/[gentoo]/xml/htdocs/proj/en/vps/vserver-howto.xml
Gentoo

Diff of /xml/htdocs/proj/en/vps/vserver-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.7
1<?xml version='1.0' encoding="UTF-8"?> 1<?xml version='1.0' encoding="UTF-8"?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/vps/vserver-howto.xml,v 1.1 2006/06/19 09:08:32 hollow Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/vps/vserver-howto.xml,v 1.7 2007/02/10 14:28:34 hollow Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide link="/doc/en/vserver-howto.xml"> 5<guide link="/proj/en/vps/vserver-howto.xml">
6<title>Gentoo Linux-VServer Howto</title> 6<title>Gentoo Linux-VServer Howto</title>
7 7
8<author title="Author"> 8<author title="Author">
9 <mail link="hollow@gentoo.org">Benedikt Boehm</mail> 9 <mail link="hollow@gentoo.org">Benedikt Boehm</mail>
10</author> 10</author>
19 19
20<!-- The content of this document is licensed under the CC-BY-SA license --> 20<!-- The content of this document is licensed under the CC-BY-SA license -->
21<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> 21<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
22<license/> 22<license/>
23 23
24<version>1.6</version> 24<version>1.9</version>
25<date>2006-06-19</date> 25<date>2007-02-10</date>
26 26
27<chapter> 27<chapter>
28<title>Introduction</title> 28<title>Introduction</title>
29<section> 29<section>
30<title>The Linux-VServer Concept</title> 30<title>The Linux-VServer Concept</title>
92# <i>emerge vserver-sources</i> 92# <i>emerge vserver-sources</i>
93</pre> 93</pre>
94 94
95<p> 95<p>
96After the vserver-sources are installed it's time to configure them using 96After the vserver-sources are installed it's time to configure them using
97<c>make menuconfig</c>. 97<c>make menuconfig</c>.. Below is a common configuration for 2.1.1 and above. If
98you are using 2.0.x some configuration options may not be present.
98</p> 99</p>
99 100
100<pre caption="Configure vserver-sources"> 101<pre caption="Configure vserver-sources">
101# <i>cd /usr/src/linux-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i> 102# <i>cd /usr/src/linux-&lt;KERNELVERSION&gt;-vserver-&lt;VSERVERVERSION&gt;</i>
102# <i>make menuconfig</i> 103# <i>make menuconfig</i>
103 104
104Linux VServer ---&gt; 105Linux VServer ---&gt;
106<comment>(Do not enable the legacy options)</comment>
105 [ ] Enable Legacy Kernel API 107 [ ] Enable Legacy Kernel API
106 [*] Disable Legacy Networking Kernel API 108 [ ] Enable Legacy Networking Kernel API
107<comment>(Highly recommended)</comment> 109<comment>(Read help text)</comment>
110 [ ] Remap Source IP Address
111 [*] Enable COW Immutable Link Breaking
112 [ ] Enable Virtualized Guest Time
108 [*] Enable Proc Security 113 [*] Enable Proc Security
109 [*] Enable Hard CPU Limits 114 [*] Enable Hard CPU Limits
115 [*] Avoid idle CPUs by skipping Time
116 [*] Limit the IDLE task
110 Persistent Inode Context Tagging (UID24/GID24) ---&gt; 117 Persistent Inode Tagging (UID24/GID24) ---&gt;
111 [ ] Tag NFSD User Auth and Files 118 [ ] Tag NFSD User Auth and Files
119 [*] Enable Inode Tag Propagation
120 [*] Honor Privacy Aspects of Guests
112 [ ] Compile Debugging Code 121 [ ] VServer Debugging Code
113</pre> 122</pre>
114 123
115<note> 124<note>
116If you are using reiserfs as filesystem on the partition where guest images are 125If you are using reiserfs as filesystem on the partition where guest images are
117stored, you will need to enable extended attributes for reiserfs in your 126stored, you will need to enable extended attributes for reiserfs in your
124 &lt;*&gt; Reiserfs support 133 &lt;*&gt; Reiserfs support
125 [*] ReiserFS extended attributes 134 [*] ReiserFS extended attributes
126</pre> 135</pre>
127 136
128<pre caption="Example fstab with extended attributes"> 137<pre caption="Example fstab with extended attributes">
129/dev/hdb /vservers reiserfs noatime,attrs 0 0 138/dev/hdb1 /vservers reiserfs noatime,attrs 0 0
130</pre> 139</pre>
131 140
132<p> 141<p>
133After you've built and installed the kernel, update your boot loader and 142After you've built and installed the kernel, update your boot loader and
134finally reboot to see if the kernel boots correctly. 143finally reboot to see if the kernel boots correctly.
