Installing And Using OpenVZ On Fedora 14

Version 1.0
Author: Falko Timme
Follow me on Twitter

In this HowTo I will describe how to prepare a Fedora 14 server for OpenVZ. With OpenVZ you can create multiple Virtual Private Servers (VPS) on the same hardware, similar to Xen and the Linux Vserver project. OpenVZ is the open-source branch of Virtuozzo, a commercial virtualization solution used by many providers that offer virtual servers. The OpenVZ kernel patch is licensed under the GPL license, and the user-level tools are under the QPL license.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!


1 Installing OpenVZ

In order to install OpenVZ, we need to add the OpenVZ repository to yum :

cd /etc/yum.repos.d
rpm --import

Now open openvz.repo...

vi openvz.repo

... and disable the [openvz-kernel-rhel5] repository (enabled=0) and enable the [openvz-kernel-rhel6] repository instead (enabled=1):

name=OpenVZ RHEL5-based kernel
name=OpenVZ RHEL6-based kernel

The repository contains a few different OpenVZ kernels (you can find more details about them here: The command

yum search vzkernel

shows you the available kernels:

[root@server1 yum.repos.d]# yum search vzkernel
Loaded plugins: langpacks, presto, refresh-packagekit
Adding en_US to language list
===================================================================== Matched: vzkernel 
vzkernel-debug-debuginfo.i686 : Debug information for package vzkernel-debug
vzkernel-debug-debuginfo.x86_64 : Debug information for package vzkernel-debug
vzkernel-debuginfo.i686 : Debug information for package vzkernel
vzkernel-debuginfo.x86_64 : Debug information for package vzkernel
vzkernel-debuginfo-common-i686.i686 : Kernel source files used by vzkernel-debuginfo packages
vzkernel-debuginfo-common-x86_64.x86_64 : Kernel source files used by vzkernel-debuginfo packages
vzkernel.i686 : The Linux kernel
vzkernel.x86_64 : The Linux kernel
vzkernel-debug.i686 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug.x86_64 : The Linux kernel compiled with extra debugging enabled
vzkernel-debug-devel.i686 : Development package for building kernel modules to match the debug kernel
vzkernel-debug-devel.x86_64 : Development package for building kernel modules to match the debug kernel
vzkernel-devel.i686 : Development package for building kernel modules to match the kernel
vzkernel-devel.x86_64 : Development package for building kernel modules to match the kernel
vzkernel-headers.i686 : Header files for the Linux kernel for use by glibc
vzkernel-headers.x86_64 : Header files for the Linux kernel for use by glibc
[root@server1 yum.repos.d]#

Pick one of them and install it as follows:

yum install vzkernel

This should automatically update the GRUB bootloader as well. Anyway, we should open /boot/grub/menu.lst; the first kernel stanza should now contain the new OpenVZ kernel. The title of that kernel just reads "Fedora". I think it's a good idea to change that title and add something with "OpenVZ" to it so that you know that it's the OpenVZ kernel. Also make sure that the value of default is 0 so that the first kernel (the OpenVZ kernel) is booted automatically instead of the default Fedora kernel.

vi /boot/grub/menu.lst
# grub.conf generated by anaconda
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/mapper/VolGroup-lv_root
#          initrd /initrd-[generic-]version.img
title Fedora OpenVZ (2.6.32-042test003.1.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-042test003.1.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_LVM_LV=VolGroup/lv_root rd_LVM_LV=VolGroup/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de rhgb quiet crashkernel=auto
        initrd /initramfs-2.6.32-042test003.1.x86_64.img
title Fedora (
        root (hd0,0)
        kernel /vmlinuz- ro root=/dev/mapper/VolGroup-lv_root rd_LVM_LV=VolGroup/lv_root rd_LVM_LV=VolGroup/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de rhgb quiet
        initrd /initramfs-

Now we install some OpenVZ user tools:

yum install vzctl vzquota

Open /etc/sysctl.conf and make sure that you have the following settings in it:

vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

If you need to modify /etc/sysctl.conf, run

sysctl -p


The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:

vi /etc/vz/vz.conf

SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled:

vi /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.

Finally, reboot the system:


If your system reboots without problems, then everything is fine!


uname -r

and your new OpenVZ kernel should show up:

[root@server1 ~]# uname -r
[root@server1 ~]#
Share this page:

0 Comment(s)