Cheap VPS & Xen Server

Residential Proxy Network - Hourly & Monthly Packages

Installing And Using OpenVZ On Fedora 15


In this HowTo I will describe how to prepare a Fedora 15 server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

1 Installing OpenVZ

In order to install OpenVZ, we need to add the OpenVZ repository to yum :

cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm –import http://download.openvz.org/RPM-GPG-Key-OpenVZ

Now open openvz.repo

vi openvz.repo

… and disable the [openvz-kernel-rhel5] repository (enabled=0) and enable the [openvz-kernel-rhel6] repository instead (enabled=1):

[...]
[openvz-kernel-rhel5]
name=OpenVZ RHEL5-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel5-2.6.18/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel5-2.6.18
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ
[...]
[openvz-kernel-rhel6]
name=OpenVZ RHEL6-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel6-2.6.32/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel6-2.6.32
enabled=1
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ
[...]

The repository contains a few different OpenVZ kernels (you can find more details about them here: http://wiki.openvz.org/Kernel_flavors). The command

yum search vzkernel

shows you the available kernels:

[root@server1 yum.repos.d]# yum search vzkernel
Loaded plugins: langpacks, presto, refresh-packagekit
Adding en_US to language list
===================================================================== Matched: vzkernel
======================================================================
vzkernel-debug-debuginfo.i686 : Debug information for package vzkernel-debug
vzkernel-debug-debuginfo.x86_64 : Debug information for package vzkernel-debug
vzkernel-debuginfo.i686 : Debug information for package vzkernel
vzkernel-debuginfo.x86_64 : Debug information for package vzkernel
vzkernel-debuginfo-common-i686.i686 : Kernel source files used by vzkernel-debuginfo packages
vzkernel-debuginfo-common-x86_64.x86_64 : Kernel source files used by vzkernel-debuginfo packages
vzkernel.i686 : The Linux kernel
vzkernel.x86_64 : The Linux kernel
vzkernel-debug.i686 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug.x86_64 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug-devel.i686 : Development package for building kernel modules to match the debug kernel
vzkernel-debug-devel.x86_64 : Development package for building kernel modules to match the debug kernel
vzkernel-devel.i686 : Development package for building kernel modules to match the kernel
vzkernel-devel.x86_64 : Development package for building kernel modules to match the kernel
vzkernel-headers.i686 : Header files for the Linux kernel for use by glibc
vzkernel-headers.x86_64 : Header files for the Linux kernel for use by glibc
[root@server1 yum.repos.d]#

Pick one of them and install it as follows:

yum install vzkernel

This should automatically update the GRUB bootloader as well. Anyway, we should open /boot/grub/menu.lst; the first kernel stanza should now contain the new OpenVZ kernel. The title of that kernel just reads “Fedora”. I think it’s a good idea to change that title and add something with “OpenVZ” to it so that you know that it’s the OpenVZ kernel. Also make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default Fedora kernel.

vi /boot/grub/menu.lst

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/mapper/vg_server1-lv_root
#          initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=0
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora OpenVZ (2.6.32-042stab018.1)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-042stab018.1 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_LVM_LV=vg_server1/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=de rhgb quiet biosdevname=0 crashkernel=auto
        initrd /initramfs-2.6.32-042stab018.1.img
title Fedora (2.6.38.6-27.fc15.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.38.6-27.fc15.x86_64 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_LVM_LV=vg_server1/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=de rhgb quiet biosdevname=0
        initrd /initramfs-2.6.38.6-27.fc15.x86_64.img

Now we install some OpenVZ user tools:

yum install vzctl vzquota

Open /etc/sysctl.conf and make sure that you have the following settings in it:

vi /etc/sysctl.conf

[...]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[...]

If you need to modify /etc/sysctl.conf, run

sysctl -p

afterwards.

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system’s IP address. If you don’t do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

vi /etc/vz/vz.conf

[...]
NEIGHBOUR_DEVS=all
[...]

SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled:

vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Finally, reboot the system:

reboot

If your system reboots without problems, then everything is fine!

