Difference between revisions of "Install Alpine on Rackspace"

From Alpine Linux
Jump to: navigation, search
(initial page)
 
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Draft}}
 
  
'''THIS IS A WIP, AND WAS JUST COPIED FROM INSTALLING ALPINE ON EC2'''
+
== Create a minimal rackspace server ==
 +
Debian 7
  
 +
512MB, 20GB
  
  
 +
== Copy settings from existing server into apkovl ==
  
 +
The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.
  
 +
Create basic layout for the overlay:
 +
mkdir overlay
 +
cd overlay
 +
mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk
  
 +
If you want to keep the existing host identity (e.g. SSH key), you can copy them over:
  
 +
cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/
 +
cp /etc/network/interfaces etc/network
 +
echo "nameserver 8.8.8.8" > etc/resolv.conf
  
 +
Copy over your ssh authorized_keys and make sure its included in future:
 +
cp -a /root/.ssh/authorized_keys root/.ssh
 +
echo "/root/.ssh" > etc/lbu/include
  
  
 +
Edit etc/passwd and change bash to /bin/sh.
 +
sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd
  
 +
{{Note|If you don't do this, nobody (even with physical access) will be able to log into the machine.}}
  
 +
'''Make sure there is no whitespace at end of lines''' in interfaces file. Busybox ifup is very picky.
 +
sed -i -e 's/ *$//' etc/network/interfaces
  
The goal here is to have a "1GB" (the smallest possible) EBS 'virtual usb stick' that can boot and run Alpine Linux.  
+
Create the apk world (/etc/apk/world) with essential packages:
 +
  echo "alpine-base iproute2 openssh bash" > etc/apk/world
  
= Create an EBS backed Alpine Linux AMI =
+
(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)
  
{{Note|You need to do this process at least once in each availability region.  EBS can't be shared between Ireland and California, for instance.}}
+
'''Double check the IP configuration and ssh keys.'''
  
* Create an Amazon instance in the desired availability regionA micro instance is fine - we will need it only long enough to create our EBS usb stick.
+
Finally, make the essential services start up automatically and create the overlay file:
* Create a new 1GB EBS volume
+
ln -s /etc/init.d/{hwclock,modules,sysctl,hostname,bootmisc,syslog} etc/runlevels/boot/
* Attach the new volume to the running instance
+
  ln -s /etc/init.d/{devfs,dmesg,mdev,hwdrivers} etc/runlevels/sysinit/
* The new volume will have a name like /dev/xvdf or such
+
ln -s /etc/init.d/{networking,sshd} etc/runlevels/default/
* Format the volume as ext4 {{Cmd|mke2fs -t ext4 /dev/xvdf}}  ''Do not partition it - just format the whole volume''
+
ln -s /etc/init.d/{mount-ro,killprocs,savecache} etc/runlevels/shutdown/
* wget a '''x86_64''' iso and extract it to the new volume. 32bit will not work.  
+
tar czf ../host.apkovl.tar.gz *
 +
 
 +
Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory
 +
 
 +
tar tzvf ../host.apkovl.tar.gz
 +
cp ../host.apkovl.tar.gz /
 +
 
 +
== Install Alpine cd-rom image to hard disk ==
 +
 
 +
We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules).
 +
 
 +
Download an alpine iso and mount it; for example
 +
  wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso
 +
  # We will grab the sha512 sum from another mirror
 +
  wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512
 +
  sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512
 +
  mkdir /cdrom
 +
  mount alpine*.iso /cdrom -o loop
 +
 
 +
Copy the contents of cd-rom image to root of current installation, then setup grub:
 
<pre>
 
<pre>
wget http://dl-4.alpinelinux.org/alpine/v2.4/releases/x86_64/alpine-2.4.5-x86_64.iso
+
cp -a /cdrom/* /
mkdir target
+
mkdir /cache
mkdir source
+
umount /cdrom
mount /dev/xvdf target
+
 
mount -o loop alpine-2.4.5-x86_64.iso source
+
cat - >/boot/grub/grub.cfg <<EOF
cp -av source/boot target
+
set default="0"
cp -av source/apks target
+
set timeout="3"
umount source
+
 
 +
menuentry "Alpine Linux" {
 +
insmod gzio
 +
insmod part_msdos
 +
insmod ext2
 +
set root='(hd0,msdos1)'
 +
linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet
 +
        initrd /boot/initramfs-grsec
 +
}
 +
EOF
 
