OpenVZ and VMWare Tools on Centos 6.2

Posted on by

Over past couple of years I was using OpenVZ and as excellent low cost solution for Linux services separation and every time I was installing it I had to Google the necessary steps. This led me into writing this simple guide to speedup my future setup.

OpenVZ installation

Of course I begin with installation of bare minimum system, setup my hard drives, networking etc. using the Centos 6.2 minimal ISO. (15 minutes)

I usually install the system on a hardware RAID-10 (±6 GiB) and /vz on LVM on top of software RAID-1 (it’s size depends on actual needs), because of my setup. I recommend using LVM for the /vz directory as it helps with online backup/migration.

After the installation is finished and system reboots I log in as root and start the modifications.

As the first step I update the OS. (It usually takes around 5 minutes)

  • yum update

Then I install a couple of utilities I use. (2 minutes)

  • yum install vim-enhanced screen mc mtr wget

Now I disable selinux as it’s virtually impossible to make it work with it being active. Change the line “SELINUX=enforcing” to “SELINUX=disabled”.

  • vim /etc/sysconfig/selinux

Even though we need to reboot in order to make the selinux config change active, we don’t need to do it just yet.

First we can add the OpenVZ repository and install the OpenVZ kernel. I also install the devel package as later will do VMWare Tools installation. it takes a litle while as it generates new initrd images. (10 minutes)

  • cd /etc/yum.repos.d
  • wget http://download.openvz.org/openvz.repo
  • yum install vzkernel vzkernel-devel

We should also check if there is everything fine in the grub config file.

  • less /boot/grub/grub.conf

Update – thanks to this site I found out that there is a better way to disable default kernel from updates then uninstalling it. This way we can keep it as a safety precaution for disaster recovery.

  • Quote: 
    • vi /etc/yum.conf
    • … and make sure you have a “exclude=kernel*” line under the [main] section.

I also change the sysctl settings in order to enable correct networking.

  • vim /etc/sysctl.conf
  • append to the end the following lines: 
    • net.ipv4.ip_forward = 1
       net.ipv4.conf.default.proxy_arp = 0
       net.ipv4.conf.all.rp_filter = 1
       kernel.sysrq = 1
       net.ipv4.conf.default.send_redirects = 1
       net.ipv4.conf.all.send_redirects = 0
       net.ipv4.icmp_echo_ignore_broadcasts = 1
       net.ipv4.conf.default.forwarding = 1
       net.ipv6.conf.default.forwarding = 1
       net.ipv6.conf.all.forwarding = 1

Now we can add the “NEIGHBOUR_DEVS=all” into /etc/vz/vz.conf if we need to access more then the default natwork.

Let’s finally reboot now.

  • reboot

You should see in grub that we are booting into the OpenVZ kernel (the word stab in it).

Login as root again and let’s install some supporting tools and their dependencies. (10 minutes)

  • yum install vzctl vzquota

As there is no vzdump in repository, we have to manually download it and install some dependencies.

download the vzdump here:

http://download.openvz.org/contrib/utils/vzdump/

Then install the dependencies

  • wget http://apt.sw.be/redhat/el6/en/i386/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
  • rpm -ihv ./rpmforge-release-0.5.2-2.el6.rf.i686.rpm
  • yum --enablerepo=rpmforge install perl-LockFile-Simple
  • yum install cstream smtpdaemon
  • And finally you can install vzdump
  • rpm -ihv ./vzdump-1.2*

This is the last step in the OpenVZ installation and here are a couple of example commands.

 

Firewall setup

If you want to have the containers on a separate network; such us when you don’t have a spare public IP address. I am assuming the eth0 is being routed to the external public interface.

# to add a NAT for the local IPs

  • iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j SNAT --to [External IP address]

# to forward port 12345 to the vz

  • iptables -t nat -A PREROUTING -p tcp -d [External IP address] --dport 12345 -i eth0 -j DNAT --to-destination 10.0.0.1:12345
  • iptables -t nat -A POSTROUTING -s 10.0.0.1 -o eth0 -j SNAT --to [External IP address]

After you setup your rules, don’t forget to save them

  • service iptables save

 

OpenVZ Commands

Here are some example commands of how to create and configure a Container.

# create a vz

  • vzctl create 101 --ostemplate centos-6-x86_64 --config basic

Make it automaticaly start after the host OS boot

  • vzctl set 101 --onboot yes --save

Setup some network parameters

  • vzctl set 101 --hostname host.name.local --ipadd 10.0.0.1 --nameserver 8.8.8.8 --nameserver 8.8.4.4 --save

Starting , Stopping and rebooting the Container

  • vzctl start 101
  • vzctl stop 101
  • vzctl restart 101

Entering the container

  • vzctl enter 101

List all Containers

  • vzlist -a

 

VMWare Tools installation

As we already have the vzkernel-devel installed and the only dependency missing is “Development tools” (10 minutes).

  • yum groupinstall "Development tools"

After that’s done mount the Tools’ ISO by clicking menu – VM -> Guest -> Install/Upgrade VMWare Tools

By running the following commands it will get installed.

  • mount /dev/cdrom /mnt/
  • cp /mnt/VMWareTools* /root/
  • umount /dev/cdrom
  • cd /root
  • tar xpzf ./VMWareTools*
  • cd vmware-tools-contrib
  • ./vmware-install.pl

For most configurations all you need to do is just keep hitting the Enter key.

… and that’s all my friends 🙂

Unless you are on a slow network or very old hardware you should be ready to go in about 30-40 minutes.

Not bad, right? 🙂

Leave a Reply