This guide assumes you are running recent release of Fedora Core (like FC5) or RHEL/CentOS 4. Currently, OpenVZ kernel tries to support the same hardware that Red Hat kernels support. For full hardware compatibility list, see Virtuozzo HCL.
It is recommended to use a separate partition for container's private directories (by default /vz/private/<veid>). The reason why you should do so is that if you wish to use OpenVZ per-container disk quota, you won't be able to use usual Linux disk quotas on the same partition. Bear in mind, that per-container quota in this context includes not only pure per-container quota, but also usual Linux disk quota used in containers, not on HN.
At least try to avoid using the root partition for containers, because the root user of a container will be able to overcome the 5% disk space barrier in some situations. This way the HN root partition can be completely filled and it will break the system.
OpenVZ per-container disk quota is supported only for ext2/ext3 filesystems. So use one of these filesystems (ext3 is recommended) if you need per-container disk quota.
In case you have yum utility available on your system, you may want to use it effectively to install and update OpenVZ packages. In case you don't have yum, or don't want to use it, you can use plain old rpm. Instructions for both rpm and yum are provided below.
If you want to use yum, you should set up OpenVZ yum repository first.
Download openvz.repo file and put it to your /etc/yum.repos.d/
repository, and import OpenVZ GPG key used for signing RPM packages. This can be achieved by the following commands, as root:
wget -P /etc/yum.repos.d/ http://download.openvz.org/openvz.repo rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
In case you can not cd to /etc/yum.repos.d, it means either yum is not installed on your system, or yum version is too old. In that case, just stick to rpm installation method.
Note: In case you want to recompile the kernel yourself rather than use the one provided by OpenVZ, see kernel build.
First, you need to choose what “flavor” of the kernel you want to install. Please refer to Kernel flavors for more information.
Run the following command
# yum install [o]vzkernel[-flavor]
For RHEL6 kernel branch, use vzkernel, for other branches use ovzkernel.
Note that [-flavor]
is optional, and can be -smp
or -enterprise
. Refer to kernel flavors for more info.
Note: if you need to install x86_64
kernel and yum offers to install both x86_64
and i686
kernels, answer No
and specify architecture manually, like this: yum install ovzkernel.x86_64
. This is fixed in newer yum versions.
Get the kernel binary RPM from the Download/kernel page. You only need one kernel RPM so please choose the appropriate one depending on your hardware.
Next, install the kernel RPM you chose:
# rpm -ihv ovzkernel[-flavor]*.rpm
Here [-flavor]
is optional, and can be -smp
or -enterprise
. Refer to kernel flavors for more info.
Note: rpm -U (where -U stands for upgrade) should not be used, otherwise all currently installed kernels will be uninstalled.
In case GRUB is used as the boot loader, it will be configured automatically: lines similar to these will be added to the /boot/grub/grub.conf file:
title Fedora Core (2.6.8-022stab029.1) root (hd0,0) kernel /vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5 quiet rhgb vga=0x31B initrd /initrd-2.6.8-022stab029.1.img
Change Fedora Core to OpenVZ (just for clarity reasons, so the OpenVZ kernels will not be mixed up with non-OpenVZ ones). Remove extra arguments from the kernel line, leaving only the root=... parameter. The modifed portion of /etc/grub.conf should look like this:
title OpenVZ (2.6.8-022stab029.1) root (hd0,0) kernel /vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5 initrd /initrd-2.6.8-022stab029.1.img
Please make sure the following steps are performed before rebooting into OpenVZ kernel.
There are a number of kernel parameters that should be set for OpenVZ to work correctly. These parameters are stored in /etc/sysctl.conf file. Here are the relevant portions of the file; please edit accordingly.
# On Hardware Node we generally need # packet forwarding enabled and proxy arp disabled net.ipv4.ip_forward = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 # Enables source route verification net.ipv4.conf.all.rp_filter = 1 # Enables the magic-sysrq key kernel.sysrq = 1 # We do not want all our interfaces to send redirects net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0
SELinux should be disabled. To that effect, put the following line to /etc/sysconfig/selinux
:
SELINUX=disabled
Note: In OpenVZ kernels later than 2.6.8, connection tracking is enabled by default so skip this section.
In the old (2.6.8-based) OpenVZ kernels netfilter connection tracking for CT0 is disabled by default. If you have a stateful firewall enabled on the host node (it is there by default on some distributions) you should either disable it, or enable connection tracking for CT0.
To enable conntracks for CT0, add the following line to /etc/modprobe.conf
file:
options ip_conntrack ip_conntrack_enable_ve0=1
Now reboot the machine and choose "OpenVZ" on the boot loader menu. If the OpenVZ kernel has been booted successfully, proceed to installing the user-level tools for OpenVZ.
OpenVZ needs some user-level tools installed. Those are:
# yum install vzctl vzquota
If on the x86_64 platform you would probably want to:
# yum install vzctl.x86_64 vzquota.x86_64
Download the binary RPMs of these utilities from Download/utils. Install them:
# rpm -Uhv vzctl*.rpm vzquota*.rpm
If rpm complains about unresolved dependencies, you'll have to satisfy them first, then repeat the installation.
When all the tools are installed, start the OpenVZ subsystem.
As root, execute the following command:
# /sbin/service vz start
This will load all the needed OpenVZ kernel modules. This script should also start all the containers marked to be auto-started on machine boot (there aren't any yet).
During the next reboot, this script should be executed automatically.
An OS template cache is a Linux distribution installed into a container and then packed into a gzipped tarball. Using such a cache, a new container can be created in a matter of minutes.
Download precreated template caches from Downloads ? Templates ? Precreated, or directly from download.openvz.org/template/precreated, or from one of the mirrors. Put those tarballs as-is (no unpacking needed) to the /vz/template/cache/ directory (for Debain, this is /var/lib/vz/template/cache/).
OpenVZ is now set up on your machine. To load OpenVZ kernel by default, edit the default line in the /boot/grub/grub.conf file to point to the OpenVZ kernel. For example, if the OpenVZ kernel is the first kernel mentioned in the file, put it as default 0. See man grub.conf for more details.
Follow on to basic operations in OpenVZ environment document.