I am still at the OpenVZ booth at LinuxTag 2010 in Berlin. At least two people asked me about the status of OpenVZ kernel for the upcoming Debian Squeeze. Specifically, they said, there is no openvz kernel in "testing" repository (i.e. what will become Squeeze when it will be released). My guess is some more people interesting in that, so here's the public answer.
We are working pretty close with the Debian kernel team, you can see some traces of that on either debian-kernel AT lists.debian.org or debian AT openvz.org mailing lists. Specifically, we work together to bring good quality OpenVZ kernel to Squeeze, and this was one of the main reasons for us to port to 2.6.32.
But yesterday we tried to search for
Indeed, the kernel is now there. So yes, Squeeze will have OpenVZ kernel, and I guess it can also be used by people who switched to Ubuntu 10.4.
We are working pretty close with the Debian kernel team, you can see some traces of that on either debian-kernel AT lists.debian.org or debian AT openvz.org mailing lists. Specifically, we work together to bring good quality OpenVZ kernel to Squeeze, and this was one of the main reasons for us to port to 2.6.32.
But yesterday we tried to search for
openvz linux-image on packages.debian.org and it gave us no results for testing. I then emailed Max Attems (who maintains our kernels in Debian) and this is his response:it should be there now, the switch to libata did uphold testing
transition of linux-2.6 for quite some time, so testing had an
outdated linux-2.6 for quite some while
Indeed, the kernel is now there. So yes, Squeeze will have OpenVZ kernel, and I guess it can also be used by people who switched to Ubuntu 10.4.
I am standing here at the LinuxTag 2010 event, so if you are in Berlin this week come to our booth to say hello (and maybe recommend a local beer place to go).
One visitor asked me if it's possible to run Firefox inside a container (with the main purpose to browse insecure sites). Yes, it is possible, there are two ways -- using Xvnc and SSH's X forwarding. I just implemented it here (using the latter way), and want to share the experience, because there are a few rough edges here and there.
We start with the "vanilla" Fedora 12 template:
( Read more...Collapse )
One visitor asked me if it's possible to run Firefox inside a container (with the main purpose to browse insecure sites). Yes, it is possible, there are two ways -- using Xvnc and SSH's X forwarding. I just implemented it here (using the latter way), and want to share the experience, because there are a few rough edges here and there.
We start with the "vanilla" Fedora 12 template:
( Read more...Collapse )
We have just announced that we stop making new releases for OpenVZ kernel branches 2.6.24, 2.6.26, and 2.6.18. So, from now on we only have 2.6.27, 2.6.32, RHEL4-2.6.9 and RHEL5-2.6.18. Removing the number of parallel kernel branches we have to maintain really helps to concentrate on supporting the remaining ones and moving to mainline. I hope that doesn't affect anyone too much -- from where I stand most users run either stable (i.e. RHEL5-2.6.18) or bleeding edge (2.6.32, before it used to be 2.6.27). In any case, we are not dropping support for vendor kernels, such as OpenVZ kernels in Debian and Ubuntu -- those are still supported from us for the lifetime of the distributions that carry it, we will help with OpenVZ bugs in those kernels through the usual channel.
On the remaining branches. Last Thursday we did an update to 2.6.32 kernel fixing some nasty bugs found in the first public version, and today we updated 2.6.27 kernel as well. Speaking of 2.6.27, it will eventually be dropped as well, but we will keep maintaining it for at least a few more months.
Stable kernel update (RHEL5.5 based, 028stab069...) is currently in testing, but don't expect it to be released real soon now -- previous experience tells us that .y updates are not that easy. We also anticipate to open RHEL6-2.6.32 branch soon, since Red Hat already shooted a beta of their upcoming release.
On the remaining branches. Last Thursday we did an update to 2.6.32 kernel fixing some nasty bugs found in the first public version, and today we updated 2.6.27 kernel as well. Speaking of 2.6.27, it will eventually be dropped as well, but we will keep maintaining it for at least a few more months.
Stable kernel update (RHEL5.5 based, 028stab069...) is currently in testing, but don't expect it to be released real soon now -- previous experience tells us that .y updates are not that easy. We also anticipate to open RHEL6-2.6.32 branch soon, since Red Hat already shooted a beta of their upcoming release.
Today I came across the page which compares OpenVZ to KVM to Xen. Leaving Xen aside, from that one it looks like KVM is ways better, it got all the green pluses, while OpenVZ got all the dull minuses, except for a few features where it says "limited support".
For example, from the author's POV, KVM supports cool features such as "Independent kernel" and "Independent kernel modules" , while OpenVZ lacks all that. I am not mentioning "Full control on sockets and processes" -- definitely, such things as sockets and processes are completely out of control when you use OpenVZ, to the extent that you can not distinguish between a process, a socket, and a potato! (Was that sarcasm? Yes, in fact I don't have an idea of what do they mean by that statement...)