150<title>Setup host environment</title> 159<title>Setup host environment</title>
151<body> 160<body>
152 161
153<p> 162<p>
154To maintain your virtual servers you need the util-vserver package which 163To maintain your virtual servers you need the util-vserver package which
155contains all necessary programs and many useful features. Be aware that there 164contains all necessary programs and many useful features.
156is also a package called <c>vserver-utils</c>. It is a new incarnation of the
157user-space implementation of the VServer kernel API, but not yet usable for
158production use.
159</p> 165</p>
160
161<note>
162This version of the howto requires features only available in
163<c>&gt;=sys-apps/util-vserver-0.30.210-r6</c>. You may have to keyword/upgrade
164it first.
165</note>
166 166
167<pre caption="Install util-vserver"> 167<pre caption="Install util-vserver">
168# <i>emerge util-vserver</i> 168# <i>emerge >=sys-cluster/util-vserver-0.30.212</i>
169</pre> 169</pre>
170 170
171<p> 171<p>
172You have to run the <c>vprocunhide</c> command after every reboot in order to 172You have to run the <c>vprocunhide</c> command after every reboot in order to
173setup <path>/proc</path> permissions correctly for vserver use. An init script 173setup <path>/proc</path> permissions correctly for vserver guests. An init
174has been installed by util-vserver. To use it you should add it to a runlevel: 174script has been installed by util-vserver. To use it you should add it to the
175</p> 175default runlevel:
176
177<pre caption="vserver init script">
178# <i>rc-update add vservers default</i>
179# <i>/etc/init.d/vservers start</i>
180</pre>
181
182<note>
183This init script will also start your default vservers. Read below for more
184information.
185</note>
186
187<p> 176</p>
188The vshelper script is used to restart virtual servers correctly. You
189have to tell the kernel where the vshelper script is located:
190</p>
191 177
192<pre caption="vshelper setup"> 178<pre caption="vprocunhide init script">
193# <i>echo 'kernel.vshelper = /usr/lib/util-vserver/vshelper' &gt;&gt; /etc/sysctl.conf</i> 179# <i>rc-update add vprocunhide default</i>
194# <i>sysctl -p</i> 180# <i>/etc/init.d/vprocunhide start</i>
195</pre> 181</pre>
196 182
197</body> 183</body>
198</section> 184</section>
199</chapter> 185</chapter>
200 186
201<chapter> 187<chapter>
202<title>Creating a guest template</title> 188<title>Guest creation</title>
203<section> 189<section>
204<title>Install a vserver stage3</title> 190<title>Using vserver stage3/4</title>
205<body> 191<body>
206 192
207<p> 193<p>
208You have to download a vserver prepared stage3 from one of 194You have to download a vserver prepared stage3/4 from one of
209<uri link="/main/en/mirrors.xml">our mirrors</uri>. Those stages are located 195<uri link="/main/en/mirrors.xml">our mirrors</uri>. Those stages are located
210under the <path>experimental/&lt;arch&gt;/vserver/</path> directory. 196under the <path>experimental/&lt;arch&gt;/vserver/</path> directory.
211Then use the <c>vserver-new</c> script to create the initial guest. 197Since a stage3/4 contains a complete root filesystem you can use the template
198build method of util-vserver. However, this method is only available since
199util-vserver-0.30.211, so make sure you have the right version installed.
212</p> 200</p>
213 201
214<p> 202<p>
215You have to choose a context ID for your vserver (dynamic context IDs are 203You have to choose a context ID for your vserver (dynamic context IDs are
216discouraged) as well as the necessary network device information (In this 204discouraged) as well as the necessary network device information (In this
221<note> 209<note>
222The context ID should be 1 &lt; ID &lt; 49152. 210The context ID should be 1 &lt; ID &lt; 49152.
223</note> 211</note>
224 212
225<pre caption="Start stage3 installation"> 213<pre caption="Start stage3 installation">
226# <i>vserver-new gentoo-template \</i> 214# <i>vserver myguest build \</i>
215 <i>--context 1253 \</i>
227 <i>--hostname gentoo \</i> 216 <i>--hostname gentoo \</i>
228 <i>--context 1253 \</i>
229 <i>--interface eth0:192.168.1.253/24 \</i> 217 <i>--interface eth0:192.168.1.253/24 \</i>
218 <i>--initstyle plain \</i>
219 <i>-m template -- \</i>
220 <i> -d gentoo \</i>
230 <i>stage3 /path/to/stage3-&lt;arch&gt;-&lt;date&gt;.tar.bz2 &lt;arch&gt;</i> 221 <i> -t /path/to/stage4-&lt;arch&gt;-&lt;version&gt;.tar.bz2</i>
231</pre> 222</pre>
232 223
233<note> 224<note>
234To reflect your network settings you should change 225To reflect your network settings you should change
235<path>/etc/conf.d/hostname</path>, <path>/etc/conf.d/domainname</path> and 226<path>/etc/conf.d/hostname</path>, <path>/etc/conf.d/domainname</path> and
2388.b.1</uri> and <uri 2298.b.1</uri> and <uri
239link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect4">chapter 230link="/doc/en/handbook/handbook-x86.xml?part=1&amp;chap=8#doc_chap2_sect4">chapter
2408.b.4</uri>. The rest of your virtual servers network setup will be 2318.b.4</uri>. The rest of your virtual servers network setup will be
241done on the host. 232done on the host.
242</note> 233</note>
243
244</body>
245</section>
246<section>
247<title>Create the template tarball</title>
248<body>
249
250<p>
251You don't have to build a stage3 tarball for every guest. The <c>vserver-new</c>
252script supports templates. In order to use them you have to create a tarball of
253your vserver installation:
254</p>
255
256<pre caption="Create template tarball">
257# <i>cd /vservers/gentoo-template</i>
258# <i>tar cjvpf ../gentoo-template-&lt;arch&gt;-&lt;date&gt;.tar.bz2 ./</i>
259</pre>
260
261<p>
262To create a new guest using this tarball just use <c>vserver-new</c>:
263</p>
264
265<pre caption="Use template tarball">
266# <i>cd /vservers</i>
267# <i>vserver-new myguest \</i>
268 <i>--hostname myguest \</i>
269 <i>--context 1252 \</i>
270 <i>--interface eth0:192.168.1.252/24 \</i>
271 <i>template ./gentoo-template-&lt;arch&gt;-&lt;date&gt;.tar.bz2 &lt;arch&gt;</i>
272</pre>
273
274<note>
275You should use a shared portage tree to keep guests small in size. Edit
276<path>/etc/vservers/myguest/fstab</path> and uncomment the entries
277for <path>/usr/portage</path> and <path>/usr/portage/distfiles</path>. Guests
278will have read-only access to <path>/usr/portage</path> and read-write access
279to <path>/usr/portage/distfiles</path>.
280</note>
281
282</body>
283</section>
284<section>
285<title>Test the virtual server</title>
286<body>
287 234
288<p> 235<p>
289You should be able to start and enter the vserver by using the commands below. 236You should be able to start and enter the vserver by using the commands below.
290If you miss commands like <c>mount</c> or <c>dmesg</c> you should <c>emerge 237If you miss commands like <c>mount</c> or <c>dmesg</c> you should <c>emerge
291util-linux</c> inside your virtual server as the vserver profile doesn't ship 238util-linux</c> inside your virtual server as the vserver profile doesn't ship
319<body> 266<body>
320 267
321<p> 268<p>
322You can start certain guests during boot. Each guest can be assigned a MARK. 269You can start certain guests during boot. Each guest can be assigned a MARK.
323Now everything you have to do is configure these MARKs in the guests 270Now everything you have to do is configure these MARKs in the guests
324configuration and tell the init script to run all MARKed guests. 271configuration and add the approriate init scripts to the default runlevel.
325</p> 272</p>
326 273
327<pre caption="Configure MARKs for each guest"> 274<pre caption="Configure MARKs for each guest">
328<comment>(Do this for every guest you want to start)</comment> 275<comment>(Do this for every guest you want to start)</comment>
329# <i>mkdir -p /etc/vservers/myguest/apps/init</i> 276# <i>mkdir -p /etc/vservers/myguest/apps/init</i>
330# <i>echo "default" > /etc/vservers/myguest/apps/init/mark</i> 277# <i>echo "default" > /etc/vservers/myguest/apps/init/mark</i>
331</pre> 278</pre>
332 279
333<note> 280<pre caption="Add init script to the default runlevel">
334Since all guests marked with "default" are started by default, nothing more has 281# <i>rc-update add vservers.default default</i>
335to be done. If you have different marks you should also update
336<path>/etc/conf.d/vservers</path>.
