QUICK-START this text describe the quick way to install Linux container using vzgot. Hopefully this step by step should help you to setup a working example you can use to as starting point to install you own other container. This procedure was performed and checked on a vanilla Fedora 12 (without update), using kernel 2.6.31.5-127.fc12.x86_64. Those step are done on the HOST system of your containers. All given command are 'command line' such you have better feed back in case of trouble This procedure describe 5 easy steps to have your first container up and running. #=========================================================== 1 - Step one: Bridging, Forwarding, ARPing. Define a BRIDGE interface. Bridge interface is need to have container connected to network. Install needed bridge package using yum command: -> yum install bridge-utils Within directory /etc/sysconfig/network-scripts create a file named ifcfg-br0, contents of the file will be: #----------------------------------------------------------- DEVICE=br0 TYPE=Bridge BOOTPROTO=static IPADDR=your.own.ip.number NETMASK=255.255.255.255 ONBOOT=yes USERCTL=no DELAY=0 STP=off #----------------------------------------------------------- once the file saved, type: Type command: -> service network restart Everything should be fine, doing command -> ifconfig br0 You should have result as: br0 Link encap:Ethernet HWaddr M:A:C:A:D:R inet addr:Y.O.I.N Bcast:Y.O.I.N Mask:255.255.255.255 inet6 addr: xxxx::xxxx:xxxx:xxxx:xxxx/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:21 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:3822 (3.7 KiB) Edit file /etc/sysctl.conf and change line net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1 ADD next 4 lines #-- #to allow Bridge to answer ARP request net.ipv4.conf.br0.proxy_arp = 1 #-- to the sysctl.conf file end then command -> sysctl -p This allow the host to route packet from/to container. Using ping or other tools make sur your are able to reach Y.O.I.N from your internal network. #=========================================================== 2 - Step Two: LVM (OPTIONAL) We advise you to use LVM (Logical Volume Management). This will allow to define specific disk space to your containers and increase size on the fly if needed. For detail, see Linux documentation about LVM. Critical command are: (Example) pvcreate PhysicalVolume [[PhysicalVolume...] vgcreate [Volname] PhysicalVolume [[PhysicalVolume...] lvcreate -l 100%PVS -nvzvol volname PhysicalVolume [[PhysicalVolume...] NOTE: in our example the logical volume name is 'vzvol' #=========================================================== 3 - Step Three Cgroup 'cgroup' are kernel functionalities to reduce priviledges when working from inside containers. (cpu usage, mknod allowing, etc..) You should have 'cgroup' available with host kernel. add line: cgroup /cgroup cgroup defaults 0 0 in your HOST /etc/fstab file. do: -> mount -a -> ls /cgroup; command should return something like cpuacct.stat devices.deny cpuacct.usage devices.list cpuacct.usage_percpu memory.failcnt cpu.rt_period_us memory.force_empty cpu.rt_runtime_us memory.limit_in_bytes cpuset.cpu_exclusive memory.max_usage_in_bytes cpuset.cpus memory.memsw.failcnt cpuset.mem_exclusive memory.memsw.limit_in_bytes cpuset.mem_hardwall memory.memsw.max_usage_in_bytes cpuset.memory_migrate memory.memsw.usage_in_bytes cpuset.memory_pressure memory.stat cpuset.memory_pressure_enabled memory.swappiness cpuset.memory_spread_page memory.usage_in_bytes cpuset.memory_spread_slab memory.use_hierarchy cpuset.mems net_cls.classid cpuset.sched_load_balance notify_on_release cpuset.sched_relax_domain_level release_agent cpu.shares tasks devices.allow This means 'cgroup' is now operational on your system. #=========================================================== 4 - Step Four: vzgot Download vzgot (wget) and install it (rpm -Uhv) - you may need to adjust file /etc/vzgot/vzgot_config LVM: IF you have LVM device on the HOST, edit file /etc/vzgot/vzgot_config and comment out the variable: LVM=vzvol 'vzvol' is the name used when you created your logical volume, if you used another name, set LVM value accordingly. If you do not have LVM, keep LVM commented in. LVM_SIZE is the size used to create container (2Gig was found big enough). CGROUP: in file /etc/vzgot/vzgot_config, you have a variable CGROUP set it to proper value if you had set the /cgroup directory somewhere else (ie: /dev/cgroup) If you do NOT use LVM and cgroup is mounted on /cgroup you have nothing to change in /etc/vzgot/vzgot_config #=========================================================== 5 - Step Five: choosing the distribution you want to install Download (wget) one of the distribution you want to try from the http://download.openvz.org/template/precreated/ or from the vzgot site. As demo, the file /etc/vzgot/vzgot_list, give you the choice of 3 distributions, centos-5, Fedora-12, Ubuntu9.04. choose one of them and download the needed tar.gz file within the director /var/lib/vzgot/vztemplate directory. Configuration file /etc/vzgot/vzgot_list give you 3 containers name related to each distribution (dflt-ctos-5,dflt-fc12, dflt-ubu9.4), lets say you choosed dflt-ctos-5, you need to have file centos-5-x86.tar.gz available in the vztemplate directory. Before to proceed, you MUST assign an IP to your container name, change your DNS and define dflt-ctos-5.ydomain.name with an IP. Once done make sure hostname dflt-ctos-5.ydomain.name is resolved to an IP AND the IP routed to the host application Be sure command 'dnsdomainname' is returning your domainname on your (physical) Host. Then proceed to create, firstboot and boot the container, type the command -> vzgot.mksrvz dflt-ctos-5 If successful command: -> ps axww | grep vzgot should display something like: 0:00 vzgot: container dflt-ctos-5 (el5.3/i386) up This means your first container is up and running. Lets prove this. From a station within your network try: -> ping dflt-ctos-5 Answer should be 64 bytes from dflt-ctos-5.your.domain (Y.O.I.N): icmp_seq=22 ttl=63 time=0.xx ms This prove your container is connected to your network Next but not the least -> ssh -Y -t -l root dflt-ctos-5.your.domain the requested root password is the same as one you are using on your HOST. Once the container, commad -> ps ax will display something like PID TTY STAT TIME COMMAND 1 ? Ss 0:00 init [3] 276 ? Ss 0:00 syslogd -m 0 300 ? Ss 0:00 /usr/sbin/sshd 322 ? Ss 0:00 sendmail: accepting connections 331 ? Ss 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue 341 ? Ss 0:00 /usr/sbin/httpd 343 ? S 0:00 /usr/sbin/httpd 350 ? Ss 0:00 crond 358 ? Ss 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 359 ? S 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 367 ? Ss 0:00 sshd: root@pts/3 369 pts/3 Ss 0:00 -bash 388 pts/3 R+ 0:00 ps ax Your Container is ALL SET. (ET VOILA!)