Run

uname -r

and your new OpenVZ kernel should show up:

[root@server1 ~]# uname -r
2.6.32-042stab018.1
[root@server1 ~]#

2 Using OpenVZ

Before we can create virtual machines with OpenVZ, we need to have a template for the distribution that we want to use in the virtual machines in the /vz/template/cache directory. The virtual machines will be created from that template. You can find a list of precreated templates on http://wiki.openvz.org/Download/template/precreated.

I want to use Fedora 15 in my virtual machines, so I download a Fedora 15 template:

cd /vz/template/cache
wget http://download.openvz.org/template/precreated/beta/fedora-15-x86.tar.gz

I will now show you the basic commands for using OpenVZ.

To set up a VPS from the Fedora 15 template, run:

vzctl create 101 –ostemplate fedora-15-x86 –config basic

The 101 must be a uniqe ID – each virtual machine must have its own unique ID. You can use the last part of the virtual machine’s IP address for it. For example, if the virtual machine’s IP address is 192.168.0.101, you use 101 as the ID.

If you want to have the vm started at boot, run

vzctl set 101 –onboot yes –save

To set a hostname and IP address for the vm, run:

vzctl set 101 –hostname test.example.com –save
vzctl set 101 –ipadd 192.168.0.101 –save

Next we set the number of sockets to 120 and assign a few nameservers to the vm:

vzctl set 101 –numothersock 120 –save
vzctl set 101 –nameserver 8.8.8.8 –nameserver 8.8.4.4 –nameserver 145.253.2.75 –save

(Instead of using the vzctl set commands, you can as well directly edit the vm’s configuration file which is stored in the /etc/vz/conf/ directory. If the ID of the vm is 101, then the configuration file is /etc/vz/conf/101.conf.)

To start the vm, run

vzctl start 101

To set a root password for the vm, execute

vzctl exec 101 passwd

You can now either connect to the vm via SSH (e.g. with PuTTY), or you enter it as follows:

vzctl enter 101

To leave the vm’s console, type

exit

To stop a vm, run

vzctl stop 101

To restart a vm, run

vzctl restart 101

To delete a vm from the hard drive (it must be stopped before you can do this), run

vzctl destroy 101

To get a list of your vms and their statuses, run

vzlist -a

[root@server1 ~]# vzlist -a
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
101         12 running   192.168.0.101   test.example.com
[root@server1 ~]#

To find out about the resources allocated to a vm, run

vzctl exec 101 cat /proc/user_beancounters

[root@server1 ~]# vzctl exec 101 cat /proc/user_beancounters
Version: 2.5
uid  resource           held    maxheld    barrier      limit    failcnt
101:  kmemsize         608099     853271   11055923   11377049          0
lockedpages           0          0        256        256          0
privvmpages        9982      10340      65536      69632          0
shmpages            641        657      21504      21504          0
dummy                 0          0          0          0          0
numproc              10         13        240        240          0
physpages          1334       1489          0 2147483647          0
vmguarpages           0          0      33792 2147483647          0
oomguarpages       1334       1489      26112 2147483647          0
numtcpsock            3          3        360        360          0
numflock              0          1        188        206          0
numpty                1          2         16         16          0
numsiginfo            0          2        256        256          0
tcpsndbuf         26832          0    1720320    2703360          0
tcprcvbuf         49152          0    1720320    2703360          0
othersockbuf       8944      26216    1126080    2097152          0
dgramrcvbuf           0       8380     262144     262144          0
numothersock          6         11        120        120          0
dcachesize            0          0    3409920    3624960          0
numfile             233        280       9312       9312          0
dummy                 0          0          0          0          0
dummy                 0          0          0          0          0
dummy                 0          0          0          0          0
numiptent            10         10        128        128          0
[root@server1 ~]#

The failcnt column is very important, it should contain only zeros; if it doesn’t, this means that the vm needs more resources than are currently allocated to the vm. Open the vm’s configuration file in /etc/vz/conf/ and raise the appropriate resource, then restart the vm.

To find out more about the vzctl command, run

man vzctl

 

  • OpenVZ: http://openvz.org/
  • Fedora: http://fedoraproject.org/

Comments

comments