietary bits that were/are part of Virtuozzo... some of which were used to build the official OS Templates... I have no idea how to use any of it yet. I have a few recipes that I use for building Fedora, CentOS, Scientific Linux, and Oracle templates. It is basically a yum statement with a specified install directory... and then a few minor changes to the directory tree post install. While I'm not as knowledgeable with Debian and Ubuntu... I did cobble together a Debian 8 OS Template recipe although I'm sure it leaves a bit to be desired. Luckily building OS Templates is fairly easy... but yeah, it would be nice if it was better documented on the wiki. Let's hope the recently released OS Template building tools will be in a usable state in the not-too-distant future... and that the build process isn't overly complicated. 5 or so years ago... vzpkg2 looked like a reasonable third-party alternative but unfortunately the developer got busy with other stuff and it just died on the vine. It would also be really nice if the new tools could produce OS Templates that were usable (even with some minor changes required) with LXC, libvirt-LXC, systemd-nspawn... and/or lxd. :) I say that because I really haven't seen any good tools for those... but then again I haven't looked too hard. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
[Users] OpenVZ and IPv6
Hello, folks! I deployed IPv6 two years ago and everything goes smooth. But there are some guidance from RIPE about IPv6 allocation. And I want to mention they there. Every company receives /48 IPv6 allocation (65 535 of /64 networks) and each end side device should receive /64 subnet. Actually, for OpenVZ I should allocate /128 IPv6 IP's for customers instead of /64. It's die to openvz features in this case. Do you have any ideas about ability to add /64 subnet per container instead ugly /128? Thank you so much! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and IPv6
Hello! Yep, I do not want whole /64 to container. I wan't to provide whole subnet. And customer could decide what IP's he need. On Thu, Jun 18, 2015 at 11:30 PM, Volker Janzen v...@voja.de wrote: Hi, I don't think it's possible to add a complete /64 to a container. Commercial solutions I know allow to add single IPv6 from a /64 to a container, but not in bulk. This would also eat many ressources, even if the kernel could handle the large number of /64 IPs. Perhaps the list of IPs could exceed container memory. Regards Volker Am 18.06.2015 um 18:13 schrieb Pavel Odintsov pavel.odint...@gmail.com: Hello, folks! I deployed IPv6 two years ago and everything goes smooth. But there are some guidance from RIPE about IPv6 allocation. And I want to mention they there. Every company receives /48 IPv6 allocation (65 535 of /64 networks) and each end side device should receive /64 subnet. Actually, for OpenVZ I should allocate /128 IPv6 IP's for customers instead of /64. It's die to openvz features in this case. Do you have any ideas about ability to add /64 subnet per container instead ugly /128? Thank you so much! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and IPv6
Heh, sorry. I should be more clear. I want to delegate whole /64 subnet and customer could decide how much IP's he need. He could use only ::1 but he could use as much as possible IP addresses. On Thu, Jun 18, 2015 at 11:50 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! Yep, I do not want whole /64 to container. I wan't to provide whole subnet. And customer could decide what IP's he need. On Thu, Jun 18, 2015 at 11:30 PM, Volker Janzen v...@voja.de wrote: Hi, I don't think it's possible to add a complete /64 to a container. Commercial solutions I know allow to add single IPv6 from a /64 to a container, but not in bulk. This would also eat many ressources, even if the kernel could handle the large number of /64 IPs. Perhaps the list of IPs could exceed container memory. Regards Volker Am 18.06.2015 um 18:13 schrieb Pavel Odintsov pavel.odint...@gmail.com: Hello, folks! I deployed IPv6 two years ago and everything goes smooth. But there are some guidance from RIPE about IPv6 allocation. And I want to mention they there. Every company receives /48 IPv6 allocation (65 535 of /64 networks) and each end side device should receive /64 subnet. Actually, for OpenVZ I should allocate /128 IPv6 IP's for customers instead of /64. It's die to openvz features in this case. Do you have any ideas about ability to add /64 subnet per container instead ugly /128? Thank you so much! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and IPv6
Brilliant! Kevin, thank you. On Friday, June 19, 2015, Kevin Holly [Fusl] ope...@lists.dedilink.eu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, On 06/18/2015 11:13 PM, Todd Mueller wrote: [...] I'm not entirely sure if you understand what he asks for. When you do vzctl set CTID --ipadd 2001:1234:1234:1234/64 --save, OpenVZ creates a route only for the network address (2001:1234:1234:1234::), but not for the entire /64 subnet which is unexpected behaviour already. Inside the container, OpenVZ automatically adds the network address (2001:1234:1234:1234::) to venet0. 2001:1234:1234:1234:: is now reachable from the outside If you add 2001:1234:1234:1234::1 as an address inside the container, it should send a NDP packet to update neighbours about the new IPv6 address (including the router) but what we see instead is 2001:1234:1234:1234::1 staying unreachable. OpenVZ in this case treats the 2001:1234:1234:1234::/64 subnet as a single address (which is 2001:1234:1234:1234::) instead of the subnet we requested and throws away all subnet information. How we expect it to work instead: vzctl set CTID --ipadd 2001:1234:1234:1234::/64 --save should add an entire /64 route and allow the container to use the entire /64 subnet as outgoing IPv6 address vzctl should not by default add an IPv6 address from this subnet OR add 2001:1234:1234:1234:: by default to the container. Inside the container we should now be able to add 2001:1234:1234:1234::1 as another IPv6 address to venet0 and OpenVZ kernel/the hardware node should forward NDP packets for updating neighbours including routers with the new IPv6 address. The addresses 2001:1234:1234:1234:: and 2001:1234:1234:1234::1 should now be reachable from outside. I hope that I explained this enough in detail so everyone reading should get an idea of what we mean. - -- Best regards Kevin Holly - r...@hallowe.lt javascript:; - http://hallowe.lt/ -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBAgAGBQJVgz/dAAoJELAaqP3QtzpMLlwH/2nYUll/ZwkkmQbYCZLRWAMZ h90rdK8zh5MRKTSSlMMO6AEBc3yKiw2F5nSHpAIKS5GuvtRbKs7qkHDM3BruSvg6 W60D0tiYdIQLKFCEgldo5aPmGdJirGA/DV8nq1bEYlQX41nC9rsuvRUPbupIr24n Y6YN2J34BIaTmkXrAj2kjL+O0h6AUlgTOyitohd8jzmc4aki7jn3rsuoDDC6yN38 mKBp1j992zJnWPHSekmyCYAJzGRlD0JAAamasFTxlkV/5Gd3vZoFIX6tkrj7Wfu2 /CGgGM9+3ubPdW9CJeBPSGO92VxAyomLf7Y68ezVO0zuK/FuqqMPwaADJ64eCLU= =sbdL -END PGP SIGNATURE- ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] distribute template packages with yum
Hi There are no information about minimal kernel required version inside templates. It's not expected to upgrade and reboot hwn to last kernel everytime when templates being upgraded. On Friday, June 19, 2015, Gena Makhomed g...@csdoc.com wrote: On 18.06.2015 10:44, Pavel Odintsov wrote: Thats why we need some sort of dependency list for templates this template requires this kernel version. Any ideas to distribute template packages with yum? It already has this capabilities. also it will be useful update hardware node with only one command: # yum update instead of two commands, as it now: # yum update # vztmpl-dl --update-all -- Best regards, Gena ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and IPv6
Actually, I just asking community for ideas about IPv6 subneting. On Friday, June 19, 2015, Todd Mueller toddmuel...@gmail.com wrote: I don't understand what you are expecting OpenVZ to do? It's up to you to manage your IP space as you see fit and assign to containers as necessary. Given your context of customers this would likely be a function of whatever management platform you are using. On Thu, Jun 18, 2015 at 3:58 PM, Pavel Odintsov pavel.odint...@gmail.com javascript:; wrote: Heh, sorry. I should be more clear. I want to delegate whole /64 subnet and customer could decide how much IP's he need. He could use only ::1 but he could use as much as possible IP addresses. On Thu, Jun 18, 2015 at 11:50 PM, Pavel Odintsov pavel.odint...@gmail.com javascript:; wrote: Hello! Yep, I do not want whole /64 to container. I wan't to provide whole subnet. And customer could decide what IP's he need. On Thu, Jun 18, 2015 at 11:30 PM, Volker Janzen v...@voja.de javascript:; wrote: Hi, I don't think it's possible to add a complete /64 to a container. Commercial solutions I know allow to add single IPv6 from a /64 to a container, but not in bulk. This would also eat many ressources, even if the kernel could handle the large number of /64 IPs. Perhaps the list of IPs could exceed container memory. Regards Volker Am 18.06.2015 um 18:13 schrieb Pavel Odintsov pavel.odint...@gmail.com javascript:;: Hello, folks! I deployed IPv6 two years ago and everything goes smooth. But there are some guidance from RIPE about IPv6 allocation. And I want to mention they there. Every company receives /48 IPv6 allocation (65 535 of /64 networks) and each end side device should receive /64 subnet. Actually, for OpenVZ I should allocate /128 IPv6 IP's for customers instead of /64. It's die to openvz features in this case. Do you have any ideas about ability to add /64 subnet per container instead ugly /128? Thank you so much! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] New debian-8.0 template and old kernels
Hello, folks! Thats why we need some sort of dependency list for templates this template requires this kernel version. Any ideas to distribute template packages with yum? It already has this capabilities. On Thu, Jun 18, 2015 at 12:26 AM, Сергей Мамонов mrqwe...@gmail.com wrote: Yes, this explains everything. Thanks a lot for a very quick answer. 2015-06-18 0:05 GMT+03:00 Kevin Holly [Fusl] ope...@lists.dedilink.eu: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 A necessary feature to run Debian 8 inside the container has been added in 042stab094.7: https://openvz.org/Download/kernel/rhel6/042stab094.7 ms/hrtimer: Backport CLOCK_BOOTTIME feature, needed for latest systemd (#2937) You will need to upgrade the kernel in order to get Debian 8 working properly. On 06/17/2015 10:48 PM, ?? ??? wrote: How I see ubuntu-15.04-x86_64 have the same issue on 2.6.32-042stab093.4 kernel. 2015-06-17 23:33 GMT+03:00 ?? ??? mrqwe...@gmail.com mailto:mrqwe...@gmail.com: New template debian-8.0-x86_64 have problems with old kernels? On 2.6.32-042stab109.12 with vzctl 4.9.2 - it work. On 2.6.32-042stab106.6 with vzctl 4.8 - it work. But on 2.6.32-042stab093.4 with vzctl 4.8 - init in container not work. I upgrade vzctl to 4.9.2, but it not help. After start we have only - root@debian-8-test:/# ps aux USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 1 0.0 1.0 28076 2772 ?Ss 16:01 0:00 init -z root 2 0.0 0.0 0 0 ?S16:01 0:00 [kthreadd/1225] root 3 0.0 0.0 0 0 ?S16:01 0:00 [khelper/1225] root55 0.0 0.2 27556 752 ?Ss 16:01 0:00 vzctl: pts/0 root56 0.0 0.7 20188 2028 pts/0Ss 16:01 0:00 -bash root71 0.0 0.4 17436 1140 pts/0R+ 16:02 0:00 ps aux And errors on stop, when it try run /run/initctl ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users - -- Best regards Kevin Holly - r...@hallowe.lt - http://hallowe.lt/ -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBAgAGBQJVgeEFAAoJELAaqP3QtzpM3N0H/2qksxe0rOfBH/UBX7B3JeX8 IF7EN4ULWjY55njuvfcsrEQxSChfEqdiqS40t62wQ0M+V3IrM/y6FnWvLwBY1ZHh Ruv2D6W7PuQcq8AG5l93EIHwLiGCV4c3uR2gP930+tUjS6XqXCZIKI5oesUZNRra vouBtp2JIz3iMwNsekbyTe5AMvXBtAdQs2vWUwcBg+LuuOv6UFsqMHsuUG5rlWgY HJxY0hQcFWOypsnWuACzoG8JEz0DjgCykcdHHbbOToQBeHPkGFPJFgIc93LYwWTE qGDShcy+TDERWXDomG5p8qIpEaVz/zJgVoflhG7VUsJIUcKin3nor3VoX2UvNq0= =D4kJ -END PGP SIGNATURE- ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ templates
Awesome! Awesome! Awesome! :) On Wed, May 20, 2015 at 2:02 PM, Sergey Bronnikov serg...@openvz.org wrote: On 02:46 Wed 20 May , Gena Makhomed wrote: On 19.05.2015 4:50, Kir Kolyshkin wrote: In CentOS 7 OpenVZ template also default target is not multi-user and it should be manually switched via command line: # systemctl set-default multi-user.target But why default target in OpenVZ templates is not multi-user.target ? Please file a bug. ok, done: https://bugzilla.openvz.org/show_bug.cgi?id=3243 build scripts for creating OpenVZ templates now are close source. are any plans exists to make these build scripts open source ? Yes, we plan to publish source code of these utilities. I believe it will happen soon. mainly for audit all changes made in OpenVZ templates, second reason - for creating own OpenVZ templates. this feature already exists and open source in Docker, and it is very useful for Docker users. -- Best regards, Gena ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] suspend/resume in OpenVZ
Hello! Really! Nice feedback! ZFS live migration could be implemented with current ZFS version by multiple calls of zfs send/receive with multiple snapshots. But I created issue to ZFS On Linux project about more convenient way to do this task: https://github.com/zfsonlinux/zfs/issues/3407 --- Docker is awesome toolkit. But we still haven't support for in OpenVZ/PCS. I'm really _NOT_ sure about idea to run Docker inside container. I want to run it on HWN (together with another containers if possible) and run my custom applications in a securely manner here. Running Docker inside containers is really strange idea and I haven't any use cases for it in my environment. On Wed, May 13, 2015 at 4:03 AM, Gena Makhomed g...@csdoc.com wrote: On 13.05.2015 2:09, Pavel Odintsov wrote: Completely disagree with After hitting bug https://bugzilla.openvz.org/show_bug.cgi?id=2470 I completely disable suspending on stop for all hardware nodes, - VE_STOP_MODE=stop in /etc/vz/vz.conf and don't use it at all. Sorry, but I really set VE_STOP_MODE=stop in /etc/vz/vz.conf because checkpointing too slow on my hardware for many containers and HDD disks without SSD, and just stop/start is much faster than suspend/resume all CT for hardware node reboot. So, VE_STOP_MODE=stop provides minimal downtime. And yes, bug https://bugzilla.openvz.org/show_bug.cgi?id=2470 prevents starting nginx after CT resume after hardware node reboot. I need most stable/reliable server - this is the first line priority. We use cpt/rst for ten of thousands containers for few years. And in 99.9% cases it works with charm. And it's one os most killer features of OpenVZ. But why I need to use cpt/rst with OpenVZ ? CT must be online and uptime always, without downtimes during cpt/rst. If CT is completely damaged/broken - I just restore it from backup. --- If you talk about live migration of CT between hardware nodes - I can't easy use this feature with current main hosting provider: Hetzner allow only max 3 Failover IPs, with € 4.20 / month price for each IP and additional € 12.61 / month for Flexi-Pack. more details here: http://wiki.hetzner.de/index.php/Failover/en Also bash script for swithing IP between servers is not trivial: http://wiki.hetzner.de/index.php/Failover_Skript/en And Hetzner Failover subnet can't be used with OpenVZ, because A failover subnet can only be switched as a whole, single IPs from the subnet can not be switched individually. So using CT live migration with Hetzner is looks like very costly and limited solution - max only 3 OpenVZ CT can be live migrated. May be other hosting provides has other restrictions, but right now I mostly use Hetzher.de as the winner for price/performance ratio after protecting most valuable sites from DDoS via CloudFlare.com --- Also the main reason why I can't use OpenVZ live migration is incompatibility between OpenVZ live migration and ZFS, as I understand - for live migration I must use ploop images located on ext4 filesystems and can't use simfs on top of ZFS. But ZFS is most natural way to get optimal price/performance ratio, with very high level of reliability of storage subsystem based on slow big HDDs and fast SSDs for ZFS L2ARC. So, evaluate benefits of ZFS and OpenVZ live migration I should select ZFS and can't use live migration at all. --- Now, as I understand, main trend in DevOps / Continuous Delivery is approach http://martinfowler.com/bliki/ImmutableServer.html with on-fly switching between online instances via method of http://martinfowler.com/bliki/BlueGreenDeployment.html And many new userland utilites are now created for this purposes: for example, Docker.com and coreos/rkt with App Container: http://www.opennet.ru/opennews/art.shtml?num=41168 http://www.opennet.ru/opennews/art.shtml?num=41545 As for me, ideal server is Linux hardware node with ability to run on top of it KVM virtual machines, OpenVZ containers, and probably some Application Container Specification Implementations inside OpenVZ containers and on top of hardware nodes simultaneously. This will allow seamless migration from KVM-based Linux virtual machines to OpenVZ containers and in future - also seamless software migration from OpenVZ CTs to App Container Images and App Container Runtimes. -- Best regards, Gena ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] directory /.cpt_hardlink_dir_a920e4ddc233afddc9fb53d26c392319
Hello Completely disagree with After hitting bug https://bugzilla.openvz.org/show_bug.cgi?id=2470 I completely disable suspending on stop for all hardware nodes, - VE_STOP_MODE=stop in /etc/vz/vz.conf and don't use it at all. We use cpt/rst for ten of thousands containers for few years. And in 99.9% cases it works with charm. And it's one os most killer features of OpenVZ. On Wed, May 13, 2015 at 1:51 AM, Kevin Holly [Fusl] ope...@lists.dedilink.eu wrote: On 05/12/2015 11:29 PM, Kir Kolyshkin wrote: https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4a1 The correct link is https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4ab, or the shortened link https://github.com/kolyshkin/vzctl/commit/09e9, or the full link https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4abd42194eec8441a40e63ea991 -- Best regards Kevin Holly - r...@hallowe.lt - http://hallowe.lt/ ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] directory /.cpt_hardlink_dir_a920e4ddc233afddc9fb53d26c392319
Btw, on promotion rights. Any OpenVZ bug could be fixed with $400 maintenance agreement with Odin/Parallels: http://www.odin.com/support/virtualization-suite/openvz/ Once fixed fix will be added to mainstream and available for everyone. On Wed, May 13, 2015 at 2:09 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello Completely disagree with After hitting bug https://bugzilla.openvz.org/show_bug.cgi?id=2470 I completely disable suspending on stop for all hardware nodes, - VE_STOP_MODE=stop in /etc/vz/vz.conf and don't use it at all. We use cpt/rst for ten of thousands containers for few years. And in 99.9% cases it works with charm. And it's one os most killer features of OpenVZ. On Wed, May 13, 2015 at 1:51 AM, Kevin Holly [Fusl] ope...@lists.dedilink.eu wrote: On 05/12/2015 11:29 PM, Kir Kolyshkin wrote: https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4a1 The correct link is https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4ab, or the shortened link https://github.com/kolyshkin/vzctl/commit/09e9, or the full link https://github.com/kolyshkin/vzctl/commit/09e974fa3ac9c4abd42194eec8441a40e63ea991 -- Best regards Kevin Holly - r...@hallowe.lt - http://hallowe.lt/ ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Debian 8 packages for OpenVZ as a HN?
