Search

Language:  
Search for:

Available article translations:

Parallels Virtuozzo Containers for Linux best practices and known limitations

APPLIES TO:
  • Parallels Cloud Server
  • Parallels Virtuozzo Containers for Linux
  • Parallels Server

Summary

This article describes the best practices and known limitations of Parallels Virtuozzo Containers (PVC) for Linux and Parallels Server Bare Metal (PSBM).

This article will help you to better understand OS virtualization capabilities and choose an appropriate usage scenario for your Parallels Virtuozzo Containers product.

Known limitations

Despite the higher densities and faster management operations provided by container virtualization as compared to hypervisor solutions, the fact that containers share the same OS kernel with their host leads to certain restrictions in their use. This section provides recommendations to follow when deploying and maintaining Parallels Virtuozzo Containers for Linux. These recommendations are imposed by the nature of OS virtualization.

  1. Third-party drivers

    Parallels Virtuozzo Containers for Linux and Parallels Server Bare Metal support the same set of devices as an upstream kernel. If drivers for certain devices are not included in the stock Red Hat Enterprise Linux distribution, it is necessary to recompile the drivers for PVC kernel manually.

    NOTE: It is necessary to recompile drivers each time a kernel update is installed. Perform extensive testing of recompiled drivers before installing them on a production system.

    Related Knowledge Base articles:

    • 111488 Which hardware is Parallels Server Bare Metal compatible with?
    • 111375 How to create driver disk for Parallels Server Bare Metal installation
    • 111113 How to compile custom drivers for PVC kernel
    • 114181 How to compile IBM RDAC drivers for PVC kernel
    • 6731 How to build HP-ILO modules for PVC
  2. Kernel modules and iptables

    Starting with Parallels Cloud Server 6.0 update 6, loading IPtables modules can be initiated from containers. Details of the configuration are described in the documentation, Using iptables Modules in Containers. The global configuration option "IPTABLES" is marked as deprecated.

    For other kernel modules and for IPtables modules in the previous versions of Parallels Cloud Server, Parallels Virtuozzo Containers, Parallels Server Bare Metal, it is not possible to load kernel modules from inside a container; however, all modules loaded on the node are generally available for all containers. Parallels Virtuozzo Containers for Linux, however, provides the capability to restrict several modules' availability for particular containers. These include IPtables modules and network device-related modules.

    Related Knowledge Base articles:

    • 113056 Managing iptables modules in containers
    • 113000 Issues with firewall on HW Node - Impossible to use ip_nat and ipt_state modules
    • 112493 [Info] Is IPSec supported inside Parallels Virtuozzo Containers for Linux containers?
  3. Online migration

    Online migration of containers requires both source and destination nodes to match specific conditions in order to successfully restore a container's memory on the destination host. The destination node must have not fewer capabilities than the source node.

    Related Knowledge Base articles:

    • 113024 Online container migration product version compatibility
    • 113781 Online migration and checkpointing limitations for Linux containers
    • 113129 Preparing containers for migration
    • 111855 /vz over NFS: online migration does not work
  4. OS compatibility

    Parallels Virtuozzo Containers for Linux and Parallels Server Bare Metal support most modern and popular Linux distributions as the host OS (PVC) and the guest OS. It is possible to create custom OS templates; however, these OSes must use the same mainstream kernel as supported distributions.

    Related Knowledge Base articles:

    • 111921 Which OS templates are supported by Parallels Virtuozzo Containers 4.7?
    • 112437 Host OS versions supported by Parallels Virtuozzo Containers for Linux

Best practices

  1. Planning deployment and upgrade

    Before deploying or upgrading the Parallels Virtuozzo Containers infrastructure, it is recommended that you review the relevant deployment guides, best practices documents, and recommendations.

