FAQ

FAQ Revised: Tuesday 28 September 2004

Table of Contents

1. General
2. Inside VPS
3. Outside VPS
4. Kernel
5. H-Sphere Related Questions
6. Troubleshooting

1. General

1.1. What are Virtual Private Servers (VPS)?
FreeVPS is a free Linux-based software implementing virtual servers technology, a cost-effective and resource-saving solution that runs virtually isolated full-featured standalone Linux servers on one host box. Read more about VPS features.


1.2. What is the main FreeVPS conception?
Two corner-stones of the FreeVPS concept are:
1) the chroot() UNIX function that enables running all child processes having their own root and not seeing other processes;
2) the so-called contexts that provide complete isolation for virtual servers: a virtual server use its own IP addresses, and its processes and files are protected from being seen from other virtual servers.


1.3. What is common to the FreeBSD "Jail" and FreeVPS solutions?
UNIX "Jails" are based on the chroot() system call which is not completely secure. There is a number of applications that allow you to avoid UNIX "jails" (or, to break chroot).

FreeVPS solution based on the context technology provides complete isolation and security. In addition to the basic chroot() functionality, virtual server processes and their child processes are made context-dependent, so they never reach the host server's root and aren't able to see other contexts. At the same time, the host's root has the complete control on all its contexts.


1.4. How does FreeVPS differ from Linux VServer Project?
FreeVPS extends the original Linux VServer functionality:
  • Native POSIX Thread Library (NPTL) included;
  • FreeVPS is based on completely separate disk namespaces;
  • Memory accounting inside VPS rewritten;
  • Fully separated process accounting;
  • New separate Virtual Network Interfaces per context;
  • Internal configurable network Traffic Shaper, and bimodal context-separated routing to speed up networking.

FreeVPS implementation includes FreeVPS kernel patch and FreeVPS tools. Together they add the following new features to VPS:

  • Advanced context management;
  • VPS limit management, including limits on:
    disk space, virtual/resident memory, the number of running processes, context file handles, TCP connections;
  • Virtual Network Interface management.

FreeVPS solution is fully integrated with H-Sphere hosting software which provides Web interface for VPS management. Additional H-Sphere VPS scripts allows you easily create, configure and manage virtual server environment:

  • VPS templates;
  • service configuration;
  • system device management;
  • Virtual Network Interface configuration;
  • VPS limitation control;
  • general VPS management;
  • VPS management via H-Sphere Control Panel.

See also FreeVPS project tracker for features under development and testing.




1.5. Is Virtual Private Server secure?
With chroot() UNIX system call and new security context calls, Virtual Private Server is a secure and reliable solution for your system.

1) It uses Linux 2.4.21-x kernels from RH EL3 or 2.6.9-x kernels from RH EL4 patched with the latest security patches.
2) It provides new context-dependent VPS networking, such as, new routing tables, completely separate sockets, new limits on established TCP connections and Bind ports to increase network security for virtual servers and the host.
3) Even if VPS is hacked, the host master can easily stop all processes in its context and protect the system.


1.6. What are hardware requirements for VPS host (CPU frequency, RAM size, HDD etc...)?
Hardware requirements for VPS host system to a great extent depend on the number of virtual servers to be installed and on the tasks they perform.

Consider the basic configuration:

  • The basic Virtual Private Server installation (using base Linux RedHat 7.3 installations RPMs) requires ~500-550 MB of disk space. This includes shell, cron scheduler, OpenSSH support, mounting support, random generator, Perl, and some more.
    So if you install 10 VPSs, you need at least 5-6 GB disk space. If you use VPS for hosting and wish to install Web, FTP, DNS services, or database support, you need to reserve more disk space for this.
  • The basic VPS installation requires ~10 MB RAM. But, in fact, a virtual server usually takes less memory. Therefore, setting the system memory size, you need to consider what services would run on a particular VPS.
  • Restrictions on processor type and frequency are too approximate. Let say, PII 450MHz will be the starting point if you need to have at least 3 virtual servers but actually CPU may be even less powerful.



1.7. What are the system requirements for VPS (operating system, additional apps. etc...)?
FreeVPS patched kernel and FreeVPS tools can be installed on all Linux RedHat's where kernel version 2.4.21 is able to run. Just follow the VPS installation guide.

However, if you need H-Sphere VPS scripts to be installed, it requires the core RedHat 7.3/Redhat EL 3/CentOS 3.x and Perl 5.6.0 installation. In such case, we do not support other operating systems. Read more about VPS installation requirements.
From version 1.5 FreeVPS has modification for kernels 2.6.9 and distributive RH EL4.


1.8. Related sites, documentations, support.
FreeVPS partner sites: http://www.freevps.com/partners.html



1.9. Resources for download.
For Linux VServer project downloads, visit http://www.linux-vserver.org.
FreeVPS project download area is http://www.freevps.com/downloads.html.


