Install Alpine on Rackspace: Difference between revisions

From Alpine Linux
No edit summary
No edit summary
(7 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Draft}}
'''THIS IS A WIP, AND WAS JUST COPIED FROM INSTALLING ALPINE ON EC2'''


== Create a minimal rackspace server ==
== Create a minimal rackspace server ==
Debian 7
Debian 7
512MB, 20GB
512MB, 20GB




== Create apk overlay suitable for hard disk based tmpfs boot ==
== Copy settings from existing server into apkovl ==


The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.
The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.
Line 15: Line 13:
  mkdir overlay
  mkdir overlay
  cd overlay
  cd overlay
  mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu
  mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk
 
You can also use default Alpine configuration files. In this case you should use ssh key to authorize yourself (as root password is empty, and ssh has empty passwords disabled).


If you want to keep the existing host identity (e.g. SSH key), you can copy them over:
If you want to keep the existing host identity (e.g. SSH key), you can copy them over:


  cp -a /etc/{passwd,group,shadow,gshadow,hostname,resolv.conf,network/interfaces,ssh} etc/
  cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/
  cp /etc/network/interfaces etc/network
  cp /etc/network/interfaces etc/network
echo "nameserver 8.8.8.8" > etc/resolv.conf


Copy over your ssh authorized_keys and make sure its included in future:
Copy over your ssh authorized_keys and make sure its included in future:
Line 29: Line 26:




Find out which shell is used for root:
Edit etc/passwd and change bash to /bin/sh.
 
grep ^root /etc/passwd
 
If its /bin/sh, you are good.  If not, edit etc/passwd and change it to /bin/sh.
  sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd
  sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd


Line 39: Line 32:


'''Make sure there is no whitespace at end of lines''' in interfaces file. Busybox ifup is very picky.
'''Make sure there is no whitespace at end of lines''' in interfaces file. Busybox ifup is very picky.
sed -i -e 's/ *$//' etc/network/interfaces


 
Create the apk world (/etc/apk/world) with essential packages:
Make sure your etc/resolv.conf exists; if not create etc/resolv.conf with the nameserver configuration like:
  echo "alpine-base iproute2 openssh bash" > etc/apk/world
nameserver dns.ip.ad.dr
 
Create the apk world (var/lib/apk/world) with essential packages:
mkdir -p var/lib/apk
  echo "alpine-base iproute2 openssh bash" > var/lib/apk/world


(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)
(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)
Line 61: Line 50:
Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory
Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory


  tar tzvf host.apkovl.tar.gz
  tar tzvf ../host.apkovl.tar.gz
  cp host.apkovl.tar.gz /
  cp ../host.apkovl.tar.gz /


== Install Alpine cd-rom image on hard disk ==
== Install Alpine cd-rom image to hard disk ==


We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules). These can reside on same partition if they fit. However, /boot is usually small, so you might want to put the apks on separate partition. This guide assumes they are on sda1 (/boot) and sda2 (/) with both having ext3 filesystems. If you don't have ext3 on / or /boot, then you might be able to disable swap and reformat the swap partition as ext3 and use that.
We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules).


Download an alpine iso and mount it; for example
Download an alpine iso and mount it; for example
  wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso
  # We will grab the sha512 sum from another mirror
  wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512
  sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512
  mkdir /cdrom
  mount alpine*.iso /cdrom -o loop
Copy the contents of cd-rom image to root of current installation, then setup grub:
<pre>
cp -a /cdrom/* /
mkdir /cache
umount /cdrom


  wget {{#latestalp:alpine|url}}
cat - >/boot/grub/grub.cfg <<EOF
  mount alpine*.iso /cdrom -o loop
set default="0"
set timeout="3"
 
menuentry "Alpine Linux" {
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos1)'
linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet
        initrd /boot/initramfs-grsec
}
EOF
</pre>
 
{{Warning|In Alpine 3.2 and earlier the Xen ISO image does not include openssh.  Follow these instructions if you want to be able to remotely ssh into your box.}}
 
Download the base iso and copy the apks
<pre>
wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso
# We will grab the sha512 sum from another mirror
wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512
sha512sum -c alpine-3.2.2-x86_64.iso.sha512
mount alpine-3*.iso /cdrom -o loop
cp -a /cdrom/apks/* /apks
</pre>
 
 
Reboot and check that all came back as expected.
 
== Cleanup ==
 
Once your server comes back, you are good to go.  However, the old Debian system is still on xvda1; and ipv6 is not enabled.  These optional steps will fix that:
 
Enable ipv6
<pre>
echo "ipv6" >> /etc/modules
modprobe ipv6
</pre>
 
You can either reboot or restart networking (and re-log in).


