Virtual Servers: Difference between revisions

From Research
Jump to navigation Jump to search
Line 16: Line 16:
*The host environment has only one significant change over a normal host environment - it uses the vserver kernel. The profile must not be a vserver profile on the host.
*The host environment has only one significant change over a normal host environment - it uses the vserver kernel. The profile must not be a vserver profile on the host.
Examples (current for mid-December 2007):
Examples (current for mid-December 2007):
  <font color=red>trainwreck</font> <font color=blue>~ # </font> '''uname -r'''
  <font color=red>vsrvr_host</font> <font color=blue>~ # </font> '''uname -r'''
  2.6.20-vs2.2.0-gentoo
  2.6.20-vs2.2.0-gentoo


  <font color=red>trainwreck</font> <font color=blue>~ # </font> '''eselect profile show'''
  <font color=red>vsrvr_host</font> <font color=blue>~ # </font> '''eselect profile show'''
  <font color=lime>'''Current make.profile symlink:'''</font>
  <font color=lime>'''Current make.profile symlink:'''</font>
   '''/usr/portage/profiles/default-linux/amd64/2007.0'''
   '''/usr/portage/profiles/default-linux/amd64/2007.0'''

Revision as of 16:11, 12 December 2007

Virtual Server Creation, and Deployment

Introduction

  • Gentoo Linux, kernel 2.6.17-vs2.0.2.1-gentoo on host server
  • Gentoo Linux, kernel 2.6.17-vs2.0.2.1-gentoo on virtual nodes

There are two methods to create vserver nodes on the vs2.0.2.1-gentoo vserver. Each method begins differently, but the final setup is the same. The directions contained in this note may appear saturated by the words vserver, vsrvr, vservers, and vs0n. Due to the default vserver directory naming conventions, and the vserver node naming convention (i.e. vs00, vs01, etc.) this name-clutter is unavoidable. If setup does not follow spec, please examine your syntax carefully.

Preparation

There are two distinct steps to manually-installing a vserver:

  • Host system. We are using Gentoo Linux for the Host; the purpose of the Host is to run the Guest Operating Systems
  • Guest system(s). These do the actual work, such as web-serving, or perhaps Samba, or maybe OpenLDAP authentication.

Sometimes, there are grey areas regarding what services should run on the Host, or the Guest.

Host Preparation

  • The host environment has only one significant change over a normal host environment - it uses the vserver kernel. The profile must not be a vserver profile on the host.

Examples (current for mid-December 2007):

vsrvr_host ~ #  uname -r
2.6.20-vs2.2.0-gentoo
vsrvr_host ~ #  eselect profile show
Current make.profile symlink:
  /usr/portage/profiles/default-linux/amd64/2007.0
  • The Guests will live under /vservers. So, make sure you either:
    • have enough room under your / root-filesystem for your guest(s)
    • prepare and mount another device (drive, volume) under /vservers Check that this "sticks" properly after a reboot

Create a Vserver Template

vsrvr / # vserver vs0n enter
vs0n / # shutdown -h now
vsrvr / # cd /vservers/vs0n
vsrvr vs0n # tar cvf vs.template*.tar bin boot etc fastboot home lib mnt root sbin sys tmp usr var
  • DO NOT INCLUDE /DEV OR /PROC
vsrvr vs0n # cp /vservers/vs0n/vs.template*.tar /vserver.template/
  • Be careful to examine the /vserver.template/ directory for pre-existing vs.template*.tar files before naming any new tar files. vs.template.tar is the stock template, so name new templates vs.template.00.tar, etc. Using non-stock templates will have an impact on the *.tar name used in point 4 in the next section of this note.
  • GOTO "Use the Vserver Stock Template"


Use the Vserver Stock Template

vsrvr / # vserver vs0n build -m skeleton --hostname vs0n --context 563n --interface vs0n=eth0:209.87.56.3n/24
  • Make sure to check /vservers directory for pre-existing vs0n nodes matching the desired vnode name
  • Make sure to correct/match every vs0n reference in the vnode creation line; there are 3 references.
  • Make sure to correct/match the IP statement eth0:209.87.56.3n/24 with the IP stated in the context.
  • Make sure the context matches the values of the last two octets of the target vnode IP
vsrvr / # cd /vservers/vs0n
vsrvr vs0n # tar -xvf /vserver.template/vs.template*.tar

Post Vnode Creation Setup

  • Several directories will need to be customized, post vnode creation, to make the vnode unique.
  • Changes must be made in the /etc/vservers/vs0n and the /vservers/vs0n before the new vnode will be ready to start.

Changes to /etc/vservers/vs0n

  • To allow vnode to boot, we need to copy over init instructions.
vsrvr / # cp /vserver.template/init/* /etc/vservers/vs0n/apps/init/
  • To allow for proper service initialization, we need to add eth:lo and renumber interface 0 and 1.
vsrvr / # mv /etc/vservers/vs0n/interfaces/0 /etc/vservers/vs0n/interfaces/1
vsrvr / # cp -r /vserver.template/interfaces/0 /etc/vservers/vs0n/interfaces/
vsrvr / # cp -r /vserver.template/fstab /etc/vservers/vs0n
cp: overwrite `/etc/vservers/vs0n/fstab'? yes


Changes to /vservers/vs0n

  • To allow for proper service initialization, we need to change hostname and IP addresses in the following files.
vsrvr / # vi /vservers/vs0n/etc/ssh/sshd_config
vsrvr / # vi /vservers/vs0n/etc/conf.d/hostname
vsrvr / # vi /vservers/vs0n/etc/hosts
vsrvr / # vi /vservers/vs0n/etc/conf.d/net
vsrvr / # vi /vservers/vs0n/etc/conf.d/domainname
vsrvr / # vi /vservers/vs0n/etc/mysql/my.cnf
vsrvr / # vi /vservers/vs0n/etc/apache2/vhosts.d/00_default_vhost.conf
vsrvr / # vi /vservers/vs0n/etc/nullmailer/me
vsrvr / # vi /vservers/vs0n/etc/apache2/vhosts.d/00_default_ssl_vhost.conf
vsrvr / # vi /vservers/vs0n/usr/share/logwatch/custom_header
vsrvr / # vi /vservers/vs0n/etc/tripwire/twpol.txt
vsrvr / # mv /vservers/vs0n/var/lib/tripwire/vs0n.twd /vservers/vs0n/var/lib/tripwire/vs0n.twd
vsrvr / # mv /vservers/vs0n/etc/tripwire/vs0n-local.key /vservers/vs0n/etc/tripwire/vs0n-local.key
vsrvr / # vi  /vservers/vs0n/etc/awstats/awstats.awstats.conf

Start your Vserver

vsrvr / # vserver vs0n start
vsrvr / # vserver vs0n enter

Password

  • Don't forget to set a new root password.


Post Creation tripwire Configuration

vsrvr / # twadmin --create-polfile -S /etc/tripwire/site.key /etc/tripwire/twpol.txt
vsrvr / # tripwire --init
vsrvr / # tripwire --check

Delete a Vserver

vsrvr / # rm -r -I /vservers/vs0n
vsrvr / # rm -r -I /etc/vservers/vs0n

Virtual Server Stock Software List

Here is a list of the significant software installed on our vserver guests:

Nagios monitoring: http, load, ntp, snmp, ssh, processes, uptime, users

Apache

Mysql

PHP

phpmyadmin

awstats

amanda

vsftp

logwatch

tripwire