VPS Hosting Stuff

Create the container on the Host system

vzctl create 1001 --ostemplate centos-4-i386-default
vzctl set 1001 --userpasswd root:password --save
vzctl set 1001 --hostname ve-oracle.example.com --save
vzctl set 1001 --ipadd 192.168.0.62 --save

Reset resource limits

I decided to have max limits to avoid problems during installation. Once the installation is done and the system left running for some time, these limits should be adjusted.

Note: setting the UBC limits to “unlimited” value like below can only be done on a trusted single-container machine, and can create problems. For more info about UBC, see Resource shortage and UBC.

Warning: The above UBC values might not be consistent; see UBC consistency check.

vzctl set 1001 --kmemsize unlimited --save
vzctl set 1001 --lockedpages unlimited --save
vzctl set 1001 --privvmpages unlimited --save
vzctl set 1001 --shmpages unlimited --save
vzctl set 1001 --numproc unlimited --save
vzctl set 1001 --numtcpsock unlimited --save
vzctl set 1001 --numflock unlimited --save
vzctl set 1001 --numpty unlimited --save
vzctl set 1001 --numsiginfo unlimited --save
vzctl set 1001 --tcpsndbuf unlimited --save
vzctl set 1001 --tcprcvbuf unlimited --save
vzctl set 1001 --othersockbuf unlimited --save
vzctl set 1001 --dgramrcvbuf unlimited --save
vzctl set 1001 --numothersock unlimited --save
vzctl set 1001 --dcachesize unlimited --save
vzctl set 1001 --numfile unlimited --save
vzctl set 1001 --numiptent unlimited --save

Or you can set these limits in your /etc/vz/conf/1001.conf file:

Note : The above UBC values might not be consistent; see UBC consistency check.

# Primary parameters
AVNUMPROC="unlimited"
NUMPROC="unlimited"
NUMTCPSOCK="unlimited"
NUMOTHERSOCK="unlimited"
VMGUARPAGES="unlimited"

# Secondary parameters
KMEMSIZE="unlimited"
TCPSNDBUF="unlimited"
TCPRCVBUF="unlimited"
OTHERSOCKBUF="unlimited"
DGRAMRCVBUF="unlimited"
OOMGUARPAGES="unlimited"

# Auxiliary parameters
LOCKEDPAGES="unlimited"
SHMPAGES="unlimited"
PRIVVMPAGES="unlimited"
NUMFILE="unlimited"
NUMFLOCK="unlimited"
NUMPTY="unlimited"
NUMSIGINFO="unlimited"
DCACHESIZE="unlimited"

PHYSPAGES="unlimited"
NUMIPTENT="unlimited"

Start the container

vzctl start 1001

Update /etc/resolv.conf on the container

Put the following into your container’s /etc/resolv.conf:

search example.com
nameserver <ip address of your name server>

Install Required Packages

vzyum 1001 install binutils compat-db gcc gcc-c++ glibc \
 glibc-common libstdc++ libstdc++-devel gnome-libs make \
 pdksh sysstat libaio xscreensaver openmotif21 xorg-x11-xfs \
 usbutils urw-fonts shared-mime-info perl-libwww-perl \
 perl-XML-Parser perl-URI perl-HTML-Tagset perl-HTML-Parser \
 patch lvm2 intltool libIDL libart_lgpl libbonobo xterm \
 libcap libcroco libgnomecanvas libexif libgnomecups \
 libgnomeprint22 libsoup libwnck libxklavier

Check the following rpms are installed on the container

vzctl exec 1001 rpm -q binutils gcc gcc-c++ glibc gnome-libs \
 libstdc++ libstdc++-devel make pdksh sysstat xscreensaver libaio

Add Oracle User/Group

vzctl exec 1001 /usr/sbin/groupadd oinstall
vzctl exec 1001 /usr/sbin/groupadd dba
vzctl exec 1001 /usr/sbin/useradd -m -g oinstall -G dba oracle
vzctl exec 1001 id oracle

Set Password for the Oracle user

vzctl exec 1001 passwd oracle

Create Directories for Oracle Home/Data and the download directory

vzctl exec 1001 mkdir /home/oracle/10gR2_db
vzctl exec 1001 mkdir -p /u01/app/oracle/product/10.2.0/db_1
vzctl exec 1001 mkdir /u01/app/oracle/oradata
vzctl exec 1001 chown -R oracle:oinstall /u01/app/oracle /home/oracle/10gR2_db
vzctl exec 1001 chmod -R 775 /u01/app/oracle /home/oracle/10gR2_db
vzctl exec 1001 ln -s /usr/lib/libstdc++.so.6.0.3 /usr/lib/libstdc++.so.5

