1.2.2. OpenVZ Containers

From the point of view of applications and container users, each container is an independent system. This independence is provided by the OpenVZ OS virtualization layer. Note that only a negligible part of the CPU resources is spent on virtualization. The main features of the virtualization layer implemented in OpenVZ are the following:

  • A container looks like a normal Linux system. It has standard startup scripts; software from vendors can run inside containers without any modifications or adjustment.
  • A user can change any configuration file and install additional software inside containers.
  • Containers are fully isolated from each other (file system, processes, sysctl variables).
  • Containers share dynamic libraries, which greatly saves memory.
  • Processes belonging to a container are scheduled for execution on all available CPUs. Consequently, containers are not bound to only one CPU and can use all available CPU power.

The two key parts of any container are the contents and configuration. By default, all container files are stored in the /vz/private/<UUID> directory on the hardware node, also called private area.

Table 1.1. Key Container directories and files

File NameDescription

/vz/private/<UUID>

Container private area.

/vz/private/<UUID>/root.hdd/root.hdd

Virtual hard disk with container contents. The maximum size of the virtual hard disk is 16 TB.

/vz/root/<UUID>

Container mount point.

ve.conf

Container configuration file:

  • Is symlinked to /etc/vz/conf/<UUID>.conf
  • Defines container parameters, such as allocated resource limits, IP address and hostname, and so on.
  • Overrides matching parameters in the global configuration file.

All container files are stored in a single image (/vz/private/<UUID>/root.hdd/root.hdd), similar to a virtual machine’s hard disk. Such standalone nature:

  • Enables easier migrations and backups due to a faster sequential I/O access to container images than to separate container files.
  • Removes the need for OS and application templates once a container is created.
  • Allows the use of native Linux disk quotas that are journaled and does not require quota recalculation after disasters like server crashes.

Note

Note: Using containers that store all files in an image file (also known as containers with the container-in-an-image-file layout) is supported only for /vz partitions formatted as ext4.