Page 1 of 2 12 LastLast
Results 1 to 25 of 32
  1. #1

    OpenVZ Can't connect to new container

    Hi All,

    Just bought a new dedi and tried to install OpenVZ followed by OpenVZ Web Panel. Added the IP address given by DC in the Web Panel and created a new container, However can't ssh to the new container. Its been 2 days, I've been reading all about it but nothing seems to work.

    Here is the sysctl.conf file:

    Code:
    # Kernel sysctl configuration file for Red Hat Linux
    #
    # For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
    # sysctl.conf(5) for more details.
    
    # Controls IP packet forwarding
    net.ipv4.ip_forward = 1
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv4.conf.default.proxy_arp = 0
    
    
    # Controls source route verification
    net.ipv4.conf.default.rp_filter = 1
    
    # Do not accept source routing
    net.ipv4.conf.default.accept_source_route = 0
    
    # Controls the System Request debugging functionality of the kernel
    kernel.sysrq = 1
    
    # Controls whether core dumps will append the PID to the core filename.
    # Useful for debugging multi-threaded applications.
    kernel.core_uses_pid = 1
    
    # Controls the use of TCP syncookies
    net.ipv4.tcp_syncookies = 1
    
    # Disable netfilter on bridges.
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    net.bridge.bridge-nf-call-arptables = 0
    
    # Controls the default maxmimum size of a mesage queue
    kernel.msgmnb = 65536
    
    # Controls the maximum size of a message, in bytes
    kernel.msgmax = 65536
    
    # Controls the maximum shared segment size, in bytes
    kernel.shmmax = 68719476736
    
    # Controls the maximum number of shared memory segments, in pages
    kernel.shmall = 4294967296
    net.ipv4.conf.default.proxy_arp=0
    net.ipv4.conf.default.send_redirects=1
    net.ipv4.conf.all.send_redirects=0
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~
    sysctl -p

    Code:
    [root@hosted-by ~]# sysctl -p
    net.ipv4.ip_forward = 1
    error: "net.ipv6.conf.default.forwarding" is an unknown key
    error: "net.ipv6.conf.all.forwarding" is an unknown key
    net.ipv4.conf.default.proxy_arp = 0
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    kernel.sysrq = 1
    kernel.core_uses_pid = 1
    net.ipv4.tcp_syncookies = 1
    error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
    error: "net.bridge.bridge-nf-call-iptables" is an unknown key
    error: "net.bridge.bridge-nf-call-arptables" is an unknown key
    kernel.msgmnb = 65536
    kernel.msgmax = 65536
    kernel.shmmax = 68719476736
    kernel.shmall = 4294967296
    net.ipv4.conf.default.proxy_arp = 0
    net.ipv4.conf.default.send_redirects = 1
    net.ipv4.conf.all.send_redirects = 0

    route -n

    (xx.211.148.160 is the IP I'm trying to assign to the new container)

    Code:
    [root@hosted-by ~]# route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    xx.211.148.160  0.0.0.0         255.255.255.255 UH    0      0        0 venet0
    xx.211.148.160  0.0.0.0         255.255.255.224 U     0      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
    0.0.0.0         95.211.148.190  0.0.0.0         UG    0      0        0 eth0
    [root@hosted-by ~]#


    Please help

  2. #2
    Join Date
    Jun 2011
    Location
    USA/UK/SG
    Posts
    3,636
    What does vzlist output on the host node?
    ~]# Ethernet Servers Ltd - Est. 2014! - sales @ ethernetservers.com
    ~]# Try out our WordPress speed tests for yourself!
    ~]# NVMe Web Hosting | Unmanaged VPS | Fully Managed VPS | Dedicated Servers | Domain Names
    ~]# Don't settle for any less than the very best - come & join our family today!

  3. #3
    Quote Originally Posted by Ethernet Servers View Post
    What does vzlist output on the host node?
    Code:
    [root@hosted-by ~]# vzlist
          CTID      NPROC STATUS    IP_ADDR         HOSTNAME
             1         17 running xx.211.148.160  sd.wq.com
    [root@hosted-by ~]#

  4. #4
    Join Date
    Jun 2011
    Location
    USA/UK/SG
    Posts
    3,636
    The IP shown pings fine from my end and I can reach an SSH prompt too.

    Are you not able to get that far?
    ~]# Ethernet Servers Ltd - Est. 2014! - sales @ ethernetservers.com
    ~]# Try out our WordPress speed tests for yourself!
    ~]# NVMe Web Hosting | Unmanaged VPS | Fully Managed VPS | Dedicated Servers | Domain Names
    ~]# Don't settle for any less than the very best - come & join our family today!

  5. #5
    Quote Originally Posted by Ethernet Servers View Post
    The IP shown pings fine from my end and I can reach an SSH prompt too.

