No replies to this topic

[shadowmac]

OpenVZ virtualization uses the concept of containers to run Linux only instances on the same hardware. OpenVZ is an operating system-level virtualization technology. It allows a physical server to run multiple isolated different Linux distributions operating system instances, known as containers or Virtual Private Servers (VPS's)

OpenVZ doesn't have the overhead of a true hypervisor (e.g. XEN or VMware), so it is very fast and an efficient to run Linux only VPS. All virtual servers will use same Linux kernel version.

It offers strong isolation. This is perfect for running named, mysqld, apache and other services in each container. Each VPS is a separate entity, and behaves just like a physical server. Each VPS has:

• System files (such as /bin, /sbin, /lib etc);
  
• Own root users, as well as other users and groups;
  
• Process tree;
  
• Network (private or public IP;
  
• Shared memory, semaphores, messages.

Default Locations

• /vz - Main directory for OpenVZ.
  
• /vz/private - Each VPS is stored here i.e. container's private directories
  
• /vz/template/cache - You must download and store each Linux distribution template here.
  
• /etc/vz/ - OpenVZ configuration directory.
  
• /etc/vz/vz.conf - Main OpenVZ configuration file.
  
• /etc/vz/conf - Softlinked directory for each VPS configuration.
  
• Network port - No network ports are opened by OpenVZ kernel.

Install OpenVZ on CentOS
In order to install OpenVZ, we need to add the OpenVZ repository to yum:

[root@localhost]# yum -y install wget
[root@localhost]# cd /etc/yum.repos.d
[root@localhost]# wget http://download.openvz.org/openvz.repo
[root@localhost]# rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ

The repository contains a few different OpenVZ kernels (you can find more details about them here: Different kernel flavors (UP, SMP, ENTERPRISE, ENTNOSPLIT) - OpenVZ Wiki). The command

[root@localhost]# yum search ovzkernel

shows you the available kernels:

[root@localhost]# yum search ovzkernel
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
 * base: ftp.halifax.rwth-aachen.de
 * openvz-kernel-rhel5: openvz.proserve.nl
 * updates: ftp.halifax.rwth-aachen.de
 * addons: ftp.halifax.rwth-aachen.de
 * openvz-utils: openvz.proserve.nl
 * extras: ftp.halifax.rwth-aachen.de
openvz-kernel-rhel5	   100% |=========================|  951 B	00:00
primary.xml.gz			100% |=========================|  22 kB	00:00
openvz-ker: ################################################## 14/14
openvz-utils			  100% |=========================|  951 B	00:00
primary.xml.gz			100% |=========================| 6.7 kB	00:00
openvz-uti: ################################################## 26/26
ovzkernel-ent.i686 : The Linux kernel compiled for huge mem capable machines.
ovzkernel-PAE.i686 : The Linux kernel compiled for PAE capable machines.
ovzkernel-ent-devel.i686 : Development package for building kernel modules to match the ent kernel.
ovzkernel-PAE-devel.i686 : Development package for building kernel modules to match the PAE kernel.
ovzkernel.i686 : Virtuozzo Linux kernel (the core of the Linux operating system)
ovzkernel-xen.i686 : The Linux kernel compiled for Xen VM operations
ovzkernel-xen-devel.i686 : Development package for building kernel modules to match the kernel.
ovzkernel-devel.i686 : Development package for building kernel modules to match the kernel.
[root@localhost]#

Pick one of them and install it as follows:

[root@localhost]#yum install ovzkernel-ent.i686

This should automatically update the GRUB bootloader as well. Anyway, we should open /boot/grub/menu.lst; the first kernel stanza should now contain the new OpenVZ kernel. The title of that kernel just reads "CentOS". I think it's a good idea to change that title and add something with "OpenVZ" to it so that you know that it's the OpenVZ kernel. Also make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default CentOS kernel.

