Article ID: 117405, created on Sep 20, 2013, last review on May 11, 2014

  • Applies to:
  • Virtuozzo hypervisor 5.0
Synopsis:          A new Parallels Server Bare Metal 5.0 kernel update
                   addressing security, performance, and stability issues.
Product:           Parallels Server Bare Metal 5.0
Keywords:          'bugfix' 'stability' 'security'


This document provides information on the new Parallels Server Bare Metal 5.0
kernel, version 2.6.32-042stab081.3.


1. About This Update
2. Update Description
3. Obtaining the New Kernel
4. References



The current update for the Parallels Server Bare Metal 5.0 kernel provides a new
kernel based on the Red Hat Enterprise Linux 6.4 kernel (2.6.32-358.18.1.el6).
The updated kernel includes a number of security, performance, and stability



This update includes the following fixes and improvements:

* Ploop has been enhanced to thoroughly collect a succession of bios to improve
  the performance on small requests. (PSBM-19207)

* Performance events are disabled inside the Container by default now.
  Set 'kernel.perf_event_paranoid' sysctl (default 1) to -1 to enable it back.

* Memory compacting algorithm has been enhanced to work better under
  high load. (PSBM-20273)

* A kernel panic could occur while accessing a USB storage device. (PSBM-21015)

* Under certain circumstances, signal pending flag could be lost due to a race
  in the code. (PCLIN-31992)

* The SKB_GSO_TCP flag saving is added to the checkpointing mechanism in order
  to prevent kernel panic of the destination Node that could happen while the
  online migration of Containers was in progress. (PSBM-21181)

* Kernel rpm package now provides appropriate base RHEL6 kernel version
  (like '2.6.32-358.14.1.el6') in the 'kernel' capability.
  This form of 'kernel' capability is required by the 'irqbalance' rpm package.

* Under certain conditions, the file system could be left frozen after the
  Container backup operation, which caused some processes to stall awaiting
  for disk I/O. (PCLIN-32011)

* /proc/meminfo output inside a vSwap-enabled Container was extended to
  include the 'Buffers:' line which is expected by some monitoring tools.
  Buffers usage is always reported as 0 inside a Container. (PSBM-19448)

* Under certain circumstances, a checkpointing operation of a Container
  running processes being straced could cause a Hardware Node hard lockup.

* fsck considers ext4 filesystem broken if it was previously resized online.
  (PSBM-21709, OVZ# 2701)

* Manual unmounting of a ploop device while the inner file system is still
  being mounted and used by the Container leads to numerous complaints in
  kernel logs, like: "VFS: Busy inodes after unmount. sb = ffff880108987000,
  fs type = ext4, sb count = 2, sb->s_root = /". (PSBM-21474)

* The resources accounting has been improved by fixing a number of resources
  accounting issues.

* OOM berserker mode algorithm (which is a defense from fork bombs)
  has been tuned to reduce the chances to kill processes from Containers
  which do not run a fork bomb. (PSBM-21293)

* The Container ID has been added to the SYN flood warning message
  in order to identify the problem Container on a Hardware Node.(PCLIN-31975)

* A kernel warning inside ext4_journal_start_sb() function could be reported
  on the Nodes that run both ploop-based Containers and vzfs Containers
  simultaneously. (PSBM-20150)



You can download and install this kernel update using the vzup2date utility
included in the Parallels Server Bare Metal 5.0 distribution set.



Copyright (c) 1999-2013 Parallels IP Holdings GmbH and its affiliates. All
rights reserved.

c662da62f00df94fd77ba7a2c9eff4b4 2897d76d56d2010f4e3a28f864d69223 a26b38f94253cdfbf1028d72cf3a498b

Email subscription for changes to this article
Save as PDF