Install Alpine on Rackspace: Difference between revisions
Dubiousjim (talk | contribs) (Added Category) |
m (This article is obsolete.) |
||
| (5 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{Obsolete|The article needs to be updated to cover a version of alpine with a support level greater than "none".}} | |||
{{Expand|This article is not compatible with posix shell but should be since alpine uses ash by default}} | |||
== Create a minimal rackspace server == | == Create a minimal rackspace server == | ||
| Line 13: | Line 15: | ||
mkdir overlay | mkdir overlay | ||
cd overlay | cd overlay | ||
mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu | mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk | ||
If you want to keep the existing host identity (e.g. SSH key), you can copy them over: | If you want to keep the existing host identity (e.g. SSH key), you can copy them over: | ||
cp -a /etc/{passwd,group,shadow,gshadow,hostname | cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/ | ||
cp /etc/network/interfaces etc/network | cp /etc/network/interfaces etc/network | ||
echo "nameserver 8.8.8.8" > etc/resolv.conf | |||
Copy over your ssh authorized_keys and make sure its included in future: | Copy over your ssh authorized_keys and make sure its included in future: | ||
| Line 31: | Line 34: | ||
'''Make sure there is no whitespace at end of lines''' in interfaces file. Busybox ifup is very picky. | '''Make sure there is no whitespace at end of lines''' in interfaces file. Busybox ifup is very picky. | ||
sed -i -e 's/ *$//' etc/network/interfaces | |||
Create the apk world (/etc/apk/world) with essential packages: | Create the apk world (/etc/apk/world) with essential packages: | ||
| Line 48: | Line 52: | ||
Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory | Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory | ||
tar ../ | tar tzvf ../host.apkovl.tar.gz | ||
cp ../host.apkovl.tar.gz / | cp ../host.apkovl.tar.gz / | ||
| Line 56: | Line 60: | ||
Download an alpine iso and mount it; for example | Download an alpine iso and mount it; for example | ||
wget https://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso | |||
wget | # We will grab the sha512 sum from another mirror | ||
wget https://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512 | |||
sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512 | |||
mkdir /cdrom | mkdir /cdrom | ||
mount alpine*.iso /cdrom -o loop | mount alpine*.iso /cdrom -o loop | ||
| Line 64: | Line 70: | ||
<pre> | <pre> | ||
cp -a /cdrom/* / | cp -a /cdrom/* / | ||
mkdir /cache | |||
umount /cdrom | |||
cat - > | cat - >/boot/grub/grub.cfg <<EOF | ||
default=0 | set default="0" | ||
timeout=3 | set timeout="3" | ||
menuentry "Alpine Linux" { | |||
root (hd0) | insmod gzio | ||
insmod part_msdos | |||
initrd /boot/grsec | insmod ext2 | ||
set root='(hd0,msdos1)' | |||
linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet | |||
initrd /boot/initramfs-grsec | |||
} | |||
EOF | EOF | ||
</pre> | |||
{{Warning|In Alpine 3.2 and earlier the Xen ISO image does not include openssh. Follow these instructions if you want to be able to remotely ssh into your box.}} | |||
Download the base iso and copy the apks | |||
<pre> | |||
wget https://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso | |||
# We will grab the sha512 sum from another mirror | |||
wget https://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512 | |||
sha512sum -c alpine-3.2.2-x86_64.iso.sha512 | |||
mount alpine-3*.iso /cdrom -o loop | |||
cp -a /cdrom/apks/* /apks | |||
</pre> | </pre> | ||
Reboot and check that all came back as expected. | Reboot and check that all came back as expected. | ||
== Cleanup == | |||
Once your server comes back, you are good to go. However, the old Debian system is still on xvda1; and ipv6 is not enabled. These optional steps will fix that: | |||
Enable ipv6 | |||
<pre> | |||
echo "ipv6" >> /etc/modules | |||
modprobe ipv6 | |||
</pre> | |||
You can either reboot or restart networking (and re-log in). | |||
Clear out old stuff: | |||
<pre> | |||
mount /media/UUID* -o remount,rw | |||
cd /media/UUID* | |||
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' ) | |||
# the above command will take a while | |||
rm *.iso | |||
find -type l -exec rm {} \; | |||
rm $( find boot -maxdepth 1 -type f | grep -v grsec) | |||
# Now we blank out the disk - this will take a long time | |||
dd if=/dev/zero of=foo | |||
rm foo | |||
sync | |||
</pre> | |||
reboot and you should be good to go. | |||
[[Category:Installation]] | [[Category:Installation]] | ||
Latest revision as of 09:29, 13 January 2024
 The article needs to be updated to cover a version of alpine with a support level greater than "none". (Discuss) |
 This article is not compatible with posix shell but should be since alpine uses ash by default |
Create a minimal rackspace server
Debian 7
512MB, 20GB
Copy settings from existing server into apkovl
The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.
