Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Is OVZ 7 stable enough for production yet?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is OVZ 7 stable enough for production yet?

Planning to get some new hardware and wondering if OVZ 7 is stable enough for production use yet. OVZ 6 has been rock solid for us but it's less than 2 years before security update support ends. I plan to use it for ploop containers and KVM.

Also trying to figure out what the difference is compared Virtuozzo 7 and if that is an option. I guess it's not open source but licensing is optional so it's basically OVZ 7 with license option as far as I can tell. Have never had to modify OVZ 6 software so I don't see the open source aspect that being important.

«1

Comments

  • joepie91joepie91 Member, Patron Provider

    There was a thread kicking around here recently, complaining about some issues with OVZ 7. I don't recall where it is, though, and the Vanilla search is as useless as ever...

    Thanked by 1netomx
  • Long story short: Not really, and plenty of providers have given up, and/or will run OVZ6 forever.

    Thanked by 1Eased
  • @LosPollosHermanos I'd make the plunge into LXC personally... get ahead of the market now

  • MikeAMikeA Member, Patron Provider

    If you're getting new hardware, just do KVM. No point in OVZ anymore, if I didn't do it when I started I wouldn't be now. It'll save you problems.

    Thanked by 3WSS FHR maverickp
  • @MikeA said:
    If you're getting new hardware, just do KVM. No point in OVZ anymore, if I didn't do it when I started I wouldn't be now. It'll save you problems.

    Unless you deal with the abysmal putrescent offal that is Solus- Then it's even less useful than it is hosting OVZ.

    Oh god, I'm turning into @AnthonySmith.

  • NeoonNeoon Community Contributor, Veteran

    OVZ still alive?

    Dude, its 2018, go KVM, its time to stab it.

  • Neoon said: Dude, its 2018, go KVM LXC, its time to stab it.

  • NeoonNeoon Community Contributor, Veteran

    @jiggawattz said:

    Neoon said: Dude, its 2018, go KVM LXC, its time to stab it.

  • LosPollosHermanos said: wondering if OVZ 7 is stable enough for production use yet.

    Impossible to answer this, as "yet" implies that OVZ 7 will be stable.

  • FranciscoFrancisco Top Host, Host Rep, Veteran
    edited February 2018

    Is OVZ7 even being developed at this point? Maybe they aren't putting it in a public repos anymore?

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits

    Last commit from December 1st?

    EDIT - Their system is odd in how it branches things:

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits?until=refs/heads/branch-rh7-3.10.0-693.11.6.vz7.42.x-ovz

    January 18th it seems.

    Francisco

  • @Francisco said:
    EDIT - Their system is odd in how it branches things:

    Shit's hard to deal with when you're perpetually in 2011.

  • omelasomelas Member
    edited February 2018

    @Francisco said:
    Is OVZ7 even being developed at this point? Maybe they aren't putting it in a public repos anymore?

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits

    Last commit from December 1st?

    EDIT - Their system is odd in how it branches things:

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits?until=refs/heads/branch-rh7-3.10.0-693.11.6.vz7.42.x-ovz

    January 18th it seems.

    Francisco

    For whatever reason their system doesn't sort commints by date. lt looks somewhat sorted but it has exceptions. (i see commit from 2015 in middle of 2017 commits and a 2016 commit in 2014s)

  • @omelas said:
    For whatever reason their system doesn't sort commints by date. lt looks somewhat sorted but it has exceptions. (i see commit from 2015 in middle of 2017 commits and a 2016 commit in 2014s)

    Ahem... Look up.

    Thanked by 1Aidan
  • edited February 2018

    LXC is NOT any good for hosting. Mostly because of fundamental flaws in security. That is why there is LXD and that is no where near ready last time I checked. Also, a lot of the same arguments against OVZ can be used against LXC/D.

    I don't get how people think KVM is a better alternative. First of all OVZ can also do KVM so you can do that if you want. Containers are waaaay lighter on resources. I have been using KVM for a few years now and kind of hate it actually. OVZ is so much better from an Administrators perspective. I love how I can browse all containers from the node on SIMFS although that is gone now with Ploop.

    Thanked by 1bugrakoc
  • edited February 2018

    @Francisco said:
    Is OVZ7 even being developed at this point? Maybe they aren't putting it in a public repos anymore?

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits

    Last commit from December 1st?

    EDIT - Their system is odd in how it branches things:

    https://src.openvz.org/projects/OVZ/repos/vzkernel/commits?until=refs/heads/branch-rh7-3.10.0-693.11.6.vz7.42.x-ovz

    January 18th it seems.

