Installing OpenVZ on CentOS 5.2

The OpenVZ Project website (www.openvz.org) has a lot of quality documentation including a Users Guide PDF, a Quick Installation Guide, and a vast wiki of howto and troubleshooting articles. This article will briefly cover the installation process. You will need to be the root user for all of the following tasks.

Adding the OpenVZ yum repository

Installing OpenVZ on a CentOS 4 or CentOS 5 host is very easy because the OpenVZ Project provides an openvz.repo for use with yum. Simply download the openvz.repo file and place it in the /etc/yum.repos.d/ directory. Examine the openvz.repo file as it contains a number of repository definitions with two being enabled by default: 1) RHEL5-based kernel and 2) the OpenVZ utilities. Edit it to meet your needs.

cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm –import
http://download.openvz.org/RPM-GPG-Key-OpenVZ

The repository contains a few different OpenVZ kernels (you can find more details about them here: http://wiki.openvz.org/Kernel_flavors). The command

yum search ovzkernel

shows you the available kernels:

[[email protected] yum.repos.d]# yum search ovzkernel
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
 * base: ftp.halifax.rwth-aachen.de
 * openvz-kernel-rhel5: openvz.proserve.nl
 * updates: ftp.halifax.rwth-aachen.de
 * addons: ftp.halifax.rwth-aachen.de
 * openvz-utils: openvz.proserve.nl
 * extras: ftp.halifax.rwth-aachen.de
openvz-kernel-rhel5       100% |=========================|  951 B    00:00
primary.xml.gz            100% |=========================|  22 kB    00:00
openvz-ker: ################################################## 14/14
openvz-utils              100% |=========================|  951 B    00:00
primary.xml.gz            100% |=========================| 6.7 kB    00:00
openvz-uti: ################################################## 26/26
ovzkernel-ent.i686 : The Linux kernel compiled for huge mem capable machines.
ovzkernel-PAE.i686 : The Linux kernel compiled for PAE capable machines.
ovzkernel-ent-devel.i686 : Development package for building kernel modules to match the ent kernel.
ovzkernel-PAE-devel.i686 : Development package for building kernel modules to match the PAE kernel.
ovzkernel.i686 : Virtuozzo Linux kernel (the core of the Linux operating system)
ovzkernel-xen.i686 : The Linux kernel compiled for Xen VM operations
ovzkernel-xen-devel.i686 : Development package for building kernel modules to match the kernel.
ovzkernel-devel.i686 : Development package for building kernel modules to match the kernel.
[[email protected] yum.repos.d]#

Pick one of them and install it as follows:

yum install ovzkernel

This should automatically update the GRUB bootloader as well. Anyway, we should open /boot/grub/menu.lst; the first kernel stanza should now contain the new OpenVZ kernel. The title of that kernel just reads “CentOS”. I think it’s a good idea to change that title and add something with “OpenVZ” to it so that you know that it’s the OpenVZ kernel. Also make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default CentOS kernel.

vi /boot/grub/menu.lst

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS OpenVZ (2.6.18-53.1.19.el5.028stab053.14)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-53.1.19.el5.028stab053.14 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-53.1.19.el5.028stab053.14.img
title CentOS (2.6.18-92.1.1.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-92.1.1.el5 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-92.1.1.el5.img
title CentOS (2.6.18-92.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00
        initrd /initrd-2.6.18-92.el5.img

Now we install some OpenVZ user tools:

yum install vzctl vzquota

Open /etc/sysctl.conf and make sure that you have the following settings in it:

vi /etc/sysctl.conf

[…]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[…]

If you need to modify /etc/sysctl.conf, run

sysctl -p

afterwards.

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system’s IP address. If you don’t do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

vi /etc/vz/vz.conf

[…]
NEIGHBOUR_DEVS=all
[…]

SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled:

vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing – SELinux security policy is enforced.
#       permissive – SELinux prints warnings instead of enforcing.
#       disabled – SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted – Only targeted network daemons are protected.
#       strict – Full SELinux protection.
SELINUXTYPE=targeted

Finally, reboot the system:

reboot

If your system reboots without problems, then everything is fine!

Run

uname -r

and your new OpenVZ kernel should show up:

[[email protected] ~]# uname -r
2.6.18-53.1.19.el5.028stab053.14
[[email protected] ~]#

Please follow and like us:
About shk

shk is a DevOps engineer with more than 12 years of experience in different organizations. He enthusiastic about learning new technologies and shares his knowledge through his blogs.

Comment Policy:

Your words are your own, so be nice and helpful if you can. Please, only use your real name, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please.

Tell us what you're thinking...

All comments are moderated.

* Denotes required field.

*

*

Previous Post:
Next Post: