amuck-landowner

Auto execute OpenVZ commands on mounted/created/started container?

ICPH

Member
Hello,


please can i run some vzctl commands on the OpenVZ VM (VPS) once it is created/bootting/got mounted?


I would like to enable --netfilter full (vzctl set $CTID --netfilter full --setmode restart --save) on all OpenVZ VMs by default and also enable tun/tap device by default for all new VMs (VPSs) (vzctl set $CTID --devnodes net/tun:rw --capability net_admin:eek:n --save)


any way to do it automatically after OpenVZ creates VM or VM is booted or is mounted? Thank you
 
Last edited by a moderator:

Geek

Technolojesus
Verified Provider
Just vim your /etc/vz/vz.conf and append...

# Per-container NF
NETFILTER="full"

# Per-container TUN/TAP
DEVNODES="net/tun:rw "
CAPABILITY=" NET_ADMIN:eek:n"


# vzctl create 8675309; cat /etc/vz/conf/8675309.conf to verify.  Done.
 
Last edited by a moderator:

Geek

Technolojesus
Verified Provider
Aww party foul -- stale thread & I fell for it.  Oh well, maybe this'll help someone down the line... there's also:

Code:
# iptables inside CT
IPTABLES="ip_tables ipt_recent iptable_mangle iptable_filter ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_REDIRECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ipt_owner ipt_state"
 
Last edited by a moderator:
Top
amuck-landowner