[root@localhost]#vi /boot/grub/menu.lst

Quote

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS OpenVZ (2.6.18-53.1.19.el5.028stab053.14)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-53.1.19.el5.028stab053.14 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-53.1.19.el5.028stab053.14.img
title CentOS (2.6.18-92.1.1.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-92.1.1.el5 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-92.1.1.el5.img
title CentOS (2.6.18-92.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-92.el5.img

Note: Remember in vi editor R replaces text at cursor until esc is hit.  When done editing type :wq to save file and quit


Now we install some OpenVZ user tools:

[root@localhost]#yum install vzctl vzquota

Open /etc/sysctl.conf and make sure that you have the following settings in it:

[root@localhost]#vi /etc/sysctl.conf

Quote

[...]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[...]

If you need to modify /etc/sysctl.conf, run afterwards

[root@localhost]#sysctl -p

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

[root@localhost]#vi /etc/vz/vz.conf

Quote

[...]
NEIGHBOUR_DEVS=all
[...]

SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled:

[root@localhost]#vi /etc/sysconfig/selinux

Prevent issues with VPS sessions from getting out by running this command

[root@localhost]#service iptables stop

Finally, reboot the system:

[root@localhost]#shutdown -r now [3]

If your system reboots without problems, then everything is fine!

login as root and then run

[root@localhost]#uname -r

and your new OpenVZ kernel should show up:

[root@localhost]# uname -r
2.6.18-53.1.19.el5.028stab053.14
[root@localhost]#

Download CentOS 32 bit template:

[root@localhost]# cd /vz/template/cache
[root@localhost]# wget http://download.openvz.org/template/precreated/centos-5-x86.tar.gz

Create a VPS and set various limits (see vzctl man page):

Quote

--ostemplate {template name}
--conf {config name}
--ipadd {nn.nn.nn.nn}
--hostname {FQDN}
--name mynew \
--nameserver {nn.nn.nn.nn} {nn.nn.nn.nn} \
--diskspace 10G:10G \
--save

example:

[root@localhost]# vzctl create 201 --ostemplate centos-5-x86
[root@localhost]# vzctl set 201 --quotaugidlimit 150 --numproc 400:400 \
--kmemsize 16384000:18022400 --privvmpages 262144:292912 \
--hostname=[B]forums.nixcraft.com[/B] --diskspace 2000000:2000000 \
--shmpages 16384:16384 --ipadd [B]10.0.1.201[/B] \
--nameserver [B]10.0.1.11[/B] --nameserver [B]10.0.1.2[/B] --save
[root@localhost]# vzctl set 201 --onboot yes --save

or

vzctl create 201 --ostemplate centos-5-x86 --config vps.basic
vzctl set 201 --onboot yes --save
vzctl set 201 --hostname dev.example.com --save
vzctl set 201 --ipadd 10.0.1.201 --save
vzctl set 201 --numothersock 120 --save
vzctl set 201 --nameserver 10.0.1.1 --nameserver 68.87.77.134 --nameserver 68.87.72.134 --save

NOTE: The 201 must be a uniqe ID - each virtual machine must have its own unique ID. You can use the last part of the virtual machine's IP address for it. For example, if the virtual machine's IP address is 10.0.1.201, you use 201 as the ID.  To get a list of what current VPS's you have installed run

[root@localhost]#vzlist -a

Set the password for vps root user:

[root@localhost]# vzctl set 201 --userpasswd root:pass

Start VPS:

[root@localhost]# vzctl start 201

Enter into VPS:

[root@localhost]# vzctl enter 201

Exit VPS

exit

Restart a VPS

vzctl restart 201

Stop a VPS

vzctl stop 201

To delete a vm from the hard drive (it must be stopped before you can do this), run

vzctl destroy 201

To get a list of your vms and their statuses, run

vzlist -a

To find out about the resources allocated to a vm, run

vzctl exec 201 cat /proc/user_beancounters 

Now you can install additional software and configure your vps:

[vps #] yum update
[vps #] yum install httpd

NOTE: If yum update fails, you need to run service iptables stop on your host machine
Now browsing to your VPS ip address in your internet browser, you should see an Apache page.