/[gentoo]/xml/htdocs/proj/en/vps/vserver-howto.xml
Gentoo

Contents of /xml/htdocs/proj/en/vps/vserver-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.5 - (hide annotations) (download) (as text)
Sat Jan 20 20:50:24 2007 UTC (6 years, 4 months ago) by hollow
Branch: MAIN
Changes since 1.4: +46 -116 lines
File MIME type: application/xml 
update vserver howto for util-vserver-0.30.212
1 hollow 1.1 <?xml version='1.0' encoding="UTF-8"?>
2 hollow 1.5 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/vps/vserver-howto.xml,v 1.4 2007/01/10 17:21:36 phreak Exp $ -->
3 hollow 1.1 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4    
5 hollow 1.3 <guide link="/proj/en/vps/vserver-howto.xml">
6 hollow 1.1 <title>Gentoo Linux-VServer Howto</title>
7    
8     <author title="Author">
9     <mail link="hollow@gentoo.org">Benedikt Boehm</mail>
10     </author>
11     <author title="Editor">
12     <mail link="fox2mike@gentoo.org">Shyam Mani</mail>
13     </author>
14    
15     <abstract>
16     In this Howto you will learn to setup a basic virtual server using the
17     Linux-VServer Technology
18     </abstract>
19    
20     <!-- The content of this document is licensed under the CC-BY-SA license -->
21     <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
22     <license/>
23    
24 hollow 1.5 <version>1.7</version>
25     <date>2007-01-20</date>
26 hollow 1.1
27     <chapter>
28     <title>Introduction</title>
29     <section>
30     <title>The Linux-VServer Concept</title>
31     <body>
32    
33     <p>
34     The basic concept of the Linux-VServer solution is to separate the user-space
35     environment into distinct units (sometimes called Virtual Private Servers) in
36     such a way that each VPS looks and feels like a real server to the processes
37     contained within.
38     </p>
39    
40     </body>
41     </section>
42     <section>
43     <title>Terms used in this Howto</title>
44     <body>
45    
46     <table>
47     <tr>
48     <th>Term</th>
49     <th>Description</th>
50     </tr>
51     <tr>
52     <th>Linux-VServer, VServer</th>
53     <ti>
54     Linux-VServer is the official name of the project and used in this Howto
55     the same way
56     </ti>
57     </tr>
58     <tr>
59     <th>virtual server, vserver, guest system</th>
60     <ti>
61     All these are interchangable and refer to one instance of a server (i.e.
62     one virtual server)
63     </ti>
64     </tr>
65     <tr>
66     <th>host system, host</th>
67     <ti>
68     The physical machine running your Gentoo Linux will host all virtual
69     servers
70     </ti>
71     </tr>
72     <tr>
73     <th>util-vserver</th>
74     <ti>
75     The <c>util-vserver</c> package contains all programs necessary for
76     maintaining your virtual servers
77     </ti>
78     </tr>
79     </table>
80    
81     </body>
82     </section>
83     </chapter>
84    
85     <chapter>
86     <title>Host configuration</title>
87     <section>
88     <title>Install a VServer kernel</title>
89     <body>
90    
91     <pre caption="Install vserver-sources">
92     # <i>emerge vserver-sources</i>
93     </pre>
94    
95     <p>
96     After the vserver-sources are installed it's time to configure them using
97 hollow 1.5 <c>make menuconfig</c>.. Below is a common configuration for 2.1.1 and above. If
98     you are using 2.0.x some configuration options may not be present.
99 hollow 1.1 </p>
100    
101     <pre caption="Configure vserver-sources">
102     # <i>cd /usr/src/linux-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i>
103     # <i>make menuconfig</i>
104    
105     Linux VServer ---&gt;
106 hollow 1.5 <comment>(Do not enable the legacy options)</comment>
107 hollow 1.1 [ ] Enable Legacy Kernel API
108 hollow 1.5 [ ] Enable Legacy Networking Kernel API
109     <comment>(Read help text)</comment>
110     [ ] Remap Source IP Address
111     [*] Enable COW Immutable Link Breaking
112     [ ] Enable Virtualized Guest Time
113 hollow 1.1 [*] Enable Proc Security
114     [*] Enable Hard CPU Limits
115 hollow 1.5 [*] Avoid idle CPUs by skipping Time
116     [*] Limit the IDLE task
117     Persistent Inode Tagging (UID24/GID24) ---&gt;
118 hollow 1.1 [ ] Tag NFSD User Auth and Files
119 hollow 1.5 [*] Enable Inode Tag Propagation
120     [*] Honor Privacy Aspects of Guests
121     [ ] VServer Debugging Code
122 hollow 1.1 </pre>
123    
124     <note>
125     If you are using reiserfs as filesystem on the partition where guest images are
126     stored, you will need to enable extended attributes for reiserfs in your
127     kernel config and additionally add the <c>attrs</c> option in
128     <path>/etc/fstab</path>.
