09/09/2012 Debian, Virtualization No comments OpenVZ is container-based virtualization for Linux.

OpenVZ creates multiple secure, isolated containers (otherwise known as V or V!"# on a sin$le ph%sical server enablin$ better server utilization and ensurin$ that applications do not conflict. ach container performs and executes exactl% like a stand-alone server& a container can be rebooted independentl% and have root access, users, '! addresses, memor%, processes, files, applications, s%stem libraries and confi$uration files. Default Locations 1. /vz Main directory for !enV"# 2. /vz/!rivate $ac% V&' is stored %ere i#e# container(s !rivate directories 3. /vz/tem!late/cac%e )ou must do*nload and store eac% Linu+ distribution tem!late %ere# 4. /etc/vz/ !enV" confi,uration directory# 5. /etc/vz/vz#conf Main !enV" confi,uration file# 6. /etc/vz/conf 'oftlin-ed directory for eac% V&' confi,uration# 7. Net*or- !ort No net*or- !orts are o!ened by !enV" -ernel# "tep (. 'nstallation) !enV" -ernel and t%e vzctl and vz.uota !ac-a,es are available in t%e Debian re!ositories, so *e can install t%em as follo*s/
[root@vjetnamnet ~]# aptitude update [root@vjetnamnet ~]# aptitude install linux-image-openvz-686 vzctl vzquota

01f you are on a +23 system, t%e -ernel !ac-a,e is named linu+4ima,e4o!envz4amd23#5 "tep *. 6reate a symlin- from /var/lib/vz to /vz to !rovide bac-*ard com!atibility and better usa,e/
[root@vjetnamnet ~]# ln -s /var/lib/vz /vz

"tep +. !en vim /etc/sysctl#conf and ma-e sure t%at you %ave t%e follo*in, settin,s in it/
[root@vjetnamnet ~]# vi /etc/s sctl!con" [!!!] net!ipv#!con"!all!rp$"ilter % & net!ipv#!icmp$ec'o$ignore$broadcasts % & net!ipv#!con"!de"ault!"or(arding % & net!ipv#!con"!de"ault!prox $arp % ) net!ipv#!ip$"or(ard % & *ernel!s srq % & net!ipv#!con"!de"ault!send$redirects % & net!ipv#!con"!all!send$redirects % ) net!ipv#!con"!et')!prox $arp % & [!!!]

Vie* no* your current confi,/

[root@vjetnamnet ~]# s sctl -p

"tep ,. !en -etc-vz-vz.conf and set as follo*in,/ .O/ ) /his is important0 'f %ou don1t do this, networkin$ will not work in the virtual machines0
+,-./0123$4,56%all

"tep 2. No* its time to reboot and start your ne* -ernel/
[root@vjetnamnet ~]# reboot

"tep 3. 7fter reboot you s%ould see your fres% installed -ernel/
[root@vjetnamnet ~]# uname -r [root@vjetnamnet ~]# uname -a 7inux nibbler 8!6!98-:-openvz-686 #& 6;< =ue ;ar 8 89>9)>99 2=? 8)&& i686 .+2/7inux

"tep 4. 8sin, !enV" 9efore *e can create virtual mac%ines *e need to %ave a tem!late for t%e distribution t%at *e *ant to use in t%e -var-lib-vz-template-cache directory# )ou can find a list of !recreated tem!lates on %tt!///*i-i#o!envz#or,/Do*nload/tem!late/!recreated# :or e+am!le, *e can do*nload a minimal Debian '.ueeze tem!late# 6%oose one and do*nload it to your tem!late directory/
[root@vjetnamnet ~]# cd /vz/template/cac'e

do*nload t%e ;29it Debian ima,e#

[root@vjetnamnet ~]# (get 'ttp>//do(nload!openvz!org/template/precreated/contrib/debian-6!)-i986minimal!tar!gz

n 239it systems, do*nload t%e 239it ima,e instead/

[root@vjetnamnet ~]# (get 'ttp>//do(nload!openvz!org/template/precreated/contrib/debian-6!)-amd6#minimal!tar!gz

