Setting up a basic vserver
This describes how to install the vserver software and install a minimal single alpine vserver guest. In real life you will need to mount /vservers on a harddisk since the vserver guests does not (yet) have support for loading packages and configs from cdrom and usb.
Contents |
Setting up the host
Boot from a vserver image.
Login as root
Configure the basics and networking with
setup-alpine
Install the vserver software:
apk add util-vserver
Start the vprocunhide service:
/etc/init.d/vprocunhide start
At this point you will most likely want to set up RAID and/or LVM. Setting up disks will not be discussed in this article.
Setting up the guest
- The vserver build command needs a template of a base system to build the new guest. Typically this template is a bz2 tar archive, and you need to build it yourself:
apk --initdb -U -X http://dl-2.alpinelinux.org/alpine/v2.5/main --root /tmp/tmpdir --allow-untrusted add alpine-base cd /tmp/tmpdir && tar -jcf ../base.tar.bz2 * && cd .. && rm -rf /tmp/tmpdir
The template is now in /tmp/base.tar.bz2
- Create the guest - its called guest1 here:
vserver guest1 build \ --interface eth0:<ipaddr>/<mask> \ --hostname guest1 --initstyle openrc -m template -- \ -t /tmp/base.tar.bz2 \ -d alpine
- optional - rm /tmp/base.tar.bz if no longer needed
Where <ipaddr> is the ip address for the guest and <mask> is the network mask.
- Start the vserver
vserver guest1 start
- (optional) enter the vguest
vserver guest1 enter
Note the hostname changes; you can edit /etc/resolv.conf and /etc/apk/repostiories, then do an apk update; apk upgrade; apk add ..... all inside the guest. These operations do not affect the host. This method of entering the guest is necessary until you install and start an ssh server. When done, exit to return to the host
Debian Guest
Debian will take up to 200 MB to begin with. So plan ahead.
To build a debian based guest:
apk add perl debootstrap
vserver debguest build \
--context 1002 \
--interface eth0:<ipaddr>/<mask> \
--hostname debguest -m debootstrap -- \
-d etch -m http://<debian mirror url>/debian -- \
--verbose --arch=i386
The -d option passes the "distro" you would like to use. In /usr/lib/util-vserver/distributions/ is the list. squeeze is currently "stable". Make sure to also go into the chroot environment and remove any scripts in /etc/rc.X folders that have to do with mounting or hardware devices.
Starting vservers at boot
You will need run your /vservers directory on disk as mentioned earlier otherwise the vservers will not be there after a reboot.
Make sure the vprocunhide script is run before the vservers are started
rc-update add vprocunhide
Each guest can be assigned a mark. Then you can configure what marked vservers to start at boot. Default mark is default.
mkdir -p /etc/vservers/guest1/apps/init echo "default" >/etc/vservers/guest1/apps/init/mark rc-update add vservers.default
Now all vservers marked with default will boot on start.
Notes
Vservers have a fstab used when the server starts. Make sure to look at it before hand. /tmp may get mounted as a tmpfs of 16mb which will stop most services running on the guest.
Firewall
You have to take care of this from the Host machine.
Using Shorewall makes managing the firewall service easy. Start off by making each vserver guest a variable to use in /etc/shorewall/params.
VSERVGUEST01=169.254.0.2 VSERVGUEST02=169.254.0.3
Your /etc/shorewall/rules will look something like this:
ACCEPT eth0 fw:$VSERVGUEST01 tcp 22 ACCEPT eth0 fw:$VSERVGUEST02 tcp 80
