Installing And Using OpenVZ On Debian Wheezy (AMD64)
Author: Falko Timme
Follow me on Twitter
In this HowTo I will describe how to prepare a Debian Wheezy server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.
This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.
This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using an x86_64 (amd64) system here. If you are on an i386 system, a few commands will be slightly different.
2 Installing OpenVZ
For Debian Wheezy, there is no OpenVZ kernel in the official repositories. Therefore we have three options:
- Installing from the official RPM packages from the OpenVZ project (see Install kernel from RPM on Debian 6.0) - with ploop support! (recommended)
- Installing the Debian Wheezy kernel from the OpenVZ project and the other packages from the official Debian Wheezy repositories (see Installation on Debian) - kernel with ploop support, but the vzctl package from Debian does not support it.
- Installing from Proxmox packages (see Install Proxmox VE on Debian Wheezy) - no ploop support in kernel.
2.1 Installing From The Official RPM Packages From The OpenVZ Project
Download the latest vzkernel, vzctl, ploop and vzquota RPM packages from http://wiki.openvz.org/Download/kernel/rhel6 and http://wiki.openvz.org/Download/utils, e.g. as follows::
Install the following packages...
apt-get install fakeroot alien libcgroup1
... and convert the RPM packages to DEB packages:
fakeroot alien --to-deb --scripts --keep-version vz*.rpm ploop*.rpm
Install the DEB packages as follows:
dpkg -i vz*.deb ploop*.deb
Next we have to make sure that the correct kernel (the OpenVZ kernel) is booted when you restart the system. In the output of the last command, you should see something like this:
Setting up vzkernel (2.6.32-042stab076.8) ...
update-initramfs: Generating /boot/initrd.img-2.6.32-042stab076.8
WARNING: could not open /lib/modules/2.6.32-042stab076.8/modules.builtin: No such file or directory
WARNING: could not open /var/tmp/mkinitramfs_baPCFp/lib/modules/2.6.32-042stab076.8/modules.builtin: No such file or directory
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-3.2.0-4-amd64
Found initrd image: /boot/initrd.img-3.2.0-4-amd64
Found linux image: /boot/vmlinuz-2.6.32-042stab076.8
Found initrd image: /boot/initrd.img-2.6.32-042stab076.8
This means there is also another kernel on the system (3.2.0), and the openVZ kernel (2.6.32) is not the first in the list. So to make the OpenVZ kernel the default kernel, we have two options - adjust the default kernel in GRUB (recommended) or remove the non-VZ kernel(s).
To adjust the default kernel in GRUB, open /etc/default/grub...
... and modify the GRUB_DEFAULT line (counting starts with 0; because each kernel comes also with a recovery mode, our OpenVZ kernel is the third kernel, so we need to put in 2 here):
[...] GRUB_DEFAULT=2 [...]
Update GRUB afterwards:
To remove the default kernel, run...
apt-get remove linux-image-amd64 linux-image-3.2.0-4-amd64
... and update GRUB:
Now that we have made sure the correct kernel will boot, we can go on.
Next we must check that we are using UUIDs instead of device names in /etc/fstab because otherwise the system might not boot with the openVZ kernel. Run...
... to find out the UUIDs of your devices/partitions:
[email protected]:/tmp# blkid
/dev/mapper/server1-swap_1: UUID="c465cb44-1bf9-4fbe-bb31-17139fd43004" TYPE="swap"
/dev/sda5: UUID="WRK6Xm-fg52-T836-sp4k-6uxm-trHH-FiRdBx" TYPE="LVM2_member"
/dev/sda1: UUID="46d1bd79-d761-4b23-80b8-ad20cb18e049" TYPE="ext2"
/dev/mapper/server1-root: UUID="d5ac6d76-0b69-46da-b0c1-a4376f2f0e4e" TYPE="ext4"
My original /etc/fstab looks as follows (as you see, the UUID of the /boot partition is already being used, but for / and swap, the device names are in use):
# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> /dev/mapper/server1-root / ext4 errors=remount-ro 0 1 # /boot was on /dev/sda1 during installation UUID=46d1bd79-d761-4b23-80b8-ad20cb18e049 /boot ext2 defaults 0 2 /dev/mapper/server1-swap_1 none swap sw 0 0 /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
Modify it so that UUIDs are used for all partitions:
# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> #/dev/mapper/server1-root / ext4 errors=remount-ro 0 1 UUID=d5ac6d76-0b69-46da-b0c1-a4376f2f0e4e / ext4 errors=remount-ro 0 1 # /boot was on /dev/sda1 during installation UUID=46d1bd79-d761-4b23-80b8-ad20cb18e049 /boot ext2 defaults 0 2 #/dev/mapper/server1-swap_1 none swap sw 0 0 UUID=c465cb44-1bf9-4fbe-bb31-17139fd43004 none swap sw 0 0 /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
Make sure OpenVZ starts automatically at boot time:
update-rc.d vz defaults
update-rc.d vzeventd defaults
Next we need to link a few libraries:
ln -s /usr/lib64/libvzctl-4.3.1.so /usr/lib
ln -s /usr/lib64/libploop.so /usr/lib
If you want to use ploop containers, do this:
apt-get install parted
Also, open /etc/init.d/vz...
... and add the line mkdir $VARLOCK/ploop to make sure that the directory /var/lock/ploop is recreated after a reboot:
#!/bin/sh # Copyright (C) 2000-2009, Parallels, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # OpenVZ startup script, used for redhat and debian related distributions. ### # chkconfig: 2345 96 20 # description: OpenVZ startup script. ### ### BEGIN INIT INFO # Provides: vz # Required-start: $network $remote_fs $syslog # Required-stop: $network $remote_fs $syslog # Should-Start: sshd vzeventd # Should-Stop: sshd vzeventd # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: OpenVZ startup script # Description: OpenVZ startup script. ### END INIT INFO # This line is needed to cheat /etc/init.d/rc who expects action word . /usr/libexec/vzctl/scripts/initd-functions mkdir $VARLOCK/ploop [...]
Create a symlink from /vz to/var/lib/vz to provide backward compatibility:
ln -s /vz /var/lib/vz
Open /etc/sysctl.conf and make sure that you have the following settings in it:
[...] net.ipv4.conf.all.rp_filter=1 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.conf.default.forwarding=1 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.ip_forward=1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.eth0.proxy_arp=1 [...]
If you need to modify /etc/sysctl.conf, run
The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!
Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:
[...] # Controls which interfaces to send ARP requests and modify APR tables on. NEIGHBOUR_DEVS=all [...]
apt-get install vzdump
Finally, reboot the system:
If your system reboots without problems, then everything is fine!
and your new OpenVZ kernel should show up:
[email protected]:~# uname -r