Hello! Its awesome for Debianers! But I'm CentOS guy and can't disable stupid systemd :( On Sunday, May 10, 2015, CoolCold coolthec...@gmail.com wrote: Pavel, several letters above I've written that is able to boot Jessie (debian 8 ) system without almost any problems, just use sysvinit and inserted link to bugzilla about this. 10 мая 2015 г. 18:10 пользователь Pavel Odintsov pavel.odint...@gmail.com javascript:_e(%7B%7D,'cvml','pavel.odint...@gmail.com'); написал: Well, well. But why my 2.6.32 kernel become broken after change Wheezy's init system to systemd? Standard 3.2 kernel from Debian works perfectly with systemd. If this problems is not related with kdbus but it's still it broke ability to run OpenVZ kernel on modern distros. If somebody will fix this issue I will be very pleased. On Sun, May 10, 2015 at 2:40 PM, Marco d'Itri m...@linux.it javascript:_e(%7B%7D,'cvml','m...@linux.it'); wrote: On May 10, Pavel Odintsov pavel.odint...@gmail.com javascript:_e(%7B%7D,'cvml','pavel.odint...@gmail.com'); wrote: Unfortunately, we can't run OpenVZ 2/6/32 kernel on top of systemd aware system because it lacks kdbus subsystem. But if you changed init All upstream kernels lack kdbus, and systemd does not depend on it. -- ciao, Marco ___ Users mailing list Users@openvz.org javascript:_e(%7B%7D,'cvml','Users@openvz.org'); https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org javascript:_e(%7B%7D,'cvml','Users@openvz.org'); https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Debian 8 packages for OpenVZ as a HN?
Hello, folks! Unfortunately, we can't run OpenVZ 2/6/32 kernel on top of systemd aware system because it lacks kdbus subsystem. But if you changed init system to sysvinit for Debian 8 Jessie we could run old kernel on it. Btw, I still sure about only one and best distro for OpenVZ. It's CentOS 6. On Sun, May 10, 2015 at 12:12 PM, Johan Wilfer li...@jttech.se wrote: Den 2015-05-09 23:52, Scott Dowdle skrev: Greetings, - Original Message - Are there plans to support OpenVZ using Debian 8 Jessie as a HN? Let's see... RHEL/CentOS 7 has been out close to a year and there aren't any packages for it yet... and here you go wanting Debian 8 packages within weeks of its release. Of call the gall. Just kidding. :) Yeah, I'd expect that when the EL7-based kernel is done, it can probably be made to work on Debian 8. How's that for an answer? Hey, at least they released the work-in-progress source for their EL7 3.10.x-based OpenVZ branch. For more info see: http://src.openvz.org/ I didn't expect anything really, and your answer clarifies a lot. Thank you for the update! So to rephrase the question then: How are the plans for a release of kernel packages to RHEL7? -- Johan Wilfer ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Debian 8 packages for OpenVZ as a HN?
Hello! It's awesome for Debianers! But I'm CentOS guy and can't fix CentOS 7 so simple :( On Sun, May 10, 2015 at 6:44 PM, CoolCold coolthec...@gmail.com wrote: Pavel, several letters above I've written that is able to boot Jessie (debian 8 ) system without almost any problems, just use sysvinit and inserted link to bugzilla about this. 10 мая 2015 г. 18:10 пользователь Pavel Odintsov pavel.odint...@gmail.com написал: Well, well. But why my 2.6.32 kernel become broken after change Wheezy's init system to systemd? Standard 3.2 kernel from Debian works perfectly with systemd. If this problems is not related with kdbus but it's still it broke ability to run OpenVZ kernel on modern distros. If somebody will fix this issue I will be very pleased. On Sun, May 10, 2015 at 2:40 PM, Marco d'Itri m...@linux.it wrote: On May 10, Pavel Odintsov pavel.odint...@gmail.com wrote: Unfortunately, we can't run OpenVZ 2/6/32 kernel on top of systemd aware system because it lacks kdbus subsystem. But if you changed init All upstream kernels lack kdbus, and systemd does not depend on it. -- ciao, Marco ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Debian 8 packages for OpenVZ as a HN?
Well, well. But why my 2.6.32 kernel become broken after change Wheezy's init system to systemd? Standard 3.2 kernel from Debian works perfectly with systemd. If this problems is not related with kdbus but it's still it broke ability to run OpenVZ kernel on modern distros. If somebody will fix this issue I will be very pleased. On Sun, May 10, 2015 at 2:40 PM, Marco d'Itri m...@linux.it wrote: On May 10, Pavel Odintsov pavel.odint...@gmail.com wrote: Unfortunately, we can't run OpenVZ 2/6/32 kernel on top of systemd aware system because it lacks kdbus subsystem. But if you changed init All upstream kernels lack kdbus, and systemd does not depend on it. -- ciao, Marco ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Debian 8 packages for OpenVZ as a HN?
Hello Everybody could find official answer about systemd and 2/6/32 compataibility here: https://bugzilla.openvz.org/show_bug.cgi?id=2797 I have checked systemd with openvz few _years_ ago. Specially for care about compatibolity with upcoming centos 7. I really want switch to rhel 7 userpace but I can't do itbecause mentioned issues. On Sunday, May 10, 2015, Johan Wilfer li...@jttech.se wrote: But as both Centos/RHEL7 and Debian 8 uses systemd by default support for systemd isn't really optional for OpenVZ in the long run..? According to this page Gentoo is the only major distribution that hasn't switched to systemd as default: http://en.wikipedia.org/wiki/Systemd#Adoption_and_reception So this is not different at all between Debian 8 and Centos/RHEL7. But maybe it is a good reason to stay on the Debian 7 / RHEL6 as things clear up... /Johan Den 2015-05-10 15:14, Scott Dowdle skrev: Greetings, - Original Message - Unfortunately, we can't run OpenVZ 2/6/32 kernel on top of systemd aware system because it lacks kdbus subsystem. But if you changed init system to sysvinit for Debian 8 Jessie we could run old kernel on it. So far as I know, kdbus hasn't been added to the mainline kernel yet... and certainly wasn't available for the 3.10.x series that RHEL7 uses... so no, it is *NOT* a requirement for systemd because if it were, there wouldn't be any systemd-based systems yet. For more info, see: https://lwn.net/Articles/641275/ kdbus is certainly something the systemd developers want in the kernel and once it is there, systemd will be start using it. Now having said that, I'm NOT trying to claim that the EL6-based 2.6.32.x kernel will work on the host node of newer distros like EL7 and Debian 8... because to the best of my knowledge, it will not... but I don't think it is systemd related. There is a new mainline kernel release approximately very 3 months and big changes are fairly common. TYL, -- Johan Wilfer ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] target VE_PRIVATE for vzmigrate
Hello! Nice idea! My vote for this feature. On Thu, May 7, 2015 at 10:17 AM, Nick Knutov m...@knutov.com wrote: Hello all, I see it's possible now to use selected target VE_PRIVATE for vzmigrate via changing /etc/vz/vz.conf on destination node - https://bugzilla.openvz.org/show_bug.cgi?id=2523 (and it works - I checked) But I'd like to specify destination VE_PRIVATE as a parameter to `vzmigrate`. Is it possbile? (I know I can edit source, just want to check is it already implemented while I can't find it) -- Best Regards, Nick Knutov http://knutov.com ICQ: 272873706 Voice: +7-904-84-23-130 ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Ploop Incremental backups strategy
Hello, folks! I could recommend rdiff for incremental snapshots. It works fine for enough small images but need patches in algorithm for huge snapshots. On Thu, Apr 30, 2015 at 10:39 PM, Philipp Born phil...@tamcore.eu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I would say so. It gives you incremental and full backups. It misuses snapshots for incremental backups, which has the downside of requiring a bit more free diskspace on your node. But doing backups this way is also faster than rsync'ing the whole container each time. I'm using my script now since seven months and so far I have no reason to switch to something different. Before that I've tried pure rsync'ing and stuff like rsnapshot, but I like it more this way. On 28.04.2015 11:12, Steffan Noord wrote: Is this better then just rsync the container ? -Oorspronkelijk bericht- Van: users-boun...@openvz.org [mailto:users-boun...@openvz.org] Namens Philipp Born Verzonden: zaterdag 25 april 2015 14:23 Aan: users@openvz.org Onderwerp: Re: [Users] Ploop Incremental backups strategy Hi, this is eactly what I'm doing. Have a look at https://github.com/TamCore/vzpbackup Regards Philipp On 01.04.2015 14:22, Simon Barrett wrote: Hi all, Is there any reason why I should not create snapshot a ploop-backed container each day (or hour, for that matter) then merge all outstanding snapshots at the end of the week (vzctl snapshot-delete) and compact it? This would allow me to do efficient incremental backups to back up (using bacula, in this case) and I would imagine it's a core use case. Are there any potential risks to be aware of (performance issues, storage usage, corruption exposure)? Regards, Simon ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVQoTvAAoJEJrmlNhNgL+IsSAP+QHuflNO2aMWW8KM+K+kY1Rh 0ccz9dBFs6bBnCi7kAoVpXD9nvFRMctyPrU5heUmKIPFpDnmdJQIs+f7AIVoJ2vR A3ouO3wGyn4SPbUtNenxZxQfkhnTwJwaLsdVrnNb056lmLohG/tZCLvagG+iYfY3 gypQFzcQlIiXPZJeFaFRDY+YWC4lLRiDBCdU4iKcAr5YxYjWxgZMtTbMw7f9FsbP faW3Uofnm+vGTkflUp3kvisGX3Y/EB7n9+FV37jbAyLnk8GhXcnZsECwmVFV5A53 6/fNhvh3ZuV2r4zqcRab8XgrAnmRMdQVFdTP21XdBpvlC5Je0opfWB+M4ATJOAUW 8HVi0KpIz8S35/qmfBSWo6cmwixhmkOI/IqBJ7rod5VzZFmQQoXJgSNdKOQ3aEK+ fbxtSmXlLST/xcYiTkQPKYVflVpBzA6Lli0bVQAiYPxo1fqxx5iu9eUdqWk1nx3K VbS2AcJNb41OiSLenAn39ICPXIZD1QdFnTrh7X6oevVCpkOKUbbDO8eWBk46owu6 uK659gVn3xxq+O2Tle31/119UD7fJ264MmZTykJqkidxr1oXcVoMyLgaoS4sbab+ o/HSGt9iYtII3ANSgv0Tr5D9MscmfaykMHnAz9eWVu7aOIqO1ZFJAX+OBSV6iOwd hFBiNW9cYQ2nBJlAqmvi =/YzI -END PGP SIGNATURE- ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Docker inside an OpenVZ container
Yep, nice suggestion! An every switch between Red Hat kernel 2.6.32 milestones produce big amount of bugs in OpenVZ. But do not provide enough benefits for customers. And I'm sure number of bugs in case of switch between major upstream kernel versions (for example 3.10~3.11) will be same or even much times less because every new version bring new code from OpenVZ patch to upstream. From my point of view, an ideal approach about kernel version used in CoreOS. They follow vanilla kernel and provide new features as soon as possible (overlayfs, vxvlan, dpdk, vswitch, syn proxy, batch routing, tcp/ip stack optimization, live kernel patching). But the work with really huge companies and with important data and know what is reliability. And they use vanilla kernel. Yep, security flaws is and issue but we use containers and 90% of kernel bugs is not affect us. For very important bugs kpatch could be used for live patching. Second nice idea from CoreOS project is consistent upgrade when we could automatically switch to next OpenVZ kernel version on next reboot (or kernel panic, it's more recent for OpenVZ). I'm really sure old approach we use old kernel and we assume it's stable become completely useless today. Because old kernel has bunch of problems (route cache? syn cookies? listen block on socket?) even in subsystems architecture and very important things like tcp routing subsystem. On Tue, Mar 24, 2015 at 2:57 PM, Narcis Garcia informat...@actiu.net wrote: A good strategy could be to make OpenVZ become fully as an LXC enhancement, and apply patches thinking in datacenter scenario for LXC. This focus could make easier to follow Linux kernel versions. OpenVZ for Linux 2.6.32 is excellent, but the time makes grow some matters that didn't seem a problem in 2010. El 24/03/15 a les 10:05, Pavel Odintsov ha escrit: Hello, folks! CentOS 6 with 2.6.32 kernel is real nightmare (even in case of networking) from my point of view. Simple syn flood could KILL my HWN's (I can share details off list). You (Parallels) and RH do big amount of backporting but upstream is far away in future. Difference even between 3.17 and 3.18 kernels is EXTREMELY HUGE. You could look at diffs here https://github.com/torvalds/linux/commits/master. And performance could be improved for 50-70% with this upgrade (I assume even more speed up with update from 2.6.32RH to 3.18). Red Hat interested only in few things about 2.6.32 kernel for running Java and KVM (with Oracle?). But storages (what about stable filesystem like ZFS instead bunch-of-crap-ext4 and it-will-be-non-stable-for-ever-btrfs?), networking (routing! routing! routing!) and many other extremely important things is out of focus. And I have innate desire to test new RHEL 7 kernel and switch my hundreds of servers to it :) But this kernel based on enough old 3.10 kernel will be obsolete since release (look at my comparison about 3.17 3.18 kernel). IMHO, best approach for OpenVZ will be follow the upstream because your patch have significantly reduced since 2.6.32. You are trying to keep up stability with following to Red Hat with old kernels but in reality OpenVZ kernel is not really stable (you could grep my bug reports at bugzilla.openvz.org and found hundreds of issues with stability) even with RH kernel. My instances with upstream kernel could work many months without any issues. Yep, it's enough stable and completely suitable for OpenVZ HWN's. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Docker inside an OpenVZ container
kernels. - it requires careful testing, so it's an additional load for our QA, - of course it's an additional task for our developers, but let's forget about this. You could push RHEL6 and convince them that they need to do this job. If you'll have hard arguments, they will add the patches into next major update, update 7 is expected in few months, update 8 most likely will be released in next year. However nobody guarantees that they will do it too. Good news is that we're rebasing to RHEL7-kenrels. So I would recommend you to look at RHEL7 kernels right now, and wait for our rhel7-based kernel. Docker support in RHEL6 kernels delayed us a little, but anyway we expect to publish first beta in few months. http://openvz.livejournal.com/49158.html Thank you, Vasily Averin But this seems rather impossible, due to git/separated-out-patches not being available for RHEL6 kernel and OpenVZ project following the suit. I would have to invest a lot of time every time a rebase onto a newer RHEL6 kernel release is made. I would like to help out with OpenVZ development from time to time, especially with things related to storage, but the project doesn't seem all that open, you guys only publish your final results, but nothing from the process of getting to them. I don't mean to criticize or I don't mean it in any other bad way, here's me just sighing at how things are. Do you see any room for change in this regard? Or should we just leverage Parallels paid support for OpenVZ to have you guys pull in the patches by yourselves? I love open-source and doing things openly, I know that you guys don't have a whole lot of breathing room thanks to Red Hat here, but is there any possibility of opening the project up more? Finally, I would like to thank all of you at the OpenVZ project, there is no other usable container technology for Linux without you guys. I highly respect that fact despite the relative closedness of the project. /snajpa (vpsFree.cz) ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] ext4 extents problem with ploop
Hello! Can you provide tune2fs /dev/sdXXX output for your /vz partition? Thank you! On Mon, Jan 19, 2015 at 3:38 PM, Daniel Thielking daniel.thielk...@ias.rwth-aachen.de wrote: Hi, I have a problem with ploop devices. If i try to mount a ploop I get following error message: Error in check_ext4_mount_restrictions (ploop.c:1714): The ploop image can not be used on ext3 or ext4 file system without extents My mount command is as followed: ploop mount -m /vz/ploop ./root.hdd/DiskDescriptor.xml I am using CentOS 6.6 and my vz partition is in ext4 formatted. Why I get this error Message? Thank You Guys Daniel -- _ Auszubildender Fachinformatiker für Systemintegration RWTH Aachen Lehrstuhl für Integrierte Analogschaltungen Raum 24C 313 Walter-Schottky-Haus Sommerfeldstr. 24 D-52074 Aachen www.ias.rwth-aachen.de Email: daniel.thielk...@ias.rwth-aachen.de Phone: +49-(0)241-80-27771 FAX: +49-(0)241-80-627771 _ ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and ZFS excellent experience
