ProHoster > Blog > Tsamaiso > Mokhoa oa ho fetisetsa setshelo sa OpenVZ 6 ho seva sa KVM ntle le hlooho e opang

Mokhoa oa ho fetisetsa setshelo sa OpenVZ 6 ho seva sa KVM ntle le hlooho e opang

Mang kapa mang ea kileng a hloka ho tsamaisa setshelo sa OpenVZ ho seva se nang le virtualization ea KVM e felletseng o bile le mathata a mang:

  • Boitsebiso bo bongata bo siiloe ke nako 'me bo ne bo sebetsa ho li-OS tse seng li fetile nako ea EOL
  • Mefuta e fapaneng ea OS e lula e fana ka tlhaiso-leseling e fapaneng 'me ha ho mohla e nahanang ka liphoso tse ka bang teng tsa ho falla
  • Ka linako tse ling u tlameha ho sebetsana le litlhophiso tse sa batleng ho sebetsa ka mor'a ho falla.

Ha u falla seva e le 1, u ka khona ho lokisa ntho e itseng ka nako eohle, empa ho thoe'ng ha u falla sehlopha sohle?

Sengoliloeng sena ke tla leka ho u joetsa hore na u ka fallisetsa setshelo sa OpenVZ hantle joang ho KVM ka nako e fokolang le tharollo e potlakileng ea mathata ohle.

Mohlala o potlakileng: OpenVZ ke eng mme KVM ke eng?

Ha re keneng ho poleloana, empa re bue ka mantsoe a akaretsang:

OpenVZ - virtualization boemong ba tsamaiso ea ts'ebetso, e ka sebelisoa esita le ka ontong ea microwave, kaha ha ho hlokahale litaelo tsa CPU le theknoloji ea virtualization mochine o amohelang.

KVM - Virtualization e felletseng, e sebelisa matla a felletseng a CPU mme e khona ho etsa ntho efe kapa efe, ka tsela efe kapa efe, ho e khaola ka bolelele le ka tsela e fapaneng.

Ho fapana le tumelo e tloaelehileng, tikolohong bafani ba litšebeletso tsa ho amohela baeti OpenVZ e rekisitsoe ho feta tekano, empa KVM ha e rekisoe. Ka lehlohonolo bakeng sa ea morao tjena, KVM joale e rekisitsoe ho feta tekano hantle joaloka ngoan'abo eona.

Re tlo fetisetsa eng?

Moru oohle oa litsamaiso tsa ts'ebetso tse fumanehang ho OpenVZ o ile oa tlameha ho sebelisoa e le batho ba teko bakeng sa phetisetso: CentOS (Liphetolelo tse 6 le tse 7), Ubuntu (Li-LTS tse 14, 16 le 18), Debian 7.

Ho ne ho nahanoa hore lijana tse ngata tsa OpenVZ li se li ntse li e-na le mofuta o itseng oa LAMP e sebetsang, 'me tse ling li bile li na le software e khethehileng haholo. Hangata, tsena e ne e le litlhophiso le phanele ea taolo ea ISPmanager, VestaCP ('me hangata, e sa ntlafatsoe ka lilemo). Hoa hlokahala ho ela hloko likopo tsa bona tsa ho fetisoa.

Phallo e etsoa ka paballo Liaterese tsa IP Bakeng sa setshelo se nkehang habobebe, re tla nahana hore aterese ea IP ea setshelo e bolokiloe ho VM 'me e tla sebetsa ntle le mathata.

Pele re fetisetsa, a re etse bonnete ba hore re na le tsohle matsohong:

  • Seva ea OpenVZ, phihlello e felletseng ea motso mochining o amohelang, bokhoni ba ho emisa / ho phahamisa / ho qala / ho tlosa lijana
  • Seva ea KVM, phihlello e felletseng ea motso mochining o amohelang, ka tsohle tse kenyelletsang. Ho nahanoa hore ntho e 'ngoe le e' ngoe e se e hlophisitsoe 'me e loketse ho sebetsa.