Put these values in /etc/sysctl.conf on the HN

Put these values in /etc/sysctl.conf on the HN:

kernel.shmall = 2097152
kernel.shmmax = 536870912
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
net.core.rmem_default=262144
net.core.wmem_default=262144
net.core.rmem_max=262144
net.core.wmem_max=262144

Then execute on the HN the following command:

/sbin/sysctl -p

At this point the container is ready for Oracle installation. We take a backup of the container at this point in case we need to rebuild the system or do a clean Oracle install.

Shutdown the container and take a backup

vzctl stop 1001
cd /u01/backups
tar czpvf ve-1001-preOracle.tar.gz /vz/private/1001/ /etc/vz/conf/1001.conf

Start the container again

vzctl start 1001

Put oracle distro into the container

Copy the downloaded Oracle zip file to the container and change its ownership to “oracle” on the container.

cp /u01/software/10201_database_linux32.zip /vz/private/1001/home/oracle/10gR2_db/
vzctl exec 1001 chown oracle:oinstall /home/oracle/10gR2_db/10201_database_linux32.zip

Start installation

Now login as oracle on the ve-1001, and run the following commands:

cd /home/oracle/10gR2_db
unzip 10201_database_linux32.zip
cd database/
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
export DISPLAY=192.168.0.149:0

Make sure you can run xterm, then:

./runInstaller

When prompted to run scripts as root. Login as root and execute

export DISPLAY=192.168.0.149:0
/u01/app/oracle/oraInventory/orainstRoot.sh
/u01/app/oracle/product/10.2.0/db_1/root.sh

Update oracle’s profile with the following

cd
vi /home/oracle/.bashrc
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
export PATH=$ORACLE_HOME/bin:$PATH
export ORACLE_SID=orcl

Delete installation files (optional)

cd /home/oracle/10gR2_db
rm -rf database

Time to take another backup of the container on the hardware node.

This backup will allow you to restore the container to the point where no database has yet been created.

vzctl stop 1001
cd /u01/backups
tar czpvf ve-1001-postOracleSoftware.tar.gz \
  /vz/private/1001/ /etc/vz/conf/1001.conf

Start the container

vzctl start 1001

Login as oracle and create the database

export DISPLAY=192.168.0.149:0
dbca

Create listener

netca

Now take another backup on the HN node

vzctl stop 1001
cd /u01/backups
tar czpvf ve-1001-postOracleDatabase.tar.gz \
  /vz/private/1001/ /etc/vz/conf/1001.conf

Source : wiki.openvz.org.

You can protect your HyperVM node (Master or slave) by adding the ConfigServer Security and Firewall.

Here’s howto:

wget http://www.configserver.com/free/csf.tgz
tar -zxvf csf.tgz
cd csf
ls
./install.sh

Once it has been installed, you’ll need to configure it correctly before use, or you’ll have some really weird problems.

Ok, so the configuration file is /etc/csf/csf.conf, edit with your favourite editor:

Leave ETH_DEVICE blank, CSF will work this out on it’s own.

Modify the following lines as follows: (These can be customized as per your own requirements, the 777*, 888* and 5558 ports are required for HyperVM to work)

# Allow incoming TCP ports
TCP_IN = “25,53,110,953,993,995,22,7776,7777,7778,7779,8886,8887,8888,8889,5558″
# Allow outgoing TCP ports
TCP_OUT = “25,53,80,110,113,443,953,7776,7777,7778,7779,8886,8887,8888,8889,5558″

If you want to be able to ping your HyperVM node, set:

# Allow incoming PING
ICMP_IN = “1″

Save and exit /etc/csf/csf.conf

If you’re using openvz in your node, you’ll have to add the following into /etc/csf/csfpre.sh

iptables -A INPUT -i venet0 -j ACCEPT
iptables -A OUTPUT -o venet0 -j ACCEPT
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -i venet0
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -o venet0

Note 1: The /etc/csf/csfpre.sh will probably not exist, you’ll have to create it. csfpre.sh will be executed each time before csf starts.

Note 2: I’ve added (cd /usr/local/lxlabs/hypervm/httpdocs/ ; lphp.exe ../bin/misc/openvz-iptables-traffic.php) to the top of my csfpre.sh due to the traffic calculations, yet I think something else is wrong… I’ll update this once I figured it out.

