Installing Centos 6 with an OpenVZ kernel.

Posted by

Installing OpenVZ

We start from a basic Centos 6 installation. Our objective will be to install OpenVZ and run several virtual machines. Attention OpenVZ supports virtualization only for GNU/Linux systems. In addition you can install an OpenVZ panel. In first, update Centos and install some necessary tools :

yum update -y
yum install screen wget -y

OpenVZ uses a modified Linux kernel, we will install it and tools from the official repository.

rpm --import
wget -P /etc/yum.repos.d/

yum install vzkernel vzctl ploop

In /etc/sysconfig/selinux, SELINUX must be deactivated.


To allow access to Internet from virtual machines, edit /etc/sysctl.conf.

# On Hardware Node we generally need 
# packet forwarding enabled and proxy arp disabled 
net.ipv4.ip_forward = 1 
net.ipv6.conf.default.forwarding = 1 
net.ipv6.conf.all.forwarding = 1 
net.ipv4.conf.default.proxy_arp = 0  

# Enables source route verification 
net.ipv4.conf.all.rp_filter = 1  

# We do not want all our interfaces to send redirects 
net.ipv4.conf.default.send_redirects = 1 
net.ipv4.conf.all.send_redirects = 0

Check the first kernel in /boot/grub/grub.conf and reboot your server.


We no longer use the Linux kernel provided by CentOS, it is better to uninstall it.

yum remove kernel -y

In the examples, our network will be and our public ip is

iptables -A FORWARD -s -j ACCEPT
iptables -A FORWARD -d -j ACCEPT
iptables -t nat -A POSTROUTING -s -o eth0 -j SNAT --to
/sbin/service iptables save

Open /etc/vz/vz.conf and add “iptable_nat” in IPTABLES_MODULES




The installation is now complete, you can now manage your OpenVZ server with VCA.

Templates download

We will install some templates, files must be placed in /vz/template/cache. Warning, do not unpack them.

Example with Ubuntu 14.04

cd /vz/template/cache

Share port 80

If multiple sites are hosted on different virtual machines, we have two possibility:

  • Use failover IP
  • Do NAT

We will do NAT, on the host machine we install Nginx who will do reverse proxy. It is also possible to redirect port 80 to a virtual machine that will itself contain Nginx. Nginx is not activated in the default repositories, we will need to activate EPEL.

yum install epel-release -y
yum install nginx -y
chkconfig nginx on

By default, configuration files are in /etc/nginx/conf.d/. To separate proxy web sites, we create new folders.

mkdir /etc/nginx/sites-available/
mkdir /etc/nginx/sites-enabled/

In /etc/nginc/nginx.conf, replace

include /etc/nginx/conf.d/*.conf;


include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;

Create /etc/nginx/conf.d/proxy.conf

proxy_redirect          off;
proxy_set_header        Host            $host;
proxy_set_header        X-Real-IP       $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size    10m;
client_body_buffer_size 128k;
client_header_buffer_size 64k;
proxy_connect_timeout   90;
proxy_send_timeout      90;
proxy_read_timeout      90;
proxy_buffer_size   16k;
proxy_buffers       32   16k;
proxy_busy_buffers_size 64k;

To redirect a web site, create a symbolic file in /etc/nginx/sites-available/, link ir to /etc/nginx/sites-enabled/ and reload Nginx.

Example with a virtual machine in

server {
        listen   80;
        location / {

Open port 80 on the host machine.

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
/sbin/service iptables save

Leave a Reply

Your email address will not be published. Required fields are marked *