Container Configuration File

Each Container has its own configuration file, which is stored in the /etc/vz/conf directory and has a name like CT_ID .conf . This file has the same format as the global configuration file. The settings specified in this file can be subdivided into the following categories: miscellaneous, networking, backup, resource management parameters, and name-based hosting parameters.

Note: In Parallels Server Bare Metal, you can also configure a number of settings for the server itself by editing the /etc/vz/conf/0.conf file. Currently, these settings include the VERSION and ONBOOT parameters, as well as all parameters listed in the table under the System parameters group.

Miscellaneous parameters:

`VERSION`	Specifies the Parallels Server Bare Metal version the configuration file applies to. "2" relates to Parallels Server Bare Metal version 4 and later.
`ONBOOT`	Specifies whether the Container should be started automatically on system startup. Parallels Server Bare Metal automatically starts all Containers that have this parameter set to “yes” upon startup. Note: If "yes" is specified as the value of this parameter in the `0.conf` file, all server system management parameters are set on the server boot to the values indicated in this file.
`OFFLINE_MANAGEMENT`	Overrides the `OFFLINE_MANAGEMENT` parameter from the global configuration file.
`OFFLINE_SERVICE`	Overrides the `OFFLINE_SERVICE` parameter from the global configuration file.
`ALLOWREBOOT`	Specifies whether the Container may be restarted with the “reboot” command inside. If omitted or set to “yes”, reboot is allowed. Note: To make reboot working, you should uncomment the corresponding line in the `/etc/cron.d/vereboot` file.
`CAPABILITY`	Specifies capabilities inside of the Container. Setting of following capabilities is allowed: `CHOWN` , `AC_OVERRIDE` , `AC_READ_SEARCH` , `FOWNER` , `FSETID` , `KILL` , `SETGID` , `SETUID` , `SETPCAP` , `LINUX_IMMUTABLE` , `NET_BIND_SERVICE` , `NET_BROADCAST` , `NET_ADMIN` , `NET_RAW` , `IPC_LOCK` , `IPC_OWNER` , `SYS_MODULE` , `SYS_RAWIO` , `SYS_CHROOT` , `SYS_PTRACE` , `SYS_PACCT` , `SYS_ADMIN` , `SYS_BOOT` , `SYS_NICE` , `SYS_RESOURCE` , `SYS_TIME` , `SYS_TTY_CONFIG` , `MKNOD` , `LEASE` .
`OSTEMPLATE`	The name of the OS template that was used for creating the Container. You do not have to change this parameter; `pctl` will set it for you upon calling the `pctl create` command (or using the defaults from the global configuration file). The `.` symbol before the OS template name, if specified, indicates that this is an EZ OS template.
`TEMPLATES`	When used in the Container sample configuration file, this parameter defines a list of application templates that should be automatically added to the Container being created on the basis of this sample. So, if the corresponding templates are installed on the server, and the `pctl create` command uses a configuration file with this parameter defined, the templates will be added to the Container immediately upon its creation. When used in the configuration file of an existing Container, this parameter provides a list of templates that have been installed inside the Container by means of either the `pctl create` , `vzpkgadd` , or `vzpkg install` commands. In this case you should not modify this parameter since it is used by template management utilities to track the history of the installed templates. This parameter is omitted if no templates have been applied to the Container.
`VE_ROOT`	Overrides the `VE_ROOT` parameter from the global configuration file.
`VE_PRIVATE`	Overrides the `VE_PRIVATE` parameter from the global configuration file.
`VE_ENVIRONMENT`	Overrides the `VE_ENVIRONMENT` parameter from the global configuration file.
`TECHNOLOGIES`	Determines a set of technologies which should be provided by the Parallels Server Bare Metal kernel for Container operation. Currently, this parameter can contain the information about the following technologies: The system architecture of the Container ( `x86` , `x86_64` , or `i64` ). Whether the Container is based on the OS template supporting the Native POSIX Thread Library (NPTL). In this case, the `nptl` entry is specified as the value of this parameter. Whether the OS EZ template the Container is based on requires the `sysfs` filesystem support (e.g. the OS EZ template for SUSE Linux Enterprise 10).
`DISABLED`	If set to `yes` , disables the Container making it impossible to start the Container once it was stopped. You can start the disabled Container by setting the value of this parameter to `no` or using the `--force` option with the `pctl set` command.
`DESCRIPTION`	Sets the description for the Container. Note: You are allowed to use only symbols in the 'A -z' and '0-9' ranges in your descriptions.
`NAME`	The name assigned to the Container. You can use this name, along with the Container ID, to refer to the Container while performing this or that Container-related operation on the server. Follow the following rules while setting the Container name: The name should contain the `A-Z` , `a-z` , `0-9` , `\` , `-` , and `_` symbols only. If the name consists of two or more words, it should be quoted (e.g. "My Container 101").
`ORIGIN_SAMPLE`	The configuration sample the Container was based on when created.
`CONFIG_CUSTOMIZED`	Indicates whether any of the Container configuration parameters have been modified as regards its original configuration sample. If this parameter is omitted, its value is considered as "no".
`UUID`	The Container unique identifier. This identifier is used by certain Parallels Server Bare Metal utilities during their execution.
`VEFORMAT`	Displays the VZFS version applied to the Container during its creation: `vz4` denotes that the Container is based on VZFS v2. `vz3` denotes that the Container is based on VZFS v1. This parameter is meant for your information only and cannot be changed.