Create basic layout for the overlay:
mkdir overlay
cd overlay
mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk
If you want to keep the existing host identity (e.g. SSH key), you can copy them over:
cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/
cp /etc/network/interfaces etc/network
echo "nameserver 8.8.8.8" > etc/resolv.conf
Copy over your ssh authorized_keys and make sure its included in future:
cp -a /root/.ssh/authorized_keys root/.ssh echo "/root/.ssh" > etc/lbu/include
Edit etc/passwd and change bash to /bin/sh.
sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd
Note: If you don't do this, nobody (even with physical access) will be able to log into the machine.
Make sure there is no whitespace at end of lines in interfaces file. Busybox ifup is very picky.
sed -i -e 's/ *$//' etc/network/interfaces
Create the apk world (/etc/apk/world) with essential packages:
echo "alpine-base iproute2 openssh bash" > etc/apk/world
(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)
Double check the IP configuration and ssh keys.
Finally, make the essential services start up automatically and create the overlay file:
ln -s /etc/init.d/{hwclock,modules,sysctl,hostname,bootmisc,syslog} etc/runlevels/boot/
ln -s /etc/init.d/{devfs,dmesg,mdev,hwdrivers} etc/runlevels/sysinit/
ln -s /etc/init.d/{networking,sshd} etc/runlevels/default/
ln -s /etc/init.d/{mount-ro,killprocs,savecache} etc/runlevels/shutdown/
tar czf ../host.apkovl.tar.gz *
Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory
tar tzvf ../host.apkovl.tar.gz cp ../host.apkovl.tar.gz /
Install Alpine cd-rom image to hard disk
We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules).
Download an alpine iso and mount it; for example
wget https://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso # We will grab the sha512 sum from another mirror wget https://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512 sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512 mkdir /cdrom mount alpine*.iso /cdrom -o loop
Copy the contents of cd-rom image to root of current installation, then setup grub:
cp -a /cdrom/* /
mkdir /cache
umount /cdrom
cat - >/boot/grub/grub.cfg <<EOF
set default="0"
set timeout="3"
menuentry "Alpine Linux" {
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos1)'
linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet
initrd /boot/initramfs-grsec
}
EOF
Warning: In Alpine 3.2 and earlier the Xen ISO image does not include openssh. Follow these instructions if you want to be able to remotely ssh into your box.
Download the base iso and copy the apks
wget https://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso # We will grab the sha512 sum from another mirror wget https://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512 sha512sum -c alpine-3.2.2-x86_64.iso.sha512 mount alpine-3*.iso /cdrom -o loop cp -a /cdrom/apks/* /apks
Reboot and check that all came back as expected.
Cleanup
Once your server comes back, you are good to go. However, the old Debian system is still on xvda1; and ipv6 is not enabled. These optional steps will fix that:
Enable ipv6
echo "ipv6" >> /etc/modules modprobe ipv6
You can either reboot or restart networking (and re-log in).
Clear out old stuff:
mount /media/UUID* -o remount,rw
cd /media/UUID*
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' )
# the above command will take a while
rm *.iso
find -type l -exec rm {} \;
rm $( find boot -maxdepth 1 -type f | grep -v grsec)
# Now we blank out the disk - this will take a long time
dd if=/dev/zero of=foo
rm foo
sync
reboot and you should be good to go.