/[gentoo]/xml/htdocs/proj/en/vps/vserver-howto.xml
Gentoo

Contents of /xml/htdocs/proj/en/vps/vserver-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.16 - (hide annotations) (download) (as text)
Mon Dec 10 08:10:55 2012 UTC (16 months, 1 week ago) by hollow
Branch: MAIN
CVS Tags: HEAD
Changes since 1.15: +3 -3 lines
File MIME type: application/xml
update document version

1 hollow 1.1 <?xml version='1.0' encoding="UTF-8"?>
2 hollow 1.16 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/vps/vserver-howto.xml,v 1.15 2012/12/10 08:10:22 hollow Exp $ -->
3 hollow 1.1 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4    
5 swift 1.14 <guide>
6 hollow 1.1 <title>Gentoo Linux-VServer Howto</title>
7    
8     <author title="Author">
9     <mail link="hollow@gentoo.org">Benedikt Boehm</mail>
10     </author>
11     <author title="Editor">
12     <mail link="fox2mike@gentoo.org">Shyam Mani</mail>
13     </author>
14    
15     <abstract>
16     In this Howto you will learn to setup a basic virtual server using the
17     Linux-VServer Technology
18     </abstract>
19    
20     <!-- The content of this document is licensed under the CC-BY-SA license -->
21     <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
22     <license/>
23    
24 hollow 1.16 <version>1.12</version>
25     <date>2012-10-10</date>
26 hollow 1.1
27     <chapter>
28     <title>Introduction</title>
29     <section>
30     <title>The Linux-VServer Concept</title>
31     <body>
32    
33     <p>
34     The basic concept of the Linux-VServer solution is to separate the user-space
35     environment into distinct units (sometimes called Virtual Private Servers) in
36     such a way that each VPS looks and feels like a real server to the processes
37     contained within.
38     </p>
39    
40     </body>
41     </section>
42     <section>
43     <title>Terms used in this Howto</title>
44     <body>
45    
46     <table>
47     <tr>
48     <th>Term</th>
49     <th>Description</th>
50     </tr>
51     <tr>
52     <th>Linux-VServer, VServer</th>
53     <ti>
54     Linux-VServer is the official name of the project and used in this Howto
55     the same way
56     </ti>
57     </tr>
58     <tr>
59     <th>virtual server, vserver, guest system</th>
60     <ti>
61     All these are interchangable and refer to one instance of a server (i.e.
62     one virtual server)
63     </ti>
64     </tr>
65     <tr>
66     <th>host system, host</th>
67     <ti>
68     The physical machine running your Gentoo Linux will host all virtual
69     servers
70     </ti>
71     </tr>
72     <tr>
73     <th>util-vserver</th>
74     <ti>
75     The <c>util-vserver</c> package contains all programs necessary for
76     maintaining your virtual servers
77     </ti>
78     </tr>
79     </table>
80    
81     </body>
82     </section>
83     </chapter>
84    
85     <chapter>
86     <title>Host configuration</title>
87     <section>
88     <title>Install a VServer kernel</title>
89     <body>
90    
91     <pre caption="Install vserver-sources">
92     # <i>emerge vserver-sources</i>
93     </pre>
94    
95     <p>
96     After the vserver-sources are installed it's time to configure them using
97 hollow 1.5 <c>make menuconfig</c>.. Below is a common configuration for 2.1.1 and above. If
98     you are using 2.0.x some configuration options may not be present.
99 hollow 1.1 </p>
100    
101     <pre caption="Configure vserver-sources">
102     # <i>cd /usr/src/linux-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i>
103     # <i>make menuconfig</i>
104    
105     Linux VServer ---&gt;
106 hollow 1.5 <comment>(Do not enable the legacy options)</comment>
107 hollow 1.1 [ ] Enable Legacy Kernel API
108 hollow 1.5 [ ] Enable Legacy Networking Kernel API
109     <comment>(Read help text)</comment>
110     [ ] Remap Source IP Address
111     [*] Enable COW Immutable Link Breaking
112     [ ] Enable Virtualized Guest Time
113 hollow 1.1 [*] Enable Proc Security
114     [*] Enable Hard CPU Limits
115 hollow 1.5 [*] Avoid idle CPUs by skipping Time
116     [*] Limit the IDLE task
117     Persistent Inode Tagging (UID24/GID24) ---&gt;
118 hollow 1.1 [ ] Tag NFSD User Auth and Files
119 hollow 1.5 [*] Enable Inode Tag Propagation
120     [*] Honor Privacy Aspects of Guests
121     [ ] VServer Debugging Code
122 hollow 1.1 </pre>
123    
124     <note>
125     If you are using reiserfs as filesystem on the partition where guest images are
126     stored, you will need to enable extended attributes for reiserfs in your
127     kernel config and additionally add the <c>attrs</c> option in
128     <path>/etc/fstab</path>.
