Installing an OpenVZ Server

by Mike on May 16, 2009

in Virtualization

I have used OpenVZ for a number of years now and find it extremely reliable, easy to use and an excellent way to use the server resources that you have available.  The one thing that you will notice with OpenVZ more than other types of virtualization is tha tit uses your resources better than any other option available today.  Not GUI is available and it will not work with anything but Linux.

Here is a description from the website at OpenVZ.com.

“OpenVZ is container-based virtualization for Linux. OpenVZ creates multiple secure, isolated containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict. Each container performs and executes exactly like a stand-alone server; a container can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files”

Installing OpenVZ

top_virt

Download the config file for OpenVZ repo or copy and create a file called openvz.repo in the /etc/yum.repos.d directory.

http://download.openvz.org/openvz.repo

[openvz-utils]
name=OpenVZ utilities
#baseurl=http://download.openvz.org/current/
mirrorlist=http://download.openvz.org/mirrors-current
enabled=1
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

# In addition to openvz-utils repo, you have to enable one the the
# kernel repositories below. In the stock config, openvz-kernel-rhel5
# is enabled; you might want to change this.

[openvz-kernel-2.6.27]
name=OpenVZ 2.6.27 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.27/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.27
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.26]
name=OpenVZ 2.6.26 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.26/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.26
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.24]
name=OpenVZ 2.6.24 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.24/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.24
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.22]
name=OpenVZ 2.6.22 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.22/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.22
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.20]
name=OpenVZ 2.6.20 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.20/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.20
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-rhel5]
name=OpenVZ RHEL5-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel5-2.6.18/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel5-2.6.18
enabled=1
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.18]
name=OpenVZ 2.6.18 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.18/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.18
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.16]
name=OpenVZ 2.6.16 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.16/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.16
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-rhel4]
name=OpenVZ RHEL4-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel4-2.6.9/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel4-2.6.9
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-2.6.8]
name=OpenVZ 2.6.8 kernel
#baseurl=http://download.openvz.org/kernel/branches/2.6.8/current
mirrorlist=http://download.openvz.org/kernel/mirrors-2.6.8
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

Install OpenVZ
# yum install ovzkernel vzctl

Create a Partition Called /vz
Create a partition called /vz and enter the settings in the /etc/fstab.

Move Templates into the  /vz/template/cache/ directory.
The templates you will be using need to be moved into the template directory before you are able to build a VPS.  These pre-created templates are available from the OpenVZ site.

cp centos-5-i386-default.tar.gz /vz/template/cache/

Disable SELinux
In order to set up the hardware node it is important to either not enable SELinux at installation or disable it after installation.  You can disable SELinux after installation by editing the /etc/sysconfig/selinux file.  Here is the file contents listed below, not that SELinux has been disabled by change the work “enforcing” to “disabled”.  You must restart the machine.

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing – SELinux security policy is enforced.
#       permissive – SELinux prints warnings instead of enforcing.
#       disabled – SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted – Only targeted network daemons are protected.
#       strict – Full SELinux protection.
SELINUXTYPE=targeted

Edit /etc/sysctl.conf
In order for networking to work for the virtual servers that you create, you will need to enable packet forwarding as the hardware node must forward all packets to the virtual servers.   Edit the /etc/sysctl.conf file on the host.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

or
Another option to turn on packet forwarding is to change the active config in the /proc directory.  This will setting wold have to be repeated when you boot the hardware node.

# echo 1 > /proc/sys/net/ipv4/ip_forward

Once this is complete reboot your system and it will boot to the OpenVZ Kernel.  You can test if it installed correctly by using this command:

vzlist -a


Previous post:

Next post: