Using openVZ
<yambe:breadcrumb>OpenvZ</yambe:breadcrumb>
Using openVZ
Downloading OS templates
OpenVZ OS templates can be downloaded from http://download.openvz.org/template/precreated/ After downloading templates should be copied to '/vz/template/cache' directory.
Creating openVZ container
We can create openVZ containers using
vzctl create <container_ID> --ostemplate <template_name> --ipadd <ip_address> --hostname <hostname>
Note:
- Container_IDs upto 100 are reserved for internal use and hence we should start creating containers from ID 101.
Enabling IP forwarding
For openVZ to work IP forwarding should be enabled on base machine or host OS. Also base host firewall should allow forwarding of packets. We need to at least enable IP forwarding using:
sysctl net.ipv4.ip_forward=1
or permanently change '/etc/sysctl.conf' to enable IP forwarding.
As per Quick Installation Guide at http://wiki.openvz.org/Quick_installation we should ideally set following values in '/etc/syctl.conf' file:
# On Hardware Node we generally need # packet forwarding enabled and proxy arp disabled net.ipv4.ip_forward = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 # Enables source route verification net.ipv4.conf.all.rp_filter = 1 # Enables the magic-sysrq key kernel.sysrq = 1 # We do not want all our interfaces to send redirects net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0
Setting DNS for container
If we want guest DNS to be set properly, then we can use:
vzctl set <container_ID> --nameserver <primary_nameserver_IP> --nameserver <secondary_nameserver_IP> --save
for each container.
Starting container
After setting DNS we can start container using:
vzctl start <container_ID>
Seeing list of containers
To see list of running containers we can use:
vzlist
To see list of all defined containers we can use:
vzlist -a
Entering or accessing container
To enter container we can use:
vzctl enter <container ID>
Once we are in container we should at least set root password and generate our own host keys using:
passwd ssh-keygen -lf /etc/ssh/ssh_host_rsa_key
Stop container
To stop container we can use:
vzctl stop <container_ID>
Destroying container
To destroy container we can use:
vzctl destroy <container_ID>
Note:
- We can use 'vzquota' command to check and edit quota for each container
- Most of this information is available on getting started wiki at http://openwall.info/wiki/Owl/usage-examples/OpenVZ/getting-started
Configuring openvz
Template and container location
By default templates, locks, containers (running as well as stopped) are stored in some sub-directory of /vz directory. Exact location of folders is controlled by configuration file '/etc/vz/vz.conf'. We can edit this configuration file and change the default locations. Default locations are '/vz/private' for stopped containers, '/vz/root' for running containers, '/vz/template' for templates and '/vz/lock' for locks. There is also '/vz/dump' for dumps.
<yambe:breadcrumb>OpenvZ</yambe:breadcrumb>