    Francisco

    ISO's are here. I doubt anyone would be installing from source.
    https://download.openvz.org/virtuozzo/releases/7.0/x86_64/iso/

  • @LosPollosHermanos said:
    I don't get how people think KVM is a better alternative. First of all OVZ can also do KVM so you can do that if you want. Containers are waaaay lighter on resources. I have been using KVM for a few years now and kind of hate it actually. OVZ is so much better from an Administrators perspective. I love how I can browse all containers from the node on SIMFS although that is gone now with Ploop.

    Now I'm not sure who is trolling who.

    Thanked by 2Wolveix vimalware
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @LosPollosHermanos said:
    ISO's are here. I doubt anyone would be installing from source.
    https://download.openvz.org/virtuozzo/releases/7.0/x86_64/iso/

    Right, but they're over a month old.

    I'm mostly asking...is OVZ still being worked on? I don't know anyone using OVZ7 minus the Cloudlinux people.

    Francisco

  • edited February 2018

    @Francisco said:

    @LosPollosHermanos said:
    ISO's are here. I doubt anyone would be installing from source.
    https://download.openvz.org/virtuozzo/releases/7.0/x86_64/iso/

    Right, but they're over a month old.

    I'm mostly asking...is OVZ still being worked on? I don't know anyone using OVZ7 minus the Cloudlinux people.

    Francisco

    How often do you think they should be creating new ISO's for you to consider it being worked on? Once you install from ISO you update from YUM. So they don't need to keep releasing new ISO's every time there is an update.

    If Virtualizor got around to supporting LXD I might consider it.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    I would hope they aren't forging these by hand in the depths of mount doom.

    It's safe to assume its probably automated :P

    Francisco

  • dccdcc Member, Host Rep

    The thread referenced here is probably about XVM Labs.

    In my opinion OpenVZ 6 is (was) great for certain use cases. With OVZ7 it looks like Parallels are missing the point of OpenVZ entirely - unless they have some sort of a plan which we cannot see/understand (for now ?).

    Just take a look at this: https://openvz.org/Comparison - and try answering a simple question - what advantages OpenVZ 7 has over KVM? I personally have no good answer to that question.

  • edited February 2018

    @dcc said:
    The thread referenced here is probably about XVM Labs.

    In my opinion OpenVZ 6 is (was) great for certain use cases. With OVZ7 it looks like Parallels are missing the point of OpenVZ entirely - unless they have some sort of a plan which we cannot see/understand (for now ?).

    Just take a look at this: https://openvz.org/Comparison - and try answering a simple question - what advantages OpenVZ 7 has over KVM? I personally have no good answer to that question.

    It's a lot lighter on resources. That's it's main advantage. I can run twice as many containers as I can VMs. It's not overselling either. From the customers perspective the containers will still be more reponsive than a KVM even if I have twice as many containers as I would KVMs.

    Storage, memory etc are shared so if it's not used it's available. With KVM if you assign 20GB then it's not available to share. Again, not overselling. Just making much more efficient use of available hardware.

    It's apples and oranges which is why I don't get the comparisons. I get LXC/D vs OVZ but not KVM.

  • dccdcc Member, Host Rep

    @LosPollosHermanos

    We see the same on our platform, we can put a lot more OpenVZ clients per node than KVM without affecting performance. No disagreement here.

    My problem is with the fact that Parallels does not seem to have a well defined strategy regarding OpenVZ 7, or they fail to communicate it. Which they kind of need to do in order to convince folks like us to spend resources developing for OVZ 7 and then spend even more resources migrating clients from OVZ 6 over.

    Here's a different perspective: when you migrate KVM clients from RHEL6 to RHEL7 nodes, you do not need to change anything, stuff just works. What is the [technical?] reason why OVZ6->7 must be different?

    Hardware costs are always going down and development costs are always going up. At this point for us it makes more sense to deploy 2x more nodes than spend 2x resources on maintaining both KVM + OVZ platforms.

    Thanked by 1vimalware
  • WSSWSS Member
    edited February 2018

    @dcc

    OVZ6 is based on Kernel 2.6, for one. 7 is a 3.x base, which is also ancient, but not <6 years ancient.

    To get OVZ6 running these days, you sometimes have to virtualize it under a KVM just so it'll run on recent hardware, which is ghetto as hell, but it still has less overhead than running pure KVMs.

    I dislike OVZ, but damn it's a lot easier to deal with daily than a ton of KVMs always bursting and pushing their threads..

    Thanked by 1vimalware
  • dccdcc Member, Host Rep
    edited February 2018

    @WSS

    We are not observing any issues with 2.6 on modern hardware; even our E3-v6 and E5-v4 nodes are running it no problem. The worst problem we saw so far was broken video driver in kernel (blank screen after grub) on X11SSH and it was an easy fix.

    Interestingly, we see a lot more issues with KVM on exact same hardware, especially with NIC drivers and soft irqs - on all 3.x and 4.12,4.13,4.14 kernels (4.11 was actually pretty decent).

