Setting up a basic vserver
This describes how to install the vserver software and install a minimal single alpine vserver guest. In real life you will need to mount /vservers on a harddisk since the vserver guests does not (yet) have support for loading packages and configs from cdrom and usb.
Setting up the host
Boot from a vserver image.
Login as root
Configure the basics and networking with
Install the vserver software:
Start the vprocunhide service:
Setting up the guest
- The vserver build command needs a template of a base system to build the new guest. Typically this template is a bz2 tar archive, and you need to build it yourself:
The template is now in /tmp/base.tar.bz2
- Create the guest - its called guest1 here:
- optional - rm /tmp/base.tar.bz if no longer needed
Where <ipaddr> is the ip address for the guest and <mask> is the network mask.
- Start the vserver
- (optional) enter the vguest
Note the hostname changes; you can edit /etc/resolv.conf and /etc/apk/repostiories, then do an apk update; apk upgrade; apk add ..... all inside the guest. These operations do not affect the host. This method of entering the guest is necessary until you install and start an ssh server. When done, exit to return to the host
Debian will take up to 200 MB to begin with. So plan ahead.
To build a debian based guest:
vserver debguest build \ --context 1002 \ --interface eth0:<ipaddr>/<mask> \ --hostname debguest -m debootstrap -- \ -d etch -m http://<debian mirror url>/debian -- \ --verbose --arch=i386
The -d option passes the "distro" you would like to use. In /usr/lib/util-vserver/distributions/ is the list. squeeze is currently "stable". Make sure to also go into the chroot environment and remove any scripts in /etc/rc.X folders that have to do with mounting or hardware devices.
Starting vservers at boot
You will need run your /vservers directory on disk as mentioned earlier otherwise the vservers will not be there after a reboot.
Make sure the vprocunhide script is run before the vservers are started
Each guest can be assigned a mark. Then you can configure what marked vservers to start at boot. Default mark is default.
Now all vservers marked with default will boot on start.
Vservers have a fstab used when the server starts. Make sure to look at it before hand. /tmp may get mounted as a tmpfs of 16mb which will stop most services running on the guest.
You have to take care of this from the Host machine.
Using Shorewall makes managing the firewall service easy. Start off by making each vserver guest a variable to use in /etc/shorewall/params.
Your /etc/shorewall/rules will look something like this:
ACCEPT eth0 fw:$VSERVGUEST01 tcp 22 ACCEPT eth0 fw:$VSERVGUEST02 tcp 80