Pages

Tuesday, 24 April 2012

How to install OpenVZ inside a Xen VPS



This guide should run you through how to install openvz inside centos to get another VPS running inside your main one, we will assume that you're logged in as root, or logged in as a user and have used 'su' or 'sudo -s' to become root.
  • Updating the system 
If you're using the CentOS image from scratch you should update the OS first, because there may be some outdated packages.

Quote:-bash-3.2# yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* addons: mirror.sov.uk.goscomb.net
* base: mirror.sov.uk.goscomb.net
* extras: mirror.sov.uk.goscomb.net
* updates: mirror.as29550.net
addons | 951 B 00:00
base | 2.1 kB 00:00
extras | 2.1 kB 00:00
extras/primary_db | 188 kB 00:00
updates | 1.9 kB 00:00
updates/primary_db | 915 kB 00:00
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package device-mapper-multipath.i386 0:0.4.7-34.el5_5.6 set to be updated
---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated
---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated
---> Package glibc.i686 0:2.5-49.el5_5.7 set to be updated
---> Package glibc-common.i386 0:2.5-49.el5_5.7 set to be updated
---> Package initscripts.i386 0:8.45.30-3.el5.centos set to be updated
---> Package kernel-xen.i686 0:2.6.18-194.32.1.el5 set to be installed
---> Package kpartx.i386 0:0.4.7-34.el5_5.6 set to be updated
---> Package krb5-libs.i386 0:1.6.1-36.el5_5.6 set to be updated
---> Package libxml2.i386 0:2.6.26-2.1.2.8.el5_5.1 set to be updated
---> Package logrotate.i386 0:3.7.4-9.el5_5.2 set to be updated
---> Package module-init-tools.i386 0:3.3-0.pre3.1.60.el5_5.1 set to be updated
---> Package nss.i386 0:3.12.8-1.el5.centos set to be updated
---> Package openldap.i386 0:2.3.43-12.el5_5.3 set to be updated
---> Package openssl.i686 0:0.9.8e-12.el5_5.7 set to be updated
---> Package pam.i386 0:0.99.6.2-6.el5_5.2 set to be updated
---> Package perl.i386 4:5.8.8-32.el5_5.2 set to be updated
---> Package python.i386 0:2.4.3-27.el5_5.3 set to be updated
---> Package rsyslog.i386 0:3.22.1-3.el5_5.1 set to be updated
extras/filelists_db | 197 kB 00:00
updates/filelists_db | 4.1 MB 00:01
--> Finished Dependency Resolution
--> Running transaction check
---> Package kernel-xen.i686 0:2.6.18-164.el5 set to be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================ ​ ================================================================================ ​===========================================================
Package Arch Version Repository Size
================================================================================ ​ ================================================================================ ​===========================================================
Installing:
kernel-xen i686 2.6.18-194.32.1.el5 updates 18 M
Updating:
device-mapper-multipath i386 0.4.7-34.el5_5.6 updates 2.8 M
e2fsprogs i386 1.39-23.el5_5.1 updates 977 k
e2fsprogs-libs i386 1.39-23.el5_5.1 updates 118 k
glibc i686 2.5-49.el5_5.7 updates 5.3 M
glibc-common i386 2.5-49.el5_5.7 updates 16 M
initscripts i386 8.45.30-3.el5.centos updates 1.6 M
kpartx i386 0.4.7-34.el5_5.6 updates 420 k
krb5-libs i386 1.6.1-36.el5_5.6 updates 663 k
libxml2 i386 2.6.26-2.1.2.8.el5_5.1 updates 795 k
logrotate i386 3.7.4-9.el5_5.2 updates 41 k
module-init-tools i386 3.3-0.pre3.1.60.el5_5.1 updates 426 k
nss i386 3.12.8-1.el5.centos updates 1.1 M
openldap i386 2.3.43-12.el5_5.3 updates 295 k
openssl i686 0.9.8e-12.el5_5.7 updates 1.4 M
pam i386 0.99.6.2-6.el5_5.2 updates 980 k
perl i386 4:5.8.8-32.el5_5.2 updates 12 M
python i386 2.4.3-27.el5_5.3 updates 5.9 M
rsyslog i386 3.22.1-3.el5_5.1 updates 380 k
Removing:
kernel-xen i686 2.6.18-164.el5 installed 43 M