Ha re qaleng phetiso

Pele re qala phetisetso, ha re hlalose mantsoe a tla thusa ho qoba pherekano:

KVM_NODE - mochini o amohelang KVM
VZ_NODE - Mochini oa moamoheli oa OpenVZ
CTID - Setshelo sa OpenVZ
VM - Seva ea sebele ea KVM

Ho itokiselletsa ho falla le ho theha mechine ea sebele.

hata 1

Kaha re hloka ho tsamaisa setshelo kae-kae, re tla bopa VM ka tlhophiso e ts'oanang ho KVM_NODE.
Bohlokoa! O hloka ho theha VM tsamaisong e ts'oanang e sebetsang hona joale ho CTID. Mohlala, haeba CTID e sebetsa Ubuntu 14, joale o hloka ho e kenya ho VM hape Ubuntu 14. Liphetolelo tse nyane ha li bohlokoa 'me ho se lumellane ha tsona ha ho bohlokoa hakaalo, empa liphetolelo tse kholo li tlameha ho tšoana.

Kamora ho theha VM, re tla ntlafatsa liphutheloana ho CTID le ho VM (e seng ho ferekanngoa le ho nchafatsa OS - ha re e ntlafatse, re ntlafatsa liphutheloana feela, 'me, ha ho hlokahala, mofuta oa OS ka har'a mofuta oa mantlha).

etsoe CentOS Ts'ebetso ena e shebahala e se na kotsi:

# yum clean all
# yum update -y

'Me ha ho kotsi ho feta moo Ubuntu, Debian:

# apt-get update
# apt-get upgrade

hata 2

Re kenya ka CTID, VZ_NODE и VM thuso rsync:

CentOS:

# yum install rsync -y

Debian, Ubuntu:

# apt-get install rsync -y

Ha re kenye letho le leng mona kapa mane.

hata 3

Re ntse re emisa CTID mabapi le VZ_NODE sehlopha

vzctl stop CTID

Ho kenya setšoantšo CTID:

vzctl mount CTID

Eya ho foldara /vz/root/CTID mme re a e phetha

mount --bind /dev dev && mount --bind /sys sys && mount --bind /proc proc && chroot .

Tlas'a chroot, theha faele /root/exclude.txt - e tla ba le lethathamo la mekhelo e ke keng ea kenyelletsoa ho seva se secha.

/boot
/proc
/sys
/tmp
/dev
/var/lock
/etc/fstab
/etc/mtab
/etc/resolv.conf
/etc/conf.d/net
/etc/network/interfaces
/etc/networks
/etc/sysconfig/network*
/etc/sysconfig/hwconf
/etc/sysconfig/ip6tables-config
/etc/sysconfig/kernel
/etc/hostname
/etc/HOSTNAME
/etc/hosts
/etc/modprobe*
/etc/modules
/net
/lib/modules
/etc/rc.conf
/usr/share/nova-agent*
/usr/sbin/nova-agent*
/etc/init.d/nova-agent*
/etc/ips
/etc/ipaddrpool
/etc/ips.dnsmaster
/etc/resolv.conf
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-ens3

Ha re hokelang ho KVM_NODE le ho qala tsa rona VMe le hore e sebetse mme e fumanehe ka marang-rang.

Hona joale tsohle li se li loketse ho fetisoa. Ha re ee!

hata 4

Re ntse re le tlas'a tšusumetso, rea etsa

rsync --exclude-from="/root/exclude.txt" --numeric-ids -avpogtStlHz --progress -e "ssh -T -o Compression=no -x" / root@KVM_NODE:/

Taelo ea rsync e tla etsa phetiso, re tšepa hore linotlolo li hlakile - phetisetso e etsoa ka ho boloka li-symlinks, litokelo tsa phihlello, beng le lihlopha, mme encryption e holofalitsoe ka lebelo le leholo (ho ne ho ka khoneha ho sebelisa cipher e potlakileng, empa sena ha se bohlokoa haholo ka har'a moralo oa mosebetsi ona), hammoho le compression e holofetse.

Ka mor'a hore rsync e phethe, tsoa chroot (ka ho tobetsa ctrl+d) 'me u phethe

umount dev && umount proc && umount sys && cd .. && vzctl umount CTID

hata 5

Ha re etseng liketso tse 'maloa tse tla re thusa ho qala VM ka mor'a ho falla ho tloha OpenVZ.
Ho li-server tse nang le Systemd ha re phetheng taelo e tla re thusa ho kena ho khomphutha e tloaelehileng, re re, ka skrine ea seva sa VNC

mv /etc/systemd/system/getty.target.wants/getty@tty2.service /etc/systemd/system/getty.target.wants/getty@tty1.service

Ho li-server CentOS 6 и CentOS 7 etsa bonnete ba hore o kenya kernel e ncha:

yum install kernel-$(uname -r)

Seva e ka khoasolloa ho eona, empa kamora phetisetso e ka emisa ho sebetsa kapa ea hlakoloa.