All resource management parameters can be subdivided into the CPU, disk, system, and VSwap categories for your convenience. Any parameter can be set with the pctl set command and the corresponding option name (in the lower case, e.g. --kmemsize for KMEMSIZE , etc.). See the Managing Containers chapter for more details. The Typical value column, if present, specifies a range of reasonable parameter values for different applications, from light to huge heavy loaded Containers (consuming 1/8 of server with 2 GB memory). If the barrier and limit fields are in use, ranges for both thresholds are given.

CPU parameters :

Parameter	Description	Typical value
`CPUUNITS`	CPU weight. This is a positive integer number that defines how much CPU time the Container can get as compared to the other virtual machines and Containers running on the server. The larger the number, the more CPU time the Container can receive. Possible values range from 8 to 500000. If this parameter is not set, the default value of 1000 is used.	`2501000`
`CPULIMIT`	Allowed CPU power. This is a positive number indicating the share of the CPU time, in per cent, the Container may never exceed. You can estimate this share as (allowed Container CPUUNITS/CPU power)*100%.
`CPUS`	Number of CPUs set to handle all the processes inside the given Container. By default, any Container is allowed to consume the CPU time of all processors on the server.
`BURST_CPU_AVG_` `USAGE`	CPU usage limit, in percent, set for the Container. This limit is calculated as the ratio of the current Container CPU usage to the CPU limit (i.e to the value of the `CPULIMIT` parameter) set for the Container in its configuration file. If the limit is not specified, the full CPU power of the server is considered as the CPU limit. Upon exceeding the `BURST_CPU_AVG_USAGE` limit, the `BURST_CPULIMIT` limit is applied to the Container. This parameter redefines the `BURST_CPU_AVG_USAGE` parameter set in the Parallels Server Bare Metal configuration file.	`disabled`
`BURST_CPULIMIT`	CPU power limit, in per cent, the Container cannot exceed. The limitations set in this parameter are applied to the Container when it exceeds the limit specified in the `BURST_CPU_AVG_USAGE` parameter. This parameter redefines the `BURST_CPULIMIT` parameter specified in the Parallels Server Bare Metal configuration file.

Disk parameters:

`DISKSPACE`	Total size of disk space that can be consumed by the Container, in 1 Kb blocks.	`20480010485760-20480011534340`
`DISKINODES`	Total number of disk inodes (files, directories, symbolic links) the Container can allocate.	`80000400000-88000440000`
`QUOTATIME`	The grace period of the disk quota. It is defined in seconds. The Container is allowed to temporarily exceed its quota soft limits for not more than the `QUOTATIME` period. Specifying `-1` as the value of this setting makes the grace period last 'infinitely'.	`0604800`
`QUOTAUGIDLIMIT`	This parameter defines the maximum aggregate number of user IDs and group IDs for which disk quota inside the given Container will be accounted. If set to 0, the UID and GID quota will be disabled. When managing the quotaugidlimit parameter, keep in mind the following: Enabling per-user and per-group quotas for a Container requires restarting the Container. If you delete a registered user but some files with their ID continue residing inside your Container, the current number of ugids (user and group identities) inside the Container will not decrease. If you copy an archive containing files with user and group IDs not registered inside your Container, the number of ugids inside the Container will increase by the number of these new IDs.	`0500`
`IOPRIO`	The Container priority for disk I/O operations. The higher the priority, the more time the Container has for writing to and reading from the disk. The default Container priority is 4.	`0-7`

