Cheap VPS & Xen Server


Residential Proxy Network - Hourly & Monthly Packages

Installing And Using OpenVZ On Ubuntu 13.04 (AMD64)


In this HowTo I will describe how to prepare an Ubuntu 13.04 server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

I’m using an x86_64 (amd64) system here. If you are on an i386 system, a few commands will be slightly different.

 

2 Installing OpenVZ

For Ubuntu 13.04, there is no OpenVZ kernel in the official repositories. Therefore we must install OpenVZ from the official RPM packages from the OpenVZ project (see Install kernel from RPM on Debian 6.0) – with ploop support

 

2.1 Installing From The Official RPM Packages From The OpenVZ Project

Download the latest vzkernel, vzctl, ploop and vzquota RPM packages from http://wiki.openvz.org/Download/kernel/rhel6 and http://wiki.openvz.org/Download/utils, e.g. as follows::

cd /tmp
wget http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab076.8/vzkernel-2.6.32-042stab076.8.x86_64.rpm
wget http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab076.8/vzkernel-devel-2.6.32-042stab076.8.x86_64.rpm
wget http://download.openvz.org/utils/vzctl/4.3.1/vzctl-4.3.1-1.x86_64.rpm
wget http://download.openvz.org/utils/vzctl/4.3.1/vzctl-core-4.3.1-1.x86_64.rpm
wget http://download.openvz.org/utils/ploop/1.7/ploop-1.7-1.x86_64.rpm
wget http://download.openvz.org/utils/ploop/1.7/ploop-lib-1.7-1.x86_64.rpm
wget http://download.openvz.org/utils/vzquota/3.1/vzquota-3.1-1.x86_64.rpm

Install the following packages…

apt-get install fakeroot alien libcgroup1

… and convert the RPM packages to DEB packages:

fakeroot alien –to-deb –scripts –keep-version vz*.rpm ploop*.rpm

Install the DEB packages as follows:

dpkg -i vz*.deb ploop*.deb

Next we have to make sure that the correct kernel (the OpenVZ kernel) is booted when you restart the system. In the output of the last command, you should see something like this:

Setting up vzkernel (2.6.32-042stab076.8) …
update-initramfs: Generating /boot/initrd.img-2.6.32-042stab076.8
WARNING: could not open /lib/modules/2.6.32-042stab076.8/modules.builtin: No such file or directory
WARNING: could not open /tmp/mkinitramfs_I0VIfE/lib/modules/2.6.32-042stab076.8/modules.builtin: No such file or directory
Generating grub.cfg …
Found linux image: /boot/vmlinuz-3.8.0-19-generic
Found initrd image: /boot/initrd.img-3.8.0-19-generic
Found linux image: /boot/vmlinuz-2.6.32-042stab076.8
Found initrd image: /boot/initrd.img-2.6.32-042stab076.8
Found memtest86+ image: /memtest86+.bin
done

This means there is also another kernel on the system (3.8.0), and the openVZ kernel (2.6.32) is not the first in the list. So to make the OpenVZ kernel the default kernel, we have two options – adjust the default kernel in GRUB (recommended) or remove the non-VZ kernel(s).

To adjust the default kernel in GRUB, open /etc/default/grub

vi /etc/default/grub

… and modify the GRUB_DEFAULT line (counting starts with 0; our OpenVZ is the third kernel in the Advanced options for Ubuntu GRUB submenu (which is the second option in the boot menu after the 3.8.0 kernel), so we need to put in “1>2” here (in quotes) – you can find more about GRUB submenus here: https://help.ubuntu.com/community/Grub2/Submenus):

[...]
GRUB_DEFAULT="1>2"
[...]

Update GRUB afterwards:

update-grub

To remove the default kernel, run…

apt-get remove linux-image linux-image-3.8.0-19-generic

… and update GRUB:

update-grub

Now that we have made sure the correct kernel will boot, we can go on.