129     </note>
130    
131     <pre caption="Configure reiserfs options">
132     File systems --->
133     &lt;*&gt; Reiserfs support
134     [*] ReiserFS extended attributes
135     </pre>
136    
137     <pre caption="Example fstab with extended attributes">
138 hollow 1.2 /dev/hdb1 /vservers reiserfs noatime,attrs 0 0
139 hollow 1.1 </pre>
140    
141     <p>
142     After you've built and installed the kernel, update your boot loader and
143     finally reboot to see if the kernel boots correctly.
144     </p>
145    
146     <pre caption="Install the kernel">
147     <comment>(Building the kernel)</comment>
148     # <i>make</i>
149     <comment>(Installing)</comment>
150     # <i>make modules_install</i>
151     # <i>cp arch/&lt;arch&gt;/boot/bzImage /boot/kernel-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i>
152     <comment>(Edit bootloader config file as required and)</comment>
153     # <i>reboot</i>
154     </pre>
155    
156     </body>
157     </section>
158     <section>
159     <title>Setup host environment</title>
160     <body>
161    
162     <p>
163     To maintain your virtual servers you need the util-vserver package which
164 hollow 1.5 contains all necessary programs and many useful features.
165 hollow 1.1 </p>
166    
167     <pre caption="Install util-vserver">
168 hollow 1.5 # <i>emerge >=sys-cluster/util-vserver-0.30.212</i>
169 hollow 1.1 </pre>
170    
171     <p>
172     You have to run the <c>vprocunhide</c> command after every reboot in order to
173 hollow 1.8 setup <path>/proc</path> permissions correctly for vserver guests. Two init
174     scripts have been installed by util-vserver which run the <c>vprocunhide</c>
175     command for you and take care of virtual servers during shutdown of the host.
176 hollow 1.1 </p>
177    
178 hollow 1.8 <pre caption="util-vserver init scripts">
179 hollow 1.5 # <i>rc-update add vprocunhide default</i>
180     # <i>/etc/init.d/vprocunhide start</i>
181 hollow 1.8 # <i>rc-update add util-vserver default</i>
182     # <i>/etc/init.d/util-vserver start</i>
183 hollow 1.1 </pre>
184    
185     </body>
186     </section>
187     </chapter>
188    
189     <chapter>
190 hollow 1.5 <title>Guest creation</title>
191 hollow 1.1 <section>
192 hollow 1.12 <title>Download a precompiled stage3</title>
193 hollow 1.1 <body>
194    
195     <p>
196 hollow 1.8 Since many hardware related commands are not available inside a virtual server,
197     there has been a patched version of baselayout known as baselayout-vserver.
198 hollow 1.11 However, since baselayout-2/openrc, all required changes have been integrated,
199 hollow 1.15 eliminating the need for seperate vserver stages, profiles and baselayout.
200     Stage tarballs can be downloaded from <uri link="/main/en/mirrors.xml">our
201     mirrors</uri>.
202 hollow 1.8 </p>
203    
204     <p>
205 hollow 1.15 Since a stage3 contains a complete root filesystem you can use the template
206     build method of util-vserver. However, this method only works reliable since
207 hollow 1.10 util-vserver-0.30.213_rc5, so make sure you have the right version installed.
208 hollow 1.1 </p>
209    
210     <p>
211     You have to choose a context ID for your vserver (dynamic context IDs are
212     discouraged) as well as the necessary network device information (In this
213     example eth0 is configured with 192.168.1.253/24 and the context ID is
214     equivalent to the last two parts of the virtual servers IP).
