5 this text describe the quick way to install Linux container
6 using vzgot. Hopefully this step by step should help you
7 to setup a working example you can use to as starting point
8 to install you own other container.
11 This procedure was performed and checked on a vanilla
12 Fedora 12 (without update), using kernel 2.6.31.5-127.fc12.x86_64.
13 Those step are done on the HOST system of your containers.
15 All given command are 'command line' such you
16 have better feed back in case of trouble
18 This procedure describe 5 easy steps to have your first container
22 #===========================================================
23 1 - Step one: Bridging, Forwarding, ARPing.
25 Define a BRIDGE interface. Bridge interface is need
26 to have container connected to network.
28 Install needed bridge package using yum command:
29 -> yum install bridge-utils
31 Within directory /etc/sysconfig/network-scripts create
32 a file named ifcfg-br0, contents of the file will be:
34 #-----------------------------------------------------------
38 IPADDR=your.own.ip.number
39 NETMASK=255.255.255.255
44 #-----------------------------------------------------------
45 once the file saved, type:
48 -> service network restart
50 Everything should be fine, doing command
52 You should have result as:
54 br0 Link encap:Ethernet HWaddr M:A:C:A:D:R
55 inet addr:Y.O.I.N Bcast:Y.O.I.N Mask:255.255.255.255
56 inet6 addr: xxxx::xxxx:xxxx:xxxx:xxxx/64 Scope:Link
57 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
58 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
59 TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
60 collisions:0 txqueuelen:0
61 RX bytes:0 (0.0 b) TX bytes:3822 (3.7 KiB)
64 Edit file /etc/sysctl.conf and change line
65 net.ipv4.ip_forward = 0
67 net.ipv4.ip_forward = 1
70 #to allow Bridge to answer ARP request
71 net.ipv4.conf.br0.proxy_arp = 1
73 to the sysctl.conf file end
77 This allow the host to route packet from/to container.
79 Using ping or other tools make sur your are able to
80 reach Y.O.I.N from your internal network.
82 #===========================================================
83 2 - Step Two: LVM (OPTIONAL)
85 We advise you to use LVM (Logical Volume Management).
86 This will allow to define specific disk space to
87 your containers and increase size on the fly if
90 For detail, see Linux documentation about LVM.
92 Critical command are: (Example)
93 pvcreate PhysicalVolume [[PhysicalVolume...]
94 vgcreate [Volname] PhysicalVolume [[PhysicalVolume...]
95 lvcreate -l 100%PVS -nvzvol volname PhysicalVolume [[PhysicalVolume...]
97 NOTE: in our example the logical volume name is 'vzvol'
99 #===========================================================
100 3 - Step Three Cgroup
102 'cgroup' are kernel functionalities to reduce
103 priviledges when working from inside containers.
104 (cpu usage, mknod allowing, etc..)
106 You should have 'cgroup' available with host kernel.
109 cgroup /cgroup cgroup defaults 0 0
110 in your HOST /etc/fstab file.
114 -> ls /cgroup; command should return something like
116 cpuacct.stat devices.deny
117 cpuacct.usage devices.list
118 cpuacct.usage_percpu memory.failcnt
119 cpu.rt_period_us memory.force_empty
120 cpu.rt_runtime_us memory.limit_in_bytes
121 cpuset.cpu_exclusive memory.max_usage_in_bytes
122 cpuset.cpus memory.memsw.failcnt
123 cpuset.mem_exclusive memory.memsw.limit_in_bytes
124 cpuset.mem_hardwall memory.memsw.max_usage_in_bytes
125 cpuset.memory_migrate memory.memsw.usage_in_bytes
126 cpuset.memory_pressure memory.stat
127 cpuset.memory_pressure_enabled memory.swappiness
128 cpuset.memory_spread_page memory.usage_in_bytes
129 cpuset.memory_spread_slab memory.use_hierarchy
130 cpuset.mems net_cls.classid
131 cpuset.sched_load_balance notify_on_release
132 cpuset.sched_relax_domain_level release_agent
136 This means 'cgroup' is now operational on your system.
138 #===========================================================
141 Download vzgot (wget) and install it (rpm -Uhv)
143 - you may need to adjust file /etc/vzgot/vzgot_config
146 IF you have LVM device on the HOST, edit file
147 /etc/vzgot/vzgot_config and comment out the
150 'vzvol' is the name used when you created your
151 logical volume, if you used another name, set
152 LVM value accordingly.
153 If you do not have LVM, keep LVM commented in.
154 LVM_SIZE is the size used to create container
155 (2Gig was found big enough).
158 in file /etc/vzgot/vzgot_config, you have a variable
159 CGROUP set it to proper value if you had set the
160 /cgroup directory somewhere else (ie: /dev/cgroup)
162 If you do NOT use LVM and cgroup is mounted on
163 /cgroup you have nothing to change in /etc/vzgot/vzgot_config
166 #===========================================================
167 5 - Step Five: choosing the distribution you want to install
169 Download (wget) one of the distribution you want
170 to try from the http://download.openvz.org/template/precreated/
171 or from the vzgot site.
173 As demo, the file /etc/vzgot/vzgot_list, give you the choice
174 of 3 distributions, centos-5, Fedora-12, Ubuntu9.04.
175 choose one of them and download the needed tar.gz file within
176 the director /var/lib/vzgot/vztemplate directory.
178 Configuration file /etc/vzgot/vzgot_list give you 3 containers
179 name related to each distribution (dflt-ctos-5,dflt-fc12,
180 dflt-ubu9.4), lets say you choosed dflt-ctos-5, you need
181 to have file centos-5-x86.tar.gz available in the vztemplate
184 Before to proceed, you MUST assign an IP to your container
185 name, change your DNS and define dflt-ctos-5.ydomain.name
186 with an IP. Once done make sure hostname dflt-ctos-5.ydomain.name
187 is resolved to an IP AND the IP routed to the host application
189 Be sure command 'dnsdomainname' is returning your
190 domainname on your (physical) Host.
192 Then proceed to create, firstboot and boot the container,
195 -> vzgot.mksrvz dflt-ctos-5
197 If successful command:
198 -> ps axww | grep vzgot
200 should display something like:
201 0:00 vzgot: container dflt-ctos-5 (el5.3/i386) up
203 This means your first container is up and running.
205 Lets prove this. From a station within your network
210 64 bytes from dflt-ctos-5.your.domain (Y.O.I.N): icmp_seq=22 ttl=63 time=0.xx ms
212 This prove your container is connected to your network
214 Next but not the least
216 -> ssh -Y -t -l root dflt-ctos-5.your.domain
217 the requested root password is the same as one you are using on your HOST.
219 Once the container, commad
221 will display something like
223 PID TTY STAT TIME COMMAND
225 276 ? Ss 0:00 syslogd -m 0
226 300 ? Ss 0:00 /usr/sbin/sshd
227 322 ? Ss 0:00 sendmail: accepting connections
228 331 ? Ss 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
229 341 ? Ss 0:00 /usr/sbin/httpd
230 343 ? S 0:00 /usr/sbin/httpd
232 358 ? Ss 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
233 359 ? S 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
234 367 ? Ss 0:00 sshd: root@pts/3
235 369 pts/3 Ss 0:00 -bash
236 388 pts/3 R+ 0:00 ps ax
240 Your Container is ALL SET.