OpenVZ supports VPN inside a container via kernel TUN/TAP module and device.
To allow container #101 to use the TUN/TAP device the following should be done:
Make sure the tun module has been already loaded on the hardware node:
modprobe tun To make sure that tun module will be automatically loaded on every reboot you can also add it or into
vzctl set 101 --devnodes net/tun:rw --save
Make sure the tun module has been already loaded on the hardware node:
lsmod | grep tunIf it is not there, use the following command to load tun module:
modprobe tun To make sure that tun module will be automatically loaded on every reboot you can also add it or into
/etc/modules.conf (on RHEL see /etc/sysconfig/modules/ directory).
Granting container an access to TUN/TAP
Allow your container to use the tun/tap device by running the following commands on the host node:vzctl set 101 --devnodes net/tun:rw --save
No comments:
Post a Comment