215     </p>
216    
217     <note>
218     The context ID should be 1 &lt; ID &lt; 49152.
219     </note>
220    
221 hollow 1.8 </body>
222     </section>
223     <section>
224     <title>Using the template build method</title>
225     <body>
226    
227     <p>
228     For a long time now, plain init style was the only init style available for
229     gentoo, i.e. a normal init process will be started inside the guest, just like
230     on any common Unix system. However this approach has some drawbacks:
231     </p>
232    
233     <ul>
234     <li>No possibility to see output of init/rc scripts</li>
235     <li>Wasted resources for idle init processes in each guest</li>
236     <li>Annoying conflicts for <path>/etc/inittab</path></li>
237     </ul>
238    
239     <p>
240     Therefore, many users have requested to reimplement the gentoo init style,
241     which has been abandonned since it was a very hacky implementation and more
242     or less worked by accident due to other modifications done to baselayout back
243     then. However, as of util-vserver-0.30.212 the gentoo init style has been
244 hollow 1.12 reimplemented in a concise manner and will become the default in the future.
245 hollow 1.8 </p>
246    
247     <note>
248     If there is not a good reason for using an extra init process for each guest
249     or if you don't know what to do here, you should stick with gentoo init style.
250     </note>
251    
252 hollow 1.1 <pre caption="Start stage3 installation">
253 hollow 1.5 # <i>vserver myguest build \</i>
254     <i>--context 1253 \</i>
255 hollow 1.1 <i>--hostname gentoo \</i>
256     <i>--interface eth0:192.168.1.253/24 \</i>
257 hollow 1.8 <i>--initstyle gentoo \</i> <comment>(replace if needed)</comment>
258 hollow 1.5 <i>-m template -- \</i>
259     <i> -d gentoo \</i>
260 hollow 1.13 <i> -t /path/to/stage3-&lt;arch&gt;-&lt;version&gt;.tar.bz2</i>
261 hollow 1.1 </pre>
262    
263     <note>
264     To reflect your network settings you should change
265     <path>/etc/conf.d/hostname</path>, <path>/etc/conf.d/domainname</path> and
266     <path>/etc/hosts</path> inside the guest to your needs. See <uri
267     link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect1">chapter
268     8.b.1</uri> and <uri
269     link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect4">chapter
270     8.b.4</uri>. The rest of your virtual servers network setup will be
271     done on the host.
272     </note>
273    
274     <p>
275 hollow 1.9 You should now be able to start and enter the vserver by using the commands
276     below.
277 hollow 1.1 </p>
278    
279     <pre caption="Test the virtual server">
280     # <i>vserver myguest start</i>
281 hollow 1.8
282 hollow 1.12 OpenRC 0.4.3 is starting up Gentoo Linux (x86_64) [VSERVER]
283 hollow 1.8
284     Press I to enter interactive boot mode
285    
286 hollow 1.12 * /proc is already mounted, skipping
287     * Setting hostname to myguest... [ ok ]
288     * Creating user login records... [ ok ]
289     * Cleaning /var/run... [ ok ]
290     * Wiping /tmp directory... [ ok ]
291     * Updating /etc/mtab... [ ok ]
292     * Initializing random number generator... [ ok ]
293     * Starting syslog-ng... [ ok ]
294     * Starting fcron... [ ok ]
295     * Starting Name Service Cache Daemon... [ ok ]
296     * Starting local... [ ok ]
297 hollow 1.1 # <i>vserver-stat</i>
298     CTX PROC VSZ RSS userTIME sysTIME UPTIME NAME
299     0 90 1.4G 153.4K 14m00s11 6m45s17 2h59m59 root server
300     1252 2 3M 286 0m00s45 0m00s42 0m02s91 myguest
301     # <i>vserver myguest enter</i>
302     # <i>ps ax</i>
303 hollow 1.12 PID TTY STAT TIME COMMAND
304     1 ? Ss 0:04 init [3]
305     27637 ? Ss 0:00 /usr/sbin/syslog-ng
306     27656 ? Ss 0:00 /usr/sbin/fcron -c /etc/fcron/fcron.conf
307     27676 ? Ssl 0:00 /usr/sbin/nscd
308     27713 ? S+ 0:00 login
309     27737 pts/15 Ss 0:00 /bin/bash
310     27832 pts/15 R+ 0:00 ps ax
311 hollow 1.1 # <i>logout</i>
312     </pre>
313    
314     </body>
315     </section>
316     </chapter>
317    
318     <chapter>
319     <title>Maintenance made easy</title>
320     <section>
321     <title>Start guests on boot</title>
322     <body>
323    
324     <p>
325     You can start certain guests during boot. Each guest can be assigned a MARK.
326     Now everything you have to do is configure these MARKs in the guests
327 hollow 1.5 configuration and add the approriate init scripts to the default runlevel.