Next we must check that we are using UUIDs instead of device names in /etc/fstab because otherwise the system might not boot with the openVZ kernel. Run…

blkid

… to find out the UUIDs of your devices/partitions:

root@server1:/tmp# blkid
/dev/sda1: UUID=”9b8299f1-b2a2-4231-9ba1-4540fad76b0f” TYPE=”ext2″
/dev/sda5: UUID=”M83xtW-GofR-FFaa-myo1-T4Gw-grKe-Kg1Etc” TYPE=”LVM2_member”
/dev/mapper/server1–vg-root: UUID=”a5a6e916-64e1-4af9-8bd4-32491d7edcac” TYPE=”ext4″
/dev/mapper/server1–vg-swap_1: UUID=”a68ae8a2-c2cd-4e92-af08-a71661f8f719″ TYPE=”swap”
root@server1:/tmp#

Open /etc/fstab:

vi /etc/fstab

My original /etc/fstab looks as follows (as you see, the UUID of the /boot partition is already being used, but for / and swap, the device names are in use):

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/dev/mapper/server1--vg-root /               ext4    errors=remount-ro 0       1
# /boot was on /dev/sda1 during installation
UUID=9b8299f1-b2a2-4231-9ba1-4540fad76b0f /boot           ext2    defaults        0       2
/dev/mapper/server1--vg-swap_1 none            swap    sw

Modify it so that UUIDs are used for all partitions:

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
#/dev/mapper/server1--vg-root /               ext4    errors=remount-ro 0       1
UUID=a5a6e916-64e1-4af9-8bd4-32491d7edcac /               ext4    errors=remount-ro 0       1
# /boot was on /dev/sda1 during installation
UUID=9b8299f1-b2a2-4231-9ba1-4540fad76b0f /boot           ext2    defaults        0       2
#/dev/mapper/server1--vg-swap_1 none            swap    sw              0       0
UUID=a68ae8a2-c2cd-4e92-af08-a71661f8f719 none            swap    sw              0       0

Make sure OpenVZ starts automatically at boot time:

update-rc.d vz defaults
update-rc.d vzeventd defaults

Next we need to link a few libraries:

ln -s /usr/lib64/libvzctl-4.3.1.so /usr/lib
ln -s /usr/lib64/libploop.so /usr/lib

If you want to use ploop containers, do this:

apt-get install parted

Also, open /etc/init.d/vz

vi /etc/init.d/vz

… and add the line mkdir $VARLOCK/ploop to make sure that the directory /var/lock/ploop is recreated after a reboot:

#!/bin/sh
#  Copyright (C) 2000-2009, Parallels, Inc. All rights reserved.
#
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
#
# OpenVZ startup script, used for redhat and debian related distributions.

###
# chkconfig: 2345 96 20
# description: OpenVZ startup script.
###

### BEGIN INIT INFO
# Provides: vz
# Required-start: $network $remote_fs $syslog
# Required-stop:  $network $remote_fs $syslog
# Should-Start:  sshd vzeventd
# Should-Stop:  sshd vzeventd
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: OpenVZ startup script
# Description: OpenVZ startup script.
### END INIT INFO


# This line is needed to cheat /etc/init.d/rc who expects action word

. /usr/libexec/vzctl/scripts/initd-functions
mkdir $VARLOCK/ploop
[...]

Create a symlink from /vz to/var/lib/vz to provide backward compatibility:

ln -s /vz /var/lib/vz

Open /etc/sysctl.conf and make sure that you have the following settings in it:

vi /etc/sysctl.conf

[...]
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward=1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.eth0.proxy_arp=1
[...]

If you need to modify /etc/sysctl.conf, run

sysctl -p

afterwards.

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system’s IP address. If you don’t do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

vi /etc/vz/vz.conf

[...]
# Controls which interfaces to send ARP requests and modify APR tables on.
NEIGHBOUR_DEVS=all
[...]

Install vzdump:

apt-get install vzdump

Finally, reboot the system:

reboot

If your system reboots without problems, then everything is fine!

Run

uname -r

and your new OpenVZ kernel should show up:

root@server1:~# uname -r
2.6.32-042stab076.8
root@server1:~#

3 Using OpenVZ

Before we can create virtual machines with OpenVZ, we need to have a template for the distribution that we want to use in the virtual machines in the /var/lib/vz/template/cache directory. The virtual machines will be created from that template.

