Setting up a basic vserver

From Alpine Linux
Jump to: navigation, search

This describes how to install the vserver software and install a minimal single alpine vserver guest. In real life you will need to mount /vservers on a harddisk since the vserver guests does not (yet) have support for loading packages and configs from cdrom and usb.

Contents

Setting up the host

Boot from a vserver image.

Login as root

Configure the basics and networking with

setup-alpine

Install the vserver software:

apk add util-vserver

Start the vprocunhide service:

/etc/init.d/vprocunhide start

At this point you will most likely want to set up RAID and/or LVM. Setting up disks will not be discussed in this article.

Setting up the guest

  • The vserver build command needs a template of a base system to build the new guest. Typically this template is a bz2 tar archive, and you need to build it yourself:

apk --initdb -U -X http://dl-2.alpinelinux.org/alpine/v2.5/main --root /tmp/tmpdir --allow-untrusted add alpine-base cd /tmp/tmpdir && tar -jcf ../base.tar.bz2 * && cd .. && rm -rf /tmp/tmpdir

The template is now in /tmp/base.tar.bz2

  • Create the guest - its called guest1 here:

vserver guest1 build \ --interface eth0:<ipaddr>/<mask> \ --hostname guest1 --initstyle openrc -m template -- \ -t /tmp/base.tar.bz2 \ -d alpine

  • optional - rm /tmp/base.tar.bz if no longer needed

Where <ipaddr> is the ip address for the guest and <mask> is the network mask.

  • Start the vserver

vserver guest1 start

  • (optional) enter the vguest

vserver guest1 enter

Note the hostname changes; you can edit /etc/resolv.conf and /etc/apk/repostiories, then do an apk update; apk upgrade; apk add ..... all inside the guest. These operations do not affect the host. This method of entering the guest is necessary until you install and start an ssh server. When done, exit to return to the host

Debian Guest

Debian will take up to 200 MB to begin with. So plan ahead.

To build a debian based guest:

apk add perl debootstrap

vserver debguest build \
    --context 1002 \
    --interface eth0:<ipaddr>/<mask> \
    --hostname debguest -m debootstrap -- \
    -d etch -m http://<debian mirror url>/debian -- \
    --verbose --arch=i386

The -d option passes the "distro" you would like to use. In /usr/lib/util-vserver/distributions/ is the list. squeeze is currently "stable". Make sure to also go into the chroot environment and remove any scripts in /etc/rc.X folders that have to do with mounting or hardware devices.

Starting vservers at boot

You will need run your /vservers directory on disk as mentioned earlier otherwise the vservers will not be there after a reboot.

Make sure the vprocunhide script is run before the vservers are started

rc-update add vprocunhide

Each guest can be assigned a mark. Then you can configure what marked vservers to start at boot. Default mark is default.

mkdir -p /etc/vservers/guest1/apps/init echo "default" >/etc/vservers/guest1/apps/init/mark rc-update add vservers.default

Now all vservers marked with default will boot on start.

Notes

Vservers have a fstab used when the server starts. Make sure to look at it before hand. /tmp may get mounted as a tmpfs of 16mb which will stop most services running on the guest.

Firewall

You have to take care of this from the Host machine.

Using Shorewall makes managing the firewall service easy. Start off by making each vserver guest a variable to use in /etc/shorewall/params.

VSERVGUEST01=169.254.0.2
VSERVGUEST02=169.254.0.3

Your /etc/shorewall/rules will look something like this:

ACCEPT  eth0     fw:$VSERVGUEST01   tcp    22
ACCEPT  eth0     fw:$VSERVGUEST02   tcp    80