    Are you not able to get that far?
    I cant SSH into the container.

    Here is the ping to the container

    Code:
    MacBook-Pro:~ raminasidana$ ping xx.211.148.160
    PING xx.211.148.160 (xx.211.148.160): 56 data bytes
    Request timeout for icmp_seq 0
    Request timeout for icmp_seq 1
    Request timeout for icmp_seq 2
    Request timeout for icmp_seq 3
    Request timeout for icmp_seq 4

  6. #6
    Join Date
    Jun 2011
    Location
    USA/UK/SG
    Posts
    3,636
    My apologies, it seems the wrong IP got copied for me somehow...

    Do you get any errors/warnings when restarting the container via vzctl restart 1?

    Quote Originally Posted by SuperHosterz View Post
    I cant SSH into the container.

    Here is the ping to the container

    Code:
    MacBook-Pro:~ raminasidana$ ping xx.211.148.160
    PING xx.211.148.160 (xx.211.148.160): 56 data bytes
    Request timeout for icmp_seq 0
    Request timeout for icmp_seq 1
    Request timeout for icmp_seq 2
    Request timeout for icmp_seq 3
    Request timeout for icmp_seq 4
    ~]# Ethernet Servers Ltd - Est. 2014! - sales @ ethernetservers.com
    ~]# Try out our WordPress speed tests for yourself!
    ~]# NVMe Web Hosting | Unmanaged VPS | Fully Managed VPS | Dedicated Servers | Domain Names
    ~]# Don't settle for any less than the very best - come & join our family today!

  7. #7
    Quote Originally Posted by Ethernet Servers View Post
    My apologies, it seems the wrong IP got copied for me somehow...

    Do you get any errors/warnings when restarting the container via vzctl restart 1?
    Not really

    Code:
    [root@hosted-by ~]# vzctl restart 1
    Restarting container
    Stopping container ...
    Container was stopped
    Container is unmounted
    Starting container...
    Container is mounted
    Adding IP address(es): xx.211.148.160
    Setting CPU units: 1000
    Container start in progress...
    [root@hosted-by ~]#

  8. #8
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    Anything in /var/log/vzctl.log indicating a network problem? Perhaps the nameservers aren't set correctly?

    # vzctl enter $CTID
    -> # cat /etc/resolv.conf
    -> # cat /etc/hosts

    or from the node:

    # cat /etc/vz/conf/$CTID.conf |grep NAMESERVER

    Do an lsmod from the node and make sure all your needed modules are loaded for good measure. Keep us posted.

  9. #9
    Quote Originally Posted by jetfirenetworks View Post
    Anything in /var/log/vzctl.log indicating a network problem? Perhaps the nameservers aren't set correctly?

    # vzctl enter $CTID
    -> # cat /etc/resolv.conf
    -> # cat /etc/hosts

    or from the node:

    # cat /etc/vz/conf/$CTID.conf |grep NAMESERVER

    Do an lsmod from the node and make sure all your needed modules are loaded for good measure. Keep us posted.
    Nothing alarming in /var/log/vzctl.log here's the output to the commands:


    Code:
    [root@hosted-by ~]# vzctl enter $CTID
    CT ID missing
    [root@hosted-by ~]# vzctl enter 1
    entered into CT 1
    [root@sd /]# cat /etc/resolv.conf
    nameserver 85.17.150.123
    nameserver 85.17.96.69
    nameserver 85.17.150.123
    nameserver 62.212.64.122
    [root@sd /]# cat /etc/hosts
    127.0.0.1 localhost.localdomain localhost localhost4.localdomain4 localhost4
    # Auto-generated hostname. Please do not remove this comment.
    95.211.148.160 sd.wq.com  sd
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    [root@sd /]# exit
    logout
    exited from CT 1
    [root@hosted-by ~]# cat /etc/vz/conf/1.conf |grep NAMESERVER

