Difference between revisions of "Quick installation (legacy)"
|  (Just added a mention of the .x86_64 arch specific packages to avoid 64-bit users getting the 32-bit packages by mistake.) |  (→sysctl:  enable ipv6 forwarding) | ||
| Line 93: | Line 93: | ||
| # packet forwarding enabled and proxy arp disabled | # packet forwarding enabled and proxy arp disabled | ||
| net.ipv4.ip_forward = 1 | net.ipv4.ip_forward = 1 | ||
| + | net.ipv6.conf.default.forwarding = 1 | ||
| + | net.ipv6.conf.all.forwarding = 1 | ||
| net.ipv4.conf.default.proxy_arp = 0 | net.ipv4.conf.default.proxy_arp = 0 | ||
Revision as of 08:31, 8 January 2009
This document briefly describes the steps needed to install OpenVZ on your (RPM based) machine. For Debian based systems see Installation on Debian.
This document is also available in the following languages: French, German, Japanese, Spanish.
OpenVZ consists of a kernel, user-level tools, and container templates. This guide tells how to install the kernel and the tools.
Contents
Requirements
This guide assumes you are running recent release of Fedora Core (like FC5) or RHEL/CentOS 4. Currently, OpenVZ kernel tries to support the same hardware that Red Hat kernels support. For full hardware compatibility list, see Virtuozzo HCL.
Filesystems
It is recommended to use a separate partition for container's private directories (by default /vz/private/<veid>). The reason why you should do so is that if you wish to use OpenVZ per-container disk quota, you won't be able to use usual Linux disk quotas on the same partition. Bear in mind, that per-container quota in this context includes not only pure per-container quota, but also usual Linux disk quota used in containers, not on HN.
At least try to avoid using the root partition for containers, because the root user of a container will be able to overcome the 5% disk space barrier in some situations. This way the HN root partition can be completely filled and it will break the system.
OpenVZ per-container disk quota is supported only for ext2/ext3 filesystems. So use one of these filesystems (ext3 is recommended) if you need per-container disk quota.
rpm or yum?
In case you have yum utility available on your system, you may want to use it effectively to install and update OpenVZ packages. In case you don't have yum, or don't want to use it, you can use plain old rpm. Instructions for both rpm and yum are provided below.
yum pre-setup
If you want to use yum, you should set up OpenVZ yum repository first.
Download openvz.repo file and put it to your /etc/yum.repos.d/ repository. This can be achieved by the following commands, as root:
# cd /etc/yum.repos.d # wget http://download.openvz.org/openvz.repo # rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
In case you can not cd to /etc/yum.repos.d, it means either yum is not installed on your system, or yum version is too old. In that case, just stick to rpm installation method.
Kernel installation
|   | Note: In case you want to recompile the kernel yourself rather than use the one provided by OpenVZ, see kernel build. | 
First, you need to choose what “flavor” of the kernel you want to install. Please refer to Kernel flavors for more information.
Using yum
Run the following command
# yum install ovzkernel[-flavor]
Here [-flavor] is optional, and can be -smp or -enterprise. Refer to kernel flavors for more info.
Using rpm
Get the kernel binary RPM from the Download/kernel page. You only need one kernel RPM so please choose the appropriate one depending on your hardware.
Next, install the kernel RPM you chose:
# rpm -ihv ovzkernel[-flavor]*.rpm
Here [-flavor] is optional, and can be -smp or -enterprise. Refer to kernel flavors for more info.
|   | Note: rpm -U (where -U stands for upgrade) should not be used, otherwise all currently installed kernels will be uninstalled. | 
Configuring the bootloader
In case GRUB is used as the boot loader, it will be configured automatically: lines similar to these will be added to the /boot/grub/grub.conf file:
title Fedora Core (2.6.8-022stab029.1)
       root (hd0,0)
       kernel /vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5 quiet rhgb vga=0x31B
       initrd /initrd-2.6.8-022stab029.1.img
Change Fedora Core to OpenVZ (just for clarity reasons, so the OpenVZ kernels will not be mixed up with non-OpenVZ ones). Remove extra arguments from the kernel line, leaving only the root=... parameter. The modifed portion of /etc/grub.conf should look like this:
title OpenVZ (2.6.8-022stab029.1)
        root (hd0,0)
        kernel /vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5
        initrd /initrd-2.6.8-022stab029.1.img
Configuring
Please make sure the following steps are performed before rebooting into OpenVZ kernel.
sysctl
There are a number of kernel parameters that should be set for OpenVZ to work correctly. These parameters are stored in /etc/sysctl.conf file. Here are the relevant portions of the file; please edit accordingly.
# On Hardware Node we generally need # packet forwarding enabled and proxy arp disabled net.ipv4.ip_forward = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 # Enables source route verification net.ipv4.conf.all.rp_filter = 1 # Enables the magic-sysrq key kernel.sysrq = 1 # We do not want all our interfaces to send redirects net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0
SELinux
SELinux should be disabled. To that effect, put the following line to /etc/sysconfig/selinux:
SELINUX=disabled
Conntracks
In the stable OpenVZ kernels (those that are 2.6.8-based) netfilter connection tracking for CT0 is disabled by default. If you have a stateful firewall enabled on the host node (it is there by default) you should either disable it, or enable connection tracking for CT0.
To enable conntracks for CT0, add the following line to /etc/modprobe.conf file:
options ip_conntrack ip_conntrack_enable_ve0=1
|   | Note: In kernels later than 2.6.8, connection tracking is enabled by default. | 
Rebooting into OpenVZ kernel
Now reboot the machine and choose "OpenVZ" on the boot loader menu. If the OpenVZ kernel has been booted successfully, proceed to installing the user-level tools for OpenVZ. If you are installing on x86_64 CentOS or Fedora system, you may want to continue the setup process using the x86_64 guide.
Installing the utilities
OpenVZ needs some user-level tools installed. Those are:
- vzctl
- A utility to control OpenVZ containers (create, destroy, start, stop, set parameters etc.)
- vzquota
- A utility to manage quotas for containers. Mostly used indirectly (by vzctl).
Using yum
# yum install vzctl vzquota
If on the x86_64 platform you would probably want to:
# yum install vzctl.x86_64 vzquota.x86_64
Using rpm
Download the binary RPMs of these utilities from Download/utils. Install them:
# rpm -Uhv vzctl*.rpm vzquota*.rpm
If rpm complains about unresolved dependencies, you'll have to satisfy them first, then repeat the installation.
When all the tools are installed, start the OpenVZ subsystem.
Starting OpenVZ
As root, execute the following command:
# /sbin/service vz start
This will load all the needed OpenVZ kernel modules. This script should also start all the containers marked to be auto-started on machine boot (there aren't any yet).
During the next reboot, this script should be executed automatically.
Next steps
OpenVZ is now set up on your machine. To load OpenVZ kernel by default, edit the default line in the /boot/grub/grub.conf file to point to the OpenVZ kernel. For example, if the OpenVZ kernel is the first kernel mentioned in the file, put it as default 0. See man grub.conf for more details.
The next step is to prepare the OS template: please continue to OS template cache preparation document.