328 hollow 1.1 </p>
329    
330     <pre caption="Configure MARKs for each guest">
331     <comment>(Do this for every guest you want to start)</comment>
332     # <i>mkdir -p /etc/vservers/myguest/apps/init</i>
333     # <i>echo "default" > /etc/vservers/myguest/apps/init/mark</i>
334     </pre>
335    
336 hollow 1.5 <pre caption="Add init script to the default runlevel">
337     # <i>rc-update add vservers.default default</i>
338     </pre>
339 hollow 1.1
340     </body>
341     </section>
342     <section>
343     <title>Keep portage in sync</title>
344     <body>
345    
346     <p>
347     The script <c>vesync</c> will help you to keep the metadata cache and overlays
348     in sync. <c>vemerge</c> is a simple wrapper for <c>emerge</c> in guests.
349     </p>
350    
351     <pre caption="Examples">
352     <comment>(Sync metadata for 'myguest')</comment>
353     # <i>vesync myguest</i>
354     <comment>(Sync metadata for all guests)</comment>
355 hollow 1.5 # <i>vesync --all</i>
356 hollow 1.1 <comment>(Sync 'myoverlay' for all guests)</comment>
357 hollow 1.5 # <i>vesync --all \</i>
358 hollow 1.1 <i>--overlay /usr/local/overlays/myoverlay \</i>
359     <i>--overlay-host rsync://rsync.myhost.com/myoverlay \</i>
360     <i>--overlay-only</i>
361     <comment>(emerge app-editors/vim in 'myguest')</comment>
362 hollow 1.5 # <i>vemerge myguest -- app-editors/vim -va</i>
363 hollow 1.1 </pre>
364    
365     </body>
366     </section>
367     <section>
368     <title>Update guests</title>
369     <body>
370    
371     <p>
372     Gentoo guests can share packages to save compilation time. In order to use
373     shared packages, you have to create a central directory for packages on the
374     host. We will use <path>/var/cache/vpackages</path> on the host and mount it
375     to <path>/usr/portage/packages</path> in every guest.
376     </p>
377    
378     <pre caption="Add bind mount to guest configuration">
379     # <i>mkdir -p /var/cache/vpackages</i>
380     # <i>$EDITOR /etc/vservers/myguest/fstab</i>
381     <comment>(Add this line at the end)</comment>
382     /var/cache/vpackages /usr/portage/packages none bind,rw 0 0
383     </pre>
384    
385     <p>
386     Now you can use <c>vupdateworld</c> to update every guest. The command is
387     equivalent to something like <c>emerge --deep --update --newuse world</c>
388     depending on command line options.
389     </p>
390    
391     <pre caption="vupdateworld examples">
392     <comment>(Pretend update for 'myguest')</comment>
393 hollow 1.5 # <i>vupdateworld myguest -- -vp</i>
394 hollow 1.1 <comment>(Update 'myguest' using binary packages)</comment>
395 hollow 1.5 # <i>vupdateworld myguest -- -k</i>
396 hollow 1.1 <comment>(Update all guests using binary packages)</comment>
397 hollow 1.5 # <i>vupdateworld --all -- -k</i>
398 hollow 1.1 </pre>
399    
400     <note>
401     In order to get binary packages you can either use PORTAGE_BINHOST (see <c>man
402     make.conf</c>) or set FEATURES="buildpkg" in one or more guests.
403     </note>
404    
405     <p>
406     After a successful update you can easily update all configuration files with
407     <c>vdispatch-conf</c>. It is a simple wrapper for <c>dispatch-conf</c> and
408     behaves exactly the same.
409     </p>
410    
411     <pre caption="vdispatch-conf examples">
412     <comment>(Update configuration files for 'myguest')</comment>
413     # <i>vdispatch-conf myguest</i>
414     <comment>(Update configuration files for all guests)</comment>
415 hollow 1.5 # <i>vdispatch-conf --all</i>
416 hollow 1.1 </pre>
417    
418     </body>
419     </section>
420    
421     <section>
422     <title>Contact</title>
423     <body>
424    
425     <p>
426     Please feel free to contact the <mail link="hollow@gentoo.org">author</mail> or
427     file a bug on <uri link="http://bugs.gentoo.org">Bugzilla</uri> in case of any
428     problems.
429     </p>
430    
431     </body>
432     </section>
433     </chapter>
434     </guide>

  ViewVC Help
Powered by ViewVC 1.1.20