Transaction Summary
================================================================================ ​ ================================================================================ ​===========================================================
Install 1 Package(s)
Upgrade 18 Package(s)
Remove 1 Package(s)
Reinstall 0 Package(s)
Downgrade 0 Package(s)

Total download size: 69 M
Is this ok [y/N]: y
Downloading Packages:
(1/19): logrotate-3.7.4-9.el5_5.2.i386.rpm | 41 kB 00:00
(2/19): e2fsprogs-libs-1.39-23.el5_5.1.i386.rpm | 118 kB 00:00
(3/19): openldap-2.3.43-12.el5_5.3.i386.rpm | 295 kB 00:00
(4/19): rsyslog-3.22.1-3.el5_5.1.i386.rpm | 380 kB 00:00
(5/19): kpartx-0.4.7-34.el5_5.6.i386.rpm | 420 kB 00:00
(6/19): module-init-tools-3.3-0.pre3.1.60.el5_5.1.i386.rpm | 426 kB 00:00
(7/19): krb5-libs-1.6.1-36.el5_5.6.i386.rpm | 663 kB 00:00
(8/19): libxml2-2.6.26-2.1.2.8.el5_5.1.i386.rpm | 795 kB 00:00
(9/19): e2fsprogs-1.39-23.el5_5.1.i386.rpm | 977 kB 00:00
(10/19): pam-0.99.6.2-6.el5_5.2.i386.rpm | 980 kB 00:00
(11/19): nss-3.12.8-1.el5.centos.i386.rpm | 1.1 MB 00:00
(12/19): openssl-0.9.8e-12.el5_5.7.i686.rpm | 1.4 MB 00:00
(13/19): initscripts-8.45.30-3.el5.centos.i386.rpm | 1.6 MB 00:02
(14/19): device-mapper-multipath-0.4.7-34.el5_5.6.i386.rpm | 2.8 MB 00:01
(15/19): glibc-2.5-49.el5_5.7.i686.rpm | 5.3 MB 00:03
(16/19): python-2.4.3-27.el5_5.3.i386.rpm | 5.9 MB 00:03
(17/19): perl-5.8.8-32.el5_5.2.i386.rpm | 12 MB 00:02
(18/19): glibc-common-2.5-49.el5_5.7.i386.rpm | 16 MB 00:05
(19/19): kernel-xen-2.6.18-194.32.1.el5.i686.rpm | 18 MB 00:06

Total 2.0 MB/s | 69 MB 00:34
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : glibc-common 1/39
Updating : glibc 2/39
Updating : e2fsprogs-libs 3/39
Updating : module-init-tools 4/39
Updating : krb5-libs 5/39
Updating : openssl 6/39
Updating : e2fsprogs 7/39
Updating : logrotate 8/39
Updating : rsyslog 9/39
Updating : initscripts 10/39
Updating : python 11/39
Updating : openldap 12/39
Updating : pam 13/39
Updating : perl 14/39
Updating : libxml2 15/39
Updating : nss 16/39
Updating : kpartx 17/39
Updating : device-mapper-multipath 18/39
Installing : kernel-xen 19/39
Cleanup : python 20/39
Cleanup : krb5-libs 21/39
Cleanup : openldap 22/39
Cleanup : glibc 23/39
Cleanup : glibc 24/39
Cleanup : pam 25/39
Cleanup : e2fsprogs-libs 26/39
Cleanup : perl 27/39
Cleanup : module-init-tools 28/39
Cleanup : libxml2 29/39
Cleanup : rsyslog 30/39
Cleanup : initscripts 31/39
Cleanup : device-mapper-multipath 32/39
Cleanup : nss 33/39
Cleanup : kpartx 34/39
Cleanup : logrotate 35/39
Cleanup : e2fsprogs 36/39
Cleanup : glibc-common 37/39
Cleanup : openssl 38/39
Cleanup : kernel-xen 39/39

Removed:
kernel-xen.i686 0:2.6.18-164.el5

Installed:
kernel-xen.i686 0:2.6.18-194.32.1.el5

Updated:
device-mapper-multipath.i386 0:0.4.7-34.el5_5.6 e2fsprogs.i386 0:1.39-23.el5_5.1 e2fsprogs-libs.i386 0:1.39-23.el5_5.1 glibc.i686 0:2.5-49.el5_5.7 glibc-common.i386 0:2.5-49.el5_5.7
initscripts.i386 0:8.45.30-3.el5.centos kpartx.i386 0:0.4.7-34.el5_5.6 krb5-libs.i386 0:1.6.1-36.el5_5.6 libxml2.i386 0:2.6.26-2.1.2.8.el5_5.1 logrotate.i386 0:3.7.4-9.el5_5.2
module-init-tools.i386 0:3.3-0.pre3.1.60.el5_5.1 nss.i386 0:3.12.8-1.el5.centos openldap.i386 0:2.3.43-12.el5_5.3 openssl.i686 0:0.9.8e-12.el5_5.7 pam.i386 0:0.99.6.2-6.el5_5.2
perl.i386 4:5.8.8-32.el5_5.2 python.i386 0:2.4.3-27.el5_5.3 rsyslog.i386 0:3.22.1-3.el5_5.1

Complete!
  • Install OpenVZ
    • Edit settings in /etc/sysctl.conf
      Quote:-bash-3.2# nano /etc/sysctl.conf
    • Change the following two options:
      Quote:net.ipv4.ip_forward = 1
      kernel.sysrq = 1
    • Add the section below:
      Quote:net.ipv4.conf.default.proxy_arp = 0
      net.ipv4.conf.all.rp_filter = 1
      net.ipv4.conf.default.send_redirects = 1
      net.ipv4.conf.all.send_redirects = 0
  • Install some additional required packages:
    Quote:yum -y install mkinitrd ed rsync
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    * addons: mirror.sov.uk.goscomb.net
    * base: mirror.sov.uk.goscomb.net
    * extras: mirror.sov.uk.goscomb.net
    * updates: mirror.as29550.net
    Setting up Install Process
    Package mkinitrd-5.1.19.6-61.el5_5.2.i386 already installed and latest version
    Resolving Dependencies
    --> Running transaction check
    ---> Package ed.i386 0:0.2-39.el5_2 set to be updated
    ---> Package rsync.i386 0:2.6.8-3.1 set to be updated
    --> Finished Dependency Resolution

    Dependencies Resolved

    ================================================================================ ​ ================================================================================ ​===========================================================
    Package Arch Version Repository Size
    ================================================================================ ​ ================================================================================ ​===========================================================
    Installing:
    ed i386 0.2-39.el5_2 base 45 k
    rsync i386 2.6.8-3.1 base 230 k

    Transaction Summary
    ================================================================================ ​ ================================================================================ ​===========================================================
    Install 2 Package(s)
    Upgrade 0 Package(s)

    Total download size: 275 k
    Downloading Packages:
    (1/2): ed-0.2-39.el5_2.i386.rpm | 45 kB 00:00
    (2/2): rsync-2.6.8-3.1.i386.rpm | 230 kB 00:00
    Total 2.6 MB/s | 275 kB 00:00
    Running rpm_check_debug
    Running Transaction Test
    Finished Transaction Test
    Transaction Test Succeeded
    Running Transaction
    Installing : ed 1/2
    Installing : rsync 2/2

    Installed:
    ed.i386 0:0.2-39.el5_2 rsync.i386 0:2.6.8-3.1

    Complete!
  • Download the required kernel:
    Quote:-bash-3.2# wget http://download.openvz.org/kernel/branch...2.i686.rpm
    --2011-01-17 14:32:40-- http://download.openvz.org/kernel/branch...2.i686.rpm
    Resolving download.openvz.org... 64.131.90.11
    Connecting to download.openvz.org|64.131.90.11|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 23863688 (23M) [application/x-rpm]
    Saving to: `ovzkernel-xen-2.6.18-194.26.1.el5.028stab079.2.i686.rpm'

    100%[================================================================================ ​ ================================================================================ ​=================>] 23,863,688 6.62M/s in 4.3s