Hello, all! Thank you for feedback! Kirill, you are absolutely right and this issue mentioned in my comparison table https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md But there are some progress at this field there https://github.com/zfsonlinux/zfs/issues/2922 and there https://github.com/zfsonlinux/zfs/pull/2577 This issue can be solved with using ZVOL's instead ZFS native volumes. There are my manual about this: https://github.com/pavel-odintsov/OpenVZ_ZFS/raw/master/openvz_and_zfs_zvol_ext4.pdf (sorry, it's only in russian but you feel free to use Google Translate :). On Mon, Jan 12, 2015 at 8:55 AM, Kirill Korotaev d...@parallels.com wrote: BTW, Pavel one issue which you or others might consider and test well before moving to ZFS: 2nd level (i.e. CT user) disk quotas. One will have to emulate Linux quota APIs and quota files for making this work. e.g. some apps like CPanel call quota tools directly and depending on OS installed in container these quota tools expect slightly different Linux quota behavior/APIs. In the past there was a lot of problems with that and we even emulated quota files via /proc. So be warned. On 11 Jan 2015, at 23:16, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! Because your question is very big I will try to answer in multiple blocks :) --- My disk space issue. 24GB is a wasted space from only one container :) Total wasted space per server is about 900Gb and it's really terrible for me. Why? Because I use server SSD with hardware RAID array's and cost per TB is cosmic! I want to give more fast space to customers instead wasting it! :) --- What I want. What I want from OpenVZ community? I want share my positive experience and build strong community of runners ZFS together with OpenVZ :) Well, I still have one question to openvz team related with behavior of vzctl which is important for ZFS (and another fs too): https://bugzilla.openvz.org/show_bug.cgi?id=3166 --- License issues of ZFS. License issues is not an critical because installing of ZFS is straightforward and do not require any deep integration to system or kernel and work on almost any kernel. And we can call zfs tools (zpool, zfs) without any problems with CDDL license of ZFS. But we can't link to libzfs and fortunately we do not need this. --- Ploop/ext4 vs ZFS ploop builded on top of ext4 and I compare ZFS with ploop and ext4 and many issues notified in my table related with features of both them. Obviously, it's completely incorrect to compare ploop (block level mapper device) with classic filesystem. --- Conclusion Globally, my speech is not related with ZFS itself. It's about storage system for containers. It's most important part of any virtualization technology. Ploop is real revolution in containers world! I really appreciate developers of ploop and love them (and will be happy to bring some beer to they) :) But ploop is not a final step of storage system for containers. And it have big problems described here: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/ploop_issues.md and everybody should know this issues. Ignoring this issues will produce complete data loss on important data! ZFS is not ideal filesystem for containers too! It lacks of very big amount of very important features but it's more reliable and featureful than ploop/ext4 :) Thank you! On Sun, Jan 11, 2015 at 9:57 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - And I checked my containers with 200% disk overuse from first message and got negative result. 24Gb of wasted space is not related with cluster size issue. Yeah, but 24GB is a long way off from your original claim (if I remember correctly) of about 900GB... but those probably aren't comparing the same things anyway. I'm lost... because ploop and zfs are not, so far as I can tell, competing filesystems on the same level. zfs is competes with other filesystems like ext4 or xfs... whereas for OpenVZ, so far as I know, there isn't a disk-file-as-disk competitor. Given the popularity and stability of the current qcow2 format popularized by KVM/qemu... and the large number of tools compatible with qcow2 (see libguestfs)... I'm wondering if it would be valuable to add qcow2 support to OpenVZ? You are currently using zfs with OpenVZ, correct? And you didn't have to modify any of the OpenVZ tools in order to do so, correct? If that is the case, what is it you want from the OpenVZ project with regards to zfs? So far as I'm concerned the license incompatiblity with the zfs/openzfs makes it where it can not be distributed with stuff licensed under the GPL... so I don't really see a way for OpenVZ to ever ship a zfs-enabled kernel... but yeah, if needed they could add support for it in the tools if that makes sense. I'm unclear on what you are looking
Re: [Users] OpenVZ and ZFS excellent experience
Hello! I can't find any info about linking :( But I found big article from ZoL team: http://zfsonlinux.org/faq.html#WhatAboutTheLicensingIssue Will be fine if OpenVZ command can add ZFS into standard shipment :) On Mon, Jan 12, 2015 at 10:00 AM, Dietmar Maurer diet...@proxmox.com wrote: License issues of ZFS. License issues is not an critical because installing of ZFS is straightforward and do not require any deep integration to system or kernel and work on almost any kernel. OpenZFS and zfsonline people claim that it is perfectly valid to ship zfs binary kernel modules, see: http://open-zfs.org/wiki/Talk:FAQ And we can call zfs tools (zpool, zfs) without any problems with CDDL license of ZFS. But we can't link to libzfs and fortunately we do not need this. You can link to libzfs. As example, see grub code. Grub is GPL and they link with libzfs. Do I miss something? -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and ZFS excellent experience
And I checked my containers with 200% disk overuse from first message and got negative result. 24Gb of wasted space is not related with cluster size issue. ./ploop_gramentation_checker.py /vz/private/41507/root.hdd/root.hdd We count 43285217280 bytes We count 6079506655 zero bytes We count 37205710625 non zero bytes We have 14.045226 % of space lost due to ploop fragmentation On Sun, Jan 11, 2015 at 7:45 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, folks! I read your message again and found suggestion about decreasing block size of ploop. But unfortunately it's not possible with vzctl in any ways. We can do it only with direct call of ploop. Because I can't change block size or recreate VE with another block size I tried to do some research about space lost with current block size. I wrote tool for checking amount of wasted space in ploop: https://gist.github.com/pavel-odintsov/d5c37316e538908e0f01 Sorry, I'm not a good pythoner and any feedback/hate/complains/optimizations about this code are welcome. Everyone can check how many space it can save if reduce ploop block size. Some data from me: We count 5276434432 bytes We count 1360051876 zero bytes We count 3916382556 non zero bytes We have 25.775965 % of space lost due to ploop fragmentation We count 1105199104 bytes We count 509808990 zero bytes We count 595390114 non zero bytes We have 46.128249 % of space lost due to ploop fragmentation On Sat, Jan 10, 2015 at 5:50 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! Thank you! I will contact with you out off list. On Sat, Jan 10, 2015 at 4:44 PM, Kirill Korotaev d...@parallels.com wrote: Pavel, it’s impossible to analyze it just by `du` and `df` output, so please give me access if you want me to take a look into it. (e.g. if I would create 10 million of 1KB files du would show me 10GB while ext4 (and most other file systems) would allocate 40GB in reality assuming 4KB block size) Thanks, Kirill On 10 Jan 2015, at 00:54, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you, Kirill! I am grateful for your answer! I reproduced this issue specially for you on one container with 2.4 times (240% vs 20%) overuse. I do my tests with current vzctl and ploop 1.12.2 (with fixed http://bugzilla.openvz.org/show_bug.cgi?id=3156). Please check this gist: https://gist.github.com/pavel-odintsov/b2162c0f7588bb8e5c15 I can't describe this behavior without complying on ext4 data But I I will be very happy if you fix it :) On Sat, Jan 10, 2015 at 12:29 AM, Kirill Korotaev d...@parallels.com wrote: On 09 Jan 2015, at 21:39, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, everybody! Do somebody have any news about ZFS and OpenVZ experience? Why not? Did you checked my comparison table for simfs vs ploop vs ZFS volumes? You should do it ASAP: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/openvz_storage_backends.md Still not interesting? For example if you have 5Tb disk array (used up to 90%) and using ploop now you lose about 800GB of disk space! Well, AFAIR we simply have a threshold that ploop is not compacted until it’s size is 20% bigger then it should be… Also you can try smaller ploop block size. Anyway, my point is that it has nothing to do with ext4 metadata as stated in your table. This data is from real HWN with few hundreds of containers. I have excellent experience and very good news about ZFS! ZFS on Linux team will add very important feature, linux quota inside container (more details here https://github.com/zfsonlinux/zfs/pull/2577 But still no news about ZFS from OpenVZ team (and even from Virtuozza Core) and we can work separately :) Fortunately, we do not need any support from vzctl and can use raw vzctl with some lightweight manuals from my repo: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md I collected all useful information here https://github.com/pavel-odintsov/OpenVZ_ZFS Stay tuned! Join to us! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and ZFS excellent experience
Hello! Because your question is very big I will try to answer in multiple blocks :) --- My disk space issue. 24GB is a wasted space from only one container :) Total wasted space per server is about 900Gb and it's really terrible for me. Why? Because I use server SSD with hardware RAID array's and cost per TB is cosmic! I want to give more fast space to customers instead wasting it! :) --- What I want. What I want from OpenVZ community? I want share my positive experience and build strong community of runners ZFS together with OpenVZ :) Well, I still have one question to openvz team related with behavior of vzctl which is important for ZFS (and another fs too): https://bugzilla.openvz.org/show_bug.cgi?id=3166 --- License issues of ZFS. License issues is not an critical because installing of ZFS is straightforward and do not require any deep integration to system or kernel and work on almost any kernel. And we can call zfs tools (zpool, zfs) without any problems with CDDL license of ZFS. But we can't link to libzfs and fortunately we do not need this. --- Ploop/ext4 vs ZFS ploop builded on top of ext4 and I compare ZFS with ploop and ext4 and many issues notified in my table related with features of both them. Obviously, it's completely incorrect to compare ploop (block level mapper device) with classic filesystem. --- Conclusion Globally, my speech is not related with ZFS itself. It's about storage system for containers. It's most important part of any virtualization technology. Ploop is real revolution in containers world! I really appreciate developers of ploop and love them (and will be happy to bring some beer to they) :) But ploop is not a final step of storage system for containers. And it have big problems described here: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/ploop_issues.md and everybody should know this issues. Ignoring this issues will produce complete data loss on important data! ZFS is not ideal filesystem for containers too! It lacks of very big amount of very important features but it's more reliable and featureful than ploop/ext4 :) Thank you! On Sun, Jan 11, 2015 at 9:57 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - And I checked my containers with 200% disk overuse from first message and got negative result. 24Gb of wasted space is not related with cluster size issue. Yeah, but 24GB is a long way off from your original claim (if I remember correctly) of about 900GB... but those probably aren't comparing the same things anyway. I'm lost... because ploop and zfs are not, so far as I can tell, competing filesystems on the same level. zfs is competes with other filesystems like ext4 or xfs... whereas for OpenVZ, so far as I know, there isn't a disk-file-as-disk competitor. Given the popularity and stability of the current qcow2 format popularized by KVM/qemu... and the large number of tools compatible with qcow2 (see libguestfs)... I'm wondering if it would be valuable to add qcow2 support to OpenVZ? You are currently using zfs with OpenVZ, correct? And you didn't have to modify any of the OpenVZ tools in order to do so, correct? If that is the case, what is it you want from the OpenVZ project with regards to zfs? So far as I'm concerned the license incompatiblity with the zfs/openzfs makes it where it can not be distributed with stuff licensed under the GPL... so I don't really see a way for OpenVZ to ever ship a zfs-enabled kernel... but yeah, if needed they could add support for it in the tools if that makes sense. I'm unclear on what you are looking for other than turning the OpenVZ mailing list into a zfs advocacy group. I do however appreciate you metering wasted disk space by ploop as additional data the OpenVZ devs can work with but as long as ploop isn't using more disk space than the max size of the container disk, I don't really see a problem. While it means one can't over-subscribe the physical disk as much... excessive over-subscription is not ideal either... with wasted space acting as a sort of pre-allocation buffer... and not actually wasted unless the container's disk isn't going to grow in the future. I'd also like to see a comparison between ploop wasted space and that of qcow2... although I'm not sure that qcow2 offers compaction features... since I don't find the word compact in the qemu-img man page. Maybe there is a separate tool for qcow2? TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and ZFS excellent experience
Hello! Thank you! I will contact with you out off list. On Sat, Jan 10, 2015 at 4:44 PM, Kirill Korotaev d...@parallels.com wrote: Pavel, it’s impossible to analyze it just by `du` and `df` output, so please give me access if you want me to take a look into it. (e.g. if I would create 10 million of 1KB files du would show me 10GB while ext4 (and most other file systems) would allocate 40GB in reality assuming 4KB block size) Thanks, Kirill On 10 Jan 2015, at 00:54, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you, Kirill! I am grateful for your answer! I reproduced this issue specially for you on one container with 2.4 times (240% vs 20%) overuse. I do my tests with current vzctl and ploop 1.12.2 (with fixed http://bugzilla.openvz.org/show_bug.cgi?id=3156). Please check this gist: https://gist.github.com/pavel-odintsov/b2162c0f7588bb8e5c15 I can't describe this behavior without complying on ext4 data But I I will be very happy if you fix it :) On Sat, Jan 10, 2015 at 12:29 AM, Kirill Korotaev d...@parallels.com wrote: On 09 Jan 2015, at 21:39, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, everybody! Do somebody have any news about ZFS and OpenVZ experience? Why not? Did you checked my comparison table for simfs vs ploop vs ZFS volumes? You should do it ASAP: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/openvz_storage_backends.md Still not interesting? For example if you have 5Tb disk array (used up to 90%) and using ploop now you lose about 800GB of disk space! Well, AFAIR we simply have a threshold that ploop is not compacted until it’s size is 20% bigger then it should be… Also you can try smaller ploop block size. Anyway, my point is that it has nothing to do with ext4 metadata as stated in your table. This data is from real HWN with few hundreds of containers. I have excellent experience and very good news about ZFS! ZFS on Linux team will add very important feature, linux quota inside container (more details here https://github.com/zfsonlinux/zfs/pull/2577 But still no news about ZFS from OpenVZ team (and even from Virtuozza Core) and we can work separately :) Fortunately, we do not need any support from vzctl and can use raw vzctl with some lightweight manuals from my repo: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md I collected all useful information here https://github.com/pavel-odintsov/OpenVZ_ZFS Stay tuned! Join to us! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ and ZFS excellent experience
Thank you, Kirill! I am grateful for your answer! I reproduced this issue specially for you on one container with 2.4 times (240% vs 20%) overuse. I do my tests with current vzctl and ploop 1.12.2 (with fixed http://bugzilla.openvz.org/show_bug.cgi?id=3156). Please check this gist: https://gist.github.com/pavel-odintsov/b2162c0f7588bb8e5c15 I can't describe this behavior without complying on ext4 data But I I will be very happy if you fix it :) On Sat, Jan 10, 2015 at 12:29 AM, Kirill Korotaev d...@parallels.com wrote: On 09 Jan 2015, at 21:39, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, everybody! Do somebody have any news about ZFS and OpenVZ experience? Why not? Did you checked my comparison table for simfs vs ploop vs ZFS volumes? You should do it ASAP: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/openvz_storage_backends.md Still not interesting? For example if you have 5Tb disk array (used up to 90%) and using ploop now you lose about 800GB of disk space! Well, AFAIR we simply have a threshold that ploop is not compacted until it’s size is 20% bigger then it should be… Also you can try smaller ploop block size. Anyway, my point is that it has nothing to do with ext4 metadata as stated in your table. This data is from real HWN with few hundreds of containers. I have excellent experience and very good news about ZFS! ZFS on Linux team will add very important feature, linux quota inside container (more details here https://github.com/zfsonlinux/zfs/pull/2577 But still no news about ZFS from OpenVZ team (and even from Virtuozza Core) and we can work separately :) Fortunately, we do not need any support from vzctl and can use raw vzctl with some lightweight manuals from my repo: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md I collected all useful information here https://github.com/pavel-odintsov/OpenVZ_ZFS Stay tuned! Join to us! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
[Users] OpenVZ and ZFS excellent experience
Hello, everybody! Do somebody have any news about ZFS and OpenVZ experience? Why not? Did you checked my comparison table for simfs vs ploop vs ZFS volumes? You should do it ASAP: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/openvz_storage_backends.md Still not interesting? For example if you have 5Tb disk array (used up to 90%) and using ploop now you lose about 800GB of disk space! This data is from real HWN with few hundreds of containers. I have excellent experience and very good news about ZFS! ZFS on Linux team will add very important feature, linux quota inside container (more details here https://github.com/zfsonlinux/zfs/pull/2577 But still no news about ZFS from OpenVZ team (and even from Virtuozza Core) and we can work separately :) Fortunately, we do not need any support from vzctl and can use raw vzctl with some lightweight manuals from my repo: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md I collected all useful information here https://github.com/pavel-odintsov/OpenVZ_ZFS Stay tuned! Join to us! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] The future of OpenVZ: Virtuozzo Core
Awesome Is it possible to join to development committee? On Saturday, December 27, 2014, spameden spame...@gmail.com wrote: 2014-12-27 3:53 GMT+03:00 jjs - mainphrame j...@mainphrame.com javascript:_e(%7B%7D,'cvml','j...@mainphrame.com');: Excellent! On Fri, Dec 26, 2014 at 3:59 PM, Kir Kolyshkin k...@openvz.org javascript:_e(%7B%7D,'cvml','k...@openvz.org'); wrote: Please read this very important announce: http://openvz.livejournal.com/49158.html That's some really great news! New kernel features and faster development always pushing forward. Happy NYE. Happy New Year, OpenVZ team. ___ Users mailing list Users@openvz.org javascript:_e(%7B%7D,'cvml','Users@openvz.org'); https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org javascript:_e(%7B%7D,'cvml','Users@openvz.org'); https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ on EL6 - weird network issue
Hello, folks! Did you tried open-v-switch instead standard Linux bridges? I working with openwswitch on many servers and everything working perfectly now. On Sun, Dec 28, 2014 at 12:21 AM, Michael Stauber mstau...@blueonyx.it wrote: Hi Scott, [...] almost always it was inside of a commercial datacenter. Yeah, it's in a large datacenter as well. The cause of the problem seemed to be some upstream routing device that was periodically dropping ARP table entries for the containers. That is indeed interesting. Well, I guess there is only one way to find out. I'll set up a cronjob as suggested to do periodic arpseeds. It sure won't hurt. So far we tried this here: http://forum.proxmox.com/threads/8301-OpenVZ-Containers-lose-internet-connection-%28VLAN-venet%29 TL;DR: echo 2 /proc/sys/net/ipv4/conf/br0/rp_filter That sounded good on paper, but just 20 hours later we had the next outage. The OpenVZ wiki also pointed out this here (Bridge doesn't forward packets): http://openvz.org/Bridge_doesn%27t_forward_packets Yet I'm not sure how applicable that might be to us. I noted down the current status of /proc/sys/net/bridge/* and will compare it with what it'll be during the next loss of connectivity. I'd like to hear more once you get it figured out. Sure, I'll post follow ups then. Likewise: If you have any other ideas or suggestions, then I'd love to hear them. -- With best regards Michael Stauber ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] OpenVZ on EL6 - weird network issue
Hello! You can read this ticket https://bugzilla.openvz.org/show_bug.cgi?id=2896 and can find all answer there. On Sun, Dec 28, 2014 at 1:18 AM, Michael Stauber mstau...@blueonyx.it wrote: Hi Pavel, Did you tried open-v-switch instead standard Linux bridges? I actually wasn't aware of that one before you mentioned it. I'm just starting to read the docs and specs of it and it looks indeed very interesting. Do you by chance have any specific pointers or docs how to set it up for usage with OpenVZ? I'm willing to give it a shot, but with these client systems I can't afford much in the way of experimenting. Taking the bridge stack apart and replacing it with something else might be a little too extreme, but I'll consider it as last resort. In any case I'd like to avoid the usual beginner mistakes one could make when switching to open-v-switch, so any tips and hints (or URLs to reading material) would be appreciated. As for Scott's suggestion with a cronjob with arp-seeds: I did some digging and the network related shell scripts of OpenVZ are quite enlightening there: /etc/sysconfig/network-scripts/ifup-venet /usr/libexec/vzctl/scripts/vps-functions It appears that if I set up a cronjob that periodically runs ... /etc/sysconfig/network-scripts/ifup-venet /etc/sysconfig/network-scripts/ifcfg-br0 ... then it'll handle the arp-seeds as well via the function vzarp() as provided by /usr/libexec/vzctl/scripts/vps-functions. I tried it on a test box and it didn't appear to have any negative impact. Some debugging lines thrown in by me also showed me the exact commands that these scripts use to do the arp-seeds. I can work with that. I'll implement that on the three affected nodes and will see if it helps. -- With best regards Michael Stauber ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Live Migration Optimal execution
it). This is not supported by tools (for example, since base delta is now shared you can't merge down to it, but the tools are not aware) so you need to figure it out by yourself and be accurate but it should work. Thanks Nipun On Sun, Nov 23, 2014 at 12:56 AM, Kir Kolyshkin k...@openvz.org wrote: On 11/22/2014 09:09 AM, Nipun Arora wrote: Hi All, I was wondering if anyone can suggest what is the most optimal way to do the following 1. Can anyone clarify if ploop is the best layout for minimum suspend time during live migration? Yes (due to ploop copy which only copies the modified blocks). 2. I tried migrating a ploop device where I increased the --diskspace to 5G, and found that the suspend time taken by live migration increased to 57 seconds (mainly undump and restore increased)... whereas a 2G diskspace was taking 2-3 seconds suspend time... Is this expected? No. Undump and restore times depends mostly on amount of RAM used by a container. Having said that, live migration stages influence each other, although it's less so in the latest vzctl release (I won't go into details here if you allow me -- just make sure you test with vzctl 4.8). 3. I tried running a write intensive workload, and found that beyond 100-150Kbps, the suspend time during live migration rapidly increased? Is this an expected trend? Sure. With increased writing speed, the amount of data that needs to be copied after CT is suspended increases. I am using vzctl 4.7, and ploop 1.11 in centos 6.5 You need to update vzctl and ploop and rerun your tests, there should be some improvement (in particular with respect to issue #3). Thanks Nipun ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Best regards, [COOLCOLD-RIPN] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Shortest guide about running OpenVZ containers on top of ZFS
integration with system tools by the distros and hopefully OpenVZ at some point. ZoL will never get that... unless of course a Linux distro built just for ZoL comes along. Because of licensing issues, none of the major Linux distros will ever ship with ZoL pre-installed. Sure you can add it yourself... and it does a fairly good job of rebuilding itself when the kernel changes... but the extra work to add it and keep it updated will make it always be adopted less than something that is built-in. Kudos to the ZoL developers for creating such a solid product and making packages for many distros and making it as easy as possible to add. For those not wanting all of the more advanced features btrfs is ready now... and as I stated, SUSE and Oracle have been shipping it for some time. When Red Hat signs off on it, I think that'll raise its status a bit. For those just using it for checksums and CoW, it offers those advantages now. So far as a feature for feature comparison of zfs and btrfs there is probably a 95% feature overlap with btrfs having some features that zfs doesn't and vice versa. Do I blame anyone for using zfs? No. It's great. I just don't want to use it myself. The good thing is that is is very unlikely that Oracle will ever sue over patent issues... because they were the early sponsor of btrfs when most of the work was being done so they only have themselves to blame. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Shortest guide about running OpenVZ containers on top of ZFS
Hello! I created comparison table for answer to your question: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/openvz_storage_backends.md On Wed, Nov 12, 2014 at 7:10 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - Tonight I tested and prepared very short and reliable guide about running OpenVZ container on top of best-ever-and-ever-zettabyte-filesystem ZFS. You can find manual here: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md Any questions/suggestions/performance test and other feedback are welcome here or on GitHub! How well does ploop work? ploop has been the default container filesystem for a while now. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Shortest guide about running OpenVZ containers on top of ZFS
Thank you for suggestion! Just added! On Wed, Nov 12, 2014 at 9:20 PM, CoolCold coolthec...@gmail.com wrote: I think you should add some links for general zfs-on-linux with openvz install / setup guide, to help people who will be inspired by your readme On Wed, Nov 12, 2014 at 1:20 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello, everyone! Tonight I tested and prepared very short and reliable guide about running OpenVZ container on top of best-ever-and-ever-zettabyte-filesystem ZFS. You can find manual here: https://github.com/pavel-odintsov/OpenVZ_ZFS/blob/master/OpenVZ_containers_on_zfs_filesystem.md Any questions/suggestions/performance test and other feedback are welcome here or on GitHub! Thank you! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Best regards, [COOLCOLD-RIPN] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Shortest guide about running OpenVZ containers on top of ZFS
Parallels Cloud Storage is not an real filesystem in old filesystems terms, it based on ext4 locally and provides only remote features like redundancy and multi level caching. On Wed, Nov 12, 2014 at 11:40 PM, Nick Knutov m...@knutov.com wrote: When you need quotes and there is only one way to get them... I don't think ploop is about to solve ext4 troubles. I's just solve some troubles (which are common to a lot of file systems). ZFS in this case is more alternative to Parallels Cloud Storage which is closed source and hard to get even for money (I contacted Parallels sales several times and never got the pricelist from them). Also, ZFS is good in case of NAS with large amount of SSDs or usual disks with l2arc cache on SSD. And you can use ploop over ZFS in this case. I suppose ploop over glusterfs (for example) and most of others file system with any redundancy (I mean any realization of raid idea) will be more pain then usable solution, for comparison. 13.11.2014 0:25, Pavel Odintsov пишет: Hello, Nick! Ploop is really useless for ZFS because it solves ext4 troubles and ZFS haven't this issues by design. Quotes maybe problems, good addition. I just added remark about quotes to comparison table. On Wed, Nov 12, 2014 at 9:56 PM, Nick Knutov m...@knutov.com wrote: Well, good beginning, but.. as we discussed earlier: in most cases of hosting purposes users need quotes. And quotes work only with ext4. So the only real possible case of usage is ploop over zfs and the only good reason to have zfs here is l2arc cache on ssd or large amount SSD disks in raidz3 over iSCSI... ..and there are still no speed tests. 12.11.2014 15:20, Pavel Odintsov пишет: Any questions/suggestions/performance test and other feedback are welcome here or on GitHub! -- Best Regards, Nick Knutov http://knutov.com ICQ: 272873706 Voice: +7-904-84-23-130 ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Best Regards, Nick Knutov http://knutov.com ICQ: 272873706 Voice: +7-904-84-23-130 ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] mount ploop image from read-only fs