    We tried wrapping OpenVZ in KVM in the past, and it was quickly scrapped as it was indeed ghetto af. One power outage or kernel panic on host and now you have a real shitstorm coming, multiplied by the number of nodes. I realize this can be mitigated with some fine filesystem tuning (inside and outside of KVM container), but we just could not see a good reason to continue this exercise. Though I realize some hardware may very well require such approach.

    KVM is a lot trickier when it comes to resource and network abuse, that is for sure.

    Thanked by 1vimalware
  • @dcc You're not having an issue with modern ethernet and the like with OVZ, but are with KVM? That's peculiar. I guess that's the luck of the draw, or you're deliberately speccing your equipment for the task. Either way, Kudos.

    As far as NIC/bridge issues, this tends to happen with crappier chipsets (RealTek, I'm looking at you), and isn't so much a KVM problem, as it is an implementation issue for bridging (veth) vs essentially aliasing (venet), so it's not really a fair comparison, IMO.

    KVM is not the easiest to manage and mitigate issues without being smart about processes and watching the network utilization - which is annoying to do when you're not monitoring your users, but you still have to watch for attacks from within. Not horribly difficult, but it's still hands-on. That said, under OVZ, it is quite a bit easier to identify abuse. :)

  • edited February 2018

    @dcc said:
    @LosPollosHermanos

    We see the same on our platform, we can put a lot more OpenVZ clients per node than KVM without affecting performance. No disagreement here.

    My problem is with the fact that Parallels does not seem to have a well defined strategy regarding OpenVZ 7, or they fail to communicate it. Which they kind of need to do in order to convince folks like us to spend resources developing for OVZ 7 and then spend even more resources migrating clients from OVZ 6 over.

    Here's a different perspective: when you migrate KVM clients from RHEL6 to RHEL7 nodes, you do not need to change anything, stuff just works. What is the [technical?] reason why OVZ6->7 must be different?

    Hardware costs are always going down and development costs are always going up. At this point for us it makes more sense to deploy 2x more nodes than spend 2x resources on maintaining both KVM + OVZ platforms.

    I think you made some good points. I was trying to get rid of my remaining KVM servers but the damn customers won't cancel :). I can move servers KVM > OVZ or the other direction. It's a one line rsync command. So that's not a problem. KVM is definitely more compatible because of the full virtualization. We run into a lot of issues with that virtual eth interface on OVZ. I think it looks more like a real interface on OVZ 7 though so maybe that's not so much of a problem anymore.

    Is Parallels still involved in OVZ or is it some other company? I think it might be a spin off or something. I know one of the main kernel guys left and he was really good.

  • I can move servers KVM > OVZ or the other direction. It's a one line rsync command. So that's not a problem.

    I want to see this.

  • edited February 2018

    @WSS said:

    I can move servers KVM > OVZ or the other direction. It's a one line rsync command. So that's not a problem.

    I want to see this.

    It's just an rsync from one server to the other. Both running the same version of OS with latest yum updates. Exclude the low level stuff and set rsync flags so that permissions are preserved. I'm not sure if half of those excludes are even necessary.

    rsync --exclude /etc/fstab --exclude /dev --exclude /etc/udev --exclude \
     /etc/sysconfig/network-scripts --exclude /etc/inittab --exclude /etc/init \
    --exclude=/boot --exclude=/proc --exclude=/lib/modules --exclude=/sys \
    -e "ssh -p 22" --numeric-ids -avpogtStlHz root@openvzsourceip:/ /
    

    Works either direction. I have also done it to/from VMWare. Above command assumes CentOS pulling from OVZ/KVM source to KVM/OVZ destination. I haven't tried with Debian. I think some of the exclude folders would be different. Add --dry-run to test.

    Try doing something like that on Windows!

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    dcc said: The thread referenced here is probably about XVM Labs.

    In my opinion OpenVZ 6 is (was) great for certain use cases. With OVZ7 it looks like Parallels are missing the point of OpenVZ entirely - unless they have some sort of a plan which we cannot see/understand (for now ?).

    Just take a look at this: https://openvz.org/Comparison - and try answering a simple question - what advantages OpenVZ 7 has over KVM? I personally have no good answer to that question.

    They're trying to become a 'all in one' platform since their 'Virtual Machines' are just KVM.

    I'm in a similar position, I don't want to waste my energy coding on OpenVZ anymore and would much rather being able to gut it out of Stallion completely.

    I have a lot of really stubborn OVZ people that don't want to move though so I'm not going to force them. Many of them love the free backups we give on OVZ and don't on KVM's.

    Maybe I should sit down and get that sorted out for them.

    Francisco

Sign In or Register to comment.