Copy the apkovl and the contents of cd-rom image to root of current installation:
cp host.apkovl.tar.gz /
cp -a /cdrom/* /


Clear out old stuff:
<pre>
<pre>
mkdir -p /boot/grub
mount /media/UUID* -o remount,rw
cat - >/boot/grub/menu.lst <<EOF
cd /media/UUID*
default=0
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' )
timeout=3
# the above command will take a while
hiddenmenu
rm *.iso
   
find -type l -exec rm {} \;
title Alpine Linux
rm $( find boot -maxdepth 1 -type f | grep -v grsec)
root (hd0)
# Now we blank out the disk - this will take a long time
kernel /boot/grsec alpine_dev=xvda1:ext3 modules=loop,squashfs,sd-mod,ext3 console=hvc0 barrier=off pax_nouderef BOOT_IMAGE=/boot/grsec
dd if=/dev/zero of=foo
initrd /boot/grsec.gz
rm foo
EOF
sync
</pre>
</pre>


:* Syslinux automatically adds BOOT_IMAGE to the kernel command line; grub does not, so make sure you specify it in the grub.conf
reboot and you should be good to go.
:* You do not need any other grub files - just boot.conf


Reboot
[[Category:Installation]]

Revision as of 20:10, 28 July 2015

Create a minimal rackspace server

Debian 7

512MB, 20GB


Copy settings from existing server into apkovl

The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.

Create basic layout for the overlay:

mkdir overlay
cd overlay
mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk

If you want to keep the existing host identity (e.g. SSH key), you can copy them over:

cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/
cp /etc/network/interfaces etc/network
echo "nameserver 8.8.8.8" > etc/resolv.conf

Copy over your ssh authorized_keys and make sure its included in future:

cp -a /root/.ssh/authorized_keys root/.ssh
echo "/root/.ssh" > etc/lbu/include


Edit etc/passwd and change bash to /bin/sh.

sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd
Note: If you don't do this, nobody (even with physical access) will be able to log into the machine.

Make sure there is no whitespace at end of lines in interfaces file. Busybox ifup is very picky.

sed -i -e 's/ *$//' etc/network/interfaces

Create the apk world (/etc/apk/world) with essential packages:

echo "alpine-base iproute2 openssh bash" > etc/apk/world

(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)

Double check the IP configuration and ssh keys.

Finally, make the essential services start up automatically and create the overlay file:

ln -s /etc/init.d/{hwclock,modules,sysctl,hostname,bootmisc,syslog} etc/runlevels/boot/
ln -s /etc/init.d/{devfs,dmesg,mdev,hwdrivers} etc/runlevels/sysinit/
ln -s /etc/init.d/{networking,sshd} etc/runlevels/default/
ln -s /etc/init.d/{mount-ro,killprocs,savecache} etc/runlevels/shutdown/
tar czf ../host.apkovl.tar.gz *

Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory

tar tzvf ../host.apkovl.tar.gz
cp ../host.apkovl.tar.gz /

Install Alpine cd-rom image to hard disk

We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules).

Download an alpine iso and mount it; for example

 wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso
 # We will grab the sha512 sum from another mirror
 wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512
 sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512 
 mkdir /cdrom
 mount alpine*.iso /cdrom -o loop

Copy the contents of cd-rom image to root of current installation, then setup grub:

cp -a /cdrom/* /
mkdir /cache
umount /cdrom

cat - >/boot/grub/grub.cfg <<EOF 
set default="0"
set timeout="3"

menuentry "Alpine Linux" {
	insmod gzio
	insmod part_msdos
	insmod ext2
	set root='(hd0,msdos1)'
	linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet
        initrd /boot/initramfs-grsec
}
EOF
Warning: In Alpine 3.2 and earlier the Xen ISO image does not include openssh. Follow these instructions if you want to be able to remotely ssh into your box.


Download the base iso and copy the apks

wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso
# We will grab the sha512 sum from another mirror
wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512
sha512sum -c alpine-3.2.2-x86_64.iso.sha512 
mount alpine-3*.iso /cdrom -o loop
cp -a /cdrom/apks/* /apks


Reboot and check that all came back as expected.

Cleanup

Once your server comes back, you are good to go. However, the old Debian system is still on xvda1; and ipv6 is not enabled. These optional steps will fix that:

Enable ipv6

echo "ipv6" >> /etc/modules
modprobe ipv6

You can either reboot or restart networking (and re-log in).


Clear out old stuff:

mount /media/UUID* -o remount,rw
cd /media/UUID*
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' )
# the above command will take a while
rm *.iso
find -type l -exec rm {} \;
rm $( find boot  -maxdepth 1 -type f | grep -v grsec)
# Now we blank out the disk - this will take a long time
dd if=/dev/zero of=foo
rm foo
sync

reboot and you should be good to go.