Replacing non-Alpine Linux with Alpine remotely: Difference between revisions

From Alpine Linux
No edit summary
No edit summary
Line 6: Line 6:


'''WARNING: UNTESTED INSTRUCTION. WRITING IN PROGRESS.'''
'''WARNING: UNTESTED INSTRUCTION. WRITING IN PROGRESS.'''
Prerequisites:
* SSH access to the remote box (needs to have SSH server running)
* Alpine Linux supported hardware
* Adventurous mind


== Create apk overlay suitable for hard disk based tmpfs boot ==
== Create apk overlay suitable for hard disk based tmpfs boot ==
Line 18: Line 23:
If you want to keep the existing host identity (e.g. SSH key), you can copy them over:
If you want to keep the existing host identity (e.g. SSH key), you can copy them over:
  cp -a /etc/{passwd,group,shadow,gshadow,hostname,resolv.conf,network/interfaces,ssh} etc/
  cp -a /etc/{passwd,group,shadow,gshadow,hostname,resolv.conf,network/interfaces,ssh} etc/
Copy over your ssh authorized_keys:
cp -a my_authorized_keys root/.ssh


If you copy over passwd, replace default shell to be /bin/sh for everyone.
If you copy over passwd, replace default shell to be /bin/sh for everyone.
Line 34: Line 42:
  alpine-base iproute2 openssh
  alpine-base iproute2 openssh


'''Double check IP information.'''
'''Double check IP configuration.'''


Finally, make the essential services start up automatically and create the overlay file:
Finally, make the essential services start up automatically and create the overlay file:
Line 69: Line 77:


== Install Alpine on hard-disk ==
== Install Alpine on hard-disk ==
Reboot, the box. And wait for it to come alive again. If it doesn't, tough luck. So dry practice with local box, with as identical hardware as possible.
Once back in the box, we are running in Alpine Linux from tmpfs. So just do a regular installation of Alpine from network via ssh connection.
Edit /etc/apk/repositories to contain your favorite Alpine mirror or just:
http://dl-3.alpinelinux.org/alpine/v1.9/packages/main
Finally run:
/etc/init.d/modloop stop
apk update
setup-disk

Revision as of 12:07, 16 September 2009

Instructions to replace running Linux installation with Alpine Linux, remotely using ssh connection only.

Tested using alpine-1.9.0_rc2.

CAUTION: Practice with computer with physical access first. If something goes wrong, the remote box will very likely be left into unusable state.

WARNING: UNTESTED INSTRUCTION. WRITING IN PROGRESS.

Prerequisites:

  • SSH access to the remote box (needs to have SSH server running)
  • Alpine Linux supported hardware
  • Adventurous mind

Create apk overlay suitable for hard disk based tmpfs boot

The first step is to create Alpine configuration file with basic configuration of the host. We need the new box to start networking and ssh in the beginning so we can reconnect to it after reboot.

Create basic layout for the overlay:

mkdir overlay
cd overlay
mkdir -p etc/ssh etc/network etc/runlevels/default etc/runlevels/boot root/.ssh

If you want to keep the existing host identity (e.g. SSH key), you can copy them over:

cp -a /etc/{passwd,group,shadow,gshadow,hostname,resolv.conf,network/interfaces,ssh} etc/

Copy over your ssh authorized_keys:

cp -a my_authorized_keys root/.ssh

If you copy over passwd, replace default shell to be /bin/sh for everyone.

You can copy the network/interfaces might not necessarily exists. Some distributions use different configuration file for network. If it does not exists, you need to create it. It should look something like:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
      address ip.ad.dr.es
      netmask 255.255.255.0
      gateway gw.ad.dr.es

Create the apk world (var/lib/apk/world) with essential packages:

alpine-base iproute2 openssh

Double check IP configuration.

Finally, make the essential services start up automatically and create the overlay file:

ln -s /etc/init.d/hostname etc/runlevels/boot/hostname
ln -s /etc/init.d/bootmisc etc/runlevels/default/bootmisc
ln -s /etc/init.d/networking etc/runlevels/default/networking
ln -s /etc/init.d/sshd etc/runlevels/default/sshd
tar czf ../host.apkovl.tar.gz *

Install Alpine cd-rom image on hard disk

We need to copy over two sets of information: the boot kernel (kernel, initramdisk and boot configuration) and operating system boot data (overlay, apk packages and kernel modules). These can reside on same partition if they fit. However, /boot is usually small, so you might want to put the apks on separate partition. This guide assumes they are on hda1 (/boot) sand hda2 (/).

We start with the easy task. Place the overlay file and the "apks" directory from cd-rom image to root of current installation:

cp host.apkovl.tar.gz /
cp -a /cdrom/apks /
cp -a /cdrom/boot/grsec.cmg /

Next we make the Alpine Linux kernel bootable (requires syslinux) and use fdisk to mark the /boot partition as bootable (if not done already):

cp -a /cdrom/boot/grsec{,.gz} /boot
dd if=/usr/share/syslinux/mbr.bin of=/dev/hda
fdisk /dev/hda

Create /boot/extlinux.conf with contents like (alpine_dev needs special care, generally hard-disks are sd* in alpine due to new kernel and libata; you also need to check the filesystem type; kernel and initrd are relative to partition root):

timeout 20
prompt 1
default grsec
label grsec
  kernel /grsec
  append initrd=/grsec.gz alpine_dev=sda2:ext3 modloop=grsec.cmg modules=loop,cramfs,sd-mod,usb-storage,ext3 quiet

Finally make the /boot partition bootable by extlinux.

extlinux -i /boot

Install Alpine on hard-disk

Reboot, the box. And wait for it to come alive again. If it doesn't, tough luck. So dry practice with local box, with as identical hardware as possible.

Once back in the box, we are running in Alpine Linux from tmpfs. So just do a regular installation of Alpine from network via ssh connection.

Edit /etc/apk/repositories to contain your favorite Alpine mirror or just:

http://dl-3.alpinelinux.org/alpine/v1.9/packages/main

Finally run:

/etc/init.d/modloop stop
apk update
setup-disk