Hi,
We're planning to replace our current Xenserver platform for another solution that is a bit more flexible. Since we already played a bit with kvm we found proxmox and decided to give openvz a try as well.
I am doing some tests right now using openvz. The goal is to run DirectAdmin control panels on openvz containers. Since DirectAdmin is able to add ip adresses I decided to use bridged networking.
Most of it seems to work fine except for the files /etc/resolv.conf and /etc/hosts, they're getting overwritten everytime... I understand this for venet but for bridged this seems undesired behaviour...
Is it possible to disable this when bridged networking is used so I can manage these files myself ?
And a second question... I wanted to secure /tmp and /var/tmp in every vm, normally I use nosuid,noexec,nodev for mounting /tmp so I found the bind mount option for doing this...
I created a little script that bind mounts the original /tmp and /var/tmp directories with the needed bind options... It seems to work fine but since I'm fairly new to openvz it is possible I missed a reason not to do so... The script I'm using is /etc/vz/conf/vps.mount and has the following content :
Can anyone tell me if this is the right approach ?
Best regards,
Werner Reuser
XL-Data Hosting, Vitualisation & Storage Solutions
We're planning to replace our current Xenserver platform for another solution that is a bit more flexible. Since we already played a bit with kvm we found proxmox and decided to give openvz a try as well.
I am doing some tests right now using openvz. The goal is to run DirectAdmin control panels on openvz containers. Since DirectAdmin is able to add ip adresses I decided to use bridged networking.
Most of it seems to work fine except for the files /etc/resolv.conf and /etc/hosts, they're getting overwritten everytime... I understand this for venet but for bridged this seems undesired behaviour...
Is it possible to disable this when bridged networking is used so I can manage these files myself ?
And a second question... I wanted to secure /tmp and /var/tmp in every vm, normally I use nosuid,noexec,nodev for mounting /tmp so I found the bind mount option for doing this...
I created a little script that bind mounts the original /tmp and /var/tmp directories with the needed bind options... It seems to work fine but since I'm fairly new to openvz it is possible I missed a reason not to do so... The script I'm using is /etc/vz/conf/vps.mount and has the following content :
Code:
#!/bin/bash
source /etc/vz/vz.conf
source ${VE_CONFFILE}
mount --bind -o nosuid,noexec,nodev ${VE_ROOT}/tmp ${VE_ROOT}/tmp
mount --bind -o nosuid,noexec,nodev ${VE_ROOT}/var/tmp ${VE_ROOT}/var/tmp
Can anyone tell me if this is the right approach ?
Best regards,
Werner Reuser
XL-Data Hosting, Vitualisation & Storage Solutions