Setting up Ubuntu 10.04 Virtual Machine with OpenVZ
Installing and Setting Up OpenVZ
Backups are an important part of any IT Technician’s life, the good ones anyway, and so I began setting up a backup system for our clients and our own machines. The system chosen to do the backups was one called TimeDicer. This system works with all versions of Windows OS from XP to 7, and is very well thought out.
The TimeDicer website stated that the supported configuration of the system was an Ubuntu 10.04 setup, and so I decided it would be best to create a virtual machine using Ubuntu 10.04; (this in itself brought its own array of problems…but more on that later).
Our main hardware servers are CentOS based machines, and so I needed to create a virtual machine on of our servers. To do this I installed OpenVZ with the following steps, from the OpenVZ quick installation wiki page found here.
The repository for OpenVZ needed to be installed first. This was done by following these steps.
cd /etc/yum.repos.d wget http://download.openvz.org/openvz.repo rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
The next step was to install the kernel that OpenVZ would use. As I was going to run OpenVZ on a 64bit CentOS host machine I needed to use this command.
yum install ovzkernel-ovzkernal.x86_64
Now OpenVZ was almost ready to roll. However there was still the issue of networking when I rebooted into the OpenVZ setup. This was solved by editing the /etc/sysctl.conf file with the following
#On Hardware Node we generally need #packet forwarding enabled and proxy arp disabled net.ipv4.ip_forward = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 Enables source route verification net.ipv4.conf.all.rp_filter = 1 Enables the magic-sysrq key kernel.sysrq = 1
# We do not want all our interfaces to send redirects net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0
An important note to remember, for all you avid coders out there, is to comment out any conflicting terms or replace them entirely.
- Also make sure that SELinux is disabled in /etc/sysconfig/selinux
- At this stage OpenVZ will have placed itself correctly into the bootloader of the machine so when I rebooted, it instantly loaded the kernel and OpenVZ was up and running.
- The last step to get an Ubuntu 10.04 virtual machine running is to download the template that OpenVZ will use. I downloaded the Ubuntu-10.04-x86_64.tar.gz file from here into /vz/template/cache. There is no need to unpack this file as OpenVZ kindly deals with that itself.
So all that should be left to do is run the command:
vzctl create 101 --ostemplate Ubuntu-10.04-x86_64
This should then set the ball rolling and OpenVZ will attempt to load the virtual machine. It is important to only use identity numbers of 101 upwards as OpenVZ uses 1 – 100 itself and this could cause conflicts later on. Finally I needed to give the virtual machine a name and set its IP address. The details to do which can be found here. After this has all been set, (note: remember to put –save at the end of each line), I then started up the virtual machine
vzctl start 101
I entered the system to check everything had been set up correctly, it’s important to check ssh connections here just in case they didn’t get transferred over; which luckily mine did. With the following command…
vzctl enter 101
…everything was now set up for the timedicer server to be installed.
I followed step three on the TimeDicer instructions, found here, which was…
cd /opt/ wget http://timedicer.co.uk/server/timedicer-server-setup chmod 744 timedicer-server-setup
When I first installed the TimeDicer software there was an issue with it finding the machine’s IP address of an OpenVZ system, and so I had to hard code the IP address of my machine into the timedicer-server-setup script. However I only mention this for anyone who has the same issue; TimeDicer has recently been updated to accommodate a more general IP address setup, and so it can now find the IP address. I have even tested this and it works perfectly!
The last command to run is:
/opt/timedicer-server-setup –f email@example.com
This should set everything going, and by following steps 4 and 5 I was able to test that the webserver had worked correctly; I then secured my web interface.
Setting Up Client Machines
The steps on TimeDicer’s website about ‘Making a Backup: Using TimeDicer Client’ worked perfectly for myself however I then ran into an issue with the VSS side of things, and the fact the client machines would have more than one hard drive installed.
EDIT: TimeDicer no longer deletes old shadow copies so this section should be unnecessary. I have left it here for reference if anyone has similar problems. However I would suggest contacting the creator of TimeDicer directly.
TimeDicer by default deletes all old shadow copies on the machine when it begins a backup. This for me was not appropriate as shadow copies are used to replace files that get corrupted with an earlier version, or if someone accidentally deletes a file they needed; this happens far more than you might realise.
After speaking with the creator of TimeDicer I was able to disable the VSS deleting. This can be done by opening the file C:\Progam Files\TimeDicer\TimeDicer.cmd with something like notepad++.
Then changing line 455 from:
ECHO y|"%runfrom%\vshadow-%VSHADOWVER%-%WINBIT%.exe" -da>nul
REM ECHO y|"%runfrom%\vshadow-%VSHADOWVER%-%WINBIT%.exe" -da>nul
This comments out the line and stops TimeDicer from deleting previous shadow copies.
The next hurdle came when I needed to back up more than one drive at a time. For instance TimeDicer straight out of the box can back up the documents and settings of the user running the program from the C: drive. However in my case I wanted to back up some data from the C:, D: and F: drive of my client machine. After yet more discussion with TimeDicer’s creator I was then able to get it working. The solution was that it needed a TimeDicer.txt file for each drive, which is the config file that TimeDicer uses to run.
So I first went about creating TimeDicer-D.txt and TimeDicer-F.txt with a similar configuration as the original TimeDicer.txt file; just with the list of backup for each drive at the bottom (such as D:\, d-drive). TimeDicer is quite flexible and can be edited in many ways, shown here, the way I chose was to have each TimeDicer.txt file outputting to its own log with:
SET log=C:\Documents and Settings\User\Application Data\TimeDicer\filename
This can also be done with the excludes file if you wish to.
Finally to run the setup as one scheduled task instead of three I created a batch file TimeDicerStart.bat with the following commands.
CALL “C:\Program Files\TimeDicer\TimeDicer.cmd” /x CALL “C:\Program Files\TimeDicer\TimeDicer.cmd” /f C:\Documents and Settings\User\Application Data\TimeDicer\TimeDicer-D.txt /x CALL “C:\Program Files\TimeDicer\TimeDicer.cmd” /f C:\Documents and Settings\User\Application Data\TimeDicer\TimeDicer-F.txt /x
The /x tells TimeDicer not to pause and ask for “Press any key to continue” which allows scheduled tasks to run it and close it. And the /f tells TimeDicer what config file to use.
I also found an issue with the private key on Windows Server 2003, which isn’t really supported by TimeDicer, but it does work. The scheduled task would come back with an 0x8 error. Now no matter what google might tell you this isn’t a Windows issue about logging into a user via a terminal connection. This is simply just the error code of TimeDicer, a list of which can be found on the man page, saying it cannot find the private key. To solve this issue you just need to add this line:
SET key=C:\Documents and Settings\User\Application Data\TimeDicer\privatekey.ppk
Or similar depending on your set up.
After this I just ran the TimeDicerStart.bat file that I created earlier from command prompt and everything work perfectly. The scheduled task began to back up every day at the correct time with no errors.