But such a comparison is inspiring, so I invested 15 minutes of my time and made my own, titled Car vs bike. It clearly states that a car is better than a bike -- its capacity is higher and it doesn't require lots of muscle power. After all, it has powered steering wheel (not mentioning powered windows) and can come with an automatic gearbox, air conditioning and even a sunroof! A bike, from the other side, is missing a lot of features -- even windshield wipers are absent which are standard for every car since about 1925!
Actually, I didn't stop there and made yet another comparison, titled Bike vs car. Now it's perfectly clear that a bike is a better choice than a car, since it's cheaper, ecologically clean, and you can even take it with you on a train! A car is big and heavy, it requires periodical refuelling and a parking spot.
Both comparisons are on the openvz wiki, so feel free to edit and add more features!
For example, from the author's POV, KVM supports cool features such as "Independent kernel" and "Independent kernel modules" , while OpenVZ lacks all that. I am not mentioning "Full control on sockets and processes" -- definitely, such things as sockets and processes are completely out of control when you use OpenVZ, to the extent that you can not distinguish between a process, a socket, and a potato! (Was that sarcasm? Yes, in fact I don't have an idea of what do they mean by that statement...)
But such a comparison is inspiring, so I invested 15 minutes of my time and made my own, titled Car vs bike. It clearly states that a car is better than a bike -- its capacity is higher and it doesn't require lots of muscle power. After all, it has powered steering wheel (not mentioning powered windows) and can come with an automatic gearbox, air conditioning and even a sunroof! A bike, from the other side, is missing a lot of features -- even windshield wipers are absent which are standard for every car since about 1925!
Actually, I didn't stop there and made yet another comparison, titled Bike vs car. Now it's perfectly clear that a bike is a better choice than a car, since it's cheaper, ecologically clean, and you can even take it with you on a train! A car is big and heavy, it requires periodical refuelling and a parking spot.
Both comparisons are on the openvz wiki, so feel free to edit and add more features!
Recently we have opened a git repository for 2.6.32 based OpenVZ kernel. The port to 2.6.32 kernel was primarily targeted for the next Debian "Squeeze" release which is due in a few months. The kernel is already there, kudos to Max Attempts
That doesn't mean we forgot users of RPM-based distros. Yesterday we have uploaded the first 2.6.32 release, named after the Soviet/Russian cosmonaut Viktor Afanasyev. Yes, the kernels from 2.6.32 branch will be named after cosmonauts.
Please update your openvz.repo, enable the 2.6.32 kernel repo, install this kernel and play with it (not on your production machines though).
Update: comments disabled due to spam
That doesn't mean we forgot users of RPM-based distros. Yesterday we have uploaded the first 2.6.32 release, named after the Soviet/Russian cosmonaut Viktor Afanasyev. Yes, the kernels from 2.6.32 branch will be named after cosmonauts.
Please update your openvz.repo, enable the 2.6.32 kernel repo, install this kernel and play with it (not on your production machines though).
Update: comments disabled due to spam
I am flying from Moscow to Los Angeles tomorrow. It's 13 hours in the air but right to the place I need (and want) to be -- SCALE8x. Just before SCALE, though, I will be in San Francisco for a day and a half -- let me know if you want to meet for a glass of beer or shot of coffee. No vodka, I only drink it when it's cold. Right, Moscow is very cold in the winter...
My plans about new t-shirts for SCALE are not fulfilled; instead I want to print some stickers/labels and maybe something like postcards. I am still designing those, hope to print overnight at Fedex Office when I arrive. An OpenVZ sticker is what I always wanted personally -- my notebook cover carries a lot of stickers (mostly related to GNU and Linux), but OpenVZ one is missing. So I am kinda using my official position to get what I want :) -- if I am not mistaken the correct English word is jobbery.
In the meantime, and this is now fully official, OpenVZ kernel team is working on porting our stuff to Linux kernel 2.6.32. This will take about a month, and we hope to have it working in time to include into next Debian release.
While 2.6.32 is some time away, we keep updating our stable (RHEL5-based) kernel. You can have a sneak preview of newest kernel changelog here. One feature worth noticing is added support for
My plans about new t-shirts for SCALE are not fulfilled; instead I want to print some stickers/labels and maybe something like postcards. I am still designing those, hope to print overnight at Fedex Office when I arrive. An OpenVZ sticker is what I always wanted personally -- my notebook cover carries a lot of stickers (mostly related to GNU and Linux), but OpenVZ one is missing. So I am kinda using my official position to get what I want :) -- if I am not mistaken the correct English word is jobbery.
In the meantime, and this is now fully official, OpenVZ kernel team is working on porting our stuff to Linux kernel 2.6.32. This will take about a month, and we hope to have it working in time to include into next Debian release.