129     </note>
130    
131     <pre caption="Configure reiserfs options">
132     File systems --->
133     &lt;*&gt; Reiserfs support
134     [*] ReiserFS extended attributes
135     </pre>
136    
137     <pre caption="Example fstab with extended attributes">
138 hollow 1.2 /dev/hdb1 /vservers reiserfs noatime,attrs 0 0
139 hollow 1.1 </pre>
140    
141     <p>
142     After you've built and installed the kernel, update your boot loader and
143     finally reboot to see if the kernel boots correctly.
144     </p>
145    
146     <pre caption="Install the kernel">
147     <comment>(Building the kernel)</comment>
148     # <i>make</i>
149     <comment>(Installing)</comment>
150     # <i>make modules_install</i>
151     # <i>cp arch/&lt;arch&gt;/boot/bzImage /boot/kernel-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i>
152     <comment>(Edit bootloader config file as required and)</comment>
153     # <i>reboot</i>
154     </pre>
155    
156     </body>
157     </section>
158     <section>
159     <title>Setup host environment</title>
160     <body>
161    
162     <p>
163     To maintain your virtual servers you need the util-vserver package which
164 hollow 1.5 contains all necessary programs and many useful features.
165 hollow 1.1 </p>
166    
167     <pre caption="Install util-vserver">
168 hollow 1.5 # <i>emerge >=sys-cluster/util-vserver-0.30.212</i>
169 hollow 1.1 </pre>
170    
171     <p>
172     You have to run the <c>vprocunhide</c> command after every reboot in order to
173 hollow 1.5 setup <path>/proc</path> permissions correctly for vserver guests. An init
174     script has been installed by util-vserver. To use it you should add it to the
175     default runlevel:
176 hollow 1.1 </p>
177    
178 hollow 1.5 <pre caption="vprocunhide init script">
179     # <i>rc-update add vprocunhide default</i>
180     # <i>/etc/init.d/vprocunhide start</i>
181 hollow 1.1 </pre>
182    
183     <p>
184     The vshelper script is used to restart virtual servers correctly. You
185     have to tell the kernel where the vshelper script is located:
186     </p>
187    
188     <pre caption="vshelper setup">
189     # <i>echo 'kernel.vshelper = /usr/lib/util-vserver/vshelper' &gt;&gt; /etc/sysctl.conf</i>
190     # <i>sysctl -p</i>
191     </pre>
192    
193     </body>
194     </section>
195     </chapter>
196    
197     <chapter>
198 hollow 1.5 <title>Guest creation</title>
199 hollow 1.1 <section>
200 hollow 1.5 <title>Using vserver stage3</title>
201 hollow 1.1 <body>
202    
203     <p>
204     You have to download a vserver prepared stage3 from one of
205     <uri link="/main/en/mirrors.xml">our mirrors</uri>. Those stages are located
206     under the <path>experimental/&lt;arch&gt;/vserver/</path> directory.
207 hollow 1.5 Since a stage3 contains a complete root filesystem you can use the template
208     build method of util-vserver. However, this method is only available since
209     util-vserver-0.30.211, so make sure you have the right version installed.
210 hollow 1.1 </p>
211    
212     <p>
213     You have to choose a context ID for your vserver (dynamic context IDs are
214     discouraged) as well as the necessary network device information (In this
215     example eth0 is configured with 192.168.1.253/24 and the context ID is
216     equivalent to the last two parts of the virtual servers IP).
217     </p>
218    
219     <note>
220     The context ID should be 1 &lt; ID &lt; 49152.
221     </note>
222    
223     <pre caption="Start stage3 installation">
224 hollow 1.5 # <i>vserver myguest build \</i>
225     <i>--context 1253 \</i>
226 hollow 1.1 <i>--hostname gentoo \</i>
227     <i>--interface eth0:192.168.1.253/24 \</i>
228 hollow 1.5 <i>-m template -- \</i>
229     <i> -d gentoo \</i>
230     <i> -t /path/to/stage3-&lt;arch&gt;-&lt;version&gt;.tar.bz2</i>
231 hollow 1.1 </pre>
232    
233     <note>
234     To reflect your network settings you should change
235     <path>/etc/conf.d/hostname</path>, <path>/etc/conf.d/domainname</path> and
236     <path>/etc/hosts</path> inside the guest to your needs. See <uri
237     link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect1">chapter
238     8.b.1</uri> and <uri
239     link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect4">chapter
240     8.b.4</uri>. The rest of your virtual servers network setup will be
241     done on the host.
242     </note>
243    
244     <p>
245     You should be able to start and enter the vserver by using the commands below.
246     If you miss commands like <c>mount</c> or <c>dmesg</c> you should <c>emerge
247     util-linux</c> inside your virtual server as the vserver profile doesn't ship
248     this package by default.
