OpenVZ
OpenVZ is an operating system-level virtualization platform based on a single Linux
kernel which has been modified to support multiple Linux virtual environments (more
commonly referred to as virtual private servers).
The modified OpenVZ kernel isolates the file system, memory, and processes for each
virtual environment, providing OpenVZ VPS administrators with full root access and all
of the commands normally associated with a dedicated server.
OpenVZ allows a physical server to run multiple isolated operating system instances,
known as containers, Virtual Private Servers (VPSs), or Virtual Environments (VEs).
As compared to virtual machines such as VMware and paravirtualization technologies
like Xen, OpenVZ is limited in that it requires both the host and guest OS to be Linux
OpenVZ Architecture
OpenVZ installation
OpenVZ consists of a kernel, user-level tools, and container templates.
Install using yum:
yum pre-setup
If you want to use yum, you should set up OpenVZ yum repository first.
Download openvz.repo file and put it to your /etc/yum.repos.d/ repository. This can be
achieved by the following commands, as root:
# cd /etc/yum.repos.d
# wget http://download.openvz.org/openvz.repo
# rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
Kernel installation
# yum install ovzkernel[-flavor]
eg : yum install ovzkernel.x86_64
Configuring the bootloader
In case GRUB is used as the boot loader, it will be configured automatically: lines similar
to these will be added to the /boot/grub/grub.conf file:
title Fedora Core (2.6.8-022stab029.1)
root (hd0,0)
kernel /vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5 quiet rhgb vga=0x31B
initrd /initrd-2.6.8-022stab029.1.img
Configuring
Please make sure that the following steps are performed before rebooting into OpenVZ
kernel.
sysctl
There are a number of kernel parameters that should be set for OpenVZ to work
correctly. These parameters are stored in /etc/sysctl.conf file. Here are the relevant
portions of the file; please edit accordingly.
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq key
kernel.sysrq = 1
# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
SELinux
SELinux should be disabled. To that effect, put the following line to
/etc/sysconfig/selinux:
SELINUX=disabled
Conntracks
To enable connection tracks, add the following line to /etc/modprobe.conf file:
options ip_conntrack ip_conntrack_enable_ve0=1
Rebooting into OpenVZ kernel
Now reboot the machine and choose "OpenVZ" on the boot loader menu.
Installing the utilities
OpenVZ needs some user-level tools installed. Those are:
Using yum
# yum install vzctl vzquota
If on the x86_64 platform you would probably want to:
# yum install vzctl.x86_64 vzquota.x86_64
Starting OpenVZ
As root, execute the following command:
# /sbin/service vz start
OpenVZ Default Locations
1. /vz - Main directory for OpenVZ.
2. /vz/private/ - Each VPS is stored here i.e. container's private directories
3. /vz/template/cache - You must download and store each Linux distribution template
here.
4. /etc/vz/ - OpenVZ configuration directory.
5. /etc/vz/vz.conf - Main OpenVZ configuration file.
6. /etc/vz/conf - Softlinked directory for each VPS configuration.
7. Network port - No network ports are opened by OpenVZ kernel.
UBC, or User Beancounters
A set of limits and guarantees controlled per container. UBC is the major component of
OpenVZ resource management. We define the UBC parameters in the file
/proc/user_beamcounters
->Primary parameters
numproc : Maximum number of processes and kernel-level threads allowed for this
container.
numtcpsock : Maximum number of TCP sockets
numothersock : Maximum number of non-TCP sockets (local sockets, UDP and other
types of sockets)
vmguarpages : Memory allocation guarantee. This parameter controls how much
memory is available to a VE. The barrier is the amount of memory that VE's applications
are guaranteed to be able to allocate
->secondary parameters
kmemsize : Size of unswappable memory in bytes, allocated by the operating system
kernel.
tcpsndbuf : The total size of buffers used to send data over TCP network connections
tcprcvbuf : The total size of buffers used to temporary store the data coming from TCP
network connections
othersockbuf : The total size of buffers used by local (UNIX-domain) connections
between processes inside the system
dgramrcvbuf : The total size of buffers used to temporary store the incoming packets of
UDP and other datagram protocols
oomguarpages : Guarantees against OOM kill. Under this beancounter the kernel
accounts the total amount of memory and swap space used by the VE processes. The
barrier of this parameter is the out-of-memory guarantee
privvmpages : The barrier and the limit of this parameter control the upper boundary of
the total size of allocated memory
->Auxiliary parameters
lockedpages : Maximum number of pages acquired by mlock
shmpages : Maximum IPC SHM segment size. Setting the barrier and the limit to
different values does not make practical sense
physpages : This is currently an accounting-only parameter. It shows the usage of RAM
by this VE
numfile : Maximum number of open files
numflock : Maximum number of file locks. Safety gap should be between barrier and
limit
numpty : Number of pseudo-terminals (PTY)
numsiginfo : Number of siginfo structures
dcachesize : Maximum size of filesystem-related caches, such as directory entry and
inode caches
numiptent : Number of iptables (netfilter) entries
swappages : The amount of swap space to show in container.
OpenVZ commands
vzctl create VEID --ostemplate ubuntu-9.04-x86_64
The OS template should be saved in /vz/template/cache/ folder
vzlist -a
Shows list of all the VPS's hosted on the Node.
vzctl start VEID
To start the VPS
vzctl stop VEID
To stop (Shut Down) the VPS
vzctl status VEID
To view the status of the particular VPS
vzctl stop VEID --fast
To stop the VPS quickly and forcefully
vzctl enter VEID
To enter in a particular VPS
vzctl set VEID --hostname vps.domain.com --save
To set the Hostname of a VPS
vzctl set VEID --ipadd 1.2.3.4 --save
To add a new IP to the hosting VPS
vzctl set VEID --ipdel 1.2.3.4 --save
To delete the IP from VPS
vzctl set VEID --userpasswd root:new_password --save
To reset root password of a VPS
vzctl set VEID --nameserver 1.2.3.4 --save
To add the nameserver IP's to the VPS
vzctl exec VEID command
To run any command on a VPS from Node
vzyum VEID install package_name
To install any package/Software on a VPS from Node
vzctl set VEID --onboot yes --save
To make sure VPS boots automatically after a reboot.
vzlist -o vpsid,laverage
To display the load average in all the containers with container ID.
Reply to this post
Post a Comment