2. Inside VPS

2.1. What networking mechanism is implemented inside VPS?
Virtual Private Servers have independent network configuration. VPS networking is based on virtual ethernet devices and virtual ethernet device aliases created on each VPS. Virtual ethernet devices (virtual ethernet device aliases) are attached, or put in correspondence, to actual ethernet devices on the host server. Only the host's root has rights to attach/detach virtual ethernet devices. IPs are configured and bound on virtual ethernet devices (or VETH aliases) of a virtual server. But only the VPS host's root can assign IPs to virtual ethernet devices or device aliases. If IP is not assigned, it cannot be configured to be bound to a virtual server.

Read more about VPS Network.


2.2. What core applications are provided within VPS?
The core VPS applications are:
- the system log service;
- the shell;
- cron scheduler;
- openSSH support;
- mounting support;
- the random generator service;
- the Perl script and report language;
- various libraries installed and ready to use.

Additionally, you can install gcc/cpp compilers, http, php, mysql, postgresql, sendmail, samba, etc. So, if needed, you can easily build a hosting system on your virtual server.


2.3. If swap is available in VPS, is there any way to let all VPS share the system swap?
Starting from version 1.1, FreeVPS supports swap on virtual servers.

Swap allocation depends on VPS memory limits:
- resident/virtual memory limit (RSS Limit);
- entire memory limit (Memory Limit)

When a VPS exceeds RSS Limit, it starts to use the host's swap.


2.4. What resource limits are supported?
The host system root can limit the following system resources used by VPSs:
- disk usage;
- memory usage;
- context virtual memory;
- number of running processes;
- number of files in use;
- number of opened TCP sockets;
- cpu time guarantee (minimum limit);
- cpu time limit (maximum usage limit).


2.5. Does VPS support disk quota?
FreeVPS supports quota inside virtual servers. Now you can set user/group quota on all filesystems mounted inside a VPS. See Quota Configuration guide for details.


2.6. How memory usage is calculated?
Memory used by virtual servers consists of:
- memory required for running specific processes;
- memory required for dynamic libraries loaded by processes;
- additional memory allocated for processes.

Keeping this in mind, you can easily notice inconsistent values in the "Used memory" field.


2.7. What capabilities are supported?
Obviously, a virtual server's root obtains less capabilities (privileges granted to a process), as it cannot configure the host system. By default, Virtual Private Servers are created with the CAP_NET_RAW CAP_NET_ADMIN capabilities providing network management inside VPSs.

The CAP_NET_RAW capability provides:
- RAW sockets;
- PACKET sockets.

The CAP_NET_ADMIN capability provides:
- interface configuration;
- administration of IP firewall, masquerading and accounting;
- setting the debug option on sockets;
- modification of routing tables;
- setting arbitrary process/process group ownership on sockets;
- binding any address for transparent proxying;
- setting TOS (type of service);
- setting promiscuous mode;
- clearing driver statistics;
- multicasting;
- read/write permissions on device-specific registers.

The CAP_RESOURCE capability is also available.


2.8. I need to upgrade OpenSSH to the latest version so that new virtual servers would use it.
Let's suppose you have openssh-3.1p1-3 installed and you wish to upgrade to openssh-3.1p1-14. It is possible to install the complete openssh-3.1p1-14 package, instead of simply upgrading the current openssh package:
  1. Check the size of the openssh-3.1p1-14 installation packages. Full installation requires:
    openssh-3.1p1-14.i386.rpm of 218763 Kb;
    openssh-clients-3.1p1-14.i386.rpm of 297561 Kb;
    openssh-server-3.1p1-14.i386.rpm of 173412 Kb.
  2. Copy these packages to the RPMS directory on the host.
  3. Update the package template file /hsphere/local/config/vserver/<OS_CODE>/rpm_base.cfg with the list of core RPMS.

    Here, <OS_CODE> is one of the available operation systems: RH73, CentOS3, RHES3, RHAS3, RHWS3.
    1) Remove old OpenSSH packages from the list:
    openssh-3.1p1-3.i386.rpm
    openssh-clients-3.1p1-3.i386.rpm
    openssh-server-3.1p1-3.i386.rpm
    2) Insert new RPMs to the list:
    openssh-3.1p1-14.i386.rpm
    openssh-clients-3.1p1-14.i386.rpm
    openssh-server-3.1p1-14.i386.rpm

After that, new virtual servers will be created with the new OpenSSH support.


