寻觅生命中的那一片浅草......

文章带标签 OpenVZ

让OpenVZ 更加好支持iptables

在硬件节点内修改iptables挂载模组

vim /etc/sysconfig/iptables-config

IPTABLES_MODULES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp”

vim /etc/sysconfig/vz

IPTABLES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp”

重新启动VZ服务

service vz restart

放行更加多的iptables 条目

# vzctl set $CTID –numiptent 400 –save

vzctl enter $CTID

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -I INPUT -j ACCEPT -m state –state ESTABLISHED,RELATED
iptables -I FORWARD -j ACCEPT -m state –state ESTABLISHED,RELATED
iptables -I INPUT -j ACCEPT -i lo
iptables -I INPUT -p tcp –dport 25 -j ACCEPT
iptables -I INPUT -p tcp –dport 110 -j ACCEPT
iptables -I INPUT -p tcp –dport 995 -j ACCEPTiptables -I INPUT -p tcp –dport 80 -j ACCEPT
iptables -I INPUT -p tcp –dport 53 -j ACCRPTiptables -I INPUT -p udp –dport 53 -j ACCEPT
service iptables save
service iptables restart

转载自:
http://hi.baidu.com/enjoyunix/blog/item/09cc631bd1cec1dcac6e7573.html

How to clone an OpenVZ virtual machine

I need sometimes to clone a vps in an openvz environment, so here you can find three methods to do this task:

first option:

# vzctl stop 101
Stopping VE ...
VE was stopped
VE is unmounted
# cp -r /vz/private/101 /vz/private/202
# cp /etc/vz/conf/101.conf /etc/vz/conf/202.conf
# vzctl start 202
Starting VE ...
Initializing quota ...
VE is mounted
Setting CPU units: 1000
VE start in progress...

the second option:

#mkdir /vz/private/new_VEid
#cd /vz/private/old_VEID
#tar cf - * | ( cd /vz/private/new_VEid tar xfp -)
#cp old_VEID.conf new_VEID.conf

and the third option:

# OLDVE=222 NEWVE=333 # Just an example
# vzctl stop $OLDVE
# mkdir /vz/root/$NEWVE
# cp /etc/vz/conf/$OLDVE.conf /etc/vz/conf/$NEWVE.conf
# cp -a /vz/private/$OLDVE /vz/private/$NEWVE
# vzctl start $NEWVE; vzctl start $OLDVE

from:http://www.vioan.ro/wp/2007/07/30/how-to-clone-an-openvz-virtual-machine/
2024年三月
« 5月    
 123
45678910
11121314151617
18192021222324
25262728293031