在 CentOS 7 操作系统进行 OpenVZ 7 安装
今天带来关于OpenVZ 7 的安装博文,现使用虚拟硬件式技术的企业或个人都倾向于Vmware 或者微软的Hyper-V 使用容器式虚拟化技术的企业或个人都倾向于使用 Docker 、LXC 技术。OpenVZ 7 使用的虚拟化技术包含了 容器式与硬件式虚拟机技术,具体就是 OpenVZ 自家的容器式技术与KVM硬件式虚拟化技术,当然 Docker 也可允许在容器式虚拟机内。
1. 安装前准备
准备好有 Intel VT 技术 的服务器准备好最新 CentOS7 迷你版本iso 光盘,或使用 rufus 刻进usb内。磁盘划分,/ 根分区 ext4 /boot 分区 ext4 /vz 分区 ext4 最后就是 swap
2. 一键安装脚本,包含了Fail2ban 对 SSH 22 端口的密码暴力破解保护。
#!/bin/bash
# Defined Var
YUM=/usr/bin/yum
SED=/bin/sed
RPM=/bin/rpm
SYS=/usr/bin/systemctl
# Add epel
cat > /etc/yum.repos.d/epel.repo <<eof< p="">
[epel]
name=Extra Packages for Enterprise Linux 7 - \$basearch
#baseurl=download.fedoraproject/pub/epel/7/\$basearch
metalink=mirrors.fedoraproject/metalink?repo=epel-7&arch=\$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Debug
#baseurl=download.fedoraproject/pub/epel/7/\$basearch/debug
metalink=mirrors.fedoraproject/metalink?repo=epel-debug-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Source
#baseurl=download.fedoraproject/pub/epel/7/SRPMS
metalink=mirrors.fedoraproject/metalink?repo=epel-source-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
EOF
# Add epel-testing
cat > /etc/yum.repos.d/epel-testing.repo <<eof< p="">
[epel-testing]
name=Extra Packages for Enterprise Linux 7 - Testing - \$basearch
#baseurl=download.fedoraproject/pub/epel/testing/7/\$basearch
metalink=mirrors.fedoraproject/metalink?repo=testing-epel7&arch=\$basearch
failovermethod=priority
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-testing-debuginfo]
name=Extra Packages for Enterprise Linux 7 - Testing - \$basearch - Debug
#baseurl=download.fedoraproject/pub/epel/testing/7/\$basearch/debug
metalink=mirrors.fedoraproject/metalink?repo=testing-debug-epel7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-testing-source]
name=Extra Packages for Enterprise Linux 7 - Testing - \$basearch - Source
#baseurl=download.fedoraproject/pub/epel/testing/7/SRPMS
metalink=mirrors.fedoraproject/metalink?repo=testing-source-epel7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
EOF
# Import OpenVZ
$RPM --import download.openvz/RPM-GPG-Key-OpenVZ
$RPM --import archive.fedoraproject/pub/epel/RPM-GPG-KEY-EPEL-7
$YUM install download.openvz/virtuozzo/releases/7.0/x86_64/os/Packages/o/openvz-release-7.0.8-4.vz7.x86_64.rpm -y
# Yum Make Cache
$YUM makecache
# Yum Install Base
$YUM install yum-plugin-priorities telnet bind-utils vim-en* lrzsz wget iptables-services net-tools psmisc -y
# Yum Update
$YUM update -y
# startup network or postalias will complain error
$SED -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
$SED -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
# Clean UP Iptables
echo '' > /etc/sysconfig/iptables
# Install OpenVZ
$YUM install prlctl prl-disp-service vzkernel ploop prl-disk-tool -y
# Install fail2ban
$YUM install fail2ban fail2ban-systemd -y
# Add fail2ban sshd.local
cat > /etc/fail2ban/jail.d/sshd.local << EOF
[sshd]
enabled=true
filter=sshd
action=iptables[name=sshd-ban, port=ssh, protocol=tcp]
findtime=60
bantime=600
maxretry=3
EOF
$SYS enable fail2ban
echo "Now Reboot System"
echo -n "."
sleep 1;
echo -n "."
sleep 1;
echo -n "."
sleep 1;
echo -n "."
sleep 1;
echo -n "."
sleep 1;
echo -n "."
sleep 1;
echo -n "."
sync;sync;sync;sync;
reboot
3. 简单而基本命令
查看虚拟机 prlctl list -a
UUID唯一标识 状态 IP地址 类型 名称
UUID STATUS IP_ADDR T NAME
{4cc24118-b7a1-408a-9af8-caaf492e26c7} running 192.168.1.164 CT 164
{bada9314-1050-4fe5-8865-4edf93c97c0f} running - VM CentOS7
{c71d02d9-d0e4-42d0-bc1e-bcb3e8e97dc7} stopped - VM MyVM
查看已安装的容器式模版 vzpkg list -O查看线上可用的统招模版 vzpkg list --available
centos-6-x86_64 openvz-os
centos-7-x86_64 openvz-os
debian-7.0-x86_64 openvz-os
debian-8.0-x86_64 openvz-os
debian-9.0-x86_64 openvz-os
fedora-23-x86_64 openvz-os
sles-11-x86_64 openvz-os
sles-12-x86_64 openvz-os
suse-42.1-x86_64 openvz-os
suse-42.2-x86_64 openvz-os
suse-42.3-x86_64 openvz-os
ubuntu-14.04-x86_64 openvz-os
ubuntu-16.04-x86_64 openvz-os
ubuntu-17.10-x86_64 openvz-os
ubuntu-18.04-x86_64 openvz-os
预安装线上模版
vzpkg install template centos-6-x86_64
建立线上预安装的模版
vzpkg create cache centos-6-x86_64
建立容器式虚拟机
prlctl create MyCT --vmtype ct
设定容器式虚拟机使用的系统模版
prlctl set MyCT --ostemplate centos-6-x86_64
设定资源
prlctl set MyCT --cpus 8 --memsize 8G --swap 4G
设定网络
prlctl set MyCT --ipadd 192.168.1.x
建立硬件式虚拟机
prlctl create MyVM --vmtype vm -d centos7
硬件式虚拟机支持的操作系统
Windows Server 2022 、2012、2012 R2 2008 R2
CentOS 5、6、7 x86_64
Debian 8、9 x86_64
Ubuntu 14-18 x86_64
挂载光盘ISO文件
prlctl set MyVM --device-set cdrom0 --image /vz/iso/CentOS-7-x86_64-Minimal-1804.iso
设定资源
prlctl set MyVM --cpus 8 --memsize 8G
修改默认磁盘容量(默认值为 64G)
prl_disk_tool resize --hdd /vz/vmprivate/c71d02d9-d0e4-42d0-bc1e-bcb3e8e97dc7/harddisk.hdd --size 30G
设定VNC服务
prlctl set MyVM --vnc-mode manual --vnc-port 5902 --vnc-passwd linseek --vnc-address 0.0.0.0 / 127.0.0.1
查看虚拟机信息
prlctl list --info MyVM
ID: {c71d02d9-d0e4-42d0-bc1e-bcb3e8e97dc7}
EnvID: 1193083609
Name: MyVM
Description:
Type: VM
State: stopped
OS: centos7
Template: no
Uptime: 00:00:00 (since 2022-09-10 11:28:59)
Home: /vz/vmprivate/c71d02d9-d0e4-42d0-bc1e-bcb3e8e97dc7/
Owner: root@.
GuestTools: state=not_installed
GuestTools autoupdate: on
Autostart: off
Autostop: shutdown
Autocompact: off
Boot order: hdd0 cdrom0 net0
EFI boot: off
Allow select boot device: off
External boot device:
On guest crash: restart
Remote display: mode=manual port=5902 address=127.0.0.1
Remote display state: stopped
Hardware:
cpu sockets=1 cpus=8 cores=8 VT-x accl=high mode=64 ioprio=4 iolimit='0'
memory 8192Mb
video 32Mb 3d acceleration=off vertical sync=yes
memory_guarantee auto
hdd0 (+) scsi:0 image='/vz/vmprivate/c71d02d9-d0e4-42d0-bc1e-bcb3e8e97dc7/harddisk.hdd' type='expanded' 30720Mb subtype=virtio-scsi
cdrom0 (+) scsi:1 image='/vz/iso/CentOS-7-x86_64-Minimal-1804.iso' subtype=virtio-scsi
usb (+)
net0 (+) dev='vme001c42cda633' network='Bridged' mac=001C42CDA633 card=virtio
SmartMount: (-)
Disabled Windows logo: on
Nested virtualization: off
Offline management: (-)
控制命令
prlctl stop MyCT / MyVM
prlctl start MyCT / MyVM
prlctl restart MyCT / MyVM
prlctl suspend MyCT / MyVM
prlctl resume MyCT / MyVM
prlctl mount MyCT / MyVM
prlclt umount MyCT / MyVM
推荐阅读
-
在centos7下安装和部署java8和mysql
-
在 CentOS 7 中安装 MySQL 8 的教程详解
-
VirtualBox 在Centos 7 中安装增强功能图解 (共享文件夹)
-
CentOS 7 在最小化安装之后进行安装Apache服务,httpd-2.4.34
-
Linux 安装CentOS7操作系统
-
PHP pthreads v3在centos7平台下的安装与配置操作方法
-
在CentOS 7下使用yum配置MySQL源并安装MySQL
-
Linux学习之CentOS(一)----在VMware虚拟机中安装CentOS 7(图文教程)
-
在centos7安装zabbix3.0的超详细步骤记录
-
MySQL5.6.40在CentOS7 64下安装过程详解