As soon as your Debian OS server is ready, login using the received credentials. We first will do an update/upgrade:
apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade
which will upgrade our server to latest version.
We install some additional packages to:
apt-get -y install nano wget ntp ntpdate
Installing OpenVZ
We now want to install OpenVZ, the base for our virtual multiserver environment.
An OpenVZ kernel and the vzctl, vzquota, and vzdump packages are available in the Debian Squeeze repositories, so we can install them as follows:
apt-get install linux-image-openvz-amd64 vzctl vzquota vzdump
Create a symlink from /var/lib/vz to /vz to provide backward compatibility:
ln -s /var/lib/vz /vz
Open /etc/sysctl.conf and make sure that you have the following settings in it:
nano /etc/sysctl.conf
[…]
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward=1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.eth0.proxy_arp=1
[…]
If you needed to modify /etc/sysctl.conf, run
sysctl -p
The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!
Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:
nano /etc/vz/vz.conf
[…]
# Controls which interfaces to send ARP requests and modify APR tables on.
NEIGHBOUR_DEVS=all
[…]
Finally, reboot the system:
reboot
If your system reboots without problems, then everything is fine!
Run
uname -r
and your new OpenVZ kernel should show up:
root@root:~# uname -r
2.6.32-5-openvz-amd64
Since Hetzner mounts /home on a separate hard disk, we can use it as the OpenVZ backup location. To do so, run:
rm -rf /var/lib/vz/dump
ln -s /home/backup/vz /var/lib/vz/dump
As we will use fail2ban within our virtual containers, we have to enable some IPTables support for them. We do that by editing the /etc/vz/vz.conf file:
nano /etc/vz/vz.conf
Search the line starting with IPTABLES and comment it (#). Paste the following afterwards:
[…]
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state"
Next, active the state module in the kernel:
modprobe xt_state
Installing OVZ Web Panel
The OpenVZ Web Panel is a GUI web-based frontend for controlling of the hardware and virtual servers with the OpenVZ virtualization technology.
The most simple way to install OpenVZ Web Panel is to run the following command:
wget -O – http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh
After installation Panel should be available by the following URL:
http://<192.168.1.1>:3000
Default administrator's credentials are: admin/admin. Don't forget to change default password.
Creating The Virtual Servers
We now will use the OVZ Web Panel to create our virtual servers. Log into the panel and add your IPs under IP Addresses. Then, click on localhost and OS Templates.
We now have to download a template for our virtual servers. We do so by clicking Install New OS Template -> Contributed and select debian-6.0-amd64-minimal.
Now go back to localhost and click Create virtual server. Fill in the fields as below:
Server ID (VEID): a number (I would choose the last part of you IP, so 2 for the first)
OS Template: already selected the right
Server Template: unlimited
IP Address: 192.168.1.2
Host Name: web.example.tld
DNS Server: 8.8.4.4 8.8.8.8 (which are Google's DNS)
leave the rest as it is and assign Disk Space, RAM and CPU like you want…
Src:
http://www.howtoforge.com/virtual-multiserver-environment-with-dedicated-web-mysql-email-dns-servers-on-debian-squeeze-with-ispconfig-3-p2
https://code.google.com/p/ovz-web-panel/
