6,534
edits
Changes
a lot of fixes here and there; do not use VEID<=100
This article is basicaly written for OpenVZ LiveCD and assumes that the reader only starts using OpenVZ. == Introduction ==So, as you probably know, OpenVZ allows the user to create '''[[VE''']]s - , or Virtual Environments, which seems very much
like real computers. Real computer can run various distributions: Debian, Gentoo, Red Hat and Novell products, etc.
In the same way , a VE can be based on various [[OS (Operating System) '''templates'''|OS template]]. On the LiveCD only Debian minimaltemplate is installed and it is used by default. Each VE is indentified by its identification number -- a '''veidVEID'''. == VE creation ==So, how to create a VE with veid 1 VEID of 101 based on Debian template? Very easy. Just type the following commands in your
terminal (you must be root):
<pre>
root@Knoppix:~# vzctl create 1101
Creating VE private area (debian-3.1-i386-minimal)
Performing postcreate actions
</pre>
'''vzctl''' - is the tool that manages VEs. == List of VEs ==You can get the list of all created VEs on '''HN''' (Hardware Node) by using '''vzlist''' command:
<pre>
root@Knoppix:~# vzlist -a
VEID NPROC STATUS IP_ADDR HOSTNAME
</pre>
As you see, VE #1 101 is in stopped state now. == Starting VE ==Let's start it:
<pre>
root@Knoppix:~# vzctl start 1101
Starting VE ...
VE is mounted
root@Knoppix:~# vzlist -a
VEID NPROC STATUS IP_ADDR HOSTNAME
</pre>
In order to perform any command inside VE `vzctl exec` is used:
<pre>
root@Knoppix:~# vzctl exec 1 101 ps
PID TTY TIME CMD
1 ? 00:00:00 init
</pre>
== Entering VE ==
Any self-respected OS provides a shell for the user. This is how you can get the VE's shell:
<pre>
root@Knoppix:~# vzctl enter 1101entered into VE 1101
Knoppix:/#
</pre>
Knoppix:/# exit
logout
exited from VE 1101
root@Knoppix:~#
</pre>
<pre>
root@Knoppix:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@Knoppix:~# ifconfig venet0 up
root@Knoppix:~# vzctl set 1 101 --ipadd 10.1.1.1 --save
Adding IP address(es): 10.1.1.1
Saved parameters for VE 1
root@Knoppix:~# vzlist -a
VEID NPROC STATUS IP_ADDR HOSTNAME
</pre>
Now your '''HN''' ([[Hardware Node) ]] can ping VE and VE can ping HN:
<pre>
root@Knoppix:~# ping 10.1.1.1
rtt min/avg/max/mdev = 3.804/3.804/3.804/0.000 ms
root@Knoppix:~#
root@Knoppix:~# vzctl exec 1 101 ping 192.168.0.244
PING 192.168.0.244 (192.168.0.244) 56(84) bytes of data.
64 bytes from 192.168.0.244: icmp_seq=1 ttl=64 time=0.508 ms
</pre>
However, it isn't is not possible to ping other computers in the network: for it we need toset up NAT (Network Address Translation) and set the nameserver.
Assume that you've set up network on HN (for example via DHCP) and the IP address
of your node is 192.168.0.244 and nameserver IP address is 192.168.1.1.
<pre>
root@Knoppix:~# iptables -t nat -A POSTROUTING -s 10.1.1.1 -o eth0 -j SNAT --to 192.168.0.244
root@Knoppix:~# vzctl set 1 101 --nameserver 192.168.1.1 --save
File resolv.conf was modified
Saved parameters for VE 1101root@Knoppix:~# vzctl exec 1 101 ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=1 ttl=241 time=23.0 ms
</pre>
== Installing software inside VE ==I guess you've noted that there is not so many packages in VE. It is because minimal template was used.But of course, you can install any software in VE by yourself. For example, in Debian usual apt-get tool can be used. Now, for example, we can install gcc inside VE #1 101 for developing purposes:
<pre>
root@Knoppix:~# vzctl enter 1101entered into VE 1101
Knoppix:/#
Knoppix:/# apt-get install gcc
Knoppix:/# exit
logout
exited from VE 1101
root@Knoppix:~#
</pre>
== Resource limiting ==The very important feature of VEs VE is that you can limit them it by resources: cpuCPU, memory, disk space.It's done by is also performed via vzctl also. Crelayurrent Current usage/values and limits of memory -related resources can be veiwed viewed through'''[[/proc/user_beancounters''' ]] file:
<pre>
root@Knoppix:~# cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt
lockedpages 0 0 32 32 0
privvmpages 5238 6885 49152 53575 0
</pre>
Note, that if you have failcounters in the last column, it means, that the appropriate VEexpirienced experienced resource shortage. This is very common reason, why some applications application fail torun in a VE. In this case you should increase limits/barriersaccordingly; see[[resource shortage]] for more info.
== Stopping/removing VE ==
Well, let's stop VE and destroy it:
<pre>
root@Knoppix:~# vzctl stop 1101
Stopping VE ...
VE was stopped
VE is unmounted
root@Knoppix:~# rm -rf /var/lib/vz/private/1 101 # THIS STEP IS TEMPORARY: http://bugzilla.openvz.org/show_bug.cgi?id=455root@Knoppix:~# vzctl destroy 1101Destroying VE private area: /var/lib/vz/private/1101
VE private area was destroyed
root@Knoppix:~#
</pre>
== Links ==That's all you need to start playing with OpenVZ. Additional information can be found in man page on vzctl and at http://wiki.openvz.org/. If you expirience some difficulties , contact us via http://forum.openvz.org/. Templates and other tools at are available from http://download.openvz.org/.