I actually did the reverse, I installed a CENTOS VPS (Virtual Private Server) using OpenVZ on a Debian 5 server to replace my OpenWebMail server that got damaged during a Debian upgrade.
The templates provided by OpenVZ are very definitely MINIMAL! And do require a lot of installs to bring them up to adequate server capable machines.
However, the OpenVZ was the simplist Virtualization I had used to date.
I was able to complete the Full installation from more than 1100 miles away from the physical hardware, using SSH only.
I also installed the full version of Webmin on the VPS so managing the VPS was easier once installed.
I had to rethink my iptables, but was able to perform a functional port redirection from/to the internet using only 6 lines so as to activate webmail:80 webmin:2210 ssh:2200
This was a great solution for me and I am impressed.
I also installed on the HOST system, the WebVZ, a neat web interface to monitor, create, backup, and other admin tools of VPS's installed on the HOST.
I found all sorts of Virtualization Solustions for a graphical interface, but this OpenVZ was a perfect choice for non gui installs.
I highly recommend this product and I intend to use it again in my future server virtualizations.
Also, a great added note --- the "Container" can be backed up and restored to another HOST fairly easily.
Discussion on:
View:
Show:
It seems similar? Also why do I have to disable SElinux to get it to work? It's there to protect me, correct? I'm kinda of an intermediate(barely) with Linux but there's Xenserver that'll do the same thing? Why recommend OpenVZ over that?
I looked at XEN and it appeared to be almost impossible for me to perform the installation without physical access to the machine. I may have been wrong, but it looked like it would not work properly without that physical access.
I have used many Virtual products previously and this was my first encounter with OpenVZ.
I currently use:
Virtualbox on Windows and Linux, VmWare Workstation on Windows and Linux, VMWare Server (free) on Linux, Fusion on Mac OSx, QEMU on Mac OSx, and now OpenVZ.
I have found the OpenVZ to be the easiest to install and configure and I found XEN to be the most complex and confusing and therefor I have avoided it.
I have a few hundred servers running on the Internet, both virtual and physical and they run Debian, SUSE, Red Hat, Centos, Ubuntu, Slackware and others as I see which OS works the best for ME to run my server applications which range from DNS-Bind, Sendmail, Openwebmail, Apache1x and Apache2x, etc.
I also run virtual desktops on LinuxOS and use NXClient and NXServers on them.
I love the wonderful technology available today! And I loved OS-2 Warp running Wordperfect5.1 for DOS back in the days!!! On a 8MB 486 machine!
Bob
I have used many Virtual products previously and this was my first encounter with OpenVZ.
I currently use:
Virtualbox on Windows and Linux, VmWare Workstation on Windows and Linux, VMWare Server (free) on Linux, Fusion on Mac OSx, QEMU on Mac OSx, and now OpenVZ.
I have found the OpenVZ to be the easiest to install and configure and I found XEN to be the most complex and confusing and therefor I have avoided it.
I have a few hundred servers running on the Internet, both virtual and physical and they run Debian, SUSE, Red Hat, Centos, Ubuntu, Slackware and others as I see which OS works the best for ME to run my server applications which range from DNS-Bind, Sendmail, Openwebmail, Apache1x and Apache2x, etc.
I also run virtual desktops on LinuxOS and use NXClient and NXServers on them.
I love the wonderful technology available today! And I loved OS-2 Warp running Wordperfect5.1 for DOS back in the days!!! On a 8MB 486 machine!
Bob
I would like to clarify that running an APPLICATION in a jailed environment is not what OpenVZ or other Virtual Server Applications do.
OpenVZ installs FULL Servers that can run many applications, jailed or otherwise, on a completely separate server(s) on a single HOST (the machine that "hosts" the virtual servers).
Selinux is another issue and there are instructions for handling it.
Each virtual server installed by OpenVZ is a "PRIVATE" server and does require special iptable instructions running on the "HOST" so that the VPS (Virtual Private Server) can be accessed from the Internet, otherwise access must be first granted to the host and then the VPS accessed through a "vzctl enter xxx" command executed on the Host.
OpenVZ installs FULL Servers that can run many applications, jailed or otherwise, on a completely separate server(s) on a single HOST (the machine that "hosts" the virtual servers).
Selinux is another issue and there are instructions for handling it.
Each virtual server installed by OpenVZ is a "PRIVATE" server and does require special iptable instructions running on the "HOST" so that the VPS (Virtual Private Server) can be accessed from the Internet, otherwise access must be first granted to the host and then the VPS accessed through a "vzctl enter xxx" command executed on the Host.
OpenVZ is much lighter on the resources than Xen (or any other virtualization software), largely because it does not need to virtualize hardware.
As for disabling SELinux... to be honest I've forgotten why I made that recommendation. I'm sure there was an error or something preventing me from doing.. something. I think I will have to revisit this for a future tip on how to use SELinux with OpenVZ. In the meantime, you can probably get away with setting SELinux to non-enforcing rather than disabled.
As for disabling SELinux... to be honest I've forgotten why I made that recommendation. I'm sure there was an error or something preventing me from doing.. something. I think I will have to revisit this for a future tip on how to use SELinux with OpenVZ. In the meantime, you can probably get away with setting SELinux to non-enforcing rather than disabled.
Ahhh... I see the problem now and why you need to disable it.
The OpenVZ kernels do not have SELinux support enabled. So regardless of selinux settings, even if you had it set to enforcing, it would do nothing because it looks like the OpenVZ-supplied kernels do not even build SELinux support.
What would be nice is if OpenVZ was included in the mainline kernel so that you *could* have both enabled (there may be technical reasons why you can't though... I'd have to get a test system and recompile the OpenVZ kernel myself to know for sure).
Maybe this has changed with later OpenVZ kernels, but with CentOS5/RHEL5 at least, it doesn't look like it's possible. Someone please correct me if I'm wrong.
(Also, the OpenVZ site itself indicates disabling SELinux is required, but they neglect to mention that they don't even compile in the support to their kernels).
The OpenVZ kernels do not have SELinux support enabled. So regardless of selinux settings, even if you had it set to enforcing, it would do nothing because it looks like the OpenVZ-supplied kernels do not even build SELinux support.
What would be nice is if OpenVZ was included in the mainline kernel so that you *could* have both enabled (there may be technical reasons why you can't though... I'd have to get a test system and recompile the OpenVZ kernel myself to know for sure).
Maybe this has changed with later OpenVZ kernels, but with CentOS5/RHEL5 at least, it doesn't look like it's possible. Someone please correct me if I'm wrong.
(Also, the OpenVZ site itself indicates disabling SELinux is required, but they neglect to mention that they don't even compile in the support to their kernels).
Good article. After reading it, I am planning to try it first amongst other VM platforms [KVM, Xen, and parallels (eval. version)] on our new server (with 8GB RAM and 4*160GB (RAID10) HDDs)
While I'm glad to see this technology FINALLY added to Linux, as it is very useful, Zones and containers have been in Solaris 10, I believe since it was first released.
I'm not pickin on the Linux guys here, it really is awesome and it's great to see it in Linux...Now for the ZFS and D-trace
I'm not pickin on the Linux guys here, it really is awesome and it's great to see it in Linux...Now for the ZFS and D-trace
My test machine don't have internet and I'm new linux user.I get error on step "yum install ovzkernel.x86_64.
It throw error "Could not retieve mirrorlist http://mirrorlist.centso.org/?release=5&arch=i386&repo=os error was [Errno 4] IOError: Error: Cannot find a valid baseurl for repo: base
It throw error "Could not retieve mirrorlist http://mirrorlist.centso.org/?release=5&arch=i386&repo=os error was [Errno 4] IOError: Error: Cannot find a valid baseurl for repo: base
Now, It works by I use "rpm" instead of "yum".
Follows :
rpm -ihv ovzkernel-2.6.18-128.2.1.e15.028stab064.7.i686.rpm
rpm -ihv vzyum-2.4.0-11.noarch.rpm
rpm -ihv vzctl*.rpm vzquota*.rpm vzpkg*.rpm
My test machine use CPU 32 bits.
Thanks
Follows :
rpm -ihv ovzkernel-2.6.18-128.2.1.e15.028stab064.7.i686.rpm
rpm -ihv vzyum-2.4.0-11.noarch.rpm
rpm -ihv vzctl*.rpm vzquota*.rpm vzpkg*.rpm
My test machine use CPU 32 bits.
Thanks
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