249     </p>
250    
251     <pre caption="Test the virtual server">
252     # <i>vserver myguest start</i>
253     # <i>vserver-stat</i>
254     CTX PROC VSZ RSS userTIME sysTIME UPTIME NAME
255     0 90 1.4G 153.4K 14m00s11 6m45s17 2h59m59 root server
256     1252 2 3M 286 0m00s45 0m00s42 0m02s91 myguest
257     # <i>vserver myguest enter</i>
258     # <i>ps ax</i>
259     PID TTY STAT TIME COMMAND
260     1 ? S 0:00 init [3]
261     22887 ? Ss 0:00 /usr/sbin/syslog-ng
262     20496 pts/0 S 0:00 /bin/bash -login
263     20508 pts/0 R+ 0:00 ps ax
264     # <i>logout</i>
265     </pre>
266    
267     </body>
268     </section>
269     </chapter>
270    
271     <chapter>
272     <title>Maintenance made easy</title>
273     <section>
274     <title>Start guests on boot</title>
275     <body>
276    
277     <p>
278     You can start certain guests during boot. Each guest can be assigned a MARK.
279     Now everything you have to do is configure these MARKs in the guests
280 hollow 1.5 configuration and add the approriate init scripts to the default runlevel.
281 hollow 1.1 </p>
282    
283     <pre caption="Configure MARKs for each guest">
284     <comment>(Do this for every guest you want to start)</comment>
285     # <i>mkdir -p /etc/vservers/myguest/apps/init</i>
286     # <i>echo "default" > /etc/vservers/myguest/apps/init/mark</i>
287     </pre>
288    
289 hollow 1.5 <pre caption="Add init script to the default runlevel">
290     # <i>rc-update add vservers.default default</i>
291     </pre>
292 hollow 1.1
293     </body>
294     </section>
295     <section>
296     <title>Keep portage in sync</title>
297     <body>
298    
299     <p>
300     The script <c>vesync</c> will help you to keep the metadata cache and overlays
301     in sync. <c>vemerge</c> is a simple wrapper for <c>emerge</c> in guests.
302     </p>
303    
304     <pre caption="Examples">
305     <comment>(Sync metadata for 'myguest')</comment>
306     # <i>vesync myguest</i>
307     <comment>(Sync metadata for all guests)</comment>
308 hollow 1.5 # <i>vesync --all</i>
309 hollow 1.1 <comment>(Sync 'myoverlay' for all guests)</comment>
310 hollow 1.5 # <i>vesync --all \</i>
311 hollow 1.1 <i>--overlay /usr/local/overlays/myoverlay \</i>
312     <i>--overlay-host rsync://rsync.myhost.com/myoverlay \</i>
313     <i>--overlay-only</i>
314     <comment>(emerge app-editors/vim in 'myguest')</comment>
315 hollow 1.5 # <i>vemerge myguest -- app-editors/vim -va</i>
316 hollow 1.1 </pre>
317    
318     </body>
319     </section>
320     <section>
321     <title>Update guests</title>
322     <body>
323    
324     <p>
325     Gentoo guests can share packages to save compilation time. In order to use
326     shared packages, you have to create a central directory for packages on the
327     host. We will use <path>/var/cache/vpackages</path> on the host and mount it
328     to <path>/usr/portage/packages</path> in every guest.
329     </p>
330    
331     <pre caption="Add bind mount to guest configuration">
332     # <i>mkdir -p /var/cache/vpackages</i>
333     # <i>$EDITOR /etc/vservers/myguest/fstab</i>
334     <comment>(Add this line at the end)</comment>
335     /var/cache/vpackages /usr/portage/packages none bind,rw 0 0
336     </pre>
337    
338     <p>
339     Now you can use <c>vupdateworld</c> to update every guest. The command is
340     equivalent to something like <c>emerge --deep --update --newuse world</c>
341     depending on command line options.
342     </p>
343    
344     <pre caption="vupdateworld examples">
345     <comment>(Pretend update for 'myguest')</comment>
346 hollow 1.5 # <i>vupdateworld myguest -- -vp</i>
347 hollow 1.1 <comment>(Update 'myguest' using binary packages)</comment>
348 hollow 1.5 # <i>vupdateworld myguest -- -k</i>
349 hollow 1.1 <comment>(Update all guests using binary packages)</comment>
350 hollow 1.5 # <i>vupdateworld --all -- -k</i>
351 hollow 1.1 </pre>
352    
353     <note>
354     In order to get binary packages you can either use PORTAGE_BINHOST (see <c>man
355     make.conf</c>) or set FEATURES="buildpkg" in one or more guests.
356     </note>
357    
358     <p>
359     After a successful update you can easily update all configuration files with
360     <c>vdispatch-conf</c>. It is a simple wrapper for <c>dispatch-conf</c> and
361     behaves exactly the same.
362     </p>
363    
364     <pre caption="vdispatch-conf examples">
365     <comment>(Update configuration files for 'myguest')</comment>
366     # <i>vdispatch-conf myguest</i>
367     <comment>(Update configuration files for all guests)</comment>
368 hollow 1.5 # <i>vdispatch-conf --all</i>
369 hollow 1.1 </pre>
370    
371     </body>
372     </section>
373    
374     <section>
375     <title>Contact</title>
376     <body>
377    
378     <p>
379     Please feel free to contact the <mail link="hollow@gentoo.org">author</mail> or
380     file a bug on <uri link="http://bugs.gentoo.org">Bugzilla</uri> in case of any
381     problems.
382     </p>
383    
384     </body>
385     </section>
386     </chapter>
387     </guide>
  ViewVC Help
Powered by ViewVC 1.1.20