How to install and work with OpenVZ on CentOS 6.4

In this tutorial I will show you how to install and work with OpenVZ on CentOS server.  OpenVZ is an operating system-level virtualization technology based on the Linux kernel and operating system. OpenVZ allows a physical server to run multiple isolated operating system instances, known as containers, Virtual Private Servers, or Virtual Environments.  OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.

The first thing we need to do is to add the OpenVZ repository to yum:

cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ

The CentOS 6 repository should be enabled by default, but if it is not you can do that by editing the openvz.repo file:

vi openvz.repo

and disable the [openvz-kernel-rhel5] repository (enabled=0) and enable the [openvz-kernel-rhel6] repository instead (enabled=1):

[...]
[openvz-kernel-rhel6]
name=OpenVZ RHEL6-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel6-2.6.32/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel6-2.6.32
enabled=1
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ

[openvz-kernel-rhel5]
name=OpenVZ RHEL5-based kernel
#baseurl=http://download.openvz.org/kernel/branches/rhel5-2.6.18/current/
mirrorlist=http://download.openvz.org/kernel/mirrors-rhel5-2.6.18
enabled=0
gpgcheck=1
gpgkey=http://download.openvz.org/RPM-GPG-Key-OpenVZ
[...]

The next thing we need to do is to install the OpenVZ kernel. To do that we can use the following command:

yum install vzkernel

This should automatically update the GRUB bootloader as well. We can check that by opening/editing the /boot/grub/menu.lst file, and the first kernel stanza should contain the new OpenVZ kernel. Make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default CentOS kernel.

vi /boot/grub/menu.lst

it should look like:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/mapper/vg_server1-lv_root
#          initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title OpenVZ (2.6.32-042stab057.1)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-042stab057.1 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=de rd_LVM_LV=vg_server1/lv_swap rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-042stab057.1.img
title CentOS (2.6.32-279.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-279.el6.x86_64 ro root=/dev/mapper/vg_server1-lv_root rd_LVM_LV=vg_server1/lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=de rd_LVM_LV=vg_server1/lv_swap rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-279.el6.x86_64.img

Once everything is done we can install some basic OpenVZ tools.

yum install vzctl vzquota

We will also need to edit /etc/sysctl.conf and make sure that we have the following settings in it:

[...]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[...]

once the file is edited and saved we will need to exec the following command for the changes to take effects:

sysctl -p

We will also need to edit /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

[...]
NEIGHBOUR_DEVS=all
[...]

Don’t forget to disable selinux.

vi /etc/sysconfig/selinux

and it should look like:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

And finally, reboot the system.

shutdown -r now

Once the system boot you can check the new running OpenVZ kernel with:

[root@mylinuxvps ~]# uname -r
2.6.32-042stab057.1
[root@mylinuxvps ~]#

If you want to know how to create virtual machine on your newly install OpenVZ server please check this tutorial.

Be the first to comment

Leave a Reply