ADMIN

Recommendations

Info

Virtualization OpenVZ Figure 3: I installing OpenVZ from the package sources for Ubuntu 8.04 – the last version of Ubuntu to officially include an OpenVZ kernel. The only package needed for this was the linux‐openvz meta-package. Figure 4: The OpenVZ developers provide container templates for various guest systems; this makes installing a guest system a quick and easy experience. Templates from the community are also available. should have at least 5GB of hard disk space, a fair amount of RAM (at least 4GB), and enough swap space. Starting OpenVZ Installing OpenVZ is simple. Users on RPM-based operating systems such as RHEL or CentOS can simply include the Yum repository specified in the quick install manual on the project homepage. Ubuntu 8.04 users will find a linux‐openvz meta-package in the multiverse repository, which installs the required OpenVZ kernel, including the kernel modules and header files (Figure 3). At the time of writing, no OpenVZ kernel was available for Ubuntu 10.04. If you are interested in using OpenVZ with a current version of Ubuntu, you will find a prebuilt deb package in Debian’s unstable branch. To install type: detailed information on this, refer to the sysctl section in the quick install guide, which covers providing network access to the guest systems, involving setting up packet forwarding for IPv4 [5]. Then, you need to reboot with the new kernel. If you edit sysctl after rebooting, you can reload by typing sudo sysctl ‐p. Typing sudo /etc/init.d/vz start wakes up the virtualization machine. Next, you should make sure all the OpenVZ services are running; this is done easily (on Ubuntu) by issuing: sudo sysv‐rc‐conf ‐list vz If the tool is missing, you can type sudo apt‐get install sysconfig to install it. Debian and Red Hat users can run the legacy chkconfig tool. A check of service vz status should now tell you that OpenVZ is running. Container Templates OpenVZ users don’t need to install an operating system in the traditional sense of the word. The most convenient approach to set up OpenVZ containers is with templates (i.e., tarballs with a minimal version of the distribution you want to use in the container). Administrators can create templates themselves, although it’s not exactly trivial [6]. Downloading prebuilt templates [7] and copying them to the template folder is easier: sudo cp path_to_template U /var/lib/vz/template/cache Besides templates provided by the OpenVZ team, the page also offers sudo dpkg ‐i linux‐base_2.6.32‐10_all.debU linux‐image‐2.6.32‐4‐openvz‐686_U 2.6.32‐10_i386.deb The sudo apt‐get ‐f install command will automatically retrieve any missing packages. You will also need to install the vzctl tool, which has a dependency for vzquota. Before setting up the containers and configuring the OpenVZ host environment, you need to modify a few kernel parameters that are necessary to run OpenVZ in the /etc/sysctl. conf file on the host system. For more Figure 5: A couple of clear-cut commands are used for creating and starting a VE and for entering the VE. 54 Admin 01 www.admin-magazine.com
OpenVZ Virtualization a number of community templates (Figure 4). Configuring the Host Environment The /etc/vz/vz.conf file lets you configure the host environment. This is where you specify the path to the container and template data on the host filesystem. If you prefer not to use the defaults of subnet and tell them the DNS server address, which lets OpenVZ create venet devices. All of the following commands must be given in the host context. To do this, you first need to stop the VE and then set all the basic parameters. For example, you can set the hostname for the VE as follows: sudo vzctl set VEID U ‐‐hostname Hostname ‐‐save The ‐‐ipadd option lets you assign a local IP address. If you need to install a large number of VEs, use VEID as the host part of the numeric address. sudo vzctl set VEID ‐‐ipadd U IP-Address ‐‐save The DNS server can be configured using the ‐‐nameserver option: sudo vzctl set VEID U ‐‐nameserver Nameserver-address ‐‐save E TEMPLATE=/var/lib/vz/template VE_ROOT=/var/lib/vz/root/$VEID