VZ and bridged network

[xldata]

Hi,

We're planning to replace our current Xenserver platform for another solution that is a bit more flexible. Since we already played a bit with kvm we found proxmox and decided to give openvz a try as well.

I am doing some tests right now using openvz. The goal is to run DirectAdmin control panels on openvz containers. Since DirectAdmin is able to add ip adresses I decided to use bridged networking.
Most of it seems to work fine except for the files /etc/resolv.conf and /etc/hosts, they're getting overwritten everytime... I understand this for venet but for bridged this seems undesired behaviour...
Is it possible to disable this when bridged networking is used so I can manage these files myself ?

And a second question... I wanted to secure /tmp and /var/tmp in every vm, normally I use nosuid,noexec,nodev for mounting /tmp so I found the bind mount option for doing this...
I created a little script that bind mounts the original /tmp and /var/tmp directories with the needed bind options... It seems to work fine but since I'm fairly new to openvz it is possible I missed a reason not to do so... The script I'm using is /etc/vz/conf/vps.mount and has the following content :

#!/bin/bash
source /etc/vz/vz.conf
source ${VE_CONFFILE}
mount --bind -o nosuid,noexec,nodev ${VE_ROOT}/tmp ${VE_ROOT}/tmp
mount --bind -o nosuid,noexec,nodev ${VE_ROOT}/var/tmp ${VE_ROOT}/var/tmp

Can anyone tell me if this is the right approach ?

Best regards,

Werner Reuser
XL-Data Hosting, Vitualisation & Storage Solutions

 

[sohaib]

Have you figure this out, as I am having same problem after I add the IP the second IP which I added is not responsive. I dont know but that's strange I will appreciate if you can help me fix this .

 

[matthew]

Having same issue. Anyone got Directadmin working?

 

[sohaib]

Yes I figured this out and its working fine.

In your fresh Server before installing directadmin - I am not sure if you are on LAN or Public IP but in my case I was using LAN IP i.e. 192.168.1.50

in my Server I did the following

echo 1 > /root/.lan

1) First we need to know on which device to add the additional IP. Most of the time, it will be eth0, but not always.
Type:/sbin/ifconfig
to get a listing of your current devices. See which device your server IP is using (Eg: eth0), then for your additional IP, you'll just add another number to it with a colon, eg: eth0:0

2) Create the actual network-scripts file:cd /etc/sysconfig/network-scripts
nano ifcfg-eth0:0
3) In that file, add the following code:DEVICE=eth0:0
BOOTPROTO=none
ONPARENT=yes
IPADDR=1.2.3.4
NETMASK=255.255.255.0
BROADCAST=1.2.3.255
where you chop off the last number from the IP. Save/exit.

4) Restart your network and pray it works:/etc/init.d/network restart
/etc/init.d/startips start
the "startips" script is just for the DA controlled IPs. You need to run it after restarting your network to load all DA controlled IPs. Your own IP should have been loaded into the device with the "netwrok restart" step.

5) Confirm it's loaded by checking ifconfig again:/sbin/ifconfig


4) Also, when creating users, you'd need to place the Users onto your LAN IPs (192.168.x.x) in DA.
Then, change the dns for their domain such that their domain values resolve to the external IP, which is mapped to the local IP you gave them.
You can automate this process with:cd /usr/local/directadmin/data/templates/custom
cp ../dns_a.conf .
and add:|?IP=1.2.3.4|
to the top of the custom/dns_a.conf file (where 1.2.3.4 is your server IP).