While 2.6.32 is some time away, we keep updating our stable (RHEL5-based) kernel. You can have a sneak preview of newest kernel changelog here. One feature worth noticing is added support for
signalfd() syscall which is desperately needed by late versions of udevd and thus all the latest distros (like Fedora 12 and Ubuntu 9.10) which you might want to run in a container.OpenVZ will have a booth at the upcoming SCALE8x conference in Los Angeles, California, USA.
I want to design a new t-shirt for the conference (and other future events). So far we have two designs (about which I wrote before here): first "container lifecycle" and then "kernel classics" (you can see both at the shop). Now I want to have something as geeky as the first design, which looks like a screenshot from a terminal, but using a dark-colored t-shirt (I think dark green will fit well).
If you have any suggestions for the design, or yet better can draw it (or a mock-up) -- please speak up here or email me (kir at openvz org). If OpenVZ will take your design I promise to post two t-shirts to you.
I want to design a new t-shirt for the conference (and other future events). So far we have two designs (about which I wrote before here): first "container lifecycle" and then "kernel classics" (you can see both at the shop). Now I want to have something as geeky as the first design, which looks like a screenshot from a terminal, but using a dark-colored t-shirt (I think dark green will fit well).
If you have any suggestions for the design, or yet better can draw it (or a mock-up) -- please speak up here or email me (kir at openvz org). If OpenVZ will take your design I promise to post two t-shirts to you.
Some of you may recall that last December I did an experiment where I created 638 OpenVZ containers on an HP Proliant DL380 G5 machine with dual quad-core CPUs and 32GB of RAM. I stopped there because I ran into an error. Well, one of the OpenVZ / Parallels developers suggested a fix back in July both as a comment to my article and as a comment to the bug report... but somehow I overlooked it until I ran across it again the other day when cleaning out my email.
I finally got a chance to give it a try and sure enough it removed the limit I had run into (the sysctl kernel.pid_max default setting being too low) and I verified it by creating 700 containers.
At first I decided to stop there but then I got an email from Kir asking if disk space was going to end up being my real limitation. I'm wondering if Kir has seen other experiments that go to this extreme or if he is simply a good guesser (with some inside information)? Anyway, I decide to bump it up to 1,000 containers. Sure enough, the machine is handling it just fine.
I didn't do a completely new write up, I just wrote a few more comments to the original article and you can find it here:
An OpenVZ Experiment - How many containers?
http://www.montanalinux.org/openvz-experiment.html
I finally got a chance to give it a try and sure enough it removed the limit I had run into (the sysctl kernel.pid_max default setting being too low) and I verified it by creating 700 containers.
At first I decided to stop there but then I got an email from Kir asking if disk space was going to end up being my real limitation. I'm wondering if Kir has seen other experiments that go to this extreme or if he is simply a good guesser (with some inside information)? Anyway, I decide to bump it up to 1,000 containers. Sure enough, the machine is handling it just fine.
I didn't do a completely new write up, I just wrote a few more comments to the original article and you can find it here:
An OpenVZ Experiment - How many containers?
http://www.montanalinux.org/openvz-experiment.html
Long time no see. It's 11pm here now and I'm still in the office. Just though about why not to post to the blog right before I drive home. Really, why not?
I'm mostly working on new vzctl release lately (you can see the progress in vzctl's git web interface here). The ultimate task is to fix most of bugs opened for vzctl in OpenVZ bugzilla (some are dated back to 2007 -- no, they are not critical or even major, but anyway). So far the list of vzctl bugs yet opened are down to one singe page (i.e. scroll bar has disappeared from the browser window) which is a big improvement.
The process is somewhat slow because ( why?Collapse )
The way to perfection is never easy. That doesn't mean we shouldn't try.
I'm mostly working on new vzctl release lately (you can see the progress in vzctl's git web interface here). The ultimate task is to fix most of bugs opened for vzctl in OpenVZ bugzilla (some are dated back to 2007 -- no, they are not critical or even major, but anyway). So far the list of vzctl bugs yet opened are down to one singe page (i.e. scroll bar has disappeared from the browser window) which is a big improvement.
The process is somewhat slow because ( why?Collapse )
The way to perfection is never easy. That doesn't mean we shouldn't try.
Just wanted to post a blurb saying that there will be an OpenVZ booth at the Utah Open Source Conference 2009. I will also be giving a presentation entitled, Introduction to OS Virtualization, Containers, and OpenVZ.
So, if you live anywhere near Utah or the mid-west, please try to attend and stop by the booth and say hello.
What: Utah Open Source Conference 2009
When: October 8-10, 2009
Where: Miller Campus of the Salt Lake Community College
See links above for more details. I'll be driving from the Bozeman, Montana area which is approximately 413 miles.
So, if you live anywhere near Utah or the mid-west, please try to attend and stop by the booth and say hello.
What: Utah Open Source Conference 2009
When: October 8-10, 2009
Where: Miller Campus of the Salt Lake Community College
See links above for more details. I'll be driving from the Bozeman, Montana area which is approximately 413 miles.

Comments
Do you still stand by your opinions above now in 2016?…