2.1.1. Global OpenVZ Configuration File

OpenVZ keeps its system wide configuration parameters in the /etc/vz/vz.conf configuration file. This file is in shell format. Keep in mind that OpenVZ scripts source this file - thus, shell commands in this file will cause system to execute them under root account. Parameters in this file are presented in the form PARAMETER="value". Logically all the parameters belong to the following groups: global parameters, logging, disk quotas, template, network traffic, containers, validation and overcommitment, supplementary parameters, and name-based hosting parameters. Below is the description of all the parameters defined in this version of OpenVZ.

NameDescriptionDefault Value

VIRTUOZZO

This can be either yes or no. OpenVZ System V startup script checks this parameter. If set to no, then OpenVZ modules are not loaded. You might set it to "no" if you want to perform system maintenance and do not want to bring up all containers on the server.

yes

HTTP_PROXY

Specifies either the hostname or the IP address of the HTTP proxy server. After setting this parameter and in case you use an HTTP proxy server for handling all HTTP requests, the OpenVZ utilities communicating with the outer world through HTTP will use this server for managing all your HTTP messages.

n/a

ACTIONLOGDIR

This is the directory where prlctl keeps a log of its actions in the format suitable for OpenVZ statistics daemon hwcoll.

/vz/actionlog

LOCKDIR

Actions on a container should be serialized, since two simultaneous operations on the same container may break its consistency. OpenVZ keeps lock files in this directory in order to serialize access to one container.

/vz/lock

VEFSTYPE

File system to use when caching OS templates:

  • ext4,
  • simfs.

ext4

IPV6

Defines whether the IPv6 support is enabled on the hardware node.

yes

GOLDEN_IMAGE

Enables (yes) or disables (no) embedding application templates into OS EZ template cache prior to creating containers based on this cache.

yes

PFCACHE

Path to the memory and IOPS deduplication cache with common container files.

/vz/pfcache

PFCACHE_IMAGE

Path to the private area of the memory and IOPS deduplication cache.

/vz/pfcache.hdd

PFCACHE_IMAGE_SIZE

Image size (in 1KB blocks) of the memory and IOPS deduplication cache.

10485760

PFCACHE_INCLUDES

Directories for which memory and IOPS deduplication is enabled by default.

bin lib lib64 opt sbin usr

VZ_TOOLS_BCID

Enables limits for the backup, restore, and migration operations.

 

VZ_TOOLS_IOLIMIT

Sets the disk I/O limit for the backup, restore, and migration operations, in bytes per second. Not set by default.

 

Table 2.1. Logging parameters

NameDescriptionDefault Value

LOGGING

This parameter defines whether prlctl should log its actions.

yes

LOGFILE

File where libvzctl logs the actions of programs linked to this library.

/var/log/vzctl.log

LOG_LEVEL

Logging verbosity, from 0 to 10 (higher is more verbose).

0

Table 2.2. Disk quota parameters

NameDescriptionDefault Value

DISK_QUOTA

Enables or disables disk quotas for containers. If set to no then disk space accounting will be disabled.

yes

Table 2.3. Network traffic parameters

NameDescriptionDefault Value

TRAFFIC_SHAPING

Traffic shaping allows you to limit the bandwidth consumed by containers for outgoing traffic. If it is set to "yes", then limitations will be turned on. If you want to use this feature, TRAFFIC_ACCOUNTING should be set to yes as well.

no

BANDWIDTH

This is the list of network interfaces on which we want to shape the traffic and their speed in the form of "dev:rate". The rate is measured in Kbps. If you want to shape traffic on more than one interface, set this parameter to dev1:rate1 dev2:rate2. For example, for two 100 Mbps Ethernet cards, set it to eth0:102400 eth1:102400.

eth0:102400

TOTALRATE

This parameter sets the size of the bandwidth pool for all containers. It is the upper limit for the bandwidth available to all your containers and is specified in the form of "dev:class:rate". The rate is measured in Kbps. Containers can consume bandwidth up to this limit in addition to the limit specified by the RATE parameter. Default value corresponds to 4 Mbps limit for the Class 1 containers.

eth0:1:4096

RATE

This parameter is the default bandwidth guaranteed to a container for outgoing traffic if the container configuration file does not explicitly specify a different value. This value is in the same format as TOTALRATE and its default value is "eth0:1:8". The rate is measured in Kbps. Note that 8 Kbps, offered by the default configuration, is the guarantee and the container cannot consume less than this value and more than the sum of this value and TOTALRATE.

eth0:1:8

RATEMPU

This optional parameter (where MPU stands for "minimum packet unit") limits the packet rate by making packets smaller than MPU in size consume HTB tokens. With it, small packets can be accounted as larger ones and limited by TOTALRATE and RATE parameters. Approximately, the maximum packets per second rate can be calculated as TOTALRATE / RATEMPU.

*:1:1000

Table 2.4. Template parameters

NameDescriptionDefault Value

TEMPLATE

This is the directory where to find templates. It is not recommended to redefine this option since all OpenVZ templates use the default directory.

/vz/template

Table 2.5. Container default parameters

NameDescriptionDefault Value

VE_ROOT

The mount point for container’s root. Must contain the literal string $VEID that will be substituted with the actual container UUID.

/vz/root/$VEID

VE_PRIVATE

The directory where all the files and directories specific to the container are stored. Must contain the literal string $VEID that will be substituted with the actual container UUID.

/vz/private/$VEID

CONFIGFILE

The default configuration file sample to be used for the container creation; it may be overridden with the --config option of the vzctl create command.

basic

DEF_OSTEMPLATE

The default OS template to be used for the container creation.

centos-7

VE_ENVIRONMENT

Additional environment variables to be passed to the container init process. Should be provided as any number of <name>=<value> pairs separated by spaces.