VE_PRIVATE=/var/lib/vz/private/$VEID you can set your own paths. VE_ROOT is the mountpoint for the root directory of the container. The private data for the container are mounted in VE_PRIVATE. VEID is a unique ID that identifies an instance of the virtual environment. All OpenVZ tools use this container ID to address the required container. Figure 6: The virtual environment uses venet devices to communicate with the outside world. Creating Containers The vzctl, which is only available in the host context, creates containers and handles most management tasks, too. In the following example, I used it to create a new VE based on a template for openSUSE 11.1 that I downloaded: Figure 7: The vzlist command outputs a list of active VEs. sudo vzctl create VEID U ‐‐ostemplate suse‐11.1‐x86_64 The template name is specified without the path and file extension. The sudo vzctl start VEID starts the VE, and sudo vzctl stop VEID stops it again (Figure 5). The commands sudo vzctl enter VEID and exit let you enter and exit the VE. Entering the VE gives you a working root shell without prompting you for a password. Unfortunately, you can’t deny root access in the host context. Network Configuration The next step is to configure network access for the container. OpenVZ supports various network modes for this. The easiest option is to assign the VEs an IP on the local network/ Figure 8: User Bean Counters, a set of configuration parameters, allow the administrator to limit resources for each virtual environment. www.admin-magazine.com Admin 01 55
Page 1 and 2:
ADMIN Network & Security Rescue CD
Page 3 and 4: Welcome to Admin WELCOME ALL FOR AD
Page 5 and 6: Table of Contents SERVICE 8 Spacewa
Page 7 and 8: POWERHOUSE PERL 11 cool projects! F
Page 9 and 10: Spacewalk Features configuration fi
Page 11 and 12: Spacewalk Features Figure 2: Assign
Page 13 and 14: Spacewalk Features kickstart profil
Page 15 and 16: Icinga Features Table 1: States Opt
Page 17 and 18: Icinga Features ministrators only n
Page 19 and 20: Icinga Features Figure 6: Network o
Page 21 and 22: MySQL Forks and Patches Features th
Page 23 and 24: MySQL Forks and Patches Features In
Page 25 and 26: Exchange 2010 Features © peapop, F
Page 27 and 28: they can now synchronize text messa
Page 29 and 30: Backup Software Features data. One
Page 31 and 32: Backup Software Features tended), l
Page 33 and 34: Backup Software Features Two “wiz
Page 35 and 36: Backup & Disaster Recovery Georgeto
Page 37 and 38: OCFS2 Tools ing. OCFS2 is fairly si
Page 39 and 40: OCFS2 Tools F Figure 2: Unspectacul
Page 41 and 42: To do this, you need to change the
Page 43 and 44: Synergy Tools Figure 1: Synergy as
Page 45 and 46: SystemTap Tools The SystemTap [3] t
Page 47 and 48: SystemTap Tools Instead of searchin
Page 49 and 50: Package Your Scripts Virtualization
Page 51 and 52: Linux Magazine ACADEMY curl U http:
Page 53: openVz VirtuAlizAtion live migratio
Page 57 and 58: OpenVZ Virtualization OpenVZ kernel
Page 59 and 60: AND SAVE 30%! ADMIN Network & Secur
Page 61 and 62: Virtual Machine Manager Virtualizat
Page 63 and 64: Virtual Machine Manager Virtualizat
Page 65 and 66: Teamviewer Management and be contro
Page 67 and 68: NOV. 7-12 2010 24th Large Installat
Page 69 and 70: Chef Management Server Provides rec
Page 71 and 72: Chef Management ‐r http://s3.amaz
Page 73 and 74: Chef Management Figure 5: The clien
Page 75 and 76: Sysinternals Management AdInsight a
Page 77 and 78: Sysinternals Management Name Table
Page 79 and 80: PAM and Hardware Nuts and Bolts Fig
Page 81 and 82: November 13-19, 2010 • Ernest N.
Page 83 and 84: PAM and Hardware Nuts and Bolts to
Page 85 and 86: ON NEWSSTANDS NOW ! UBUNTU USER MAG
Page 87 and 88: modSecurity nutS And boltS complex
Page 89 and 90: ModSecurity Nuts and bolts Insider
Page 91 and 92: REAL SOLUTIONS FOR REAL NETWORKS Ea
Page 93 and 94: Daemon Monitoring Nuts and Bolts Fi
Page 95 and 96: VPns with SSTP nuTS And BoLTS Hands
Page 97 and 98: VPNs with SSTP Nuts and Bolts Figur
Page 100: DEDICATED SERVERS £59 FROM PER MON
show all

ADMIN

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?