Hello! Could you send complete ploop_userspace output and dmesg output to gist.github.com? On Fri, Oct 24, 2014 at 4:25 PM, Roman Haefeli reduz...@gmail.com wrote: On Mon, 2014-09-15 at 14:49 +0400, Pavel Odintsov wrote: Hello! I found bug! Thx Maxim Patlasov for helping with ploop v1 BAT format. Please check version from git and it support ploop v1 and v2 correctly :) It seems, it's not yet working properly for me. I can mount the ploop image, I can mount its filesystem, I can browse the folder structure and everything seems fine, but when I try to read any text file from etc/ or var/log/ I only see garbage or content that certainly belongs to a different file. Something with alignment seems still not correct. Please tell me how I can give you more useful information. Roman On Sun, Sep 14, 2014 at 2:15 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you for report, its very useful for investigation. But only one difference between v1 and v2 is ploop disk size in header (32 vs 64 bit). But I use 64 bit numbers anywhere and everything should work fine. But I suppose alignment issues which not handled in my tool. On Friday, September 12, 2014, Roman Haefeli reduz...@gmail.com wrote: On Fri, 2014-09-12 at 11:15 +0200, Roman Haefeli wrote: On Fri, 2014-09-12 at 10:56 +0200, Roman Haefeli wrote: Hi Pavel I might have some more information on the issue. It seems that only 'old' ploop images cannot be mounted by ploop_userspace. I actually don't quite know the ploop version I used for creating the 'old' ploop images, but I know it works well with images created with ploop v1.6. Does ploop_userspace know about older image formats? No, it's also not the version. Yes, there are different versions... I must have checked on the wrong machine. ploop_userspace works well with images created by ploop v1.11, but not with images created by ploop v1.6. Sorry for the noise. Roman On Thu, 2014-08-28 at 22:53 +0400, Pavel Odintsov wrote: Hello! No, it's not depend on kernel version. I created issue for you and will try to investigate: https://github.com/FastVPSEestiOu/ploop_userspace/issues/10 please track this github issue. On Thu, Aug 28, 2014 at 6:12 PM, Roman Haefeli reduz...@gmail.com wrote: Some more info: It works on our test cluster where we have 2.6.32-openvz-042stab093.4-amd64 installed. The report from below is from a host node running 2.6.32-042stab081.3-amd64. Is ploop_userspace dependent on kernel version? Roman On Thu, 2014-08-28 at 15:59 +0200, Roman Haefeli wrote: Hi Pavel Your tool comes in handy. That is exactly what we'd need. However, I had troubles using it. I did: $ ploop_userspace /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd We process: /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd Ploop file size is: 4193255424 version: 1 disk type: 2 heads count: 16 cylinder count: 81920 sector count: 2048 size in tracks: 20480 size in sectors: 41943040 disk in use: 1953459801 first block offset: 2048 flags: 0 For storing 21474836480 bytes on disk we need 20480 ploop blocks We have 1 BAT blocks We have 262128 slots in 1 map Number of non zero blocks in map: 3998 Please be careful because this disk used now! If you need consistent backup please stop VE !!!ERROR!!! We can't found GPT table on this disk !!!ERROR!!! We can't find ext4 signature Set device /dev/nbd0 as read only Try to found partitions on ploop device First ploop partition was not detected properly, please call partx/partprobe manually You could mount ploop filesystem with command: mount -r -o noload /dev/nbd0p1 /mnt Despite the errors, I tried to mount the ploop-partition: $ mount -r -o noload /dev/nbd0p1 /mnt/ and got: mount: special device /dev/nbd0p1 does not exist Apparently, ploop_userspace wasn't able to read the GPT partition table. Tell me, if you need further information. Thanks, Roman On Tue, 2014-08-19 at 12:48 +0400, Pavel Odintsov wrote: Hello! You can mount ploop from RO root.hdd images with my tool: https://github.com/FastVPSEestiOu/ploop_userspace but it's not stable now. You can try it and provide feedback. On Tue, Aug 19, 2014 at 12:24 PM, Roman Haefeli reduz...@gmail.com wrote: Hi all At the university I work, we plan to switch all containers from simfs to ploop images on the long run. Despite
Re: [Users] Ploop Vzdump
Hello, folks! You can try rdiff for incremental backups, it works fine but consumes BIG AMOUNT of cpu time. But produces small enough deltas :) On Mon, Oct 6, 2014 at 10:41 PM, Andreas Faerber ope...@maeh.org wrote: Greetings, glad to head that it's working and helping you. As a side note: I am currently not planning to implement differential (or incremental) backups, as i am unsure what a smart way to do that would be. I myself do weekly vzpbackups and daily file system backups via BackupPC. Regards, Andreas Ian openvz_l...@fishnet.co.uk 3. Oktober 2014 13:40 Hi, I have been using a couple of scripts by Andreas Faerber: https://github.com/andreasfaerber/vzpbackup vzpbackup.sh vzprestore.sh I have hooked these into our normal backup procedure and all has been good. I have noticed that the backup time is dramatically shorter for ploop systems too, which is a bonus. Regards Ian Matt matt.mailingli...@gmail.com 1. Oktober 2014 19:03 Is there a command for backing up and restoring like vzdump that works with ploop? ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] mount ploop image from read-only fs
Welcome ;) On Thursday, September 18, 2014, Roman Haefeli reduz...@gmail.com wrote: Hi Pavel On Mon, 2014-09-15 at 14:49 +0400, Pavel Odintsov wrote: I found bug! Thx Maxim Patlasov for helping with ploop v1 BAT format. Please check version from git and it support ploop v1 and v2 correctly :) I confirm it is working for both ploop layouts. Thanks a lot for fixing it. Roman ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] mount ploop image from read-only fs
Hello! I found bug! Thx Maxim Patlasov for helping with ploop v1 BAT format. Please check version from git and it support ploop v1 and v2 correctly :) On Sun, Sep 14, 2014 at 2:15 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you for report, its very useful for investigation. But only one difference between v1 and v2 is ploop disk size in header (32 vs 64 bit). But I use 64 bit numbers anywhere and everything should work fine. But I suppose alignment issues which not handled in my tool. On Friday, September 12, 2014, Roman Haefeli reduz...@gmail.com wrote: On Fri, 2014-09-12 at 11:15 +0200, Roman Haefeli wrote: On Fri, 2014-09-12 at 10:56 +0200, Roman Haefeli wrote: Hi Pavel I might have some more information on the issue. It seems that only 'old' ploop images cannot be mounted by ploop_userspace. I actually don't quite know the ploop version I used for creating the 'old' ploop images, but I know it works well with images created with ploop v1.6. Does ploop_userspace know about older image formats? No, it's also not the version. Yes, there are different versions... I must have checked on the wrong machine. ploop_userspace works well with images created by ploop v1.11, but not with images created by ploop v1.6. Sorry for the noise. Roman On Thu, 2014-08-28 at 22:53 +0400, Pavel Odintsov wrote: Hello! No, it's not depend on kernel version. I created issue for you and will try to investigate: https://github.com/FastVPSEestiOu/ploop_userspace/issues/10 please track this github issue. On Thu, Aug 28, 2014 at 6:12 PM, Roman Haefeli reduz...@gmail.com wrote: Some more info: It works on our test cluster where we have 2.6.32-openvz-042stab093.4-amd64 installed. The report from below is from a host node running 2.6.32-042stab081.3-amd64. Is ploop_userspace dependent on kernel version? Roman On Thu, 2014-08-28 at 15:59 +0200, Roman Haefeli wrote: Hi Pavel Your tool comes in handy. That is exactly what we'd need. However, I had troubles using it. I did: $ ploop_userspace /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd We process: /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd Ploop file size is: 4193255424 version: 1 disk type: 2 heads count: 16 cylinder count: 81920 sector count: 2048 size in tracks: 20480 size in sectors: 41943040 disk in use: 1953459801 first block offset: 2048 flags: 0 For storing 21474836480 bytes on disk we need 20480 ploop blocks We have 1 BAT blocks We have 262128 slots in 1 map Number of non zero blocks in map: 3998 Please be careful because this disk used now! If you need consistent backup please stop VE !!!ERROR!!! We can't found GPT table on this disk !!!ERROR!!! We can't find ext4 signature Set device /dev/nbd0 as read only Try to found partitions on ploop device First ploop partition was not detected properly, please call partx/partprobe manually You could mount ploop filesystem with command: mount -r -o noload /dev/nbd0p1 /mnt Despite the errors, I tried to mount the ploop-partition: $ mount -r -o noload /dev/nbd0p1 /mnt/ and got: mount: special device /dev/nbd0p1 does not exist Apparently, ploop_userspace wasn't able to read the GPT partition table. Tell me, if you need further information. Thanks, Roman On Tue, 2014-08-19 at 12:48 +0400, Pavel Odintsov wrote: Hello! You can mount ploop from RO root.hdd images with my tool: https://github.com/FastVPSEestiOu/ploop_userspace but it's not stable now. You can try it and provide feedback. On Tue, Aug 19, 2014 at 12:24 PM, Roman Haefeli reduz...@gmail.com wrote: Hi all At the university I work, we plan to switch all containers from simfs to ploop images on the long run. Despite the many advantages of using ploop, there is one major drawback that keeps us from switching production already now: We can't mount ploop images from read-only snapshots. In case of a recovery of a single file, we have to copy the ploop image from the read-only snapshot to some read-write storage in order to be able to mount it and extract the file. For CTs with huge ploop-images this is a big hurdle. Wouldn't it be possible to add a some flag to the 'ploop' utility to allow mounting ploop images from read-only storage (by bypassing some checks or skipping to set the dirty flag or whatever is necessary)? Cheers, Roman
Re: [Users] mount ploop image from read-only fs
Thank you for report, its very useful for investigation. But only one difference between v1 and v2 is ploop disk size in header (32 vs 64 bit). But I use 64 bit numbers anywhere and everything should work fine. But I suppose alignment issues which not handled in my tool. On Friday, September 12, 2014, Roman Haefeli reduz...@gmail.com wrote: On Fri, 2014-09-12 at 11:15 +0200, Roman Haefeli wrote: On Fri, 2014-09-12 at 10:56 +0200, Roman Haefeli wrote: Hi Pavel I might have some more information on the issue. It seems that only 'old' ploop images cannot be mounted by ploop_userspace. I actually don't quite know the ploop version I used for creating the 'old' ploop images, but I know it works well with images created with ploop v1.6. Does ploop_userspace know about older image formats? No, it's also not the version. Yes, there are different versions... I must have checked on the wrong machine. ploop_userspace works well with images created by ploop v1.11, but not with images created by ploop v1.6. Sorry for the noise. Roman On Thu, 2014-08-28 at 22:53 +0400, Pavel Odintsov wrote: Hello! No, it's not depend on kernel version. I created issue for you and will try to investigate: https://github.com/FastVPSEestiOu/ploop_userspace/issues/10 please track this github issue. On Thu, Aug 28, 2014 at 6:12 PM, Roman Haefeli reduz...@gmail.com javascript:; wrote: Some more info: It works on our test cluster where we have 2.6.32-openvz-042stab093.4-amd64 installed. The report from below is from a host node running 2.6.32-042stab081.3-amd64. Is ploop_userspace dependent on kernel version? Roman On Thu, 2014-08-28 at 15:59 +0200, Roman Haefeli wrote: Hi Pavel Your tool comes in handy. That is exactly what we'd need. However, I had troubles using it. I did: $ ploop_userspace /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd We process: /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd Ploop file size is: 4193255424 version: 1 disk type: 2 heads count: 16 cylinder count: 81920 sector count: 2048 size in tracks: 20480 size in sectors: 41943040 disk in use: 1953459801 first block offset: 2048 flags: 0 For storing 21474836480 bytes on disk we need 20480 ploop blocks We have 1 BAT blocks We have 262128 slots in 1 map Number of non zero blocks in map: 3998 Please be careful because this disk used now! If you need consistent backup please stop VE !!!ERROR!!! We can't found GPT table on this disk !!!ERROR!!! We can't find ext4 signature Set device /dev/nbd0 as read only Try to found partitions on ploop device First ploop partition was not detected properly, please call partx/partprobe manually You could mount ploop filesystem with command: mount -r -o noload /dev/nbd0p1 /mnt Despite the errors, I tried to mount the ploop-partition: $ mount -r -o noload /dev/nbd0p1 /mnt/ and got: mount: special device /dev/nbd0p1 does not exist Apparently, ploop_userspace wasn't able to read the GPT partition table. Tell me, if you need further information. Thanks, Roman On Tue, 2014-08-19 at 12:48 +0400, Pavel Odintsov wrote: Hello! You can mount ploop from RO root.hdd images with my tool: https://github.com/FastVPSEestiOu/ploop_userspace but it's not stable now. You can try it and provide feedback. On Tue, Aug 19, 2014 at 12:24 PM, Roman Haefeli reduz...@gmail.com javascript:; wrote: Hi all At the university I work, we plan to switch all containers from simfs to ploop images on the long run. Despite the many advantages of using ploop, there is one major drawback that keeps us from switching production already now: We can't mount ploop images from read-only snapshots. In case of a recovery of a single file, we have to copy the ploop image from the read-only snapshot to some read-write storage in order to be able to mount it and extract the file. For CTs with huge ploop-images this is a big hurdle. Wouldn't it be possible to add a some flag to the 'ploop' utility to allow mounting ploop images from read-only storage (by bypassing some checks or skipping to set the dirty flag or whatever is necessary)? Cheers, Roman ___ Users mailing list Users@openvz.org javascript:; https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org javascript
Re: [Users] mount ploop image from read-only fs
Hello! No, it's not depend on kernel version. I created issue for you and will try to investigate: https://github.com/FastVPSEestiOu/ploop_userspace/issues/10 please track this github issue. On Thu, Aug 28, 2014 at 6:12 PM, Roman Haefeli reduz...@gmail.com wrote: Some more info: It works on our test cluster where we have 2.6.32-openvz-042stab093.4-amd64 installed. The report from below is from a host node running 2.6.32-042stab081.3-amd64. Is ploop_userspace dependent on kernel version? Roman On Thu, 2014-08-28 at 15:59 +0200, Roman Haefeli wrote: Hi Pavel Your tool comes in handy. That is exactly what we'd need. However, I had troubles using it. I did: $ ploop_userspace /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd We process: /virtual/.snapshot/nightly.0/vz/private/2006/root.hdd/root.hdd Ploop file size is: 4193255424 version: 1 disk type: 2 heads count: 16 cylinder count: 81920 sector count: 2048 size in tracks: 20480 size in sectors: 41943040 disk in use: 1953459801 first block offset: 2048 flags: 0 For storing 21474836480 bytes on disk we need 20480 ploop blocks We have 1 BAT blocks We have 262128 slots in 1 map Number of non zero blocks in map: 3998 Please be careful because this disk used now! If you need consistent backup please stop VE !!!ERROR!!! We can't found GPT table on this disk !!!ERROR!!! We can't find ext4 signature Set device /dev/nbd0 as read only Try to found partitions on ploop device First ploop partition was not detected properly, please call partx/partprobe manually You could mount ploop filesystem with command: mount -r -o noload /dev/nbd0p1 /mnt Despite the errors, I tried to mount the ploop-partition: $ mount -r -o noload /dev/nbd0p1 /mnt/ and got: mount: special device /dev/nbd0p1 does not exist Apparently, ploop_userspace wasn't able to read the GPT partition table. Tell me, if you need further information. Thanks, Roman On Tue, 2014-08-19 at 12:48 +0400, Pavel Odintsov wrote: Hello! You can mount ploop from RO root.hdd images with my tool: https://github.com/FastVPSEestiOu/ploop_userspace but it's not stable now. You can try it and provide feedback. On Tue, Aug 19, 2014 at 12:24 PM, Roman Haefeli reduz...@gmail.com wrote: Hi all At the university I work, we plan to switch all containers from simfs to ploop images on the long run. Despite the many advantages of using ploop, there is one major drawback that keeps us from switching production already now: We can't mount ploop images from read-only snapshots. In case of a recovery of a single file, we have to copy the ploop image from the read-only snapshot to some read-write storage in order to be able to mount it and extract the file. For CTs with huge ploop-images this is a big hurdle. Wouldn't it be possible to add a some flag to the 'ploop' utility to allow mounting ploop images from read-only storage (by bypassing some checks or skipping to set the dirty flag or whatever is necessary)? Cheers, Roman ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] mount ploop image from read-only fs