  10. #10
    Code:
    [root@hosted-by ~]# lsmod 
    Module                  Size  Used by
    vzethdev                8189  0 
    vznetdev               18856  2 
    pio_nfs                17544  0 
    pio_direct             28146  0 
    pfmt_raw                3213  0 
    pfmt_ploop1             6256  0 
    ploop                 114009  4 pio_nfs,pio_direct,pfmt_raw,pfmt_ploop1
    simfs                   4448  1 
    vzrst                 192298  0 
    nf_nat                 23213  1 vzrst
    nf_conntrack_ipv4       9946  2 nf_nat
    nf_defrag_ipv4          1531  1 nf_conntrack_ipv4
    vzcpt                 145544  1 vzrst
    nfs                   434839  3 pio_nfs,vzrst,vzcpt
    lockd                  77157  2 vzrst,nfs
    fscache                53922  1 nfs
    auth_rpcgss            44917  1 nfs
    nfs_acl                 2663  1 nfs
    sunrpc                266880  6 pio_nfs,nfs,lockd,auth_rpcgss,nfs_acl
    nf_conntrack           80524  4 vzrst,nf_nat,nf_conntrack_ipv4,vzcpt
    vziolimit               3719  0 
    vzmon                  24366  4 vznetdev,vzrst,vzcpt
    ip6t_REJECT             4711  0 
    ip6table_mangle         3669  0 
    ipv6                  326210  3 vzrst,ip6t_REJECT,ip6table_mangle
    ip6table_filter         3033  0 
    ip6_tables             19714  2 ip6table_mangle,ip6table_filter
    xt_length               1338  0 
    xt_hl                   1547  0 
    xt_tcpmss               1623  0 
    xt_TCPMSS               3461  0 
    iptable_mangle          3493  0 
    iptable_filter          2937  0 
    xt_multiport            2716  0 
    xt_limit                2134  0 
    xt_dscp                 2073  0 
    ipt_REJECT              2399  0 
    ip_tables              18151  2 iptable_mangle,iptable_filter
    vzdquota               55339  1 [permanent]
    vzevent                 2179  1 
    cpufreq_ondemand       10560  8 
    acpi_cpufreq            7779  1 
    freq_table              4952  2 cpufreq_ondemand,acpi_cpufreq
    mperf                   1573  1 acpi_cpufreq
    vzdev                   2765  5 vzethdev,vznetdev,vziolimit,vzmon,vzdquota
    ext2                   68298  1 
    microcode             112685  0 
    tg3                   148645  0 
    i2c_i801               11183  0 
    i2c_core               31084  1 i2c_i801
    sg                     29478  0 
    iTCO_wdt               15054  0 
    iTCO_vendor_support     3104  1 iTCO_wdt
    shpchp                 32794  0 
    ext4                  411690  2 
    jbd2                   93079  1 ext4
    mbcache                 8209  2 ext2,ext4
    sd_mod                 38912  5 
    crc_t10dif              1557  1 sd_mod
    ahci                   41143  4 
    dm_mirror              14149  0 
    dm_region_hash         12101  1 dm_mirror
    dm_log                  9946  2 dm_mirror,dm_region_hash
    dm_mod                 82903  2 dm_mirror,dm_log

  11. #11
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    The container I.D. is "1"?

    I believe I read somewhere that $CTID's under 100 are specifically for OpenVZ developers and that 101+ should be used for production containers. I honestly can't recall which article I was reading. Assuming this is a dev container, and that the article I read was correct, this might work: Try at your own risk.

    # vzctl stop 1
    # cd /vz/private/
    # mv 1/ 101/; cd /vz/root/
    # mv 1/ 101/; cd /etc/vz/conf/
    # cp 1.conf 101.conf
    # cp 101.conf ve-101.conf-sample
    # vzctl start 101


    Good luck. -JE

  12. #12
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    I just noticed something in your post:

    [root@hosted-by ~]# cat /etc/vz/conf/1.conf |grep NAMESERVER
    This should have returned something like
    "NAMESERVER="4.2.2.1 4.2.2.2"

    Does /etc/vz/conf/1.conf have any resolvers defined?

  13. #13
    Quote Originally Posted by jetfirenetworks View Post
    I just noticed something in your post:



    This should have returned something like
    "NAMESERVER="4.2.2.1 4.2.2.2"

    Does /etc/vz/conf/1.conf have any resolvers defined?
    It doesn't return anything. :/

    Code:
    [root@hosted-by ~]# cat /etc/vz/conf/1.conf | grep NAMESERVER
    [root@hosted-by ~]# 
    [root@hosted-by ~]# vi /etc/vz/conf/1.conf 
    
    #  Copyright (C) 2000-2011, Parallels, Inc. All rights reserved.
    #
    #  This program is free software; you can redistribute it and/or modify
    #  it under the terms of the GNU General Public License as published by
    #  the Free Software Foundation; either version 2 of the License, or
    #  (at your option) any later version.
    #
    #  This program is distributed in the hope that it will be useful,
    #  but WITHOUT ANY WARRANTY; without even the implied warranty of
    #  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    #  GNU General Public License for more details.
    #
    #  You should have received a copy of the GNU General Public License
    #  along with this program; if not, write to the Free Software
    #  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    #
    
    # This config is only valid for decent VSwap-enabled kernel
    # (version 042stab042 or later).
    
    # RAM
    PHYSPAGES="0:65536"
    
    # Swap
    SWAPPAGES="0:131072"
    
    # Disk quota parameters (in form of softlimit:hardlimit)
    DISKSPACE="2306048:2306048"
    DISKINODES="200000:220000"
    QUOTATIME="0"
    
    # CPU fair scheduler parameter
    CPUUNITS="1000"
    VE_ROOT="/vz/root/$VEID"
    VE_PRIVATE="/vz/private/$VEID"
    OSTEMPLATE="centos-6-x86"
    ORIGIN_SAMPLE="vswap-256m"
    HOSTNAME="sd.wq.com"
    ONBOOT="no"
    IP_ADDRESS="95.211.148.160"
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    ~                                                                                                                                                 
    "/etc/vz/conf/1.conf" 40L, 1275C

  14. #14
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,082
    Can you get out from inside the container?