    2011-01-17 14:32:44 (5.31 MB/s) - `ovzkernel-xen-2.6.18-194.26.1.el5.028stab079.2.i686.rpm' saved [23863688/23863688]
  • Download OpenVZ utilities:
    Quote:-bash-3.2# wget http://download.openvz.org/utils/vzctl/c...1.i386.rpm http://download.openvz.org/utils/vzctl/c...1.i386.rpm http://download.openvz.org/utils/vzquota...1.i386.rpm
    --2011-01-17 14:34:06-- http://download.openvz.org/utils/vzctl/c...1.i386.rpm
    Resolving download.openvz.org... 64.131.90.11
    Connecting to download.openvz.org|64.131.90.11|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 159855 (156K) [application/x-rpm]
    Saving to: `vzctl-3.0.25.1-1.i386.rpm'

    100%[================================================================================ ​ ================================================================================ ​=================>] 159,855 398K/s in 0.4s

    2011-01-17 14:34:06 (398 KB/s) - `vzctl-3.0.25.1-1.i386.rpm' saved [159855/159855]

    --2011-01-17 14:34:06-- http://download.openvz.org/utils/vzctl/c...1.i386.rpm
    Connecting to download.openvz.org|64.131.90.11|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 185781 (181K) [application/x-rpm]
    Saving to: `vzctl-lib-3.0.25.1-1.i386.rpm'

    100%[================================================================================ ​ ================================================================================ ​=================>] 185,781 460K/s in 0.4s

    2011-01-17 14:34:07 (460 KB/s) - `vzctl-lib-3.0.25.1-1.i386.rpm' saved [185781/185781]

    --2011-01-17 14:34:07-- http://download.openvz.org/utils/vzquota...1.i386.rpm
    Connecting to download.openvz.org|64.131.90.11|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 83539 (82K) [application/x-rpm]
    Saving to: `vzquota-3.0.12-1.i386.rpm'

    100%[================================================================================ ​ ================================================================================ ​=================>] 83,539 261K/s in 0.3s

    2011-01-17 14:34:07 (261 KB/s) - `vzquota-3.0.12-1.i386.rpm' saved [83539/83539]

    FINISHED --2011-01-17 14:34:07--
    Downloaded: 3 files, 419K in 1.1s (382 KB/s)
  • Install the downloaded packages:
    Quote:-bash-3.2# rpm -ivh ovzkernel-xen-2.6.18-194.26.1.el5.028stab079.2.i686.rpm
    warning: ovzkernel-xen-2.6.18-194.26.1.el5.028stab079.2.i686.rpm: Header V3 DSA signature: NOKEY, key ID a7a1d4b6
    Preparing... ########################################### [100%]
    1:ovzkernel-xen ########################################### [100%]
    Quote:-bash-3.2# rpm -ivh vzquota-* vzctl-*
    warning: vzquota-3.0.12-1.i386.rpm: Header V3 DSA signature: NOKEY, key ID a7a1d4b6
    Preparing... ########################################### [100%]
    1:vzctl-lib ########################################### [ 33%]
    2:vzquota ########################################### [ 67%]
    3:vzctl ########################################### [100%]
  • You'll need a template for the operating system you'll install, here is a link to a list of available templates. OpenVZ Templates
  • You should put the template you choose in the /vz/templates/cache folder, here's an example.
    Quote:-bash-3.2# wget http://download.openvz.org/template/prec...x86.tar.gz -O /vz/template/cache/debian-5.0-x86.tar.gz
    --2011-01-17 14:39:48-- http://download.openvz.org/template/prec...x86.tar.gz
    Resolving download.openvz.org... 64.131.90.11
    Connecting to download.openvz.org|64.131.90.11|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 138639961 (132M) [application/x-gzip]
    Saving to: `/vz/template/cache/debian-5.0-x86.tar.gz'

    100%[================================================================================ ​ ================================================================================ ​=================>] 138,639,961 4.38M/s in 23s