"tep 5. 9asic commands for usin, !enV"/ a5 <o set u! a V&' from t%e debian42#04i;=24minimal tem!late run/
[root@vjetnamnet ~]# vzctl create &)& --ostemplate debian-6!)-i986-minimal [root@vjetnamnet ~]# vzctl create &)& --ostemplate debian-6!)-i986-minimal --con"ig basic

.O/ ) (6( is the '7 of %our virtual machine. ach virtual machine must have uni8ue '7 b5 'et t%e virtual mac%ine to be started at boot/
[root@vjetnamnet ~]# vzctl set &)& --onboot es --save

c5 'et a %ostname and 1& address for t%e virtual mac%in9e/

[root@vjetnamnet ~]# vzctl set &)& --'ostname vjetnamnet-vps --save [root@vjetnamnet ~]# vzctl set &)& --ipadd &@8!&68!&!88 --save

Or
[root@vjetnamnet ~]# vzctl set &)& --ipadd &@8!&68!&!88 --nameserve 8!8!8!8 --'ostname vjetnamnet-vps --save

Ne+t *e set t%e number of soc-ets to 120 and assi,n a fe* nameservers to t%e vm/
[root@vjetnamnet ~]# vzctl set &)& --numot'ersoc* &8) --save [root@vjetnamnet ~]# vzctl set &)& --nameserver 8!8!8!8 --nameserver 8!8!#!# --save

01nstead of usin, t%e vzctl set commands, you can as *ell directly edit t%e vm(s confi,uration file *%ic% is stored in t%e /etc/vz/conf directory# 1f t%e 1D of t%e vm is 101, t%en t%e confi,uration file is /etc/vz/conf/101#conf#5 'et t%e !ass*ord for v!s root user/
[root@vjetnamnet ~]# vzctl set &)& --userpass(d root>pass

>o* Do 1 'et Dis- ?uota@

### 6et 4is* quota "or 5<6 A&). min [so"t] and &&. max 'ard limitB ### [root@vjetnamnet ~]# vzctl set &)& --dis*space &).>&&. Csave [root@vjetnamnet ~]# vzctl set &)& --dis*space &). Csave

sets soft and %ard dis- .uotas, in i4nodes# :irst !arameter is soft .uota, second is %ard .uota# <otal number of dis- inodes 0files, directories, and symbolic lin-s5 t%e 6ontainer can allocate#
--dis*inodes num[>num] [root@vjetnamnet ~]# vzctl set &)& --dis*inodes @))))>@&))) Csave

vzctl is used to create and set various v!s !ro!erties suc% as memory, dis- usa,e and muc% more# A%ere, create 101 / )our V&' 1D# ostem!late debian42#041;=2/ V&' tem!late# confi, debian#v!s/ 'ave confi,uration# set 101 / 'et various o!tion for V&' 1D B 101# onboot yes / Ma-e sure V&' boots automatically after a reboot# save / 'ave c%an,es to confi, file# d5 'tart t%e virtual mac%ine/
[root@vjetnamnet ~]# vzctl start &)&

)ou can no* eit%er connect to t%e vm via ''> 0e#,# *it% &u<<)5, or you enter it as follo*s/
[root@vjetnamnet ~]# vzctl enter &)&

<o leave t%e vm(s console, ty!e

[root@vjetnamnet ~]# exit

<o sto! a vm, run

[root@vjetnamnet ~]# vzctl stop &)&

<o restart a vm, run

[root@vjetnamnet ~]# vzctl restart &)&

<o delete a vm from t%e %ard drive 0it must be sto!!ed before you can do t%is5, run
[root@vjetnamnet ~]# vzctl destro &)&

<o find out about t%e resources allocated to a vm, run

[root@vjetnamnet ~]# vzctl exec &)& cat /proc/user$beancounters

e5 'et a root !ass*ord for t%e virtual mac%ine/

[root@vjetnamnet ~]# vzctl exec &)& pass(d

)ou s%ould be able to see t%e ne*ly created virtual mac%ine *it% t%e command Cvzlist 4aD on t%e s%ell/
[root@vjetnamnet ~]# vzlist -a