In this HowTo I will describe how to prepare a CentOS 6.0 server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.
This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.
This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
In order to install OpenVZ, we need to add the OpenVZ repository to yum:
[sourcecode]
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm –import http://download.openvz.org/RPM-GPG-Key-OpenVZ
[/sourcecode]
Open the openvz.repo and disable the [openvz-kernel-rhel5] repository (enabled=0) and enable the [openvz-kernel-rhel6] repository instead (enabled=1):
[sourcecode]
[…]
[openvz-kernel-rhel5]
name=OpenVZ RHEL5-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel5-2.6.18/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel5-2.6.18
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ
[…]
[openvz-kernel-rhel6]
name=OpenVZ RHEL6-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel6-2.6.32/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel6-2.6.32
enabled=1
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ
[…]
[/sourcecode]
shows you the available kernels:
[sourcecode]
[root@server1 yum.repos.d]# yum search vzkernel
[…]
vzkernel.i686 : The Linux kernel
vzkernel.x86_64 : The Linux kernel
vzkernel-debug.i686 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug.x86_64 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug-devel.i686 : Development package for building kernel modules to match the debug kernel
vzkernel-debug-devel.x86_64 : Development package for building kernel modules to match the debug kernel
vzkernel-devel.i686 : Development package for building kernel modules to match the kernel
vzkernel-devel.x86_64 : Development package for building kernel modules to match the kernel
vzkernel-firmware.noarch : Firmware files used by the Linux kernel
vzkernel-headers.i686 : Header files for the Linux kernel for use by glibc
vzkernel-headers.x86_64 : Header files for the Linux kernel for use by glibc
[root@server1 yum.repos.d]#
[/sourcecode]
Pick one of them and install it as follows: yum install vzkernel
This should automatically update the GRUB bootloader as well. Anyway, we should open /boot/grub/menu.lst; the first kernel stanza should now contain the new OpenVZ kernel. The title of that kernel just reads “CentOS Linux “. I think it’s a good idea to change that title and add something with “OpenVZ” to it so that you know that it’s the OpenVZ kernel. Also make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default CentOS kernel. Edit the Grub (menu.lst file)
[sourcecode]
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/mapper/vg_server1-lv_root
# initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS Linux OpenVZ (2.6.32-042stab020.1)
root (hd0,0)
kernel /vmlinuz-2.6.32-042stab020.1 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_LVM_LV=vg_server1/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de crashkernel=auto rhgb quiet
initrd /initramfs-2.6.32-042stab020.1.img
title CentOS (2.6.32-71.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-71.el6.x86_64 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_LVM_LV=vg_server1/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de crashkernel=auto rhgb quiet
initrd /initramfs-2.6.32-71.el6.x86_64.img
[/sourcecode]
Install some OpenVZ user tools: yum install vzctl vzquota
Open /etc/sysctl.conf and make sure that you have the following settings in it:
[sourcecode]
vi /etc/sysctl.conf
[…]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[…]
[/sourcecode]
If you need to modify /etc/sysctl.conf, run sysctl -p
Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:
[sourcecode]
[…]
NEIGHBOUR_DEVS=all
[…]
[/sourcecode]
SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled: vi /etc/sysconfig/selinux
[sourcecode]
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted – Targeted processes are protected,
# mls – Multi Level Security protection.
SELINUXTYPE=targeted
[/sourcecode]
Finally, reboot the system:
reboot
If your system reboots without problems, then everything is fine! Run: uname -r
and your new OpenVZ kernel should show up:
[sourcecode]
[root@server1 ~]# uname -r
2.6.32-042stab020.1
[root@server1 ~]#
[/sourcecode]
via HowToForge