How to Install and Use OpenVZ on a Debian 12 Bookworm System

OpenVZ is a powerful container-based virtualization solution that enables multiple isolated Linux containers (known as VPS or VEs) to run on a single physical server. Unlike traditional hypervisors, OpenVZ offers lightweight virtualization by sharing the host’s kernel, resulting in high performance and minimal overhead.

Although OpenVZ was historically integrated into custom kernel versions, it has evolved, and much of its functionality is now available through the Virtuozzo project. Installing OpenVZ on Debian 12 Bookworm is a bit more involved than installing KVM or Docker, as Debian no longer includes native OpenVZ support in the upstream kernel. However, it is still possible to use OpenVZ-like features with the right setup.

This article provides a detailed step-by-step guide to installing and using OpenVZ (via Virtuozzo’s implementation) on a Debian 12 Bookworm system.

1. Introduction to OpenVZ

OpenVZ is container-based virtualization for Linux. It allows a system to run multiple secure, isolated Linux containers on a single physical server, making it ideal for hosting environments or for isolating workloads.

Unlike traditional virtualization (like KVM or VMware), OpenVZ containers share the same kernel as the host system. This means OpenVZ is much faster and uses fewer resources, but it does limit you to using Linux-based containers that match the host’s kernel version.

2. Prerequisites

Before beginning the installation, make sure your system meets the following requirements:

• A clean installation of Debian 12 Bookworm
• Root or sudo access to the system
• Network connectivity for downloading packages

It’s also advisable to run all updates to ensure your system is up to date:

sudo apt update && sudo apt upgrade -y

3. Installing the OpenVZ Kernel

Debian 12 Bookworm does not ship with an OpenVZ kernel by default, so you need to use the Virtuozzo kernel, which is the spiritual successor to OpenVZ.

Step 1: Add the Virtuozzo Repository

Create a file called /etc/apt/sources.list.d/virtuozzo.list and add the following line:

deb http://repo.virtuozzo.com/debian/12.0/x86_64 vz-updates main

Then import the repository GPG key:

wget -qO - http://repo.virtuozzo.com/debian/virtuozzo-release.gpg | sudo apt-key add -

Update the package index:

sudo apt update

Step 2: Install the Virtuozzo Kernel

Now install the kernel package:

sudo apt install linux-image-vz-virt

After installation, reboot your system to load the new kernel:

sudo reboot

Step 3: Verify the Kernel

After rebooting, confirm that the new kernel is loaded:

uname -r

It should show something like:

4.18.0-305.vz7.174.13

4. Configuring the System for OpenVZ

Several system-level configurations are required to ensure that OpenVZ works correctly.

Enable Required Kernel Modules

These modules should load automatically with the Virtuozzo kernel, but you can manually check them:

lsmod | grep vz

Ensure that modules like vzmon, vziolimit, and simfs are listed.

Enable IP Forwarding

Edit /etc/sysctl.conf:

sudo nano /etc/sysctl.conf

Ensure the following lines are present:

net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

Apply the changes:

sudo sysctl -p

5. Installing vzctl and Management Tools

To manage OpenVZ containers, you need vzctl, which is the command-line utility for container lifecycle management.

sudo apt install vzctl ploop

This will install all necessary tools for container management, including support for ploop (disk image format used by Virtuozzo/OpenVZ).

6. Creating and Managing Containers

OpenVZ uses pre-created templates to spawn containers. These templates are essentially compressed Linux root filesystems.

Step 1: Download a Template

Templates are usually stored in /vz/template/cache. Here’s how to download an Ubuntu 22.04 template, for example:

cd /vz/template/cache
sudo wget https://download.openvz.org/template/precreated/ubuntu-22.04-x86_64.tar.gz

Step 2: Create a Container

Assign an ID (CTID), like 101, and create the container:

sudo vzctl create 101 --ostemplate ubuntu-22.04-x86_64 --layout ploop --config basic

Step 3: Set Container Hostname and IP

sudo vzctl set 101 --hostname container1.example.com --save
sudo vzctl set 101 --ipadd 192.168.1.101 --save

Make sure the IP address fits your host network range or is bridged accordingly.

Step 4: Start the Container

sudo vzctl start 101

Step 5: Access the Container

sudo vzctl enter 101

You now have shell access to your container.

7. Networking Configuration

Networking is a critical part of container management. OpenVZ allows multiple models like bridged, NAT, and routed modes.

The most common is bridged networking using veth interfaces.

Step 1: Enable Bridging

Ensure the bridge is created on the host:

sudo apt install bridge-utils
sudo brctl addbr vzbr0

Bind your physical interface (e.g., eth0) to the bridge:

sudo brctl addif vzbr0 eth0

Set the container to use the bridge:

sudo vzctl set 101 --netif_add eth0 --save
sudo vzctl set 101 --bridge vzbr0 --save

Restart the container for the settings to apply:

sudo vzctl restart 101

8. Managing Resources and Limits

OpenVZ allows fine-grained control over CPU, memory, disk I/O, and other resources.

Memory Limits

sudo vzctl set 101 --ram 1024M --swap 512M --save

CPU Limits

sudo vzctl set 101 --cpus 2 --save

Disk Quotas

Enable and assign quotas:

sudo vzctl set 101 --quotaugidlimit 100 --save
sudo vzctl set 101 --diskspace 10G:12G --save

9. Backups and Snapshots

Ploop containers support live snapshots, making backups straightforward.

Create Snapshot

sudo vzctl snapshot 101

List Snapshots

sudo vzctl snapshot-list 101

Rollback

sudo vzctl snapshot-switch 101 <SNAPSHOT_ID>

You can also create tarball backups manually:

sudo vzctl stop 101
sudo tar czf /root/backup-ct101.tar.gz /vz/private/101

10. Conclusion

OpenVZ offers a lightweight and efficient way to virtualize Linux workloads on a Debian 12 Bookworm system. While it does require using a custom kernel (Virtuozzo-based), the performance benefits and manageability make it a compelling choice for hosting providers and advanced users alike.

Through vzctl and related tools, administrators can easily create, manage, and monitor containers with fine-grained resource controls. Whether you’re building a development lab, a multi-tenant environment, or an isolated service environment, OpenVZ is a powerful tool to consider.

If you’re looking for a modern container solution with a good balance between performance and control, OpenVZ continues to be a relevant option in the Linux virtualization landscape—even on the latest Debian releases.