You can find a list of precreated templates on http://wiki.openvz.org/Download/template/precreated. For example, we can download a minimal Debian Wheezy template (x86_64) as follows:

cd /vz/template/cache
wget http://download.openvz.org/template/precreated/contrib/debian-7.0-amd64-minimal.tar.gz

(If your host is an i386 system, you cannot use an amd64 template – you must use i386 templates then!)

I will now show you the basic commands for using OpenVZ.

To set up a VPS from the debian-7.0-amd64-minimal template (you can find it in /vz/template/cache), run:

vzctl create 101 –ostemplate debian-7.0-amd64-minimal –config basic

The 101 must be a uniqe ID – each virtual machine must have its own unique ID. You can use the last part of the virtual machine’s IP address for it. For example, if the virtual machine’s IP address is 192.168.0.101, you use 101 as the ID.

If you want to have the vm started at boot, run

vzctl set 101 –onboot yes –save

To set a hostname and IP address for the vm, run:

vzctl set 101 –hostname test.example.com –save
vzctl set 101 –ipadd 192.168.0.101 –save

Next we set the number of sockets to 120 and assign a few nameservers to the vm:

vzctl set 101 –numothersock 120 –save
vzctl set 101 –nameserver 8.8.8.8 –nameserver 8.8.4.4 –save

(Instead of using the vzctl set commands, you can as well directly edit the vm’s configuration file which is stored in the /etc/vz/conf directory. If the ID of the vm is 101, then the configuration file is /etc/vz/conf/101.conf.)

To start the vm, run

vzctl start 101

To set a root password for the vm, execute

vzctl exec 101 passwd

You can now either connect to the vm via SSH (e.g. with PuTTY), or you enter it as follows:

vzctl enter 101

To leave the vm’s console, type

exit

To stop a vm, run

vzctl stop 101

To restart a vm, run

vzctl restart 101

To delete a vm from the hard drive (it must be stopped before you can do this), run

vzctl destroy 101

To get a list of your vms and their statuses, run

vzlist -a

root@server1:~# vzlist -a
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
101          8 running   192.168.0.101   test.example.com
root@server1:~#

To find out about the resources allocated to a vm, run

vzctl exec 101 cat /proc/user_beancounters

server1:~# vzctl exec 101 cat /proc/user_beancounters
Version: 2.5
uid  resource           held    maxheld    barrier      limit    failcnt
101:  kmemsize         500737     517142   11055923   11377049          0
lockedpages           0          0        256        256          0
privvmpages        2315       2337      65536      69632          0
shmpages            640        640      21504      21504          0
dummy                 0          0          0          0          0
numproc               7          7        240        240          0
physpages          1258       1289          0 2147483647          0
vmguarpages           0          0      33792 2147483647          0
oomguarpages       1258       1289      26112 2147483647          0
numtcpsock            2          2        360        360          0
numflock              1          1        188        206          0
numpty                1          1         16         16          0
numsiginfo            0          1        256        256          0
tcpsndbuf         17856      17856    1720320    2703360          0
tcprcvbuf         32768      32768    1720320    2703360          0
othersockbuf       2232       2928    1126080    2097152          0
dgramrcvbuf           0          0     262144     262144          0
numothersock          1          3        120        120          0
dcachesize            0          0    3409920    3624960          0
numfile             189        189       9312       9312          0
dummy                 0          0          0          0          0
dummy                 0          0          0          0          0
dummy                 0          0          0          0          0
numiptent            10         10        128        128          0
server1:~#

The failcnt column is very important, it should contain only zeros; if it doesn’t, this means that the vm needs more resources than are currently allocated to the vm. Open the vm’s configuration file in /etc/vz/conf and raise the appropriate resource, then restart the vm.

To find out more about the vzctl command, run

man vzctl

 

3.1 Setting Quota Inside A Container

To enable quota inside a container (in this example it is the container with the ID 101), run the following commands from the host:

vzctl stop 101
vzctl set 101 –diskquota yes –save
vzctl set 101 –diskspace 10G –save
vzctl set 101 –diskinodes 200000:220000 –save
vzctl set 101 –quotatime 0 –save
vzctl set 101 –quotaugidlimit 1000 –save
vzctl start 101

You can adjust the values for diskspace and diskinodes to your needs. quotaugidlimit sets maximum number of user/group IDs in a container for which disk quota inside the container will be accounted.