Hello! You can mount ploop from RO root.hdd images with my tool: https://github.com/FastVPSEestiOu/ploop_userspace but it's not stable now. You can try it and provide feedback. On Tue, Aug 19, 2014 at 12:24 PM, Roman Haefeli reduz...@gmail.com wrote: Hi all At the university I work, we plan to switch all containers from simfs to ploop images on the long run. Despite the many advantages of using ploop, there is one major drawback that keeps us from switching production already now: We can't mount ploop images from read-only snapshots. In case of a recovery of a single file, we have to copy the ploop image from the read-only snapshot to some read-write storage in order to be able to mount it and extract the file. For CTs with huge ploop-images this is a big hurdle. Wouldn't it be possible to add a some flag to the 'ploop' utility to allow mounting ploop images from read-only storage (by bypassing some checks or skipping to set the dirty flag or whatever is necessary)? Cheers, Roman ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Getting CPU idle time of CT outside the CT
It's really nice idea for building CPU load graphics from HWN side. Anybody have any ideas do it without vzctl exec... ? On Mon, Jul 21, 2014 at 10:53 PM, Todd Mueller toddmuel...@gmail.com wrote: Can you clarify what you are trying to accomplish? Are you trying to identify containers using excessive CPU? On Mon, Jul 21, 2014 at 10:06 AM, Pavel Snajdr li...@snajpa.net wrote: Hello, is there any way how to get CPU idle % of CT outside out of the CT? We were trying to figure this out from /proc/vz/vestat, first try was to divide used/idle, but idle seems to be accounted for all available hwnode CPUs and used seems to be accounted for CPUs available to the CT; in the end it was giving a pretty reasonable numbers in low CPU load situations, but when the CT was maxing out its available CPUs, we were getting 100+% CPU load. Next thing we've tried is to look into user,nice and system values, but there is no idle nor total number of available jiffies to compare to. Another thing we've tried is to read /proc/stat from outside of the CT, but that is a problem, since ve-veid is 0 when running a process to read out /vz/root/veid/proc/stat. Solution of a last resort seems to be to run mpstat (or equivalent) inside of the CT via vzctl exec and watch its output. But that gives me hundreds of unnecessary running processes - I need to monitor hundreds of CTs per hwnode. That's kind of a pain :) Is there any better way to do this or what am I doing wrong? Our kernel is 042stab092.2. - snajpa ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
[Users] Tool for mounting ploop's as readonly on non OpenVZ kernels
Hello, Folks! I want to present my development, tool for mounting ploop images on non-openvz kernels without any support from kernel side: https://github.com/FastVPSEestiOu/ploop_userspace Now I support only read only mounts but if you have enough interest I will add it later. If you have any questions don't hestitate to ask me! -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Sources of OpenVZ Kernel Debian packages
Hello! You could extract patch from source rpm from here: http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab092.2/vzkernel-2.6.32-042stab092.2.src.rpm On Fri, Jul 11, 2014 at 10:45 AM, Roman Haefeli reduz...@gmail.com wrote: Hi all I'd like to test patches created by OpenVZ devs and would like to be able to compile my own OpenVZ kernels for our Debian hostnodes. Where can I find the source packages to build OpenVZ kernels as .deb packages? Unlike other OpenVZ Debian packages like 'vzctl' or 'ploop', the kernel sources cannot be downloaded by: $ apt-get source linux-image-2.6.32-openvz-${VERSION} Specifically, I'm interested in the sources of this: http://download.openvz.org/debian/dists/wheezy/main/binary-amd64/kernel/linux-image-2.6.32-openvz-042stab092.2-amd64_1_amd64.deb Thanks, Roman ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] flashcache
Not true, IO limits are working as they should (if we're talking vzctl set --iolimit/--iopslimit). I've kicked the ZoL guys around to add IO accounting support, so it is there. You can share tests with us? For standard folders like simfs this limits works bad in big number of cases How? ZFS doesn't have a limit on number of files (2^48 isn't a limit really) It's ok when your customer create 1 billion of small files on 10GB VPS and you will try to archive it for backup? On slow disk system it's really nightmare because a lot of disk operations which kills your I/O. Why? ZFS send/receive is able to do bit-by-bit identical copy of the FS, I thought the point of migration is to don't have the CT notice any change, I don't see why the inode numbers should change. Do you have really working zero downtime vzmigrate on ZFS? How exactly? I haven't seen a problem with any userspace software, other than MySQL default setting to AIO (it fallbacks to older method), which ZFS doesn't support (*yet*, they have it in their plans). I speaks about MySQL primarily. I have thousands of containers and I can tune MySQL for another mode for all customers, it's impossible. L2ARC cache really smart Yep, fine, I knew. But can you account L2ARC cache usage per customer? OpenVZ can it via flag: sysctl -a|grep pagecache_isola ubc.pagecache_isolation = 0 But one customer can eat almost all L2ARC cache and displace another customers data. I'm not agains ZFS but I'm against of usage ZFS as underlying system for containers. We caught ~100 kernel bugs with simfs on EXT4 when customers do some strange thinks. But ext4 has about few thouasands developers and the fix this issues asap but ZFS on Linux has only 3-5 developers which VERY slow. Because of this I recommends using ext4 with ploop because this solution is rock stable or ZFS with ZVOL's with ext4 because this solution if more reliable and more predictable then placing ZFS containers on ZFS volumes. On Thu, Jul 10, 2014 at 1:08 PM, Pavel Snajdr li...@snajpa.net wrote: On 07/10/2014 10:34 AM, Pavel Odintsov wrote: Hello! You scheme is fine but you can't divide I/O load with cgroup blkio (ioprio/iolimit/iopslimit) between different folders but between different ZVOL you do. Not true, IO limits are working as they should (if we're talking vzctl set --iolimit/--iopslimit). I've kicked the ZoL guys around to add IO accounting support, so it is there. I could imagine following problems for per folder scheme: 1) Can't limit number of inodes in different folders (but there are not an inode limit for ZFS like ext4 but bug amount of files in container could broke node; How? ZFS doesn't have a limit on number of files (2^48 isn't a limit really) http://serverfault.com/questions/503658/can-you-set-inode-quotas-in-zfs) 2) Problems with system cache which used by all containers in HWN together This exactly isn't a problem, but a *HUGE* benefit, you'd need to see it in practice :) Linux VFS cache is really dumb in comparison to ARC. ARC's hitrates just can't be done with what linux currently offers. 3) Problems with live migration because you _should_ change inode numbers on diffferent nodes Why? ZFS send/receive is able to do bit-by-bit identical copy of the FS, I thought the point of migration is to don't have the CT notice any change, I don't see why the inode numbers should change. 4) ZFS behaviour with linux software in some cases is very STRANGE (DIRECT_IO) How exactly? I haven't seen a problem with any userspace software, other than MySQL default setting to AIO (it fallbacks to older method), which ZFS doesn't support (*yet*, they have it in their plans). 5) ext4 has good support from vzctl (fsck, resize2fs) Yeah, but ext4 sucks big time. At least in my use-case. We've implemented most of vzctl create/destroy/etc. functionality in our vpsAdmin software instead. Guys, can I ask you to keep your mind open instead of fighting with pointless arguments? :) Give ZFS a try and then decide for yourselves. I think the community would benefit greatly if ZFS woudn't be fought as something alien in the Linux world, which I in my experience is what every Linux zealot I talk to about ZFS is doing. This is just not fair. It's primarily about technology, primarily about the best tool for the job. If we can implement something like this in Linux but without having ties to CDDL and possibly Oracle patents, that would be awesome, yet nobody has done such a thing yet. BTRFS is nowhere near ZFS when it comes to running larger scale deployments and in some regards I don't think it will ever match ZFS, just looking at the way it's been designed. I'm not trying to flame here, I'm trying to open you guys to the fact, that there really is a better alternative than you're currently seeing. And if it has some technological drawbacks like these that you're trying to point out, instead of pointing at them as something, which can't
Re: [Users] flashcache
Thank you for your answers! It's really useful information. On Thu, Jul 10, 2014 at 2:08 PM, Pavel Snajdr li...@snajpa.net wrote: On 07/10/2014 11:35 AM, Pavel Odintsov wrote: Not true, IO limits are working as they should (if we're talking vzctl set --iolimit/--iopslimit). I've kicked the ZoL guys around to add IO accounting support, so it is there. You can share tests with us? For standard folders like simfs this limits works bad in big number of cases If you can give me concrete tests to run, sure, I'm curious to see if you're right - then we'd have something concrete to fix :) How? ZFS doesn't have a limit on number of files (2^48 isn't a limit really) It's ok when your customer create 1 billion of small files on 10GB VPS and you will try to archive it for backup? On slow disk system it's really nightmare because a lot of disk operations which kills your I/O. zfs snapshot dataset@snapname zfs send dataset@snapname your-file or | ssh backuper zfs recv backupdataset That's done on block level. No need to run rsync anymore, it's a lot faster this way. Why? ZFS send/receive is able to do bit-by-bit identical copy of the FS, I thought the point of migration is to don't have the CT notice any change, I don't see why the inode numbers should change. Do you have really working zero downtime vzmigrate on ZFS? Nope, vzmigrate isn't zero downtime. Due to vzctl/vzmigrate not supporting ZFS, we're implementing this our own way in vpsAdmin, which in it's 2.0 re-implementation will go opensource under GPL. How exactly? I haven't seen a problem with any userspace software, other than MySQL default setting to AIO (it fallbacks to older method), which ZFS doesn't support (*yet*, they have it in their plans). I speaks about MySQL primarily. I have thousands of containers and I can tune MySQL for another mode for all customers, it's impossible. As I said, this is under development and will improve. L2ARC cache really smart Yep, fine, I knew. But can you account L2ARC cache usage per customer? OpenVZ can it via flag: sysctl -a|grep pagecache_isola ubc.pagecache_isolation = 0 I can't account for caches per CT, but I didn't have any need to do so. L2ARC != ARC, ARC is in system RAM, L2ARC is intended to be on SSD for the content of ARC that is the least significant in case of low memory - it gets pushed from ARC to L2ARC. ARC has two primary lists of cached data - most frequently used and most recently used and these two lists are divided by a boundary marking which data can be pushed away in low mem situation. It doesn't happen like with Linux VFS cache that you're copying one big file and it pushes out all of the other useful data there. Thanks to this distinction of MRU and MFU ARC achieves far better hitrates. But one customer can eat almost all L2ARC cache and displace another customers data. Yes, but ZFS keeps track on what's being used, so useful data can't be pushed away that easily, things naturally balance themselves due to the way how ARC mechanism works. I'm not agains ZFS but I'm against of usage ZFS as underlying system for containers. We caught ~100 kernel bugs with simfs on EXT4 when customers do some strange thinks. I haven't encountered any problems especially with vzquota disabled (no need for it, ZFS has its own quotas, which never need to be recalculated as with vzquota). But ext4 has about few thouasands developers and the fix this issues asap but ZFS on Linux has only 3-5 developers which VERY slow. Because of this I recommends using ext4 with ploop because this solution is rock stable or ZFS with ZVOL's with ext4 because this solution if more reliable and more predictable then placing ZFS containers on ZFS volumes. ZFS itself is a stable and mature filesystem, it first shipped as production with Solaris in 2006. And it's still being developed upstream as OpenZFS, that code is shared between the primary version - Illumos and the ports - FreeBSD, OS X, Linux. So what really needs and still is being developed is the way how ZFS is run under Linux kernel, but with recent release of 0.6.3, things have gotten mature enough to be used in production without any fears. Of course, no software is without bugs, but I can say with absolute certainty that ZFS will never eat your data, the only problem you can encounter is with the memory management, which is done really differently in Linux than in ZFS's original habitat - Solaris. /snajpa On Thu, Jul 10, 2014 at 1:08 PM, Pavel Snajdr li...@snajpa.net wrote: On 07/10/2014 10:34 AM, Pavel Odintsov wrote: Hello! You scheme is fine but you can't divide I/O load with cgroup blkio (ioprio/iolimit/iopslimit) between different folders but between different ZVOL you do. Not true, IO limits are working as they should (if we're talking vzctl set --iolimit/--iopslimit). I've kicked the ZoL guys around to add IO accounting support, so it is there. I
Re: [Users] flashcache