    Related Knowledge Base articles:

    • 113433 Best Practices for Parallels Virtuozzo Containers as an IaaS Virtualization Platform
    • 112499 Parallels Virtuozzo Containers for Linux FAQ
    • 111815 Recommended resources for planning an upgrade from Parallels Virtuozzo Containers for Linux 3.0 or 3.0 SP1
    • 112388 Is it possible to perform an in-place upgrade from Parallels Virtuozzo Containers for Linux 3.0 to 4.7?
    • 112334 Upgrade Path from Parallels Virtuozzo Containers 3.0 for Linux on CentOS 4 to Parallels Containers 4.7 on CentOS 6.x
    • 112554 Upgrade paths for PVC for Linux 3.0 node registered in PBA-S

    Related documentation:

    Parallels Virtuozzo Containers Deployment Resources

  2. Keeping server up-to-date

    Both host OS vendors and Parallels are continually publishing updates to provide the latest security patches and stability improvements.

    Related Knowledge Base articles:

    • 1170 How do I keep a PVC installation up-to-date?
    • 1647 How do I update the base OS on a PVC server?
    • 111318 Which repository is safe to use with Parallels Server Bare Metal?
    • 111582 How to apply PVC updates on a spare node in an Active-Passive RHL cluster
  3. Configuring network

    Container hosting is inextricably bound to network services, which is why it is necessary to plan the network schema of containers, network topology, and provided services requirements.

    Related Knowledge Base articles:

    • 112961 How to create a container attached to two different networks
    • 113732 Power Panel on Parallels Server Bare Metal 5 best practices
    • 1004 Which ports should be opened on the PVC Hardware Node and Service Container?
  4. Backing up containers

    Make backups on a regular basis and periodically do a test backup restore.

    NOTE: Without a backup, there is no guarantee that customers' services can be restored after a failure.

    Read the below-mentioned resources and select a backup which suits your needs best.

    Related Knowledge Base articles:

    • 113790 Backups in PVC and PSBM
    • 8133 How to increase PVA Agent timeouts for backup operations
    • 114248 How to move container backups to another server

    Related documentation:

    Parallels Virtual Automation Administrators Guide

  5. Mitigating failures

    It is necessary to be prepared for possible failures and to be able to quickly bring up a customer's services. There are several general recommendations which virtually eliminate the downtime of your customers:

    • Make backups on a regular basis and periodically do a test backup restore.
    • Consider deploying clustered servers and services.
    • Ensure Hardware Nodes have enough resources to host the required amount of services.

      In the case of a clustered installation, it is necessary to consider the total load on the server if all resource groups are failed over to a single machine.

    • Configure the environment to facilitate troubleshooting of failures.

    Related Knowledge Base articles:

    • 1449 How to handle a server crash scenario
    • 10049 How to handle a server hang scenario
    • 10041 How to set up a serial console to a Linux server
    • 10044 How to configure kernel crash dumps on a Linux server
    • 112599 How do I determine if my container is hacked/compromised?
    • 112807 UBC resources in Parallels Virtuozzo Containers for Linux
    • 112740 Memory limits in Parallels Virtuozzo Containers for Linux

    Related documentation:

Search words:

best practice

known limitation

firewall bare metal

restore




2897d76d56d2010f4e3a28f864d69223 ca05eaf5b843fbd53589c90d7228a6df eb0ea3b827d18de2329b6477e24c1d59 909d99074e442b52ce54cc7b31cf065d bf1c3a170005eae151f49ba2720abde9

FEEDBACK
Was this article helpful?
Tell us how we may improve it.
Yes No
 
 
 
 
 
 
Server Virtualization
- Parallels Cloud Server
- Parallels Containers for Windows 6.0
- Parallels Virtuozzo Containers
Automation
- Parallels Automation
- Parallels Automation for Cloud Infrastructure
- Parallels Business Automation Standard
- Parallels Virtual Automation
- Parallels Plesk Panel Suite
- Web Presence Builder
- Parallels Plesk Automation
- Parallels Small Business Panel
- Value-added Services for Hosters
- Parallels Partner Storefront
Services & Resources
- Cloud Acceleration Services
- Professional Services
- Support Services
- Training & Certification