After the container has started, you must install the quota and quotatool packages inside the container:

apt-get install quota quotatool

Afterwards, the command…

repquota -avug

… should show the current quotas:

root@test:~# repquota -avug
*** Report for user quotas on device /dev/simfs
Block grace time: 00:00; Inode grace time: 00:00
Block limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —  325500       0       0          14301     0     0
man       —     360       0       0             35     0     0
libuuid   —       4       0       0              1     0     0
messagebus —       4       0       0              1     0     0

Statistics:
Total blocks: 131590
Data blocks: 2
Entries: 4
Used average: 2.000000

*** Report for group quotas on device /dev/simfs
Block grace time: 00:00; Inode grace time: 00:00
Block limits                File limits
Group           used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —  325112       0       0          14251     0     0
adm       —      36       0       0             23     0     0
tty       —      40       0       0              9     0     0
disk      —       0       0       0             17     0     0
mail      —       4       0       0              1     0     0
kmem      —       0       0       0              3     0     0
shadow    —     124       0       0              5     0     0
utmp      —      16       0       0              4     0     0
staff     —      68       0       0             18     0     0
libuuid   —       4       0       0              1     0     0
ssh       —     128       0       0              1     0     0
messagebus —     292       0       0              2     0     0
crontab   —      44       0       0              3     0     0

Statistics:
Total blocks: 131590
Data blocks: 4
Entries: 13
Used average: 3.250000

root@test:~#

3.2 Creating A ploop Container

Creating a ploop container is not that much different from creating a normal, directory-based container – just make sure you use the –layout ploop switch and specify the diskspace (e.g. –diskspace 10G) when you create the container:

vzctl create 102 –layout ploop –diskspace 10G –ostemplate debian-7.0-amd64-minimal –config basic

Setting all other options is the same:

vzctl set 102 –onboot yes –save

vzctl set 102 –hostname test2.example.com –save
vzctl set 102 –ipadd 192.168.0.102 –save

vzctl set 102 –numothersock 120 –save
vzctl set 102 –nameserver 8.8.8.8 –nameserver 8.8.4.4 –save

vzctl start 102

vzctl exec 102 passwd

To enable quota inside a ploop container, we just need to set the quotaugidlimit option:

vzctl stop 102
vzctl set 102 –quotaugidlimit 1000 –save
vzctl start 102

After the container has started, you must install the quota and quotatool packages inside the container:

apt-get install quota quotatool

Afterwards, the command…

repquota -avug

… should show the current quotas (if not, restart the container):

root@test:~# repquota -avug
*** Report for user quotas on device /dev/simfs
Block grace time: 00:00; Inode grace time: 00:00
Block limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —  325500       0       0          14301     0     0
man       —     360       0       0             35     0     0
libuuid   —       4       0       0              1     0     0
messagebus —       4       0       0              1     0     0

Statistics:
Total blocks: 131590
Data blocks: 2
Entries: 4
Used average: 2.000000

*** Report for group quotas on device /dev/simfs
Block grace time: 00:00; Inode grace time: 00:00
Block limits                File limits
Group           used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —  325112       0       0          14251     0     0
adm       —      36       0       0             23     0     0
tty       —      40       0       0              9     0     0
disk      —       0       0       0             17     0     0
mail      —       4       0       0              1     0     0
kmem      —       0       0       0              3     0     0
shadow    —     124       0       0              5     0     0
utmp      —      16       0       0              4     0     0
staff     —      68       0       0             18     0     0
libuuid   —       4       0       0              1     0     0
ssh       —     128       0       0              1     0     0
messagebus —     292       0       0              2     0     0
crontab   —      44       0       0              3     0     0

Statistics:
Total blocks: 131590
Data blocks: 4
Entries: 13
Used average: 3.250000

root@test:~#

 

  • OpenVZ: http://openvz.org/
  • Ubuntu: http://www.ubuntu.com/

Comments

comments