Ho seva CentOS 7 o hloka ho kenya kopo e nyane bakeng sa PolkitD, ho seng joalo seva se tla oela ka har'a boot bo sa feleng:

getent group polkitd >/dev/null && echo -e "e[1;32mpolkitd group already existse[0m" || { groupadd -r polkitd && echo -e "e[1;33mAdded missing polkitd groupe[0m" || echo -e "e[1;31mAdding polkitd group FAILEDe[0m"; }

getent passwd polkitd >/dev/null 
&& echo -e "e[1;32mpolkitd user already existse[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "e[1;33mAdded missing polkitd usere[0m" || echo -e "e[1;31mAdding polkitd user FAILEDe[0m"; }

rpm -Va polkit* && echo -e "e[1;32mpolkit* rpm verification passede[0m" || { echo -e "e[1;33mResetting polkit* rpm user/group ownership & permse[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }

Ho li-server tsohle, haeba mod_fcgid e kentsoe Apache, re tla etsa tokiso e nyane ka litokelo, ho seng joalo libaka tse sebelisang mod_fcgid li tla senyeha ka phoso 500:

chmod +s `which suexec` && apachectl restart

'Me qetellong, e tla ba molemo bakeng sa Ubuntu, Debian kabo. OS ena e ka thula boot ea kamehla ka phoso

ho thella ka potlako haholo. phethahatso e kokobetsang hanyane

e sa thabiseng, empa e tsitsitse habonolo, ho latela mofuta oa OS.

mabapi le Debian 9 tokiso e shebahala tjena:

re ntse re etsa

dbus-uuidgen

haeba re fumana phoso

/usr/local/lib/libdbus-1.so.3: phetolelo `LIBDBUS_PRIVATE_1.10.8′ ha e fumanehe

hlahloba LIBDBUS

ls -la /lib/x86_64-linux-gnu | grep dbus
libdbus-1.so.3 -> libdbus-1.so.3.14.15 
libdbus-1.so.3.14.15 <-- нужен этот
libdbus-1.so.3.14.16

haeba tsohle li lokile, re tla li etsa

cd /lib/x86_64-linux-gnu
rm -rf libdbus-1.so.3
ln -s libdbus-1.so.3.14.15  libdbus-1.so.3

Haeba e sa thuse, leka khetho ea bobeli.

Khetho ea bobeli ea ho rarolla bothata ka phethahatso e kokobetsang hanyane e loketse hoo e ka bang motho e mong le e mong Ubuntu и Debian kabo.

Re ntse re e etsa

bash -x /var/lib/dpkg/info/dbus.postinst configure

Le bakeng sa Ubuntu 14, Debian 7 Ho feta moo, re etsa tse latelang:

adduser --system --home /nonexistent --no-create-home --disabled-password --group messagebus

rm -rf /etc/init.d/modules_dep.sh

Re entse'ng? Re tsosolositse messagebus, e neng e le sieo bakeng sa ho qala. Debian/Ubuntu mme ya tlosa modules_dep, e neng e tswa ho OpenVZ mme ya thibela dimojule tse ngata tsa kernel ho kenya.

hata 6

Qala hape VM, hlahloba VNC hore na ho jara ho tsamaea joang 'me ka nepo - ntho e ngoe le e ngoe e tla kenya ntle le mathata. Le hoja, mohlomong, mathata a itseng a tla hlaha ka mor'a ho falla - empa a feta tekanyo ea sehlooho sena 'me a tsitsitse ha a ntse a hlaha.

Ke tšepa hore boitsebiso bona bo tla ba molemo! 🙂

Source: www.habr.com

Reka sebaka se tšepahalang sa libaka tse nang le ts'ireletso ea DDoS, li-server tsa VPS VDS 🔥 Reka sebaka se tšepahalang sa ho amohela webosaete ka tšireletso ea DDoS, li-server tsa VPS VDS | ProHoster