vi /etc/sysctl.conf net.ipv4.ip_forward = 1 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.all.rp_filter = 1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.conf.default.forwarding=1
echo "SELINUX=disabled" > /etc/sysconfig/selinux
wget -P /etc/yum.repos.d/ https://download.openvz.org/openvz.repo
导入 OpenVZ GPG key 用于签名 RPM 包
rpm --import https://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install vzctl-core vzquota vzctl vzstats vzkernel -y
# vim /etc/vz/vz.conf ## Global parameters VIRTUOZZO=yes LOCKDIR=/data/vz/lock DUMPDIR=/data/vz/dump VE0CPUUNITS=1000 VE_STOP_MODE=suspend ## Logging parameters LOGGING=yes LOGFILE=/var/log/vzctl.log LOG_LEVEL=0 VERBOSE=0 ## Disk quota parameters DISK_QUOTA=no VZFASTBOOT=no # Disable module loading. If set, vz initscript does not load any modules. #MODULES_DISABLED=yes # The name of the device whose IP address will be used as source IP for CT. # By default automatically assigned. #VE_ROUTE_SRC_DEV="eth0" # Uncomment to limit CT IP ARP announces only to network interfaces # having IPs within the same IP network as a container IP. # If you want to explicitly specify interfaces, use "list:eth0 eth1" form. # Leave commented out or set to "all" to use all interfaces. #NEIGHBOUR_DEVS="detect" ## Uncomment to skip ARP queries checking for CT IP being used ## by some other machine on the network #SKIP_ARPDETECT=yes ## Comment out to fail CT start if ARP query detects CT IP being used ERROR_ON_ARPFAIL="no" ## Template parameters TEMPLATE=/data/vz/template ## Defaults for containers VE_ROOT=/data/vz/root/$VEID VE_PRIVATE=/data/vz/private/$VEID CONFIGFILE="vswap-256m" DEF_OSTEMPLATE="centos-6-x86" NAMESERVER=inherit # Copy from host system's /etc/resolv.conf ## Filesystem layout for new CTs: either simfs or ploop VE_LAYOUT=simfs # User namespace configuration LOCAL_UID=100000 LOCAL_GID=100000 ## Load vzwdog module VZWDOG="no" ## WARNING: IPTABLES parameter is deprecated, ## use per-container (not global!) NETFILTER instead ## iptables kernel modules to be loaded by init.d/vz script IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ip6_tables ip6table_filter ip6table_mangle ip6t_RE JECT" ## Enable IPv6 IPV6="yes" SKIP_SYSCTL_SETUP=yes
创建目录 说明:/data 目录为数据盘
mkdir -p /data/vz/{dump,lock,private,root,template/cache}
重启服务器,系统会自动加载 OpenVZ 内核,启动完成后,检查是否正确安装内核:
uname -a Linux hostname 2.6.32-042stab111.12 #1 SMP Thu Sep 17 11:38:20 MSK 2015 x86_64 x86_64 x86_64 GNU/Linux
/etc/init.d/vz start
wget -P /vz/template/cache/ https://download.openvz.org/template/precreated/centos-6-x86_64.tar.gz
#!/bin/bash read -p "input number:" numbers #numbers 每一个虚拟主机唯一 read -p "Hostname?:" hostname #主机名 read -p "Enter the IP :" ips #ip地址 vzctl create $numbers --ostemplate centos-6-x86_64 --config vswap-1g #“centos-6-x86_64”为模板名 #下载的模板为centos-6-x86_64.tar.gz 去掉后缀 vzctl set $numbers --ipadd $ips --save vzctl set $numbers --hostname $hostname --save vzctl start $numbers
/data/bin/ipvz.sh input number:105 Hostname?:test Enter the IP : Creating container private area (centos-6-x86_64) Performing postcreate actions CT configuration saved to /etc/vz/conf/105.conf Container private area was created CT configuration saved to /etc/vz/conf/105.conf CT configuration saved to /etc/vz/conf/105.conf Starting container... Container is mounted Adding IP address(es): Setting CPU units: 1000 Container start in progress...
vzlist -a CTID NPROC STATUS IP_ADDR HOSTNAME 105 19 running test
vim /etc/vz/conf/105.conf # Copyright (C) 2000-2011, Parallels, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # This config is only valid for decent VSwap-enabled kernel # (version 042stab042 or later). # RAM PHYSPAGES="0:1G" #内存 # Swap SWAPPAGES="0:2G" #Swap分区 # Disk quota parameters (in form of softlimit:hardlimit) DISKSPACE="2G:2.2G" DISKINODES="131072:144179" QUOTATIME="0" # CPU fair scheduler parameter CPUUNITS="1000" NETFILTER="stateless" VE_ROOT="/data/vz/root/$VEID" VE_PRIVATE="/data/vz/private/$VEID" VE_LAYOUT="simfs" OSTEMPLATE="centos-6-x86_64" ORIGIN_SAMPLE="vswap-1g" IP_ADDRESS="" #ip地址 HOSTNAME="test" #主机名
删除虚拟机 vzctl destroy 101 启动虚拟机 vzctl start 101 停止虚拟机 vzctl stop 101 设定hostname vzctl set 101 --hostname openvz-101 --save 设定ip vzctl set 101 --ipadd --save 设定nameserver vzctl set 101 --nameserver --nameserver --nameserver --save vzctl set 101 --nameserver --save 创建虚拟机 vzctl create 101 --ostemplate [模板名] --config basic 直接进入虚拟环境 vzctl enter 101 设置root密码 vzctl set 101 --userpasswd root:test 重启启动 vzctl restart 101 直接进入虚拟环境 vzctl enter 101
vzctl stop 105 cd /data/vz/private/105/ tar zcvpf /data/vz/template/cache/my-template.tar.gz . [my-template] 为模板名