Installing And Using OpenVZ On Ubuntu 10.04

Want to support HowtoForge? Become a subscriber!
 
Submitted by falko (Contact Author) (Forums) on Thu, 2010-08-19 16:47. :: OpenVZ | Ubuntu | Virtualization

Installing And Using OpenVZ On Ubuntu 10.04

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Follow me on Twitter
Last edited 08/18/2010

In this HowTo I will describe how to prepare an Ubuntu 10.04 server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

I'm using an x86_64 (amd64) system here. If you are on an i386 system, a few commands will be slightly different - I have added annotations to that parts.

 

2 Become root

Type

sudo su

to become root (or prepend all commands in this tutorial with the string sudo).

 

3 Change The Default Shell

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:

dpkg-reconfigure dash

Install dash as /bin/sh? <-- No

 

 

4 Disable AppArmor

AppArmor is a security extension (similar to SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it.

We can disable it like this:

/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

 

5 Installing OpenVZ

Unfortunately there are no OpenVZ packages in the official Ubuntu 10.04 repositories, therefore we have to build the OpenVZ kernel and the OpenVZ tools (vzctl, vzquota, vzpkg) ourselves.

First, run

uname -r

to find out your currently installed kernel version:

root@server1:~# uname -r
2.6.32-24-server
root@server1:~#

As you see, I have 2.6.32-24-server installed.

Now we install the required packages to build a new kernel:

aptitude install kernel-package libncurses5-dev fakeroot wget bzip2 module-assistant debhelper

aptitude build-dep linux-image-2.6.32-24-server

(Please make sure that you use the correct kernel version in the last command, i.e., the kernel version that uname -r shows.)

Next we download the 2.6.32 kernel sources plus the OpenVZ kernel patch and the official config for the OpenVZ kernel:

cd /usr/src
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.bz2
m-a prepare
wget http://download.openvz.org/kernel/branches/2.6.32/2.6.32-belyayev.1/patches/patch-belyayev.1-combined.gz
wget http://download.openvz.org/kernel/branches/2.6.32/2.6.32-belyayev.1/configs/kernel-2.6.32-x86_64.config.ovz

Then run

kernel-packageconfig
echo "CONCURRENCY_LEVEL := 2" >> /etc/kernel-pkg.conf

(Use numer_of_cpu_cores + 1 for the CONCURRENCY_LEVEL. I have just one CPU core on my test system, so this makes 1 + 1 = 2.)

Now we patch the kernel sources and prepare the build:

tar -xpf linux-2.6.32.tar.bz2
mv linux-2.6.32 linux-2.6.32-openvz
rm -f linux
ln -s linux-2.6.32-openvz linux
cd linux
gunzip -dc ../patch-belyayev.1-combined.gz | patch -p1
cp -rf ../kernel-2.6.32-x86_64.config.ovz .config
make oldconfig

Then we build the OpenVZ kernel with the following command:

fakeroot make-kpkg --initrd --append-to-version=-ovz32 --revision=1.0 kernel_image kernel_headers

This can take some time, so please be patient.

Run

cd ..
ls -l *.deb

afterwards to see the new .deb packages of the OpenVZ kernel:

root@server1:/usr/src# ls -l *.deb
-rw-r--r-- 1 root src  6300866 2010-08-18 19:18 linux-headers-2.6.32.14-ovz32_1.0_amd64.deb
-rw-r--r-- 1 root src 26274680 2010-08-18 19:12 linux-image-2.6.32.14-ovz32_1.0_amd64.deb
root@server1:/usr/src#

Install the new kernel as follows:

dpkg -i linux-image-2.6.32.14-ovz32_1.0_amd64.deb linux-headers-2.6.32.14-ovz32_1.0_amd64.deb