You are now ready to begin testing… run from the command line:

service csf start

Once you are happy with the configuration and everything works as you wish, disable the testing mode:

# Testing flag - enables a CRON job that clears iptables incase of
# configuration problems when you start csf. This should be enabled until you
# are sure that the firewall works - i.e. incase you get locked out of your
# server! Then do remember to set it to 0 and restart csf when you’re sure
# everything is OK. Stopping csf will remove the line from /etc/crontab
TESTING = “0″

Productionize with:

service csf restart

You are done.

Additionally you can disable disable process tracking and user process tracking by setting (in the csf.conf):

PT_USERTIME = “0″
PT_LIMIT = “0″
PT_USERPROC = “0″

Source : lxwiki

1.Install a system (virtual or physical) with the default CentOS installation that you wish to package. This could be a minimal distro or the default distro or even something custom.

1. It’s generally quicker to bootstrap a CentOS system on another yum/rpm-based, or Debian based system by following the instructions in [1]

2. Once the OS has been installed, you need to tar the contents of the OS.

1. First, create a file called /tmp/exclude and add the following lines to it:

.bash_history
lost+found
/dev/*
/mnt/*
/tmp/*
/proc/*
/sys/*
/usr/src/*

1.  Now, tar the OS file up by typing: tar –czvf /tmp/centos-5.0-<ARCH>-<DISTRO>-image.tar.gz –X /tmp/exclude / where <ARCH> represents the system architecture (i386 or

x86_64) and <DISTRO> represents the distribution (default, minimal, etc.).

1. Now transfer the file over to the OpenVZ server into /vz/template/cache folder.

3.On the OpenVZ server create a “dummy” container by creating a folder called /vz/private/50

and copying the /etc/vz/conf/ve-vps.basic.conf-sample to /etc/vz/conf/50.conf.
NOTE: 50 is the CTID for the container. You can choose any unused CTID on the OpenVZ server.

4.Now create a new folder called /vz/template/centos/5/<ARCH>/config again where

<ARCH> represents the system architecture.

5.Create a file in the folder called rpm and add the following line:

43
6. Create a file called yum.conf in the folder and add the following lines:

[main]
cachedir=/vz/template/centos/5/<ARCH>/yum-cache/
reposdir=/dev/null
installonlypkgs=
[centos5-base]
name=CentOS 5 - <ARCH> - Base
baseurl=http://mirror.centos.org/centos/5/os/<ARCH>/
enabled=1
gpgcheck=1
[centos5-updates-released]
name=CentOS 5 - <ARCH> - Released Updates
baseurl=http://mirror.centos.org/centos/5/updates/<ARCH>/
enabled=1
gpgcheck=1
7 Copy /etc/vz/dists/centos-4.conf to /etc/vz/dists/centos-5.conf.
8 Copy /vz/template/centos/4/i386/config/minimal.list to /vz/template/centos/5/i386/config/minimal.list.

9.Change to the /vz/private/50 folder and then run the command gunzip –dc /vz/template/cache/centos-5-<ARCH>-<DISTRO>-image.tar.gz | tar –xvf – to unpack the base image to the folder.

10.  Make sure you are in the /vz/private/50 folder.
11. Edit etc/shadow and remove the replace the root password with !! instead of the hashed value.
12. Edit the etc/inittab file and comment out the lines that respawn /sbin/mingetty on tty1 through tty6. Just put a # at the beginning of the line.

13.Remove the etc/mtab file and then create a symbolic link by typing ln -s /proc/mounts etc/mtab.

14. Remove all of the lines from etc/fstab except for the line that mounts /dev/pts.

15  Edit etc/rc.d/rc.sysinit and comment out the line that starts /sbin/start_udev by placing a # at the beginning of the line.

16 Now create device nodes by typing:

mknod dev/ptmx c 5 2
mkdir dev/pts
/sbin/MAKEDEV –d /vz/private/50/dev ttyp ptyp
mknod dev/null c 1 3
mknod -m 644 /dev/random c 1 8
mknod dev/urandom c 1 9

17 Create the var/lock/rpm folder.
18 If you wish to disable IPv6, do the following:

1. Edit etc/sysconfig/network and set NETWORKING_IPV6 to no.
2. Add the following lines to etc/modprobe.d/blacklist:

blacklist ipv6
blacklist net-pf-10

19 Disable any physical NICs by modifying the etc/sysconfig/network-scripts/ifcfg-ethX files (where X is the interface number starting from 0) and setting ONBOOT to no.