System parameters:

`NUMPROC`	Number of processes and threads allowed. Upon hitting this limit, Container will not be able to start a new process or thread.	`40400`
`AVNUMPROC`	Number of processes expected to run in the Container on average. This is informational parameter used by utilities like `vzcfgvalidate` in order to ensure configuration correctness.	`0NUMPROC`
`NUMTCPSOCK`	Number of TCP sockets ( `PF_INET` family, `SOCK_STREAM` type). This parameter limits the number of TCP connections and, thus, the number of clients the server application can handle in parallel.	`40500`
`NUMOTHERSOCK`	Number of sockets other than TCP. Local (UNIX-domain) sockets are used for communications inside the system. UDP sockets are used for Domain Name Service (DNS) queries, as example. UDP and other sockets may also be used in some very special applications (SNMP agents and others).	`40500`
`VMGUARPAGES`	Memory allocation guarantee, in pages. Applications are guaranteed to be able to allocate memory while the amount of memory accounted as `privvmpages` does not exceed the configured barrier of the `vmguarpages` parameter. Above the barrier, memory allocation is not guaranteed and may fail in case of overall memory shortage.	`1725107520`
`KMEMSIZE`	Size of unswappable kernel memory, allocated for internal kernel structures for the processes of a particular Container. Typical amounts of kernel memory is 1650 Kb per process.	`79872013148160-85196814024704`
`TCPSNDBUF`	The total size of send buffers for TCP sockets, i.e. the amount of kernel memory allocated for data sent from applications to TCP sockets, but not acknowledged by the remote side yet.	`1597445365760-26214410458760`
`TCPRCVBUF`	Total size of receive buffers for TCP sockets. Amount of kernel memory, received from remote side but not read by local application yet.	`1597445365760-26214410458760`
`OTHERSOCKBUF`	Total size of UNIX-domain socket buffers, UDP and other datagram protocols send buffers.	`614401503232-1638404063232`
`DGRAMRCVBUF`	Total size of receive buffers of UDP and other datagram protocols.	`32768262144`
`OOMGUARPAGES`	Out-of-memory guarantee, in pages. Any Container process will not be killed even in case of heavy memory shortage if current memory consumption (including both physical memory and swap) until the `oomguarpages` barrier is not reached.	`1725107520`
`LOCKEDPAGES`	Memory not allowed to be swapped out (locked with the `mlock()` system call), in pages (one page is 4 Kb).	`44096`
`SHMPAGES`	Total size of shared memory (including IPC, shared anonymous mappings and `tmpfs` objects), allocated by processes of a particular Container, in pages.	`51216384`
`PRIVVMPAGES`	Size of private (or potentially private) memory, allocated by an application. Memory that is always shared among different applications is not included in this resource parameter.	`3072151200-34501612800`
`NUMFILE`	Number of files opened by all Container processes.	`5128192`
`NUMFLOCK`	Number of file locks created by all Container processes.	`50200 – 60220`
`NUMPTY`	Number of pseudo-terminals. For example, the `ssh` session, `screen` , the `xterm` application consumes pseudo-terminal resources.	`464`
`NUMSIGINFO`	Number of `siginfo` structures (essentially this parameter limits the size of signal delivery queue).	`256512`
`DCACHESIZE`	Total size of `dentry` and `inode` structures locked in memory. As example, application, first opening the `/etc/passwd` file, locks entries corresponding to `etc` and `passwd` inodes. If a second application opens the `/etc/shadow` file – only entry corresponding to `shadow` is charged, because `etc` is charged already.	`1843203932160-1966084194304`
`PHYSPAGES`	Total size of RAM used by processes. This parameter is used for accounting purposes only. It shows the usage of RAM by the Container. For memory pages used by several different Containers (mappings of shared libraries, for example), only a fraction of a page is charged to each Container. The sum of the `physpages` for all Containers corresponds to the total number of pages used in the system by all accounted users.	`Not limited`
`NUMIPTENT`	The number of IP packet filtering entries.	`12128`
`MEMINFO`	Customizes the output of the `/proc/meminfo` virtual file inside the Container and sets it to one of the following modes: `none` ( non-virtualized ). In this case running the `cat /proc/meminfo` command inside the Container will display information about physical memory on the server (total, used, free, shared, etc.), in kilobytes. `pages:` `num` ( virtualized in pages ). Setting the `/proc/meminfo` output to this mode allows you to specify what amount of total memory will be displayed while running the `cat /proc/meminfo` command inside the Container. `privvmpages:` `num` ( virtualized in privvmpages ). Setting the `/proc/meminfo` output to this mode also allows you to arbitrarily specify the amount of total memory to be displayed while running the `cat /proc/meminfo` command inside the Container. As distinct from the previous mode, the amount of memory to be shown in this mode is calculated on the basis of the value of the `PRIVVMPAGES` parameter set in the Container configuration file.