3. Outside VPS

3.1. What VPS host's root administration facilities relate to VPS?
The host's root has complete access to all Virtual Private Servers and is able to manage them.
  • General management:
    - create/delete VPSs;
    - check status, enter inside a VPS (even when networking is disabled);
    - start, stop, suspend, resume VPSs;
    - install/remove packages.
  • Network configuration:
    - attach/detach virtual ethernet devices;
    - assign/remove IPs.
  • Resource limits on:
    - disk usage;
    - used memory;
    - virtual memory;
    - opened sockets;
    - files in use;
    - running processes.
  • Process settings:
    - create/kill context;
    - enable/disable creation of processes;
    - KILL/TERM context processes.



3.2. Is it possible to migrate a virtual server to another host?
Virtual private servers are hardware-independent, so you can easy migrate them to another host to or another HDD on the same host. You need only to move the VPS root directory and some configuration files to another machine.

For example, if your VPS root directory is /vservers/DNS_NAME, you need to copy /vservers/DNS_NAME to another host, then to find the DNS_NAME.conf file and copy it to the same location on another machine.


3.3. Is it possible to view processes running by a VPS?
Host root can manage processes running on all virtual servers. You just need to switch to a required context.

Context solution allows you to view processes in three different aspects:
- VPS host's own processes;
- VPS host's processes plus all VPS servers' processes;
- processes of a particular VPS;

Numeration of contexts in VPS host is as follows:
0 is the VPS host's own context. All host's processes run in this context;
1 is the context for both the VPS host's and all VPS servers' processes;
3, 4, ... are VPS servers' contexts.

To switch to another context, run:
# vserver_ctl --ctx CONTEXT_NUMBER --enter


3.4. How to install additional applications to a VPS?
Additional applications can be installed both by that VPS's root and the VPS host's root.

A VPS's root installs RPMs or compile sources as a normal server's root.
The host's root can install RPMs using the rpm command with the "--root" option.

Or, if the hsphere-vps package is installed, use the vps-pkg-inst.pl script.


3.5. Can a VPS host's root set limits on VPS processes or used resources?
By means of FreeVPS tools, the host's root can manage VPS limits. Using the vserver_limit tool, you can set limits on:
- total memory usage
- resident memory size
- number of processes
- disk usage (quota)
- number of file handles
- number of opened tcp sockets

Run man vserver_limit for more details.


3.6. How to manually remove a virtual server from a host running FreeVPS?
To remove a virtual server from a live FreeVPS system, do the following:
  • Check if you have H-Sphere VPS installed:
    rpm -qa | grep hsphere-vps
    If it is installed, run the H-Sphere VPS script to delete the virtual server:
    /hsphere/shared/scripts/vps-delete.pl <VPS_NAME>
    where <VPS_NAME> is the virtual server's name (for example, vps1.host.com).
    Warning: Do not manually remove an H-Sphere VPS server! Use the above script instead!
  • If you don't have H-Sphere VPS:
    1. Stop the virtual server to be removed:
      vserver <VPS_NAME> stop
    2. Set owner context 0:
      setattrib -c 0 -r /vservers/<VPS_NAME> -s
    3. To completely destroy all context data from the kernel's memory, run:
      vserver_ctl --ctx <context_id> --destroy
      If you get an error at this step, run:
      vserver_ctl --ctx <context_id> --stop
      vserver_ctl --ctx >context_id> --destroy
      Here, <context_id> is the VPS's context identifier that can be found out by the following command:
      cat /etc/vservers/<VPS_NAME>.conf |grep S_CONTEXT
    4. Normally, if the vpsinit script is installed to a virtual server (/vservers/<VPS_NAME>/etc/init.d/vpsinit by default), it is called when the virtual server is being stopped, to unmount all mounted filesystems. Otherwise, you need to unmount them manually. Run:
      cat /proc/mounts | grep <VPS_NAME>
      to get the list of mounted partitions for a virtual server. Unmount them adding the /vservers/<VPS_NAME> prefix to the directories specified there, for example:
      umount /vservers/<VPS_NAME>/proc
      umount /vservers/<VPS_NAME>/dev/pts
    5. Remove the virtual server's content:
      rm -rf /vservers/<VPS_NAME>
    6. Remove the VPS's configuration files:
      rm -f /etc/freevsp/<VPS_NAME>*



3.7. How to configure iptables on a virtual server?
For this, you must run insmod not from inside the virtual server, but from the host server. Minimal set of modules required for iptables is ip_tables and iptables_filter:
insmod ip_ tables
insmod iptables_filter
This will automatically initialize iptables on all virtual servers after their reboot. However, to keep iptables enabled on virtual servers upon the host server reboot, the above commands must be run at the host's startup.


3.8. How to use tunnels from inside a virtual server?
You need to have FreeVPS tools of at least version 1.3.0 and FreeVPS kernel version 1.2 and up. Use vserver_ctl to set the flag UNREG_VDEV that allows using arbitrary network devices. However, mind that in this case the module for control over setting addresses will be disabled.