  15. #15
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    Add this under IP_ADDRESS="xxx":

    NAMESERVER="4.2.2.1 4.2.2.2"

    Save, restart container.

  16. #16
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,082
    vzctl enter 101
    ping 8.8.8.8

    What do you get?

  17. #17
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    I just tried pinging the container and I can receive a response -- if that's the correct I.P.
    Any luck?

  18. #18
    Quote Originally Posted by jetfirenetworks View Post
    Add this under IP_ADDRESS="xxx":

    NAMESERVER="4.2.2.1 4.2.2.2"

    Save, restart container.
    did that but still not working

    Quote Originally Posted by dave - just199 View Post
    vzctl enter 101
    ping 8.8.8.8

    What do you get?
    no output

    Code:
    [root@ww /]# ping 8.8.8.8
    PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
    ^C
    --- 8.8.8.8 ping statistics ---
    49 packets transmitted, 0 received, 100% packet loss, time 48416ms

  19. #19
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,082
    Ok so this isn't a DNS issue it's an IP routing issue.

    See if you can ping your gateway from within the container

  20. #20
    Quote Originally Posted by jetfirenetworks View Post
    I just tried pinging the container and I can receive a response -- if that's the correct I.P.
    Any luck?
    no
    Code:
    MacBook-Pro:~ raminasidana$ ping 95.211.148.160
    PING 95.211.148.160 (95.211.148.160): 56 data bytes
    Request timeout for icmp_seq 0
    Request timeout for icmp_seq 1
    Request timeout for icmp_seq 2
    Request timeout for icmp_seq 3

  21. #21
    Join Date
    Sep 2010
    Location
    /usr/bin/fail
    Posts
    859
    Is this a CentOS 6.x VPS on top of a CentOS 5.x host node by chance?

  22. #22
    Quote Originally Posted by CN-Jeremy View Post
    Is this a CentOS 6.x VPS on top of a CentOS 5.x host node by chance?
    Main server : CentOS release 6.5 (Final)
    VPS: centos-6-x86

  23. #23
    Join Date
    Sep 2010
    Location
    /usr/bin/fail
    Posts
    859
    Quote Originally Posted by SuperHosterz View Post
    Main server : CentOS release 6.5 (Final)
    VPS: centos-6-x86

    Ah ok... There was a recent openvz bug if it was CentOS 6.x on top of a 5.x node but doesn't look like it applies here.

  24. #24
    Join Date
    Nov 2002
    Location
    Portland, Oregon
    Posts
    2,992
    I would try creating a container with a CTID of maybe 102 or 103. The documentation I was reading still sticks out in my mind. Worth a shot. It may be that the kernel is developed is in some way that 101 is the first .conf to expect when the container is mounted. Not certain, though. I pinged OpenVZ via Twitter a moment ago that way we'll know whether or not it actually is relavent.
    Last edited by Johnny Cache; 01-21-2014 at 03:53 PM.

  25. #25
    Quote Originally Posted by jetfirenetworks View Post
    I would try creating a container with a CTID of maybe 102 or 103. The documentation I was reading still sticks out in my mind. Worth a shot. It may be that the kernel is developed is in some way that 101 is the first .conf to expect when the container is mounted. Not certain, though.

    I did that, I removed the 1 CTID VPS and created 101 but it still wouldn't connect. I feel the 2nd IP provided by DC was not added correctly or something. :/

Page 1 of 2 12 LastLast

Similar Threads

  1. ULOG on OpenVZ container
    By Onur in forum Dedicated Server
    Replies: 1
    Last Post: 03-11-2012, 07:17 PM
  2. all openvz container down
    By CoolMike in forum Hosting Security and Technology
    Replies: 1
    Last Post: 12-03-2011, 03:25 AM
  3. About quotas in an OpenVZ container
    By Onur in forum Dedicated Server
    Replies: 10
    Last Post: 08-23-2011, 06:49 PM
  4. change veid of container Openvz
    By Hillockhosting in forum Hosting Security and Technology
    Replies: 2
    Last Post: 08-23-2010, 10:38 AM
  5. Can't enter OpenVZ container
    By Exabytes in forum Dedicated Server
    Replies: 6
    Last Post: 07-14-2010, 12:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •