CentOS – One Liner Installation: OpenVZ kernel and Web Panel

  • Okzz
  • Wednesday, Jan 1, 2014

One line install (for the impatient):

curl -s -L http://goo.gl/sqKjXF|sudo bash
… grab a coffee, it will take about 10 minutes and will automatically reboot the server in the process. Now go through the description below to understand what you just ran.  Yeah it’a ass-backwords but, it’s pretty cool.

View on Github:

https://github.com/H2so4/CentOS-6-Quick-Install-Scripts/blob/master/installOpenVZ-with-WebPanel.sh

Overview

The following script installs OpenVZ kernel and OpenVZ Web Pannel on a fresh CentOS server.  This script is a modified version of the OpenVZ script originally written by github user qrpike, which is a great straight forward script that downloads and sets up OpenVZ.

I took that script and modified it to be a more complete solution for building an OpenVZ host server.

Steps performed by the script:

Phase 1 (OpenVZ Kernel Install):

  • Install OpenVZ kernel
  • Set up SELinux
  • Configure sysctl settings
  • Configure IPtables
  • Back up/replace /etc/rc.local with a new file containing the OpenVZ Web Panel installation script
  • Reboot server

Phase 2 (OpenVZ Web Panel Install):

  • Upon reboot, the /etc/rc.local file will be executed by the OS which will in turn kick off the OpenVZ Web Panel installation
  • Usually takes up to 30 – 60 minutes (depending on your server and network speed) then the server reboots for the installation to complete
  • Once complete you will be able access the OpenVZ web panel via http://localhost:3000
    • username: admin
    • password: admin

Script usage

Manual installation (if for some reason the one liner doesn’t work):

  • Copy the following script into a file, e.g. openvz-kernel-owp-install.sh
  • Change permissions:

chmod +x ./openvz-kernel-owp-install.sh

  • Run it

sudo ./openvz-kernel-owp-install.sh

  • Go get a coffee, it will take a while.
  • Content of openvz-kernel-owp-install.sh
#!/bin/bash
# run: source <(curl -s https://raw.github.com/qrpike/CentOS6---OpenVZ-Installer/master/installOpenVZ.sh) 
clear 
echo 'Going to install OpenVZ for you..' 
echo 'installing wget..' 
yum install -y wget 
echo 'now adding openvz Repo' 
cd /etc/yum.repos.d 
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo 
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ 
echo 'Installing OpenVZ Kernel' 
yum install -y vzkernel.x86_64 
echo 'Installing additional tools' 
yum install -y vzctl vzquota 
echo 'Changing around some config files..' 
sed -i 's/kernel.sysrq = 0/kernel.sysrq = 1/g' /etc/sysctl.conf 
sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf 
echo 'net.ipv4.conf.default.proxy_arp = 0' >> /etc/sysctl.conf
echo 'net.ipv4.conf.all.rp_filter = 1' >> /etc/sysctl.conf
echo 'net.ipv4.conf.default.send_redirects = 1' >> /etc/sysctl.conf
echo 'net.ipv4.conf.all.send_redirects = 0' >> /etc/sysctl.conf
echo 'net.ipv4.icmp_echo_ignore_broadcasts=1' >> /etc/sysctl.conf
echo 'net.ipv4.conf.default.forwarding=1' >> /etc/sysctl.conf

echo 'Done with that, purging your sys configs'
sysctl -p

sed -i 's/NEIGHBOUR_DEVS=detect/NEIGHBOUR_DEVS=all/g' /etc/vz/vz.conf
sed -i 's/SELINUX=enabled/SELINUX=disabled/g' /etc/sysconfig/selinux

echo 'Now downloading CentOS6 x86_64 template....'
cd /vz/template/cache
wget http://download.openvz.org/template/precreated/centos-6-x86_64.tar.gz

/bin/cp /etc/rc.local /tmp/rc.local
cat > /etc/rc.local << EOF 
#!/bin/bash 
wget -O - http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh 
modprobe vzcpt 
modprobe nf_conntrack_ftp 
modprobe ip_nat_ftp 
/bin/cp -f /tmp/rc.local /etc/rc.local 
EOF 
# BARE MINIMUM OpenVZ iptables config - CENTOS 6.4 
cat > /etc/sysconfig/iptables << EOF
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth+ -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -m icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -o eth+ -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
EOF
reboot

echo ' - - - - - - - - - - - - - - - - - - - - - - '
echo ' The server will reboot now and install OpenVZ Web panel'
echo ' '
echo 'When the server boots, it will run the OpenVZ Web panel installation which can take up to 10 minutes'
echo 'This script is executed by backing up/replacing /etc/rc.local with a new file containing the installation script.'
echo 'Once complete, the original /etc/rc.local file is replaced'
echo ' - - - - - - - - - - - - - - - - - - - - - - '

echo '..... well.... that should do it.'
echo 'oh, and ur welcome...'

Related info:

Background on OpenVZ: http://en.wikipedia.org/wiki/OpenVZ

comments powered by Disqus

Latest Posts

View All Posts