</pre>
 
</pre>
* Create a grub.conf on the new partition.   
+
 
 +
{{Warning|In Alpine 3.2 and earlier the Xen ISO image does not include opensshFollow these instructions if you want to be able to remotely ssh into your box.}}
 +
 
 +
Download the base iso and copy the apks
 
<pre>
 
<pre>
mkdir -p target/boot/grub
+
wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso
cat - >target/boot/grub/grub.conf <<EOF
+
# We will grab the sha512 sum from another mirror
default=0
+
wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512
timeout=3
+
sha512sum -c alpine-3.2.2-x86_64.iso.sha512
hiddenmenu
+
mount alpine-3*.iso /cdrom -o loop
 +
cp -a /cdrom/apks/* /apks
 +
</pre>
 +
 
 +
 
 +
Reboot and check that all came back as expected.
 +
 
 +
== Cleanup ==  
 +
 
 +
Once your server comes back, you are good to go.  However, the old Debian system is still on xvda1; and ipv6 is not enabled.  These optional steps will fix that:
  
title Alpine Linux
+
Enable ipv6
root (hd0)
 
kernel /boot/grsec alpine_dev=xvda1:ext4 modules=loop,squashfs,sd-mod,ext4 console=hvc0 pax_nouderef BOOT_IMAGE=/boot/grsec
 
initrd /boot/grsec.gz
 
EOF
 
</pre>
 
:* Syslinux automatically adds BOOT_IMAGE to the kernel command line; grub does not, so make sure you specify it in the grub.conf
 
:* You do not need any other grub files - just boot.conf
 
* symlink the grub.conf to menu.lst
 
 
<pre>
 
<pre>
ln -sf ./grub.conf target/boot/grub/menu.lst
+
echo "ipv6" >> /etc/modules
 +
modprobe ipv6
 
</pre>
 
</pre>
* Create an amazon.apkovl.tar.gz file to put on the target
 
** This is probably easiest on a local alpine linux instance.  Make sure the following are configured:
 
*** eth0 uses dhcp
 
*** networking is set to autostart
 
*** sshd is installed and set to autostart
 
*** Your ssh public key is in /root/.ssh/authorized_keys
 
*** The root password is set to something
 
*** lbu include root/.ssh
 
*** (optional) - Delete the /etc/ssh/*key* files, so they are created on the new box
 
** {{Cmd|lbu package amazon.apkovl.tar.gz}} {{Warning|If you are packaging on a 32bit box, manually delete etc/apk/arch from the apkovl.tar.gz file}}
 
** Copy amazon.apkovl.tar.gz to target/
 
* Unmount target
 
* '''Do the following from the Amazon web interface'''
 
** Detach the new volume
 
** Make note of the volume ID
 
** Launch NEW instance.  Use defaults, amazon linux, micro; we are going to canibalize it in a bit, so defaults are fine here.
 
** Once the instance starts, ''stop'' but ''do not terminate'' the instance.
 
** Under EBS, detach the existing volume, and attach the alpine linux volume as /dev/sda1 (note the 1 at the end)
 
** Restart the instance
 
* Log in and make sure it works
 
* Do any final cleanups necessary, and if necessary lbu ci
 
** Only make configs that are appropriate for an AMI, we are going to snapshot this instance and create an AMI out of it
 
* Again from the Amazon web interface
 
** Delete the 8GB volume that is no longer needed
 
** ''Stop'' but do not terminate the instance
 
** Right click the stopped instance and choose 'Create Image (EBS AMI)'
 
*** Image name should be unique for the image - example AlpineLinux-2.4.5
 
*** Description can be anything - example 'Base AlpineLinux Installation - no services'
 
* Done.
 
  
 +
You can either reboot or restart networking (and re-log in).
  
  
 +
Clear out old stuff:
 +
<pre>
 +
mount /media/UUID* -o remount,rw
 +
cd /media/UUID*
 +
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' )
 +
# the above command will take a while
 +
rm *.iso
 +
find -type l -exec rm {} \;
 +
rm $( find boot  -maxdepth 1 -type f | grep -v grsec)
 +
# Now we blank out the disk - this will take a long time
 +
dd if=/dev/zero of=foo
 +
rm foo
 +
sync
 +
</pre>
 +
 +
reboot and you should be good to go.
  
[[Category:Virtualization]]
+
[[Category:Installation]]

Latest revision as of 20:10, 28 July 2015

Create a minimal rackspace server

Debian 7

512MB, 20GB


Copy settings from existing server into apkovl

The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.