Then update the initrd and the GRUB bootloader configuration:

mkinitramfs -k 2.6.32.14-ovz32 -o /boot/initrd.img-2.6.32.14-ovz32
update-grub

Next we build the OpenVZ tools (vzctl, vzquota, vzpkg). First we install some prerequisites:

aptitude install git-core git-buildpackage automake autoconf libtool liblockfile-simple-perl cstream liblog-agent-perl ssl-cert postfix rpm yum alien

vzctl can be built as follows:

cd
git clone git://git.openvz.org/pub/vzctl vzctl
cd vzctl
./autogen.sh
./configure --enable-bashcomp --enable-logrotate
make
make install
make install-debian

vzquota can be built as follows:

cd
git clone git://git.openvz.org/pub/vzquota vzquota
cd vzquota
make
make install

And vzpkg can be built as follows:

cd
git clone git://git.openvz.org/pub/vzpkg vzpkg
cd vzpkg
make install

Now we create the system startup links for OpenVZ:

update-rc.d vz defaults

For compatibility reasons, we create the following symlink:

ln -s /vz /var/lib/vz

Open /etc/sysctl.conf and make sure that you have the following settings in it:

vi /etc/sysctl.conf

[...]
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward=1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.eth0.proxy_arp=1
[...]

If you need to modify /etc/sysctl.conf, run

sysctl -p

afterwards.

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

vi /etc/vz/vz.conf

[...]
NEIGHBOUR_DEVS=all
[...]

Finally, reboot the system:

reboot

If your system reboots without problems, then everything is fine!

After the reboot, become root again:

sudo su

Run

uname -r

and your new OpenVZ kernel should show up:

root@server1:~# uname -r
2.6.32.14-ovz32
root@server1:~#


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by Major Tom MIB (registered user) on Sun, 2012-02-12 23:41.

RE: wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.bz2

How about "apt-get source linux-image-$(uname -r)" ?

Submitted by fe4r (not registered) on Fri, 2011-12-02 17:32.

In my case I got many errors:


HOSTCC Documentation/video4linux/v4lgrab

Documentation/video4linux/v4lgrab.c:34:28: error: linux/videodev.h: No such file or directory

Documentation/video4linux/v4lgrab.c: In function βmainβ:

Documentation/video4linux/v4lgrab.c:103: error: storage size of βcapβ isnβt known

Documentation/video4linux/v4lgrab.c:104: error: storage size of βwinβ isnβt known

Documentation/video4linux/v4lgrab.c:105: error: storage size of βvpicβ isnβt known

Documentation/video4linux/v4lgrab.c:116: error: βVIDIOCGCAPβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:116: error: (Each undeclared identifier is reported only once

Documentation/video4linux/v4lgrab.c:116: error: for each function it appears in.)

Documentation/video4linux/v4lgrab.c:123: error: βVIDIOCGWINβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:129: error: βVIDIOCGPICTβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:135: error: βVID_TYPE_MONOCHROMEβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:137: error: βVIDEO_PALETTE_GREYβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:138: error: βVIDIOCSPICTβ undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:151: error: βVIDEO_PALETTE_RGB24β undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:154: error: βVIDEO_PALETTE_RGB565β undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:158: error: βVIDEO_PALETTE_RGB555β undeclared (first use in this function)

Documentation/video4linux/v4lgrab.c:105: warning: unused variable βvpicβ

Documentation/video4linux/v4lgrab.c:104: warning: unused variable βwinβ

Documentation/video4linux/v4lgrab.c:103: warning: unused variable βcapβ

make[3]: *** [Documentation/video4linux/v4lgrab] Error 1

make[2]: *** [Documentation/video4linux] Error 2

make[1]: *** [vmlinux] Error 2



any suggestions...  

Submitted by V. Parhomenko (not registered) on Wed, 2010-08-25 14:49.
"sudo su" is pretty deprecated. "sudo -i" seems more reasonable cause it doesn't spawns 1 more process, like "sudo su" does.
Submitted by SamTzu (registered user) on Tue, 2010-08-24 04:54.

apt-get install vzctl vzquota

Worked for me. Only vzpkg was missing.