To use ppp tunnels (pptp and stunnel+pppd), you need to create the /dev/ppp device according to pppd requirements.
If you build the kernel with ppp integration, the modules must be loaded from the host server environment.


4. Kernel

4.1. What is the FreeVPS kernel based on?
FreeVPS kernel is based on standard Linux 2.4.21 build 15 kernel patched with the FreeVPS kernel patch.
Download FreeVPS kernel RPM packages for different platforms from http://www.freevps.com/download/rpms/
To build your own FreeVPS kernel binaries using the latest patch (snapshot), follow these instructions.


4.2. Can I manually build a kernel to support VPS?
Yes, you can do this. You will need Linux 2.4.21-15 kernel sources and a FreeVPS patch to this kernel. Download FreeVPS snapshot patches from the download area and build your own kernel according to the respective guide.


5. H-Sphere Related Questions

5.1. Most control panels require quota support. Does VPS support quota?
FreeVPS solution allows you to use group/user quota inside a virtual server. If hsphere-vps scripts are installed, new virtual servers are created with user and group quota support on their root (/) partitions. Please refer to Quota Configuration for details.


5.2. Can I install HSphere Control Panel on a VPS server?
Since H-Sphere virtual private servers are logically separate boxes, and VPS support quota, you can install H-Sphere Control Panel on it. However, we recommend you not to use VPS as your CP server.

If you nevertheless decided to install H-Sphere CP on a virtual server, you do this at your own risk and you need remember that:

- CP is based on Java applications, so it requires a lot of virtual memory. We advise you to turn off (set to 0) memory limit on a virtual server where your CP will be installed. Thus you will be able to run CP more efficiently.

- If you add a new IP to your CP (internal/external), you need first to allow this IP on the CP server's VPS by adding the IP from the host. Otherwise, the IP cannot be bound to a virtual server. To allow and bind a new IP to a VPS, use "vps-addip.pl" script at your host. See the guide on VPS Scripts for details.


5.3. Can I use virtual servers as physical/logical servers on my CP?
Virtual private servers are virtually separate boxes, so they are considered by CP as different physical servers, and therefore can be added as physical/logical servers to your H-Sphere Control Panel.

Read the step-by-step instruction on adding servers to H-Sphere.

If you add a new IP to your physical/logical server on a VPS, you must allow (simply add) this IP in this VPS first, and then add this new IP in CP as for actual servers. Use the vps-addip.pl script to allow IP in VPS, or use VPS management facilities in Control Panel.


5.4. During signup to a VPS plan, I get the exception "Failed to create Account hostentry.exclusivevps".
Probably, no free IPs are available in your logical VPS server. In this case, you need to add more IPs and try to sign up to VPS plan again. Read more in the VPS Configuration manual.


5.5. Can I initialize/create new virtual servers from the console, not from CP?
Aside from H-Sphere Control Panel, it is possible to manage VPS from console by means of H-Sphere VPS scripts. But in this case you would be devoid of a comfortable Web interface, billing system, and other Control Panel facilities.


5.6. I was following the setup instructions for the VPS system, and, when I went to Plan Wizard to add a plan, there was no VPS plan type available.
The problem is that your Logical Server is not available for signup. You need to go to the E.MANAGER menu, enter your logical server and turn on the option "Available for Signup" for it.

Read more on VPS configuration via H-Sphere Control Panel.


5.7. When we enable the VPS resource, does it become available to our resellers?
If you enable the VPS option, it becomes available for your resellers and for their end users. However, reseller admins are not able to change VPS configuration.



6. Troubleshooting

6.1. My server has 1GB RAM and boots with kernel panic.
This problem is fixed since FreeVPS 1.2-17. Please upgrade to the latest FreeVPS version.




6.2. No traffic is possible between a virtual server and VPS host.
Please make sure that routing to a VPS address points to any of ethernet devices, not to loopback. Moreover, VPS host must not have any network devices or alias with addresses already bound to VPSs.


6.3. I have problems with running rpm after FreeVPS kernel installation.
Unfortunately, not every version of glibc/ld recognizes the new kernel without problems. As a solution, try to run applications specifying a deliberately lesser version of the kernel, e.g.,
# LD_ASSUME_KERNEL=2.2.5 rpm -ivh ...


6.4. I can't build freevps-tools.
There should be no problems with building freevps-tools on RedHat. We develop and test our utilities specifically for building and running them on RedHat 7.3 and RedHat EL.
If your OS is not RedHat, try to create the /usr/include/linux symlink to the $FREEVPS_SRC/include/linux directory, where FREEVPS_SRC is the FreeVPS source files directory.
For example, if your sources are located in /usr/src/linux, the symlink should point to /usr/src/linux/include/linux.



See Also

News
Doc Home



Home   Downloads   Docs   Faq   News  Partners   Contact
© Copyright 1998-2006. Positive Software Corporation.
All rights reserved.