Linux, Open Source and more: January 2012

Monday, January 30, 2012

Install & Configure OpenVZ (CentOS 6.2)

OpenVZ is a great tool which offers a great virtualization solution with near zero overhead, thus offering great performance.
In this short tutorial I will show how to install it on CentOS 6.2 machine, read on:

1) Get the OpenVZ repository and update "yum":

#wget -P /etc/yum.repos.d http://download.openvz.org/openvz.repo

#rpm --import  http://download.openvz.org/RPM-GPG-Key-OpenVZ

#yum update

2) Install relevant packages

#yum install openvz-kernel-rhel6 vzctl vzquota bridge-utils -y

3) Modify relevant kernel (networking) settings to allow proper communication with the VPS'es:

#vi /etc/sysctl.conf

#add these lines for sysctl openvz configuration

net.ipv4.ip_forward=1

net.ipv4.conf.all.rp_filter=1

net.ipv4.icmp_echo_ignore_broadcasts=1

net.ipv4.conf.default.forwarding=1

net.ipv4.conf.default.proxy_arp = 0

kernel.sysrq = 1

net.ipv4.conf.default.send_redirects = 1

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.eth0.proxy_arp=1

Update the new kernel settings:

#sysctl -p

4) Reboot the machine:

#shutdown -r now

A new Kernel should appear (2.6.32-042stab044.17 in my case) in the Grub menu.
Boot into the new Kernel.

5) Check that a new interface (venet0) exists:

# ifconfig venet0
venet0    Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet6 addr: fe80::1/128 Scope:Link
          UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
          RX packets:161 errors:0 dropped:0 overruns:0 frame:0
          TX packets:182 errors:0 dropped:12 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:19255 (18.8 KiB) TX bytes:15822 (15.4 KiB)

Also, check the the "vz" service is running:

#/etc/init.d/vz status
OpenVZ is running...

6) So far, so good - It's time to get some OS template. Let's get an Ubuntu 11.10 64bit template:

#wget http://download.openvz.org/template/precreated/ubuntu-11.04-x86_64.tar.gz -P /vz/template/cache

All templates come as archives and reside inside /vz/template/cache directory.

As a best practice it's a good idea to keep /vz on a separate partition (or a LUN), the partition needs to be big enough to sustain all the VPS'es that are about to be created, so do the calculation according to your needs.

7) Basic installation is done. You should be able to use the vz* commands and administer your VM's via the CLI.

For example to create a new VM out of the downloaded template use:

#vzctl create 1 --ostemplate ubuntu-11.04-x86_64 --ipadd 10.0.0.12 --hostname vz03

When 1 is the uid of the VPS.

After the creation, initialize the created VPS via:

#vzctl start 1

You can now enter into the VPS by simply SSH'ing into it or via the following command:

#vzctl enter 1

A very cool (and free) web management which I highly recommend is called OpenVZ Web Panel, can be easily installed via this command:

#wget -O – http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh

After the installation, check that the OpenVZ web panel is listening on port 3000:

#lsof -i :3000

An initialization script is provided as part of the installation and is located under: /etc/init.d/owp

Once installed the web panel can be accessed from your browser via:
http://your-ip:3000

The interface is minimalistic but very convenient and user friendly:

Note: Be sure to modify firewall settings on the hosting machine accordingly to allow access to port 3000.

Happy VZ'ing!

Saturday, January 14, 2012

How to Install & Configure Cfengine (v3) on CentOS 6

In this short tutorial I will demonstrate how to quickly install and configure Cfengine (version 3.x) on CentOS 6 x64 box and also show a basic example of this great automation tool, let's get started:

First, install the needed pre-requirements (EPEL/RPMforge provide these):

#yum install openssl openssl-devel db4 db4-devel flex pcre pcre-devel openldap gcc -y

Next, download the latest version source (3.2.3 at the moment of writing) and install it:

#wget http://cfengine.com/source-code/download?file=cfengine-3.2.3.tar.gz -O /root/cfengine-3.2.3.tar.gz

#tar xvzf cfengine-3.2.3.tar.gz; cd cfengine-3.2.3/

#./configure

#make

#make install

Now we will create the needed folders for CF under /var to work as should ,we will also copy all relevant binaries and configuration files:

#mkdir -p /var/cfengine/{masterfiles,bin,inputs}
#cp -rp /usr/local/share/cfengine/masterfiles/*.cf /var/cfengine/masterfiles/
#cp -rp /usr/local/share/cfengine/masterfiles/*.cf /var/cfengine/inputs/
#cp -rp /usr/local/sbin/cf-* /var/cfengine/bin/

Test the installation with:

#cf-promises -v

On the last line output you should get:
cf3> -> Inputs are valid

Now, in order to demonstrate Cfengine abilities we will create a new file under /tmp called "cftest" with premissions of 744 and owner root.

In order to do that we will create a special configuration input file under:
/var/cfengine/inputs, called cftest.cf

So, let's see what we got inside of the configuration file:

#cat /var/cfengine/inputs/cftest.cf

body common control

{

# Define a bundle sequence

bundlesequence => { "checkperms" };

# Include cfengine_stdlib.cf

inputs => { "cfengine_stdlib.cf" };

version => "1.0.0";

 }

bundle agent checkperms         

{

files:                    

"/tmp/cftest"

create => "true",                              

perms => m("744");

}

Let's verify it's syntax with cf-promise:
#cf-promise -f /var/cfengine/inputs/cftest.cf

We will see that there is no file called cftest under /tmp ,prior running cf-agent.

# ls -l /tmp/cftest
ls: cannot access /tmp/cftest: No such file or directory

Now for the run:

#cf-agent -f /var/cfengine/inputs/cftest.cf

Lets check what's under /tmp:
# ls -l /tmp/cftest
-rwxr--r-- 1 root root 0 Jan 14 01:14 /tmp/cftest

Great, the file was created with the right permissions, just as we wanted.
This is just the most basic example, via Cfengine you can do much much more, more practical examples to come so stay tuned!