337</note>
338
339</body>
340</section>
341<section>
342<title>Gentoo goodies</title>
343<body>
344
345<p>
346The util-vserver ebuild has installed some goodies for Gentoo guests. You know
347<c>vserver-new</c> from the previous chapter. In this chapter, you will learn
348how to use <c>vesync</c> and <c>vemerge</c> to keep portage in sync as well as
349<c>vupdateworld</c> and <c>vdispatch-conf</c> to update guests.
350</p> 282</pre>
351 283
352</body> 284</body>
353</section> 285</section>
354<section> 286<section>
355<title>Keep portage in sync</title> 287<title>Keep portage in sync</title>
362 294
363<pre caption="Examples"> 295<pre caption="Examples">
364<comment>(Sync metadata for 'myguest')</comment> 296<comment>(Sync metadata for 'myguest')</comment>
365# <i>vesync myguest</i> 297# <i>vesync myguest</i>
366<comment>(Sync metadata for all guests)</comment> 298<comment>(Sync metadata for all guests)</comment>
367# <i>vesync -a</i> 299# <i>vesync --all</i>
368<comment>(Sync metadata for all guests except 'myguest')</comment>
369# <i>vesync -a -e myguest</i>
370<comment>(Sync 'myoverlay' for all guests)</comment> 300<comment>(Sync 'myoverlay' for all guests)</comment>
371# <i>vesync -a \</i> 301# <i>vesync --all \</i>
372 <i>--overlay /usr/local/overlays/myoverlay \</i> 302 <i>--overlay /usr/local/overlays/myoverlay \</i>
373 <i>--overlay-host rsync://rsync.myhost.com/myoverlay \</i> 303 <i>--overlay-host rsync://rsync.myhost.com/myoverlay \</i>
374 <i>--overlay-only</i> 304 <i>--overlay-only</i>
375<comment>(emerge app-editors/vim in 'myguest')</comment> 305<comment>(emerge app-editors/vim in 'myguest')</comment>
376# <i>vemerge myguest app-editors/vim -va</i> 306# <i>vemerge myguest -- app-editors/vim -va</i>
377</pre> 307</pre>
378
379<note>
380This script requires you to have a shared portage tree.
381</note>
382 308
383</body> 309</body>
384</section> 310</section>
385<section> 311<section>
386<title>Update guests</title> 312<title>Update guests</title>
406depending on command line options. 332depending on command line options.
407</p> 333</p>
408 334
409<pre caption="vupdateworld examples"> 335<pre caption="vupdateworld examples">
410<comment>(Pretend update for 'myguest')</comment> 336<comment>(Pretend update for 'myguest')</comment>
411# <i>vupdateworld -p myguest</i> 337# <i>vupdateworld myguest -- -vp</i>
412<comment>(Update 'myguest' using binary packages)</comment> 338<comment>(Update 'myguest' using binary packages)</comment>
413# <i>vupdateworld -k myguest</i> 339# <i>vupdateworld myguest -- -k</i>
414<comment>(Update all guests using binary packages)</comment> 340<comment>(Update all guests using binary packages)</comment>
415# <i>vupdateworld -ka</i> 341# <i>vupdateworld --all -- -k</i>
416</pre> 342</pre>
417 343
418<note> 344<note>
419In order to get binary packages you can either use PORTAGE_BINHOST (see <c>man 345In order to get binary packages you can either use PORTAGE_BINHOST (see <c>man
420make.conf</c>) or set FEATURES="buildpkg" in one or more guests. 346make.conf</c>) or set FEATURES="buildpkg" in one or more guests.
428 354
429<pre caption="vdispatch-conf examples"> 355<pre caption="vdispatch-conf examples">
430<comment>(Update configuration files for 'myguest')</comment> 356<comment>(Update configuration files for 'myguest')</comment>
431# <i>vdispatch-conf myguest</i> 357# <i>vdispatch-conf myguest</i>
432<comment>(Update configuration files for all guests)</comment> 358<comment>(Update configuration files for all guests)</comment>
433# <i>vdispatch-conf -a</i> 359# <i>vdispatch-conf --all</i>
434</pre> 360</pre>
435 361
436</body> 362</body>
437</section> 363</section>
438 364

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.7

  ViewVC Help
Powered by ViewVC 1.1.20