Kyle Brandt

“OpenVZ is container-based virtualization for Linux. OpenVZ creates multiple secure, isolated containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict.”

For each of these containers or VEs, there are resource limits. The psuedo file system, /proc, tracks various process and kernel information. The OpenVZ kernel provides the file /proc/user_beancounters that tells us if any of these limits have been reached (amoung other information). This is important because a process may fail to start (i.e. tomcat) if the limits have been reached. I wrote a script in python designed to be executed on the OpenVZ host machine by Nagios.

The script parses /proc/user_beancounters and will exit with appropriate Nagios exit status if one of these limits has been reached. If you don’t want to run this script as root, I recommend compiling a shell script with shc to copy the bean_counters file, own it as a unprivilaged user, and then make that a setuid root script (Linux won’t usually allow setuid shell scripts, which is why shc can be used to compile it. Does anyone think if the script only copys the file to tmp that this might be dangerious?). This is what the script expects with its current configuration. The script is easy to modify to make it check for other parameters besides the fail count (failcnt) as well.

You can get the script here: nagios_vz_bean.py