20 Now you’re ready to start the template. Type vzctl start 50 and wait for it to start.

21 You can install additional packages into the container by typing vzyum 50 install <package> at the prompt where <package> represents the name of the software package you wish to install.

22 Finally, you should turn off unnecessary services.

1. Enter the container by typing vzctl enter 50.
2. View the services that are set to run at startup by typing chkconfig –list | grep 5:on.
3. Disable any unwanted service by typing chkconfig –levels 2345 <service> off where <service> represents the service to disable.

Services that you can (and should) turn off without harm are acpid, apmd, kudzu, and microcode_ctl.

23  Exit the container by typing exit at the prompt.

24 Stop the container by typing vzctl stop 50.

25 Make sure you are in the /vz/private/50 folder.

26 Finally, package up the new template by typing tar –czvf /vz/template/cache/centos-5-<ARCH>-<DISTRO>.tar.gz ./.

27. The template is ready for use.

Source : openvz wiki

To set disk space, run the following commands:

  vzctl set CTID --diskspace $SoftLimit$:$HardLimit$ --save

vzctl set 101 –diskspace 6G:7G –save

You could verify the space available with this command (ie : CTID =101)

[host-node]# vzctl exec 101 df -h

If you want remove disk quota:

DISK_QUOTA=no

Source : Openvz forums

To create and start a container, run the following commands:

vzctl create CTID –ostemplate osname
vzctl set CTID –ipadd <ipaddress>  –save
vzctl set CTID –nameserver <ipaddress> –save
Vzctl start CTID

Here CTID is the numeric ID for the container; osname is the name of the OS template for the container.

Example:

vzctl create 101 –ostemplate fedora-core-5-minimal
vzctl set 101 –ipadd 192.11.0.3 –save
vzctl set 101 –nameserver 192.11.0.3 –save
vzctl start 101

Your freshly-created container should be up and running now; you can see its processes:

vzctl exec CTID ps ax

Enter to and exit from the container

To enter container give the following command:

vzctl enter CTID
entered into container CTID
[container]#

To exit from container, just type exit and press Enter:

[container]# exit
exited from container VEID

Stop and destroy the container

To stop container:

vzctl stop CTID
Stopping container …
Container was stopped
Container is unmounted

And to destroy container:

vzctl destroy CTID
Destroying container private area: /vz/private/CTID
Container private area was destroyed

Source - openvz forums

OpenVZ:
Advantages: allows overselling. Very light weight. Can accommodate more Virtual Machines in a server.

Disadvantage: There is no per vps swap.

Why this is important:

OpenVZ will KILL your application if it goes beyond the limit, and this can cause some trouble. There are people out there who want to host oracle on a 64MB vps, and with such customers, using openVZ will lead to constant application crashes, which ultimately will be blamed on the provider. (This is actually something that is common with openvz/virtuozzo hosting in general; you can check some threads at wht).

With Xen, each vps has its own swap, and thus you get an EXACT dedicated server like environment, but with lesser resources. So here, the customers applications will NOT crash, but rather it will become slower. Also, majority of the applications, like apache, spamassassin expects a lot of memory, and openVZ makes memory a very valuable commodity.

So generally my recommendation is that: For friendly customers use openVZ, and use a lot of burst memory. For not-so-friendly customers, use Xen. And that is why we are providing transparent migration. You can start a customer on openVZ, and see how it works out, and if he is getting too many application crashes, you can move him to the SAME configuration on Xen, and he should be able to do fine, though his application would be slower.

Latest offering provides a number of new advantages and makes it even easier to manage virtual private servers.

Host Color, a provider of Virtuozzo VPS Hosting, today announced that it has made available Plesk 9.0 web hosting control panel to its VPS hosting customers.

The company claims that it has recently upgraded VPS Hosting services, and now powers them with the latest version of Virtuozzo Containers - Virtuozzo 4.0. The new Virtuozzo offers a number of new advantages and makes even easier the management of a virtual private server. It has better design interface that provides access to templates and sample virtual environments, plus a streamlined installation. The new release also offers “high availability” through a several new options to ensure maximum uptime and new backup enhancements, it adds.

“We are ready to provide stable VPS Hosting services with the new Plesk 9.0 web hosting control panel”, said Host Color’s Managing Director Alexander Avramov and advised the company’s customers to use the days before Christmas or vacation period to upgrade their software.

