//
you're reading...
OpenVZ

OpenVZ Install Notes

Install notes for OpenVZ, done on Centos 6 minimal

sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux

sed -i 's/#TCPKeepAlive yes/TCPKeepAlive yes/' /etc/ssh/sshd_config
sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 130/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config

chkconfig fcoe off
chkconfig iptables off
chkconfig ip6tables off
chkconfig iscsi off
chkconfig iscsid off
chkconfig lldpad off
chkconfig netfs off
chkconfig rpcbind off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig nfslock off
chkconfig auditd off

yum -y install screen sudo wget mlocate ntpdate git links libtool byacc gcc make autoconf automake dstat openssh-clients perl screen vim yum-utils

cat > /etc/cron.daily/ntpdate <<EOF
#!/bin/sh
/usr/sbin/ntpdate time.centos.org
EOF

chmod +x /etc/cron.daily/ntpdate

wget http://mirrors.servercentral.net/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm 

yum -y update
yumdownloader centos-release.x86_64

wget -P /etc/yum.repos.d/ http://download.openvz.org/openvz.repo
rpm --import  http://download.openvz.org/RPM-GPG-Key-OpenVZ

yum install vzkernel vzctl.x86_64 vzquota.x86_64

vi /etc/sysctl.conf
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0

# Enables source route verification
net.ipv4.conf.all.rp_filter = 1

# Enables the magic-sysrq key
kernel.sysrq = 1

# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0


reboot 

Setup the OpenVZ Template

mkdir -p /vz/template/tmproot/var/lib
touch /vz/template/tmproot/var/lib/random-seed
rpm --rebuilddb --root=/vz/template/tmproot
rpm -i --root=/vz/template/tmproot --nodeps centos-release-6-3.el6.centos.9.x86_64.rpm
yum --installroot=/vz/template/tmproot install -y openssh-clients openssh-server nfs-utils yum yum-utils man wget sudo tar passwd which rsyslog cronie mlocate
yum --installroot=/vz/template/tmproot clean all
ln -s /proc/mounts /vz/template/tmproot/etc/mtab
rm -f /vz/template/tmproot/dev/null
mknod -m 600 /vz/template/tmproot/dev/console c 5 1

cat >/vz/template/tmproot/etc/fstab <<EOF
none /dev/pts devpts rw,gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
EOF

sed -i 's/ACTIVE_CONSOLES=\/dev\/tty\[1-6\]/ACTIVE_CONSOLES=/' /vz/template/tmproot/etc/sysconfig/init

rm -f /vz/template/tmproot/etc/localtime
ln -s /usr/share/zoneinfo/America/Los_Angeles /vz/template/tmproot/etc/localtime

vi  /vz/template/tmproot/etc/sudoers

cp /etc/ssh/sshd_config /vz/template/tmproot/etc/ssh/sshd_config

ssh-keygen

mkdir  /vz/template/tmproot/root/.ssh
chmod 600  /vz/template/tmproot/root/.ssh
cat ~/.ssh/id_rsa.pub >  /vz/template/tmproot/root/.ssh/authorized_keys

cp ~/.bashrc /vz/template/tmproot/root/
cp ~/.bash_profile /vz/template/tmproot/root/

cd /vz/template/
tar zcf cache/centos-6-x86_64.tar.gz -C /vz/template/tmproot .

Create a VE

vzctl create 101 --ostemplate centos-6-x86_64 --hostname vapp01 --name vapp01
vzctl set 101 --ipdel all --save
vzctl set 101 --netif_add eth0 --save
vzctl set 101 --nameserver 10.1.1.1 --save
vzctl set 101 --ram 16G --save
vzctl set 101 --cpus 2 --save
vzctl set 101 --diskspace 40G --save
vzctl set 101 --features "nfs:on" --save

cat >/etc/sysconfig/network-scripts/ifcfg-veth101.0<<EOF
DEVICE=veth101.0
Bridge="br0"
ONBOOT=no
EOF

cat >/vz/private/101/etc/sysconfig/network-scripts/ifcfg-eth0<<EOF
DEVICE=eth0
BOOTPROTO=static
IPADDR=10.1.1.10
NETMASK=255.255.255.0
GATEWAY=10.1.1.1
DNS1=10.1.1.1
ONBOOT=yes
EOF

echo 1 > /proc/sys/net/ipv4/conf/veth101.0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/veth101.0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp

vzctl start 101
vzctl enter 101

Remove a VE

vzctl stop 101
vzctl destroy 101

To assign a dev to a VE

vzctl set VEID --devnodes hdX:rw --save
Advertisements

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s