VSwap parameters :

`PHYSPAGES`	Amount of RAM that can be used by the processes of a Container, in 4-KB pages.
`SWAP`	Amount of swap space that can be used by the Container for swapping out memory once the RAM is exceeded, in 4-KB pages.
`VM_OVERCOMMIT`	Memory overcommit factor that defines the memory allocation limit for a Container. The limit is calculated as `(PHYSPAGES + SWAP) *` `factor` .	1.5

Network-related parameters allow you to set bandwidth management parameters, hostname and IP addresses that a Container can use as well as to indicate those iptables modules that can be loaded to the Container:

`HOSTNAME`	If this parameter is specified, then `pctl` will set the hostname to its value upon the next Container start. This parameter can be omitted. In this case, the Container administrator should configure the hostname manually.
`IP_ADDRESS`	This is the list of IP addresses, which can be used on Container network interfaces. This list is an argument of the Container start call and it is impossible to assign IP address from inside the Container if the address is not on the list. Any IP address assigned from within the Container will be visible only within the Container.
`NAMESERVER`	The IP address of the DNS server the Container is supposed to use. More than one server can be specified in the space-separated format.
`SEARCHDOMAIN`	DNS search domains for the Container. More than one domain can be specified.
`NETDEV`	The names of physical network adapters that have been moved from the server to the given Container.
`IPTABLES`	Overrides the `IPTABLES` parameter from the Parallels Server Bare Metal global configuration file.
`NETIF`	Specifies a number of parameters for the virtual network adapters existing inside the Container. These parameters include: `ifname` : the name of the `veth` virtual Ethernet interface inside the Container. `mac` : the MAC address assigned to the `veth` virtual Ethernet interface inside the Container. `host_mac` : the MAC address assigned to the `veth` virtual Ethernet interface on the server. `network` : the name of the virtual network where the `veth` virtual network adapter is included. `ip` : the IP address(es) assigned to the `veth` virtual network adapter.
`RATE`	If traffic shaping is turned on, then this parameter specifies bandwidth guarantee, in Kb/s, for the Container. The parameters should be set in the form of `“eth0:1:8”` .
`RATEBOUND`	If set to “yes”, the bandwidth guarantee is also the limit for the Container, and the Container cannot borrow the bandwidth from the `TOTALRATE` bandwidth pool.

Backup-related parameters , if present, allow you to specify the number of backups to store. If absent, these parameters are taken from the global backup configuration file or the backup configuration file for a particular server.

`BACKUP_CHAIN_LEN`	An incremental backup parameter. After this number of incremental backups, a full backup is performed.	`7`
`BACKUP_CHAIN_DAYS`	An incremental backup parameter. After this number of days a full backup is performed.	`7`
`BACKUP_KEEP_MAX`	The number of backups to store. Only full and plain full backups are accounted. If a regular backup is being performed that exceeds this number, the oldest backup is automatically deleted. This parameter is effective only if the `-p` option is specified with the `vzbackup` utility. If there is no `-p` option, the number of backups to store is not limited whatever the value of this parameter.	`3`

Top of page

Feedback