“There are many great features in Plesk Panel 9.0 such as enhanced interface for efficient navigation and the addition of a Reseller mode which enables our Resellers to better manage their VPS and to better organize their offerings”, said Mr. Avramov.

Bodhost.com, a renowned Dedicated Server Hosting and Virtual Private Servers provider announced the launch of its new VPS Hosting offering “Guaranteed 100% Uptime Fail-Over VPS Hosting!”. The Fail-over VPS plan is a fully managed solution which combines the flexibility of Virtual Hosting with the luxury of 100% uptime guarantee at the most economical price.

This 100% Uptime guarantee VPS hosting is primarily aimed at corporate customers who need high uptime solution of a dedicated server mirroring setup but without the high costs usually associated with these setups. The fully managed VPS features 2 GB RAM, 60 GB disk space and 800 GB data transfer per month.

The company says it’s technical team has carried out in-depth research and development work to come up with a viable solution thereby making sure that their customers receive the most reliable VPS hosting service.

Each Fail-over VPS is created on two servers, a primary server and a secondary server which is setup on a separate part of the network. Data is continuously synchronized between the primary VPS and the secondary VPS to ensure that the secondary VPS is constantly updated with the latest files/configuration as the primary VPS. The secondary VPS is basically an identical copy of the server the primary VPS is setup on. If for some reason the primary server goes down, IPs would automatically be assigned to the secondary server which would allow a VPS to carry on functioning, without exposing it to any downtime.

Mark Philips, Chief Marketing Officer, Bodhost says “Over the years our clients have frequently asked for a VPS Hosting solution with some form of redundancy.”

He states further, “We were very conscious about creating a solution which is completely redundant but cost effective at the same time. With these views in mind, we set about creating a redundant Virtual Private Server solution. After many attempts, our technicians finally came up with a viable solution.”

About Bodhost :
Bodhost is a quality U.S. web hosting company incorporated in San Jose, CA. The company’s VPS Hosting and Dedicated Servers range is backed by superior network connectivity, branded server hardware, 24x 7 technical support (Email, Live Chat and Phone) and round the clock server monitoring.

###

New VPS hosting plans using CentOS 5, include latest versions of all Applications.

eApps Hosting, a hosting provider, today announced the immediate availability of new virtual private server hosting plans using the CentOS 5 operating system and offering up-to-date versions of all application services.

The company states that VPS Hosting plans now run on CentOS 5.1. It includes the Apache 2.2 web server, which offers many new features over the prior version. Furthermore, the new hosting plans have been built with a repository-based application delivery system which makes it easy for Java, PHP, and Ruby on Rails developers to take advantage of the latest versions of their programming environment, database servers and related applications. It also states that the application repository contains up-to-date versions of Java, Tomcat, JBoss, PHP, Ruby on Rails, MySQL, PostgreSQL, WordPress, graphics libraries, mail services, Joomla!, Drupal, streaming media servers, and many other applications. The company avers that all applications included in the their Application Repository can be installed by a single click, are kept up-to-date and are covered by a 24/7 phone support program.

Guaranteed memory is defined as the usable memory out of the memory available in VPS. This is available for the user at all time. Very often this guaranteed memory can be changed to burstable memory by the VPS.

Burstable memory set a maximum limit for the memory available where as guaranteed memory is a minimum limit. That is, even if the guaranteed memory is exhausted, the users of VPS can use the memory up to the limit of burstable memory. The simplest example to understand the difference is: if the guaranteed memory of a VPS is 256mb and the burstable memory limit is 1024 mb, the users can use the remaining 768MB RAM once their guaranteed memory is completely used up. This is possible only if the host server has that much memory available with it.

It is always a procedure to keep certain part of the memory in host server as burstable. This can be used by the virtual servers when they are in need of extra memory. Also the guaranteed memory unused in any virtual server can be used by other virtual servers when they want burstable memory. It is known that guaranteed memory should be available for use for the virtual servers. So when they are in need of guaranteed RAM, they usually kill the processes that use their memory as burstable to get the memory released. So it is always better not to use the burstable memory unless it is so needed.

When trying to get a VPS server, it should be clearly understood that the memory availability that they demand is not burst memory. The guaranteed memory must be available in sufficient amount to get proper working in VPS. The memory burstable is not readily available always as it can be obtained only on a lapse of guaranteed memory by other virtual servers in the system.