Installation of OpenVZ on CentOS 5.2

OS virtualization allows you to better scale if you need a large amount of similar software installations and you do not want to deploy more than one physical (or even virtual) machine. It creates isolated containers in which your environment run. In a way it is comparable to a jailed environment, but it provides better isolation, security and management. Hardware virtualization, for products as VMware, XEN and KVM, has a different approach in which you run a completely emulated distribution (often paravirualized) on top of your host system. OS and Hardware virtualization can complement each other.

The installation of OpenVZ containers on CentOS (or RHEL5) is very simple. The following steps were performed on a default installation of CentOS 5.2. In my case I use a virtual machine in a VMware environment.

The OpenVZ installation

$ setup

First you need to disable SELinux and the firewall.

$ cd /etc/yum.repos.d
$ wget http://download.openvz.org/openvz.repo
$ rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
$ yum -y install ovzkernel
$ vi /etc/sysctl.conf

In this file change the following lines:

net.ipv4.ip_forward = 1
kernel.sysrq = 1
net.ipv4.conf.default.proxy_arp = 0

In this same file add the following lines:

net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

Install the OpenVZ service and have it start at boot:

$ yum install vzctl vzquota
$ chkconfig --add vz
$ reboot


Container configuration
After this, you need to create or download an OS template. For keeping this post easy, I use a precreated template:

$ cd /vz/template/cache
$ wget http://mirror.proserve.nl/openvz/contrib/template/precreated/centos-5-i386-default.tar.gz

Now you can create your first OS container from this template. The information we need is an IP address, hostname and nameservers.

$ vzctl create 101 --ostemplate centos-5-i386-default --conf vps.basic --ipadd 10.73.11.150 --hostname c1.survion.net
$ vzctl set 101 --name c1 --nameserver "10.73.11.1 10.73.11.2 10.73.11.3" --diskspace 10G:10G --save
$ vzctl set 101 --userpasswd root:password --save

Each container instance is represented by an CTID. In the previous steps we used id 101 the identify the container. The configured information can now be found in the file /etc/vz/conf/101.conf. Be sure to use your own secret password for the last command.

You can now start this container and list processes

$ vzctl start 101
$ vzctl exec 101 ps ax

You can also issue an enter command:

$ vzctl enter 101

You would then authenticate as root inside the container. On the console you can perform commands as if you would on a normal machine.


That's it! You now have a CentOS container running on top of your CentOS installation.


Links and additional information
Information on how to create a template can be found on http://wiki.openvz.org/OS_template_cache_preparation

OS Templates can be found at:

• http://forum.openvz.org/index.php?t=msg&goto=15905
• http://mirror.proserve.nl/openvz/contrib/template/precreated/

If you download the minimal template you can not enter the container. This is because the container does not have a console configured. You could still issue commands using the 'vzctl exec' command and be able to configure the console, but YMMV.

You can read more detailed information about the installation on the following websites:

• http://wiki.openvz.org/Quick_installation
• http://wiki.centos.org/HowTos/Virtualization/OpenVZ

Edit: An interesting experiment performed by Scott Dowdle can be found on his blog called 'How many containers?'.