We begin with preparation
yum pre-setup
If you want to use yum, you should set up OpenVZ yum repository first.
Download openvz.repo file and put it to your /etc/yum.repos.d/ repository. This can be achieved by the following commands, as root:
# cd /etc/yum.repos.d
# wget http://download.openvz.org/openvz.repo
# rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
Kernel installation
Run the following command
# yum install ovzkernel[-smp or -ent]
smp symmetric multiprocessor up to 4 GB of RAM 10-20 Containers
ent SMP + PAE support + 4/4GB split up to 64 GB of RAM >20-30 Containers
Configuring the bootloader
In case GRUB is used as the boot loader, it will be configured automatically: lines similar to these will be added to the /boot/grub/grub.conf file:
Make default=0 to boot vz kernel first.
Config
There are a number of kernel parameters that should be set for OpenVZ to work correctly. These parameters are stored in /etc/sysctl.conf file. Here are the relevant portions of the file; please edit accordingly.
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq key
kernel.sysrq = 1
# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
SELinux should be disabled. To that effect, put the following line to /etc/sysconfig/selinux:
SELINUX=disabled
Rebooting into OpenVZ kernel
Installing the utilities
# yum install vzctl vzquota
on x64
# yum install vzctl.x86_64 vzquota.x86_64
Starting OpenVZ
# /sbin/service vz start
Next OS template
An OS template is basically a set of packages from some Linux distribution used to populate a container.
Creating an OS template cache
You can create an OS template cache using template utilities and OS template metadata right on your hardware node. The process is automated and will take from about 10 minutes to a few hours, depending on the network speed, and the result will be most up-to-date template cache.
Installing template utilities
You have to install a few packages in order to be able to create/update OS template cache(s).
Using yum
# yum install vzpkg vzyum vzrpm43-python vzrpm44-python vzctl-lib
Installing OS template metadata
To see which templates are available, run
# yum search vztmpl
To install some of the templates, run
# yum install vztmpl-XXX [...]
Get it in http://download.openvz.org/template/precreated/
In order to use precreated template cache files, download files for chosen OS distributions and place them as-is to the /vz/template/cache directory.
Create and start a container
To create and start a container, run the following commands:
[host-node]# vzctl create 128 --ostemplate centos-5-i386-minimal
[host-node]# vzctl set 128 --ipadd 10.1.2.128 --save
[host-node]# vzctl set 128 --nameserver 10.0.2.128 --save
[host-node]# vzctl start 128
Your freshly-created container should be up and running now; you can see its processes:
[host-node]# vzctl exec 128 ps ax
Stop and destroy the container
To stop container:
[host-node]# vzctl stop 128
And to destroy container:
[host-node]# vzctl destroy 128
I's all
Monday, April 27, 2009
Disable "Safely Remove Hardware" icon in system tray
SATA drives show up in “Safely Remove Hardware” icon when the nForce SATA drivers are installed under XP
Click Start > Run and type:
regedit
Press ENTER
Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvata
Right-click in the right hand pane and choose New > DWORD
Create a new DWORD value:
DisableRemovable
Right-click on this new value and choose Modify and change the value to 1
Close Regedit
Restart Windows
Click Start > Run and type:
regedit
Press ENTER
Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvata
Right-click in the right hand pane and choose New > DWORD
Create a new DWORD value:
DisableRemovable
Right-click on this new value and choose Modify and change the value to 1
Close Regedit
Restart Windows
Thursday, April 9, 2009
not SPAM'ers
Upon termination of all tests from all volume of letters (44552 letters) it has been allocated 125 absolutely валидных letters on the basis of which parameters FalseNegative and FalsePositive have been calculated. If to exclude the first day of testing it is visible as commercial products go a leg to a leg at the analysis of a spam. Spamassassin all it is calculated on the analysis of a foreign spam and often passes letters because of absence of normalization of a content. Commercial products lead letters to the certain kind. For example, often used spammers a method of an insert of superfluous signs in words of type: , and also replacement of Turk letters with English letters similar on a writing, are absolutely inefficient against normalization at which the deformed word all will equally turn to "dispatches" and will get under the contextual analysis adding for each such word certain quantity of points to the letter. In turn, SpamAssassin well enough distinguishes a foreign spam of type « Medical, Viagra, Cialis, Enlargement », and also well filters « bayes poisoning » contextual analyzers.
In occasion of dnsbl-lists the opinion has developed ambiguous. On the one hand, popularity public dnsbl is very high, and they can provide protection against a spam up to the certain degree. But, on the other hand, to use dnsbl-lists as panacea it is impossible, as everyone happen FP at work with valid domains. As if to check of entering connections on RFC (FastBL) during testing there was no FP and the level of a filtration is comparable to commercial products. But it already other history. :)
Well, and at last, I have decided to tabulate variants of events in the event that contextual analyzers would work in pair with DNSBL-sheets. Predictably, I have received 100 % efficiency of a filtration of a spam even at use of foreign product Apache SpamAssassin.
In occasion of dnsbl-lists the opinion has developed ambiguous. On the one hand, popularity public dnsbl is very high, and they can provide protection against a spam up to the certain degree. But, on the other hand, to use dnsbl-lists as panacea it is impossible, as everyone happen FP at work with valid domains. As if to check of entering connections on RFC (FastBL) during testing there was no FP and the level of a filtration is comparable to commercial products. But it already other history. :)
Well, and at last, I have decided to tabulate variants of events in the event that contextual analyzers would work in pair with DNSBL-sheets. Predictably, I have received 100 % efficiency of a filtration of a spam even at use of foreign product Apache SpamAssassin.
Subscribe to:
Posts (Atom)