Create basic layout for the overlay:

mkdir overlay
cd overlay
mkdir -p etc/ssh etc/network etc/runlevels/{default,boot,sysinit,shutdown} root/.ssh etc/lbu etc/apk

If you want to keep the existing host identity (e.g. SSH key), you can copy them over:

cp -a /etc/{passwd,group,shadow,gshadow,hostname,network/interfaces,ssh} etc/
cp /etc/network/interfaces etc/network
echo "nameserver 8.8.8.8" > etc/resolv.conf

Copy over your ssh authorized_keys and make sure its included in future:

cp -a /root/.ssh/authorized_keys root/.ssh
echo "/root/.ssh" > etc/lbu/include


Edit etc/passwd and change bash to /bin/sh.

sed -i -e '/^root:/s:/bin/bash:/bin/sh:' etc/passwd
Note: If you don't do this, nobody (even with physical access) will be able to log into the machine.

Make sure there is no whitespace at end of lines in interfaces file. Busybox ifup is very picky.

sed -i -e 's/ *$//' etc/network/interfaces

Create the apk world (/etc/apk/world) with essential packages:

echo "alpine-base iproute2 openssh bash" > etc/apk/world

(bash is technically not needed, but include it in case you forgot to edit your etc/passwd file correctly)

Double check the IP configuration and ssh keys.

Finally, make the essential services start up automatically and create the overlay file:

ln -s /etc/init.d/{hwclock,modules,sysctl,hostname,bootmisc,syslog} etc/runlevels/boot/
ln -s /etc/init.d/{devfs,dmesg,mdev,hwdrivers} etc/runlevels/sysinit/
ln -s /etc/init.d/{networking,sshd} etc/runlevels/default/
ln -s /etc/init.d/{mount-ro,killprocs,savecache} etc/runlevels/shutdown/
tar czf ../host.apkovl.tar.gz *

Verify the overlay with "tar tzf" to see that it contains everything in proper places, and ensure it is in the / directory

tar tzvf ../host.apkovl.tar.gz
cp ../host.apkovl.tar.gz /

Install Alpine cd-rom image to hard disk

We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules).

Download an alpine iso and mount it; for example

 wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso
 # We will grab the sha512 sum from another mirror
 wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-xen-3.2.2-x86_64.iso.sha512
 sha512sum -c alpine-xen-3.2.2-x86_64.iso.sha512 
 mkdir /cdrom
 mount alpine*.iso /cdrom -o loop

Copy the contents of cd-rom image to root of current installation, then setup grub:

cp -a /cdrom/* /
mkdir /cache
umount /cdrom

cat - >/boot/grub/grub.cfg <<EOF 
set default="0"
set timeout="3"

menuentry "Alpine Linux" {
	insmod gzio
	insmod part_msdos
	insmod ext2
	set root='(hd0,msdos1)'
	linux /boot/vmlinuz-grsec root=$(blkid /dev/xvda1 | awk '{ print $2 }' | sed 's/"//g') modules=sd-mod,usb-storage,ext3 quiet
        initrd /boot/initramfs-grsec
}
EOF
Tango-dialog-warning.png
Warning: In Alpine 3.2 and earlier the Xen ISO image does not include openssh. Follow these instructions if you want to be able to remotely ssh into your box.


Download the base iso and copy the apks

wget http://dl-3.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso
# We will grab the sha512 sum from another mirror
wget http://nl.alpinelinux.org/alpine/v3.2/releases/x86_64/alpine-3.2.2-x86_64.iso.sha512
sha512sum -c alpine-3.2.2-x86_64.iso.sha512 
mount alpine-3*.iso /cdrom -o loop
cp -a /cdrom/apks/* /apks


Reboot and check that all came back as expected.

Cleanup

Once your server comes back, you are good to go. However, the old Debian system is still on xvda1; and ipv6 is not enabled. These optional steps will fix that:

Enable ipv6

echo "ipv6" >> /etc/modules
modprobe ipv6

You can either reboot or restart networking (and re-log in).


Clear out old stuff:

mount /media/UUID* -o remount,rw
cd /media/UUID*
rm -rf $( find -type d -maxdepth 1 | grep -v 'apks' | grep -v 'boot' | grep -v 'lost+found' )
# the above command will take a while
rm *.iso
find -type l -exec rm {} \;
rm $( find boot  -maxdepth 1 -type f | grep -v grsec)
# Now we blank out the disk - this will take a long time
dd if=/dev/zero of=foo
rm foo
sync

reboot and you should be good to go.