0

just a quick question, which i have had trouble finding the answer to:

The OpenVZ Authors have been contributing a large amount of code to the linux kernel, in order to get virtualization features directly inside your operating system.

One example of this is Cgroups.

anyways, my question is: does anybody know if CGroups are available, or is planned to be available, in side the container itself?

I tried to run this on one of the OpenVZ Containers, but the service will not start. I understand why: it's likely a hardware node orientated service- seeing as how it manages aspects within the Kernel.

However, I would love to use them within the container it self as well.

I see that namespaces are working inside containers, and thought maybe it would be a good idea if CGroups could work inside the container as well.

I ask because maybe I am not running the latest kernel version required for support. or maybe I am overlooking something.

Thanks!

RapidWebs
  • 571
  • 4
  • 13

3 Answers3

1

People like to hate on OVZ for some reason but seem to forget that LXC is a derivative of OVZ. If OVZ is such old tech then why is it's DNA in brand new tech?

Other than doing something with cgroups, I don't see OVZ going away any time soon. There is cross polination with LXC and if and when LXC is a drop in replacement for OVZ then OVZ can go away. It's not going to be anytime soon because OVZ is far more capable and mature. Also new mainline kernels have OVZ features in them now. So OVZ is definitely not going away.

Fred Flint
  • 678
  • 7
  • 6
0

You can use cgroups in an LXC container, as they are namespaced, but OpenVZ is very old technology and I highly doubt you will find a way to make it work. If you can, you should start converting over from OpenVZ to LXC as the former is likely to be abandoned sooner or later. It's LXC that all those OpenVZ devs have been building.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • still, OVZ is the currently mature and stable tech, and it has it's own tools for resource management, that were implemented before cgroups ever came out. Not to downplay LXC, just trying to be fair – dyasny Aug 15 '14 at 01:19
  • @dyasny Oh yeah, OpenVZ is "mature" all right. I did evaluate it recently, and decided it was better to put effort into getting LXC production-ready than to roll out anything on OpenVZ at this late date. At this point there are no major issues with LXC, either bugs or missing functionality. – Michael Hampton Aug 15 '14 at 01:30
  • I prefer to use LXC myself these days, but my use case and the typical use case for OVZ are quite different. I don't do hosting after all :) LXC has its issues, and my criteria for saying it is prod ready is when RHEL 7 officially supports LXC, sans the "tech preview" – dyasny Aug 15 '14 at 01:46
  • i was reading about this on the openvz webite, and i think people forget just how much architecture is depending on openvz still, to this day. quoted by the openvz site: they don't see it going anywhere, any time soon. regardless, im sure LXC is a great solution. but id rather not have to move all my customers over, and im sure there are alot of people in my position. very old does not necessarily mean of poor quality. I have never really had a problem with OpenVZ, except a few minor things required to work around inside a container. – RapidWebs Aug 15 '14 at 01:54
  • @RapidWebs Yeah, if you already have a significant user base on OpenVZ, then it probably doesn't make sense to switch (yet) unless the need is truly compelling. – Michael Hampton Aug 15 '14 at 01:57
  • @dyasny I don't see that LXC or Docker are "tech preview" in RHEL 7. Where did you find that? (They certainly are tech preview in RHEL 6.) – Michael Hampton Aug 15 '14 at 02:00
  • ouch, did I have a misconception there? I was sure in 7.0 it's still TP – dyasny Aug 15 '14 at 14:27
  • 1
    @dyasny As far as I can tell they are [fully documented and supported](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Resource_Management_and_Linux_Containers_Guide/index.html). – Michael Hampton Aug 15 '14 at 14:30
  • Guess I was wrong, that can happen sometimes :) – dyasny Aug 15 '14 at 14:47
0

Old thread - however, a solution (in a docker context, but still) can be found by treating CentOS6 as if it were a debian wheezy in this link: https://openvz.org/Docker_inside_CT

Basically, in /etc/init.d/docker do:

prestart() {
# ALF   service cgconfig status > /dev/null
# ALF
# ALF    if [[ $? != 0 ]]; then
# ALF        service cgconfig start
# ALF    fi
mount -t tmpfs tmpfs /sys/fs/cgroup
mkdir /sys/fs/cgroup/freezer,devices
mount -t cgroup cgroup /sys/fs/cgroup/freezer,devices -o freezer,devices
mkdir /sys/fs/cgroup/cpu,cpuacct,cpuset
mount -t cgroup cgroup /sys/fs/cgroup/cpu,cpuacct,cpuset/ -o cpu,cpuacct,cpuset

}
Alien Life Form
  • 2,309
  • 2
  • 21
  • 32