    2011-01-17 14:40:12 (5.68 MB/s) - `/vz/template/cache/debian-5.0-x86.tar.gz' saved [138639961/138639961]
  • You should then edit your grub (bootloader) config file and change default to 0 to boot the first kernel in the list.
    Quote:-bash-3.2# nano /boot/grub/grub.conf
    default=0
  • Now reboot the system into the new kernel
    Quote:-bash-3.2# reboot
  • Once the system has rebooted you can log back in and we can create our VPS.
  • Create your first VPS
  • You would use this command to create a VPS: vzctl create ID --ostemplate OSTEMPLATE --ipadd IPADDRESS --hostname HOSTNAME
    Quote:-bash-3.2# vzctl create 101 --ostemplate debian-5.0-x86 --ipadd 172.16.0.21 --hostname demosys.allsimple.net
    Creating container private area (debian-5.0-x86)
    Performing postcreate actions
    Container private area was created
  • You may want to set some of the following
    • Set a reasonable disk space limit on the vps
      Quote:-bash-3.2# vzctl set 101 --diskspace 10G --save
    • Set the VPS to start at boot up
      Quote:-bash-3.2# vzctl set 101 --onboot yes --save
    • Set a root password
      Quote:-bash-3.2# vzctl set 101 --userpasswd root:newpassword
    • Setting memory limits, (this is my understanding from a brief read about OpenVZ Memory)
      • privvmpages - Burstable memory
    • Set the above memory limits
      Quote:-bash-3.2# vzctl set 101 --save --privvmpages 128M
      Saved parameters for CT 101
  • Start the VPS
    Quote:-bash-3.2# vzctl start 101
    Starting container ...
    Container is mounted
    Adding IP address(es): 172.16.0.21
    Setting CPU units: 1000
    Set hostname: demosys.allsimple.net
    Container start in progress...
  • It looks like the VPS started correct, you can log in directly to the VPS using OpenVZ below:
    Quote:-bash-3.2# vzctl enter 101
    entered into CT 101
    demosys:/# w
    23:13:03 up 1 min, 0 users, load average: 0.05, 0.02, 0.00
    USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
    demosys:/# free -m
    total used free shared buffers cached
    Mem: 128 10 117 0 0 0
    -/+ buffers/cache: 10 117
    Swap: 0 0 0
    demosys:/# exit
    logout
    exited from CT 101
    -bash-3.2#
  • Now you have a VPS running on the IP address 172.16.0.21, you should be able to access it via IP.
    Quote:-bash-3.2# ping -c1 172.16.0.21
    PING 172.16.0.21 (172.16.0.21) 56(84) bytes of data.
    64 bytes from 172.16.0.21: icmp_seq=1 ttl=64 time=0.025 ms

    --- 172.16.0.21 ping statistics ---

    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.025/0.025/0.025/0.000 ms

If you're using internal IP addresses you would need to use port forwarding or something to access services, I've not tested this with public IP's but I would assume it should work.

---------------------------------------------------------------------------------

在独立服务器上,简单开设OpenVZ(OpenVZ Web Panel)


使用的是免费的面板,因为一些功能方面不够完善,是不适合拿来卖的,这点请务必留意。如果 只是自用,直接用vzctl命令开设也是非常简单的,但是没有图形化的界面。记录这个过程,使用了免费的面板来开设和管理VPS。
准备工作:独立服务器1台(这不废话吗…)
以root登陆我们的服务器,首先,我们需要安装OpenVZ。
1.关闭SELinux
编辑vim /etc/sysconfig/selinux 修改为:
SELINUX=disabled
SELINUXTYPE=targeted
2.关闭iptables防火墙或者开启防火墙3000端口
假如您的服务器iptables规则已经做了限定,您可以暂时关闭iptables,或者提前打开3000端口
iptables -I INPUT -p tcp –dport 3000 -j ACCEPT
/etc/rc.d/init.d/iptables save
/etc/init.d/iptables restart
3.开始安装OpenVZ
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
wget http://download.openvz.org/RPM-GPG-Key-OpenVZ
rpm –import RPM-GPG-Key-OpenVZ
yum update
yum install vzkernel
4.修改 /etc/sysctl.conf文件
vi /etc/sysctl.conf
留意下面的部分,参照修改
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.default.forwarding = 1
然后生效。
sysctl –p
重启服务器
reboot
5.安装OpenVZ面板(OpenVZ Web Panel)
wget -O – http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh
(附官方安装及升级指引:http://code.google.com/p/ovz-web-panel/wiki/Installation)
6.登陆面板及管理
安装完成后,使用IP+端口3000登陆,默认管理用户和密码均为admin。

面板的使用就非常简单了.