Could you share your patches to vzmigrate and vzctl? On Thu, Jul 10, 2014 at 2:25 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Thank you for your answers! It's really useful information. On Thu, Jul 10, 2014 at 2:08 PM, Pavel Snajdr li...@snajpa.net wrote: On 07/10/2014 11:35 AM, Pavel Odintsov wrote: Not true, IO limits are working as they should (if we're talking vzctl set --iolimit/--iopslimit). I've kicked the ZoL guys around to add IO accounting support, so it is there. You can share tests with us? For standard folders like simfs this limits works bad in big number of cases If you can give me concrete tests to run, sure, I'm curious to see if you're right - then we'd have something concrete to fix :) How? ZFS doesn't have a limit on number of files (2^48 isn't a limit really) It's ok when your customer create 1 billion of small files on 10GB VPS and you will try to archive it for backup? On slow disk system it's really nightmare because a lot of disk operations which kills your I/O. zfs snapshot dataset@snapname zfs send dataset@snapname your-file or | ssh backuper zfs recv backupdataset That's done on block level. No need to run rsync anymore, it's a lot faster this way. Why? ZFS send/receive is able to do bit-by-bit identical copy of the FS, I thought the point of migration is to don't have the CT notice any change, I don't see why the inode numbers should change. Do you have really working zero downtime vzmigrate on ZFS? Nope, vzmigrate isn't zero downtime. Due to vzctl/vzmigrate not supporting ZFS, we're implementing this our own way in vpsAdmin, which in it's 2.0 re-implementation will go opensource under GPL. How exactly? I haven't seen a problem with any userspace software, other than MySQL default setting to AIO (it fallbacks to older method), which ZFS doesn't support (*yet*, they have it in their plans). I speaks about MySQL primarily. I have thousands of containers and I can tune MySQL for another mode for all customers, it's impossible. As I said, this is under development and will improve. L2ARC cache really smart Yep, fine, I knew. But can you account L2ARC cache usage per customer? OpenVZ can it via flag: sysctl -a|grep pagecache_isola ubc.pagecache_isolation = 0 I can't account for caches per CT, but I didn't have any need to do so. L2ARC != ARC, ARC is in system RAM, L2ARC is intended to be on SSD for the content of ARC that is the least significant in case of low memory - it gets pushed from ARC to L2ARC. ARC has two primary lists of cached data - most frequently used and most recently used and these two lists are divided by a boundary marking which data can be pushed away in low mem situation. It doesn't happen like with Linux VFS cache that you're copying one big file and it pushes out all of the other useful data there. Thanks to this distinction of MRU and MFU ARC achieves far better hitrates. But one customer can eat almost all L2ARC cache and displace another customers data. Yes, but ZFS keeps track on what's being used, so useful data can't be pushed away that easily, things naturally balance themselves due to the way how ARC mechanism works. I'm not agains ZFS but I'm against of usage ZFS as underlying system for containers. We caught ~100 kernel bugs with simfs on EXT4 when customers do some strange thinks. I haven't encountered any problems especially with vzquota disabled (no need for it, ZFS has its own quotas, which never need to be recalculated as with vzquota). But ext4 has about few thouasands developers and the fix this issues asap but ZFS on Linux has only 3-5 developers which VERY slow. Because of this I recommends using ext4 with ploop because this solution is rock stable or ZFS with ZVOL's with ext4 because this solution if more reliable and more predictable then placing ZFS containers on ZFS volumes. ZFS itself is a stable and mature filesystem, it first shipped as production with Solaris in 2006. And it's still being developed upstream as OpenZFS, that code is shared between the primary version - Illumos and the ports - FreeBSD, OS X, Linux. So what really needs and still is being developed is the way how ZFS is run under Linux kernel, but with recent release of 0.6.3, things have gotten mature enough to be used in production without any fears. Of course, no software is without bugs, but I can say with absolute certainty that ZFS will never eat your data, the only problem you can encounter is with the memory management, which is done really differently in Linux than in ZFS's original habitat - Solaris. /snajpa On Thu, Jul 10, 2014 at 1:08 PM, Pavel Snajdr li...@snajpa.net wrote: On 07/10/2014 10:34 AM, Pavel Odintsov wrote: Hello! You scheme is fine but you can't divide I/O load with cgroup blkio (ioprio/iolimit/iopslimit) between different folders but between different ZVOL you do. Not true, IO limits are working as they should
Re: [Users] [Announce] RHEL5 kernel end of life
Hello! Really nice news because 2.6.18 kernel is really nightmare and may times slow than 2.6.32! ;) If anybody sill uses centos5 you could try our guide for upgrade to 2.6.32 kernel https://openvz.org/028_to_042_kernel_upgrade On Wed, Jul 9, 2014 at 2:19 AM, Kir Kolyshkin k...@openvz.org wrote: This is to announce that RHEL5 based OpenVZ kernel branch will reach End Of Life in October, 2014, and will no longer be supported thereafter. There is no guarantee for any RHEL5 kernel updates after the given date, so we urge everyone to migrate their systems to RHEL6-based kernels. If you experience difficulties and need help migrating your systems, see http://openvz.org/Support for available support options. The best one is official support from Parallels: http://www.parallels.com/support/virtualization-suite/openvz/ Regards, OpenVZ team. ___ Announce mailing list annou...@openvz.org https://lists.openvz.org/mailman/listinfo/announce -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] flashcache
Hi all! I thought it's really not good idea because technology like ssd caching should be tested _thoroughly_ before production use. But you could try it with simfs but beware of ploop because it's really not an standard ext4 with custom caches and unexpected behaviour in some cases. On Tue, Jul 8, 2014 at 1:59 PM, Aleksandar Ivanisevic aleksan...@ivanisevic.de wrote: Hi, is anyone using flashcache vith openvz? If so, which version and with which kernel? Versions lower than 3 do not compile against the latest el6 kernel and version 3.11 and the latest git oopses in flashcache_md_write_kickoff with a null pointer. I see provisions to detect ovz kernel source in flashcache makefile, so someone must be compiling and using it. Any other SSD caching software that works with openvz? regards, ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] flashcache
I knew about few incidents with ___FULL___ data loss from customers of flashcache. Beware of it in production. If you want speed you can try ZFS with l2arc/zvol cache because it's native solution. On Tue, Jul 8, 2014 at 8:05 PM, Nick Knutov m...@knutov.com wrote: We are using latest flashcache 2.* with 2.6.32-042stab083.2 in production for a long time. Planning to migrate 3.0 with latest 090.5 but did not tried yet. 08.07.2014 15:59, Aleksandar Ivanisevic пишет: Hi, is anyone using flashcache vith openvz? If so, which version and with which kernel? Versions lower than 3 do not compile against the latest el6 kernel and version 3.11 and the latest git oopses in flashcache_md_write_kickoff with a null pointer. I see provisions to detect ovz kernel source in flashcache makefile, so someone must be compiling and using it. Any other SSD caching software that works with openvz? -- Best Regards, Nick Knutov http://knutov.com ICQ: 272873706 Voice: +7-904-84-23-130 ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] flashcache
Hello! Yep, Read cache is nice and safe solution but not write cache :) No, we do not use ZFS in production yet. We done only very specific tests like this: https://github.com/zfsonlinux/zfs/issues/2458 But you can do some performance tests and share :) On Wed, Jul 9, 2014 at 12:55 AM, Nick Knutov m...@knutov.com wrote: I read http://www.stableit.ru/2014/07/using-zfs-with-openvz-openvzfs.html . Do you use it in production? Can you share speed tests or some other experience with zfs and openvz? 08.07.2014 22:23, Pavel Odintsov пишет: I knew about few incidents with ___FULL___ data loss from customers of flashcache. Beware of it in production. If you want speed you can try ZFS with l2arc/zvol cache because it's native solution. -- Best Regards, Nick Knutov http://knutov.com ICQ: 272873706 Voice: +7-904-84-23-130 ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Manage KVM/Qemu and OpenVZ the same way
Yep, I mean vRam and vSwap. All fine if you support it! Ploop is very interesting because you can run kvm VM over it but without mount/umount scripts it's very difficult. If you interested, I can provide manual for using KVM over ploop. On Thu, Jul 3, 2014 at 4:41 PM, Bosson VZ bosso...@bosson.eu wrote: Hi, I understand that the driver does not suit everyone straight away. We are open to feature requests. Ploop may be a good one to start with. What do you mean by vSwap exaclty. The driver allows you to set RAM and SWAP limits. Is there something more? -- Cluster Design, s.r.o. Dne St 2. července 2014 09:54:15, Scott Dowdle napsal(a): Greetings, - Original Message - for everyone who would like to manage their Qemu/KVM and OpenVZ virtuals in the same fashion, I am presenting a new libvirt driver, bossonvz, which will allow you to manage OpenVZ containers with libvirt. To name a couple of features: - complete control over the container - live migration via libvirtd - remote VNC console - fs mounts management Just check this web page out to find out more. http://bossonvz.bosson.eu/ The driver is provided as a separate patch to libvirt and as RPM packages for CentOS/SL 6.5. Looks nice and thanks for the hard work... but I think for most OpenVZ users, until it supports some of the stuff it doesn't (quotas, vSwap, ploop), it isn't very useful. When it supports that stuff in the future, it will become very useful. TYL, ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Manage KVM/Qemu and OpenVZ the same way
Hello! You can look at this guide here: http://www.stableit.ru/2014/07/installing-kvm-virtual-machines-on.html Please be careful because this configuration is _not_ tested in production. On Thu, Jul 3, 2014 at 5:28 PM, Bosson VZ bosso...@bosson.eu wrote: Sure, send me whatever you have about ploop. -- Cluster Design, s.r.o. Dne Čt 3. července 2014 16:52:27, Pavel Odintsov napsal(a): Yep, I mean vRam and vSwap. All fine if you support it! Ploop is very interesting because you can run kvm VM over it but without mount/umount scripts it's very difficult. If you interested, I can provide manual for using KVM over ploop. On Thu, Jul 3, 2014 at 4:41 PM, Bosson VZ bosso...@bosson.eu wrote: Hi, I understand that the driver does not suit everyone straight away. We are open to feature requests. Ploop may be a good one to start with. What do you mean by vSwap exaclty. The driver allows you to set RAM and SWAP limits. Is there something more? -- Cluster Design, s.r.o. Dne St 2. července 2014 09:54:15, Scott Dowdle napsal(a): Greetings, - Original Message - for everyone who would like to manage their Qemu/KVM and OpenVZ virtuals in the same fashion, I am presenting a new libvirt driver, bossonvz, which will allow you to manage OpenVZ containers with libvirt. To name a couple of features: - complete control over the container - live migration via libvirtd - remote VNC console - fs mounts management Just check this web page out to find out more. http://bossonvz.bosson.eu/ The driver is provided as a separate patch to libvirt and as RPM packages for CentOS/SL 6.5. Looks nice and thanks for the hard work... but I think for most OpenVZ users, until it supports some of the stuff it doesn't (quotas, vSwap, ploop), it isn't very useful. When it supports that stuff in the future, it will become very useful. TYL, ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Manage KVM/Qemu and OpenVZ the same way
Hello! Very nice! But what about vRaw/vSwap/non standard UBC management and ploop support? I'm used libvirt for kvm few years but it's really ugly for OpenVZ in upstream repository from RH. On Wed, Jul 2, 2014 at 4:26 PM, Bosson VZ bosso...@bosson.eu wrote: Helo, for everyone who would like to manage their Qemu/KVM and OpenVZ virtuals in the same fashion, I am presenting a new libvirt driver, bossonvz, which will allow you to manage OpenVZ containers with libvirt. To name a couple of features: - complete control over the container - live migration via libvirtd - remote VNC console - fs mounts management Just check this web page out to find out more. http://bossonvz.bosson.eu/ The driver is provided as a separate patch to libvirt and as RPM packages for CentOS/SL 6.5. -- David Fabian Cluster Design, s.r.o. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Manage KVM/Qemu and OpenVZ the same way
Oh, vnc for vzctl! It's amazing! Maybe you can contribute this helper to OpenVZ? On Wed, Jul 2, 2014 at 5:20 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! Very nice! But what about vRaw/vSwap/non standard UBC management and ploop support? I'm used libvirt for kvm few years but it's really ugly for OpenVZ in upstream repository from RH. On Wed, Jul 2, 2014 at 4:26 PM, Bosson VZ bosso...@bosson.eu wrote: Helo, for everyone who would like to manage their Qemu/KVM and OpenVZ virtuals in the same fashion, I am presenting a new libvirt driver, bossonvz, which will allow you to manage OpenVZ containers with libvirt. To name a couple of features: - complete control over the container - live migration via libvirtd - remote VNC console - fs mounts management Just check this web page out to find out more. http://bossonvz.bosson.eu/ The driver is provided as a separate patch to libvirt and as RPM packages for CentOS/SL 6.5. -- David Fabian Cluster Design, s.r.o. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Manage KVM/Qemu and OpenVZ the same way
Scott, but can you describe best API for OpenVZ from your point of vision? On Wed, Jul 2, 2014 at 7:54 PM, Scott Dowdle dow...@montanalinux.org wrote: Greetings, - Original Message - for everyone who would like to manage their Qemu/KVM and OpenVZ virtuals in the same fashion, I am presenting a new libvirt driver, bossonvz, which will allow you to manage OpenVZ containers with libvirt. To name a couple of features: - complete control over the container - live migration via libvirtd - remote VNC console - fs mounts management Just check this web page out to find out more. http://bossonvz.bosson.eu/ The driver is provided as a separate patch to libvirt and as RPM packages for CentOS/SL 6.5. Looks nice and thanks for the hard work... but I think for most OpenVZ users, until it supports some of the stuff it doesn't (quotas, vSwap, ploop), it isn't very useful. When it supports that stuff in the future, it will become very useful. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Kernel Panic 2.6.32-042stab090.3
Hello! Please enable kdump and netconsole on this machine (for next repeat of kernel bug) and send all details to https://bugzilla.openvz.org. Thank you! On Sun, Jun 29, 2014 at 11:46 PM, CoolCold coolthec...@gmail.com wrote: I guess better place for this would be bugzilla. On Sun, Jun 29, 2014 at 11:33 PM, Rene C. ope...@dokbua.com wrote: Screenshot attached, hope it's useful. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Best regards, [COOLCOLD-RIPN] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] Kernel Panic 2.6.32-042stab090.3
Maybe you upgraded from centos5? It's CentOS 6? On Mon, Jun 30, 2014 at 10:37 AM, Vasily Averin v...@parallels.com wrote: It is initrd-related problem, kernel did recognized hardware/filesystem and do not know where is root partition to mount it. So I belive it is some local problem on this particular node. On 06/29/2014 11:33 PM, Rene C. wrote: Screenshot attached, hope it's useful. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] openvpn in openvz
xt_DSCP 2849 0 xt_dscp 2073 0 ipt_REJECT 2399 12 tun19157 0 xt_owner2258 0 vzdquota 55339 0 [permanent] vzevent 2179 1 vzdev 2733 5 vzethdev,vznetdev,vziolimit,vzmon,vzdquota iptable_filter 2937 5 ip_tables 18119 3 iptable_nat,iptable_mangle,iptable_filter ip6t_REJECT 4711 2 nf_conntrack_ipv6 8353 2 nf_defrag_ipv6 11188 1 nf_conntrack_ipv6 xt_state1508 4 nf_conntrack 80313 9 vzrst,vzcpt,nf_nat_ftp,nf_conntrack_ftp,iptable_nat,nf_nat,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state ip6table_filter 3033 1 ip6_tables 18988 2 ip6table_mangle,ip6table_filter ipv6 322874 1627 vzrst,ip6table_mangle,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6 iTCO_wdt7147 0 iTCO_vendor_support 3072 1 iTCO_wdt i2c_i801 11375 0 i2c_core 31084 1 i2c_i801 sg 29446 0 lpc_ich12819 0 mfd_core1911 1 lpc_ich e1000e267426 0 ptp 9614 1 e1000e pps_core 11490 1 ptp ext4 419456 11 jbd2 93779 1 ext4 mbcache 8209 1 ext4 sd_mod 39005 6 crc_t10dif 1557 1 sd_mod ahci 42263 4 video 20978 0 output 2425 1 video dm_mirror 14432 0 dm_region_hash 12101 1 dm_mirror dm_log 9946 2 dm_mirror,dm_region_hash dm_mod 84369 19 dm_mirror,dm_log On Mon, Jun 23, 2014 at 12:52 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! IPsec should work from 84.8 kernel according to https://openvz.org/IPsec but I found explicit reference about IPsec only in 84.10: http://openvz.org/Download/kernel/rhel6-testing/042stab084.10 Did you restart CT after loading kernel modules for l2tp? On Sun, Jun 22, 2014 at 7:05 PM, Rene C. ope...@dokbua.com wrote: Ok I gave your suggestion a shot, using your link through Google translate and http://www.maxwhale.com/how-to-install-l2tp-vpn-on-centos/ for comparison. Everything seems to go well until the 'ipsec verify' part when it says: [root@vps1418 /]# ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.32/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [FAILED] Pluto listening for NAT-T on udp 4500 [FAILED] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] I think the biggest problem here is the Checking for IPsec support in kernel? I use 2.6.32-042stab085.20 - I know it's not the latest kernel, but supposedly ipsec support should be in kernels after stab084? On Sat, Jun 21, 2014 at 7:28 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! In modern version of OpenVZ you can use l2tp with ipsec support instead OpenVPN: http://habrahabr.ru/company/FastVPS/blog/205162/ (sorry this manual in russian language but it's very simple). It's very useable because you do not need any special clients on Windows hosts. Maybe you can try this? On Sat, Jun 21, 2014 at 2:11 PM, Benjamin Henrion zoo...@gmail.com wrote: On Sat, Jun 21, 2014 at 8:47 AM, Rene C. ope...@dokbua.com wrote: I got the openvpn part itself down, no problem, but getting it to work in a container is a lot of hassle. Many pages, but most are outdated and things keeps changing. Anyone know how to get it to work TODAY? The server is an otherwise normal server with public ip addresses and works with cpanel, no problem that far. The problem is getting an openvpn service to work in it. I've already added the tun device, and I can connect to the server with the openvpn client, just can't continue from there, so some routing is missing. I've followed the general routing instructions but because openvz doesn't support MASQ it doesn't work. - which modules to insmod on the hwnode Just make sure tun is present in lsmod. - which modules to add into /etc/vz/vz.conf
