Install Gitlab on OpenVZ CentOS 7 container I’m a fan of Git and Gitlab but Gitlab was a bit difficult to install earlier because it involved compiling from source and such. Nowadays there is a nice script you can run to install the whole kaboozle. Virtuozzo leverages OpenVZ as its core of a virtualization solution offered by Virtuozzo company. Virtuozzo is optimized for hosters and offers hypervisor (VMs in addition to containers), distributed cloud storage, dedicated support, management tools, and easy installation.
So I've been trying to set up a webserver on my VPS with CentOS 7.To do this I've used this tutorial. Installation of MySQL/MariaDB and PHP worked successfully. However I can't access my server, because I haven't allowed external access yet.
To do this I am forced to use these three commands (according to the tutorial):
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
The command firewall-cmd wasn't found because according to this thread, OpenVZ installs a stripped down version of CentOS7, so I used the commands from there.
However, following error message popped up when using systemctl start firewalld:
Job for firewalld.service failed. See 'systemctl status firewalld.service' and 'journalctl -xn' for details.
systemctl status firewalld.service -l shows this info:
firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: failed (Result: exit-code) since Mon 2016-07-18 04:31:46 EDT; 6min ago Process: 12522 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=1/FAILURE) Main PID: 12522 (code=exited, status=1/FAILURE)
Jul 18 04:31:46 Christof2 systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE Jul 18 04:31:46 Christof2 systemd[1]: Failed to start firewalld - dynamic firewall daemon. Jul 18 04:31:46 Christof2 systemd[1]: Unit firewalld.service entered failed state.
FYI: I did everything from a fresh installation of CentOS7, if you want I can simply reinstall CentOS and do one step differently, if that helps.
Install Openvz Centos 7
2 Answers
First of all, check if you have ipv6 access, and if not; alter your etc/firewalld/firewalld.conf to set IPv6_rpfilter = 0 and run systemctl restart firewalld.service
If still nothing, check journalctl -u firewalld for further details.
However it may well be that your host needs to provide the NETFILTER='full' capability to your container config, also they will need to allocate the beancounter numiptent to something around 500 or more.
Doing those configs should allow firewalld to start on a centos7 OpenVZ container and anything else, your logs will provide the answers to.
Cheers
Iptables, being a kernel functionality, needs to be explicitly loaded on openvz host and enabled per container.
If you have access to host, follow man vzctl and look for --netfilter. Older openvz versions would have a different procedure to do the same.
Not the answer you're looking for? Browse other questions tagged centosfirewallcentos7openvzfirewalld or ask your own question.
Im trying to install OpenVZ on CentOS 6.
I used this instruction to install OpenVZ :
https://www.unixmen.com/install-and-configure-openvz-on-centos/
I tried to update the kernel, modify the openvz repo, nothing helped.here is the problem :
also, I could not find any way to install openvz on centos 7, or debian 9, or ubuntu.looks that OpenVZ is going to die. and its so bad, cause of I use it alot.
2 Answers
Install Mate On Centos 7
Currently I have vzkernel installed after the same problem.
The problem is that new version requires kernel of CentOS 7+, which is not available for CentOS 6.9So I managed to download old version of vzkernel package and install it using RPM.
Download latest compatible RPM
wget http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab126.2/vzkernel-2.6.32-042stab126.2.x86_64.rpm
Install it
rpm -ivh vzkernel-2.6.32-042stab126.2.x86_64.rpm
Check it
rpm -qa vzkernel
Profit.
You can find kernel-firmware >= 2.6.32-754.el6 in [centosplus] repo. Just enable it in your repo file in /etc/yum.repos.d/ like:
Comments are closed.