for keeping track of my digital experiments

I have been searching for a way to visualize an OpenVPN setup for some time now. I need it to be virtual because of my lack of physical machines. I have had OpenVPN running before using Ethernet bridging, but without the adequate hardware, it is time to go virtual and use routing methods instead of bridging.

With a little bit of google searching I found “Adding openvpn support to openvz VPS” on biogeogen.com. The post in question gets you started, but leaves out a few pointers.

1) Don’t use the /etc/modules.conf file, just throw up modprobe tun inside of /etc/rc.d/rc.local. So the command will be executed each boot time. This is of course if after using lsmod | grep tun, you discover that tun support is not automatically loaded.
2) You need to have the virtual node off before running the following command on it: vzctl set 101 --capability net_admin:on --save. Where 101 is the VEID.
3) To execute commands on said virtual node with vzctl exec, you then need it to be started.

So the revised pastie:

lsmod | grep tun
[no output, then -->] modprobe tun
[stop the container]
vzctl set 101 --devices c:10:200:rw --save
vzctl set 101 --capability net_admin:on --save
[start the container]
vzctl exec 101 mkdir -p /dev/net
vzctl exec 101 mknod /dev/net/tun c 10 200
vzctl exec 101 chmod 600 /dev/net/tun

For setting up OpenVPN inside of the virtual node see: OpenVPN on Debian linux.

Yesterday I finished up some server setup research for this upcoming Virtual Private Server (VPS) hosting project of mine. Hopefully within the month I will start leasing VPS’s. To do this, I needed a pretty stable and inexpensive control panel that will let users manage/re-image their VPS. None of the FOSS web managers had these two necessary capabilities that I need. So I went with HyperVM, a OpenVZ/Xen VPS web manager that I’ve seen in use by one of my hosting providers, Jadase. The only reason I stick with them is because I got grandfathered into the VPS 2 plan for $10/month. You can’t beat that! Well I will sure be able to beat out their VPS prices, I’ll be charging $13.50/month for the eqivalent of their VPS 2 plan.

Back to HyperVM. It is increadible easy to install on a CentOS 5.2 machine! Follow the HyperVM install instructions found here, once you have the physical box you want this to run on set up with a barebones CentOS 5.2 install. The install downloads about 1.1 GB of data, which is mainly the VPS templates for OpenVZ and Xen. HyperVM comes with a 5 VPS license built in (for testing), and licensing is really cheap and easy (compared to VMware ESX and Server 2003 Volume Licensing). HyperVM is USD $0.50/month per VPS.

I’ve tried rolling VMware server and workstation on OpenVZ nodes in the past, but I figured I’d give it a go again just for kicks. Still I was unable to get the proper kernel-headers to work with gcc to compile VMware server/workstation. The RPMs run just fine installing the components, but then compiling and installing the various compents (especially vmon) during the vmware-config.pl seems to fail time-and-time again. I just can’t get gcc to work with the custom OpenVZ kernel. I suppose it was never meant to be … two level of virtualization.

OpenVZ setup procedure followed – January 6th, 2009
host machine – 1.5ghz Pentium 4 (i386), 1GB ram, 40GB hard disk drive
host os – CentOS 5.2
for more detailed installation information see: http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf

This installation of CentOS 5.2 is on a i386 machine, be sure to substitute in for a 64-bit machine if you have one. Following most/all of the instructions will give you an OpenVZ CentOS 5.2 host with browser-based administration of your VPS(es) with vtonf. This cookbook assumes running knowledge of how to edit configuration files via “vi”, using yum to install dependencies/software, and how to install via tarballs (.tar.gz).

1. Install latest CentOS distro on physical server (at the time of writing this, it was 5.2)
   • minimal install only requires disc 1 – “CentOS-5.2-i386-bin-1of6.iso”
   • choose your mirror: http://isoredirect.centos.org/centos/5/isos/i386/
   • partition setup note: 5GB for root filesystem, 1.25X-2X size of RAM for swap, rest of space for /vz (the VPS nodes and OS templates)
   • During the category/task selection, deselect all package categories, and choose the “Customize now” option at the bottom of screen. During the customized package selection, deselect everything. This will allow for a “minimal” install with only disc 1.
2. Configure static ipv4/ipv6 address(es) – /etc/sysconfig/network/
3. Setup dns nameservers – /etc/resolv.conf
4. Run an update: yum update
5. Follow hotwo: http://www.howtoforge.com/installing-and-using-openvz-on-centos5.2
6. Download VTONF – http://vtonf.com/downloads.html
7. tar xzvf on the archive you just downloaded and cd into the created directory
8. Follow on screen instructions to complete setup
9. If you wanna go crazy with the customizations get into the “/etc/vtonf/” directory and check things out
10. To allow connections to vtonf from IPv4/6 addresses other than through the localhost, modify the code block within “/etc/vtonf/vtonf.conf” so it looks like the below code block. Note the second line!

    fastcgi.server = ( ".php" =>
( "*" =>
( "socket" => "/tmp/vtonf.socket",
"bin-path" => "/usr/local/vtonfphp/bin/php",
"max-procs" => 1,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "4",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
)
)
)

11. Remember to modify the OpenVZ host IPTABLES rules so that it allows traffic to the VPS nodes. I just turned mine off (service iptables stop; chkconfig iptables off), because I got an external firewall/router in my home LAN.

That’s it you are good to go to start reselling VPSes to clients!