Re: [Users] openvpn in openvz
Hello! You can try to do something like this: touch /lib/modules/2.6.32-042stab090.3/modules.dep It can suppress ipsec_setup warnings. On Thu, Jun 26, 2014 at 9:52 PM, Rene C. ope...@dokbua.com wrote: Going through the whole thing again I fell over this fatal error during the ipsec restart: ipsec_setup: FATAL: Could not load /lib/modules/2.6.32-042stab090.3/modules.dep: No such file or directory I installed both openswan xl2tpd though yum (epel repo) but neither seem to add anything to /lib/modules. What am I missing? On Thu, Jun 26, 2014 at 2:06 PM, Rene C. ope...@dokbua.com wrote: I already upgraded the kernel to the latest before the last test: [root@server14 ~]# uname -a Linux server14.-sanitized- 2.6.32-042stab090.4 #1 SMP Mon Jun 16 Sorry if I didn't make that very clear On Thu, Jun 26, 2014 at 1:38 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! I'm not sure about your problems but we have few production installation with this configuration. But we use only up to date kernels like 90.x series. What kernel you used for tests? On Thu, Jun 26, 2014 at 5:28 AM, spameden spame...@gmail.com wrote: 2014-06-25 22:19 GMT+04:00 Rene C. ope...@dokbua.com: No, I went in the direction of l2tp as recommended. It both seems more secure and more compatible with both windows and android clients than openvpn. 'more secure' ? did you audit OpenVPN/OpenSSL code? How can you say so. There are clients for both android and windows for OpenVPN. Anyways, if you've decided to go with IPSec go over with it, it should work too. I still get the Checking for IPsec support in kernel [FAILED] error from the check, although the latest openvz kernel is now installed. What can we do to narrow down the cause of this? tbh, I have no idea, had no experience with IPSec setup on OpenVZ, ask the guy who've suggested ipsec setup. On Mon, Jun 23, 2014 at 7:56 PM, spameden spame...@gmail.com wrote: 2014-06-23 11:31 GMT+04:00 Rene C. ope...@dokbua.com: Sorry, still stuck: Did you try OpenVPN configuration that I've suggested? About IPSEC: not sure, check your syslog logs might give you some tips. [root@server14 ~]# uname -a Linux server14.-sanitized- 2.6.32-042stab090.4 #1 SMP Mon Jun 16 15:13:38 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux [root@server14 ~]# for x in tun ppp_async pppol2tp xfrm4_mode_transport xfrm4_mode_tunnel xfrm_ipcomp esp4; do lsmod | grep $x; done xfrm4_mode_tunnel 2019 0 tun19157 0 ppp_async 7874 0 ppp_generic25400 3 pppol2tp,pppox,ppp_async crc_ccitt 1733 1 ppp_async pppol2tp 22749 0 pppox 2712 1 pppol2tp ppp_generic25400 3 pppol2tp,pppox,ppp_async xfrm4_mode_transport 1465 0 xfrm4_mode_tunnel 2019 0 xfrm_ipcomp 4626 0 esp45406 0 [root@server14 ~]# vzctl enter 1418 entered into CT 1418 [root@vps1418 /]# ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.32/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support[N/A] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [FAILED] Pluto listening for NAT-T on udp 4500 [FAILED] Checking for 'ip' command[OK] Checking /bin/sh is not /bin/dash[OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] What am I missing? On Mon, Jun 23, 2014 at 1:12 AM, Rene C. ope...@dokbua.com wrote: Yep, rebooted the container. Here's the modules present: [root@server18 ~]# lsmod Module Size Used by esp45406 0 xfrm_ipcomp 4626 0 xfrm4_mode_tunnel 2019 0 pppol2tp 22749 0 pppox 2712 1 pppol2tp ppp_async 7874 0 ppp_generic25400 3 pppol2tp,pppox,ppp_async slhc5821 1 ppp_generic crc_ccitt 1733 1 ppp_async vzethdev8221 0 vznetdev 18952 10 pio_nfs17576 0 pio_direct 28261 9 pfmt_raw3213 0 pfmt_ploop1 6320 9 ploop 116096 23 pio_nfs,pio_direct,pfmt_raw,pfmt_ploop1 simfs 4448 0 vzrst 196693 0 vzcpt 148911 1 vzrst nfs 442438 3 pio_nfs,vzrst,vzcpt lockd 77189 2
Re: [Users] openvpn in openvz
Could you do strace for this command: ipsec verify ? strace -o /root/trace -s 1024 -f ipsec verify And send trace to paste.org. On Thu, Jun 26, 2014 at 10:23 PM, Rene C. ope...@dokbua.com wrote: Ok ... it doesn't need anything to be in modules.dep? /lib/modules/2.6.32-042stab090.3 didn't exist, I had to create it. So what will happen after next kernel update? This doesn't seem right. Both the hwnode and the vps server runs 64 bit version of Linux, so there's also a /lib64 - but no /lib64/modules. So, created the directory and touch'ed the file, so the error is now gone, but ipsec still doesn't see kernel support. What am I missing? root@vps1703 [/]# ipsec setup restart ipsec_setup: Stopping Openswan IPsec... ipsec_setup: Starting Openswan IPsec 2.6.32... ipsec_setup: multiple ip addresses, using 127.0.0.1 on venet0 ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled root@vps1703 [/]# ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.32/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [FAILED] Pluto listening for NAT-T on udp 4500 [FAILED] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] Here's ipsec lines in /var/log/messages - I dont' see anything obvious there either: Jun 27 01:17:29 vps1703 ipsec_setup: Stopping Openswan IPsec... Jun 27 01:17:31 vps1703 ipsec_setup: ...Openswan IPsec stopped Jun 27 01:17:31 vps1703 ipsec_setup: Starting Openswan IPsec 2.6.32... Jun 27 01:17:32 vps1703 ipsec_setup: Using NETKEY(XFRM) stack Jun 27 01:17:32 vps1703 ipsec_setup: multiple ip addresses, using 127.0.0.1 on venet0 Jun 27 01:17:32 vps1703 ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled Jun 27 01:17:32 vps1703 ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled Jun 27 01:17:32 vps1703 ipsec_setup: ...Openswan IPsec started Jun 27 01:17:32 vps1703 ipsec__plutorun: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled Jun 27 01:17:32 vps1703 pluto: adjusting ipsec.d to /etc/ipsec.d Jun 27 01:17:32 vps1703 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d Jun 27 01:17:32 vps1703 ipsec__plutorun: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled Jun 27 01:17:32 vps1703 ipsec__plutorun: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled Jun 27 01:17:35 vps1703 ipsec__plutorun: 002 added connection description L2TP-PSK-NAT Jun 27 01:17:35 vps1703 ipsec__plutorun: 002 added connection description L2TP-PSK-noNAT Jun 27 01:17:35 vps1703 ipsec__plutorun: 003 no public interfaces found On Fri, Jun 27, 2014 at 1:07 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! You can try to do something like this: touch /lib/modules/2.6.32-042stab090.3/modules.dep It can suppress ipsec_setup warnings. On Thu, Jun 26, 2014 at 9:52 PM, Rene C. ope...@dokbua.com wrote: Going through the whole thing again I fell over this fatal error during the ipsec restart: ipsec_setup: FATAL: Could not load /lib/modules/2.6.32-042stab090.3/modules.dep: No such file or directory I installed both openswan xl2tpd though yum (epel repo) but neither seem to add anything to /lib/modules. What am I missing? On Thu, Jun 26, 2014 at 2:06 PM, Rene C. ope...@dokbua.com wrote: I already upgraded the kernel to the latest before the last test: [root@server14 ~]# uname -a Linux server14.-sanitized- 2.6.32-042stab090.4 #1 SMP Mon Jun 16 Sorry if I didn't make that very clear On Thu, Jun 26, 2014 at 1:38 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! I'm not sure about your problems but we have few production installation with this configuration. But we use only up to date kernels like 90.x series. What kernel you used for tests? On Thu, Jun 26, 2014 at 5:28 AM, spameden spame...@gmail.com wrote: 2014-06-25 22:19 GMT+04:00 Rene C. ope...@dokbua.com: No, I went in the direction of l2tp as recommended. It both seems more secure and more compatible with both windows and android clients than openvpn. 'more secure' ? did you audit OpenVPN/OpenSSL code? How can you say so. There are clients for both android and windows for OpenVPN. Anyways
Re: [Users] openvpn in openvz
Hello! IPsec should work from 84.8 kernel according to https://openvz.org/IPsec but I found explicit reference about IPsec only in 84.10: http://openvz.org/Download/kernel/rhel6-testing/042stab084.10 Did you restart CT after loading kernel modules for l2tp? On Sun, Jun 22, 2014 at 7:05 PM, Rene C. ope...@dokbua.com wrote: Ok I gave your suggestion a shot, using your link through Google translate and http://www.maxwhale.com/how-to-install-l2tp-vpn-on-centos/ for comparison. Everything seems to go well until the 'ipsec verify' part when it says: [root@vps1418 /]# ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.32/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [FAILED] Pluto listening for NAT-T on udp 4500 [FAILED] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] I think the biggest problem here is the Checking for IPsec support in kernel? I use 2.6.32-042stab085.20 - I know it's not the latest kernel, but supposedly ipsec support should be in kernels after stab084? On Sat, Jun 21, 2014 at 7:28 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Hello! In modern version of OpenVZ you can use l2tp with ipsec support instead OpenVPN: http://habrahabr.ru/company/FastVPS/blog/205162/ (sorry this manual in russian language but it's very simple). It's very useable because you do not need any special clients on Windows hosts. Maybe you can try this? On Sat, Jun 21, 2014 at 2:11 PM, Benjamin Henrion zoo...@gmail.com wrote: On Sat, Jun 21, 2014 at 8:47 AM, Rene C. ope...@dokbua.com wrote: I got the openvpn part itself down, no problem, but getting it to work in a container is a lot of hassle. Many pages, but most are outdated and things keeps changing. Anyone know how to get it to work TODAY? The server is an otherwise normal server with public ip addresses and works with cpanel, no problem that far. The problem is getting an openvpn service to work in it. I've already added the tun device, and I can connect to the server with the openvpn client, just can't continue from there, so some routing is missing. I've followed the general routing instructions but because openvz doesn't support MASQ it doesn't work. - which modules to insmod on the hwnode Just make sure tun is present in lsmod. - which modules to add into /etc/vz/vz.conf The same. tun should be part of the list of modules in vz.conf, so it gets loaded at vz start. - which modules to add into /etc/vz/ct.conf And the for the CTID you want to run openvpn access in: https://openvz.org/VPN_via_the_TUN/TAP_device#Granting_container_an_access_to_TUN.2FTAP Can you provide openvpn-client debug messages? -- Benjamin Henrion bhenrion at ffii.org FFII Brussels - +32-484-566109 - +32-2-4148403 In July 2005, after several failed attempts to legalise software patents in Europe, the patent establishment changed its strategy. Instead of explicitly seeking to sanction the patentability of software, they are now seeking to create a central European patent court, which would establish and enforce patentability rules in their favor, without any possibility of correction by competing courts or democratically elected legislators. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] openvpn in openvz
Hello! In modern version of OpenVZ you can use l2tp with ipsec support instead OpenVPN: http://habrahabr.ru/company/FastVPS/blog/205162/ (sorry this manual in russian language but it's very simple). It's very useable because you do not need any special clients on Windows hosts. Maybe you can try this? On Sat, Jun 21, 2014 at 2:11 PM, Benjamin Henrion zoo...@gmail.com wrote: On Sat, Jun 21, 2014 at 8:47 AM, Rene C. ope...@dokbua.com wrote: I got the openvpn part itself down, no problem, but getting it to work in a container is a lot of hassle. Many pages, but most are outdated and things keeps changing. Anyone know how to get it to work TODAY? The server is an otherwise normal server with public ip addresses and works with cpanel, no problem that far. The problem is getting an openvpn service to work in it. I've already added the tun device, and I can connect to the server with the openvpn client, just can't continue from there, so some routing is missing. I've followed the general routing instructions but because openvz doesn't support MASQ it doesn't work. - which modules to insmod on the hwnode Just make sure tun is present in lsmod. - which modules to add into /etc/vz/vz.conf The same. tun should be part of the list of modules in vz.conf, so it gets loaded at vz start. - which modules to add into /etc/vz/ct.conf And the for the CTID you want to run openvpn access in: https://openvz.org/VPN_via_the_TUN/TAP_device#Granting_container_an_access_to_TUN.2FTAP Can you provide openvpn-client debug messages? -- Benjamin Henrion bhenrion at ffii.org FFII Brussels - +32-484-566109 - +32-2-4148403 In July 2005, after several failed attempts to legalise software patents in Europe, the patent establishment changed its strategy. Instead of explicitly seeking to sanction the patentability of software, they are now seeking to create a central European patent court, which would establish and enforce patentability rules in their favor, without any possibility of correction by competing courts or democratically elected legislators. ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
Re: [Users] blog post: yet more live migration goodness
Hello! Nice talk. What about backup system via ploop write tracker? On Sun, Jun 22, 2014 at 12:21 AM, Kevin Holly ope...@lists.dedilink.eu wrote: Am 16/06/14 12:28, schrieb Aleksandar Ivanisevic: Kir Kolyshkin k...@openvz.org writes: [...] http://openvz.livejournal.com/48634.html Speaking of ploop send/copy, have you ever thought about a continuous ploop send as a way of providing redundancy? In essence, ploop send would, instead of exiting and running a suspend command, just keep sending the changes to remote, so, in case the primary dies, remote instance can be started with the latest image. Something like DRBD does, but optimized for an OpenVZ use case. That would be really cool. Something like the kernel permanently tracking writes and something doing the live sync when a block changes. From what I've read, ploop migration makes the kernel track writes to the device and then migrate these blocks in the ploop device as long/often as needed until no blocks change anymore or always the same blocks change, so that can be also kind of useful in a live sync of the ploop image. If you can provide the feature I would be happy to provide the scripting around it. [...] ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users -- Sincerely yours, Pavel Odintsov ___ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users