Howto Install Xen and OpenVZ on a Hetzner server (EQ4) [Update]

June 9, 2009

I just got my new Hetzner server, an EQ4 with 8GB RAM, Core i7-920 Quad-Core, 2x750GB HD. As my old server is running OpenVZ and I’m quite happy with it I wanted to use also OpenVZ for this one. Additionally a XEN could use the Hardware virtualization this CPU provides, if I at some point need a Linux with a special kernel or a Windows for testing it would come handy. To be able to keep the hardware node running as long as possible without upgrade, I chose CentOS 5.3 as distribution.

This Howto describes how I did the setup and stops at the moment I could start installing/migrating VEs or domU instances. Surely a hardware node needs more setup like backup, firewall, … but this is out of scope for this howto.

  1. Base Install: Boot the 64Bit rescue system from the Hetzner Robot. Enter installimage and choose Centos 5.3 64Bit minimal. If you’re using a software raid you can keep the settings with the exception of the hostname. 😉
  2. Kernel: After the boot into the new system we need an OpenVZ and XEN kernel. To achieve this you need to enter following first:

    yum install wget
    cd /etc/yum.repos.d
    wget http://download.openvz.org/openvz.repo
    rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ

    Now you can check with yum list | grep ovzkernel which kernel to use. You get something like this:


    ovzkernel.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel.x86_64 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel PAE.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-PAE-devel.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-devel.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-devel.x86_64 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-ent.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-ent-devel.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-xen.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-xen.x86_64 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-xen-devel.i686 2.6.18-128.1.1.el5.028stab062.3
    ovzkernel-xen-devel.x86_64 2.6.18-128.1.1.el5.028stab062.3

    As I’ve a 64 Bit distribution and want the option for XEN I use following command:

    yum install ovzkernel-xen.x86_64

  3. Grub: Verify and tune the grub configuration. As we will update the Kernel every once a while we want a setup which switches back to a working kernel in case of a kernel panic during boot. Compare your grub configuration with this one. The lines with comments are added/changed by me to provide the wished functionality.
    default saved ### changed
    timeout 5


    title CentOS (2.6.18-128.1.1.el5.028stab062.3xen)
    root (hd0,1)
    kernel /xen.gz-2.6.18-128.1.1.el5.028stab062.3
    module /vmlinuz-2.6.18-128.1.1.el5.028stab062.3xen ro root=/dev/md2 vga=0x317 panic=5 ### last option added
    module /initrd-2.6.18-128.1.1.el5.028stab062.3xen.img
    savedefault 1 ### added


    title CentOS Linux (2.6.18-128.el5)
    root (hd0,1)
    kernel /boot/vmlinuz-2.6.18-128.el5 ro root=/dev/md2 vga=0x317
    initrd /boot/initrd-2.6.18-128.el5.img
    savedefault ### added

    This setup will boot the first kernel once, so we need to following to reset the counter after every successful boot.


    echo "savedefault --default=0 --once" | grub --batch

  4. Network: Configure /etc/sysctl.conf corrently for OpenVZ. It should look like this.

    # On Hardware Node we generally need
    # packet forwarding enabled and proxy arp disabled
    net.ipv4.ip_forward = 1
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv4.conf.default.proxy_arp = 0


    # Enables source route verification
    net.ipv4.conf.all.rp_filter = 1


    # Enables the magic-sysrq key
    kernel.sysrq = 1


    # We do not want all our interfaces to send redirects
    net.ipv4.conf.default.send_redirects = 1
    net.ipv4.conf.all.send_redirects = 0


    # normally a good idea
    net.ipv4.icmp_echo_ignore_broadcasts=1
  5. Some Checks: Take a look at /etc/sysconfig/selinux and make sure that SELINUX=disabled is set. (This should be default with the Hetzner minimal image). Now take a look at cat /proc/mdstat to make sure your raid is rebuilt or at least at the beginning so you don’t loose to much rebuilding work. A rebuild under way looks like this:
    Personalities : [raid1] [raid0] [raid6] [raid5] [raid4]
    md0 : active raid1 sdb1[1] sda1[0]
    4200896 blocks [2/2] [UU]


    md1 : active raid1 sdb2[1] sda2[0]
    2104448 blocks [2/2] [UU]
    resync=DELAYED


    md2 : active raid1 sdb3[1] sda3[0]
    726266432 blocks [2/2] [UU]
    [==>..................] resync = 10.4% (75563776/726266432) finish=132.6min speed=81773K/sec
  6. Reboot and hope!
  7. Kernel Check: Check with uname -a that you got the correct kernel booted. It should be something like this:

    Linux yourserver 2.6.18-128.1.1.el5.028stab062.3xen #1 SMP Sun May 10 19:25:45 MSD 2009 x86_64 x86_64 x86_64 GNU/Linux
  8. OpenVZ: Now we can install and configure the OpenVZ user space tools. With yum install vzctl.x86_64 vzquota.x86_64 you get the management tools install and chkconfig --add vz is needed so that you don’t need to type the next command after every boot by hand: /etc/init.d/vz start. Now you should be able to call vzlist which reports only Container(s) not found which is correct. The OpenVZ install is done now.
  9. XEN: At last we install the XEN user space stuff with following command: yum install xen and add xend to the runlevels with chkconfig --add xend. After we launched it by hand this time with /etc/init.d/xend start you can use xm list to get following:
    Name ID Mem(MiB) VCPUs State Time(s)
    Domain-0 0 7647 8 r----- 202.4

We’re done. Hope this Howto helps you.

Update:

  • You should add following line

    exclude=kernel

    to the file /etc/yum.conf, which keeps the standard kernel from being updated. I don’t recommend uninstalling the standard kernel package but updating is not necessary as we won’t use it normally.

5 Comments »

RSS feed for comments on this post. TrackBack URI

  1. hello

    excellent post, I am trying to setup an equal.

    see the comment:

    OpenVZ XenLinux kernel is able to work also in Dom0. It can be tested just by updating /etc/grub.conf on the hardware node. But in this case it will be impossible to start DomUs. It is a known bug and it is related not to OpenVZ, but to RHEL5 kernel. Hope it is fixed in next RHEL5 update.

    *openvz site*

    We can not run xen and openvz simultaneously?

    Best Regards, Doug

    Comment by Doug — June 11, 2009 #

  2. […] my last post I’ve written a howto on installing Xen and OpenVZ on a dedicated root server at a locally […]

    Pingback by Howto backup your “dedicated server” to a foreign FTP server | Robert Penz Blog — June 11, 2009 #

  3. hello,

    I also have a dedicated server, but I can not run on Xen and OpenVZ VMs simultaneously.
    You some idea of what may be happening? Uses a GUI to manage the server?

    Regards, Doug

    Comment by Doug — June 12, 2009 #

  4. Sorry for the late answer. I had only time to test the openvz stuff currently. As I’ve written I’ve only installed XEN as it was not much more work. The message on the OpenVZ page is quite old, did you try it yourself?

    Comment by robert — June 18, 2009 #

  5. Has any one seen if the performance of the kernel that has both xen and openvz is good. I mean since it is not a very well used kernel there may be performance issues to having both virtualizations.

    Comment by Ehab Heikal — September 30, 2013 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Powered by WordPress
Entries and comments feeds. Valid XHTML and CSS. 37 queries. 0.068 seconds.