在Linux 下配置OPENVZ 實例
推薦使用Fedora Core 4/5/3 或者RHEL/CentOS 4。
1. 下載安裝文件
根據您的內核版本在這裡:http://openvz.org/download/kernel/ 下載。
# rpm -ihv vzkernel-name*.rpm
2.修改grub.conf 文件
title OpenVZ (2.6.8-022stab029.1) root (hd0,0) kernel
/vmlinuz-2.6.8-022stab029.1 ro root=/dev/sda5 initrd /initrd-2.6.8-022stab029.1.img
3.修改、etc/sysyctl.conf文件:
/etc/sysctl.conf:
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq
key kernel.sysrq = 1
#net.ipv4.tcp_ecn = 0
# we do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
4. 如果你運行了iptables防火牆和SELinux,先關閉和禁止。
編輯/etc/sysconfig/selinux:
SELINUX=disabled。
另外還要關閉iptables防火牆。
5.安裝OpenVZ管理軟件
根據您的版本在這裡:http://openvz.org/download/utils/ 下載。
# rpm –Uhv vzctl*.rpm vzquota*.rpm vzpkg*.rpm
6.重新啟動VZ
# /etc/init.d/vz start
7.安裝模板
# rpm –ihv vztmpl-fedora-core-3-1.0-2.noarch.rpm
# vzpkgcache
Creating cache for fedora-core-3 OS template
Setting up install process
Packing cache file fedora-core-3.tar.gz ...
Cache file fedora-core-3.tar.gz [130M] created.
8.為虛擬服務器創建一個非零ID
# vzctl create 101
Creating VPS private area: /vz/private/101
VPS is mounted
Postcreate action done
VPS is unmounted
VPS private area was created
9.設置為零參數
# vzctl set 101 --hostname test101.my.org --save
Hostname for VPS set: test101.my.org
Saved parameters for VPS 101
# vzctl set 101 --ipadd 10.0.186.1 --save
Adding IP address(es): 10.0.186.1
Saved parameters for VPS 101
# vzctl set 101 --nameserver 192.168.1.165 --save
File resolv.conf was modified
Saved parameters for VPS 101
10.設置root用戶口令
# vzctl set 101 --userpasswd root:test
11.啟動SSH守護進程
# vzctl exec 101 service sshd start
12.啟動VPS
# vzctl start 101
Starting VPS ...
VPS is mounted
Adding IP address(es): 10.0.186.101 Hostname for VPS 101 set: test.my.org
VPS start in progress...
13.加載防火牆
前面關閉的防火牆,出於安全考慮這裡還要加載
# vzctl set 101 --iptables iptable_filter
--iptables ipt_length --iptables ipt_limit
--iptables iptable_mangle --iptables ipt_REJECT --save