levnovikov/openvz_setup.sh

## openvz_setup.sh
#!/bin/sh

installimage -r no -i /root/.oldroot/nfs/images.old/CentOS-69-64-minimal.tar.gz -n node01.domain.tld -p /boot:ext3:256M,/:ext4:10G,/vm:ext4:all -K http://10.0.0.1/key.pub -a

yum -y remove selinux\*
ln -sf /usr/share/zoneinfo/Europe/Moscow /etc/localtime

service ntpd start
ntpq -p
chkconfig --level 345 ntpd on

rpm -Uvh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
rpm -Uvh http://mirror.yandex.ru/epel/6/i386/epel-release-6-8.noarch.rpm
wget -P /etc/yum.repos.d/ http://download.openvz.org/openvz.repo
rpm --import  http://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install -y vzkernel vzctl vzquota ploop mc nginx htop atop vim-enhanced bash-completion ntsysv bc jwhois mtr bind-utils elinks smartmontools tmux
yum -y --exclude=kernel update

cat >> /etc/sysctl.conf <<EOF
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
#net.ipv4.conf.default.proxy_arp = 0

# Enables source route verification
net.ipv4.conf.all.rp_filter = 1

# Enables the magic-sysrq key
kernel.sysrq = 1

# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

net.ipv4.tcp_max_tw_buckets=720000

EOF

IP=`ip addr show dev eth0|grep "inet "|awk '{print $2}'`; echo $IP

cat >> /etc/sysconfig/iptables <<EOF
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j SNAT --to-source $IP
COMMIT
EOF

perl -pi -e "s/defaults/defaults,acl/g" /etc/fstab
perl -pi -e "s/tty\[1-6\]/tty1/g" /etc/sysconfig/init
perl -pi -e "s/ip_conntrack_disable_ve0=1/ip_conntrack_disable_ve0=0/g" /etc/modprobe.d/openvz.conf
perl -pi -e 's/centos-6-x86/centos-6-x86_64/g' /etc/vz/vz.conf

cat >> /etc/sysconfig/iptables-config <<EOF
IPTABLES_MODULES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ip_conntrack ipt_REDIRECT ipt_state iptable_nat"
IPTABLES_STATUS_VERBOSE="yes"
EOF

reboot

# delete unused kernel after reboot
#yum -y remove kernel
# switch off unneeded services
#ntsysv
# wget -O - https://raw.githubusercontent.com/sibprogrammer/owp/master/installer/ai.sh | sh
	#!/bin/sh

	installimage -r no -i /root/.oldroot/nfs/images.old/CentOS-69-64-minimal.tar.gz -n node01.domain.tld -p /boot:ext3:256M,/:ext4:10G,/vm:ext4:all -K http://10.0.0.1/key.pub -a

	yum -y remove selinux\*
	ln -sf /usr/share/zoneinfo/Europe/Moscow /etc/localtime

	service ntpd start
	ntpq -p
	chkconfig --level 345 ntpd on

	rpm -Uvh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
	rpm -Uvh http://mirror.yandex.ru/epel/6/i386/epel-release-6-8.noarch.rpm
	wget -P /etc/yum.repos.d/ http://download.openvz.org/openvz.repo
	rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
	yum install -y vzkernel vzctl vzquota ploop mc nginx htop atop vim-enhanced bash-completion ntsysv bc jwhois mtr bind-utils elinks smartmontools tmux
	yum -y --exclude=kernel update

	cat >> /etc/sysctl.conf <<EOF
	# On Hardware Node we generally need
	# packet forwarding enabled and proxy arp disabled
	net.ipv4.ip_forward = 1
	net.ipv6.conf.default.forwarding = 1
	net.ipv6.conf.all.forwarding = 1
	#net.ipv4.conf.default.proxy_arp = 0

	# Enables source route verification
	net.ipv4.conf.all.rp_filter = 1

	# Enables the magic-sysrq key
	kernel.sysrq = 1

	# We do not want all our interfaces to send redirects
	net.ipv4.conf.default.send_redirects = 1
	net.ipv4.conf.all.send_redirects = 0

	net.ipv4.tcp_max_tw_buckets=720000

	EOF

	IP=`ip addr show dev eth0\|grep "inet "\|awk '{print $2}'`; echo $IP

	cat >> /etc/sysconfig/iptables <<EOF
	*nat
	:PREROUTING ACCEPT [0:0]
	:POSTROUTING ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j SNAT --to-source $IP
	COMMIT
	EOF

	perl -pi -e "s/defaults/defaults,acl/g" /etc/fstab
	perl -pi -e "s/tty\[1-6\]/tty1/g" /etc/sysconfig/init
	perl -pi -e "s/ip_conntrack_disable_ve0=1/ip_conntrack_disable_ve0=0/g" /etc/modprobe.d/openvz.conf
	perl -pi -e 's/centos-6-x86/centos-6-x86_64/g' /etc/vz/vz.conf

	cat >> /etc/sysconfig/iptables-config <<EOF
	IPTABLES_MODULES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ip_conntrack ipt_REDIRECT ipt_state iptable_nat"
	IPTABLES_STATUS_VERBOSE="yes"
	EOF

	reboot

	# delete unused kernel after reboot
	#yum -y remove kernel
	# switch off unneeded services
	#ntsysv
	# wget -O - https://raw.githubusercontent.com/sibprogrammer/owp/master/installer/ai.sh \| sh