Howtos Linux-Vserver Debian Sarge

From 5dollarwhitebox.org Media Wiki

Contents 1 Summary 2 Related Articles 3 Preparation 4 Packages to install 5 The Files 6 The Kernel 7 Setting Up The Virtual Servers 8 Notes on Configuration 9 Resources

Summary

Quoted from 13thfloor.at/vserver/project:

Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers.

You can watch a presentation on Linux-vserver here: Linux-Vserver Presentation.

Before anyone emails me saying "Why is this a Debian Howto, but you don't compile the kernel the Debian Way" you can save it. I understand that this isn't done with a "Proper Debian Kernel" but this is the way it was done. At one point I will have an addition to doing it that way as well. Thanks.

The two main terms to know are:

• Host System: This is the physical server that "hosts" the Guest OSs (virtual servers).
• Guest System: These are the virtual servers that run on top of the Host OS.

• Author: BJ Dierkes
• Last Updated: December 12, 2005
• Contact: wdierkes [at] 5dollarwhitebox [dot] org

Related Articles

• Linux-Vserver:
  • Linux-Vserver With LVM + Quotas
  • Linux-Vserver Script vserver-mount-fs (to accommodate LVM/Vroot/Quotas)

Preparation

Start out with a fresh install of Debian Sarge 3.1. It is recommended to keep the host system as minimal as possible (I rarely see any reason to run any more than SSH and iptables).

Packages to install

Always update your apt database before installing software, and upgrade current packages:

# apt-get update && apt-get upgrade

• util-vserver: Userland utilities to control virtual servers
• ssh: This should probably have been installed already
• ncurses-base, and libncurses5-dev: Needed for "make menuconfig" when compiling kernel.

# apt-get install util-vserver ssh ncurses-base libncurses5-dev

The Files

/var/lib/vservers	Home directory for the vservers files
/etc/vservers.conf	basic config file (not much to see there)
/etc/vservers	Hold the config directories for each virtual server
/usr/sbin/vserver	Utility to interact, build, start, stop, enter, etc the vservers
/bin/vshelper	Another utility to control how vservers function
/usr/lib/util-vserver	Main scripts/functions/etc

The Kernel

Get the latest Kernel, currently linux-vserver latest stable release is for the 2.6.12.4 kernel.. which is what we get:

# cd /usr/src

# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.12.4.tar.gz

Get the latest kernel patch from linux-vserver.org or 13thfloor.at/vserver:

# wget http://www.13thfloor.at/vserver/s_rel26/v2.0/patch-2.6.12.4-vs2.0.diff.gz

# tar -zxvf linux-2.6.12.4.tar.gz

# gunzip patch-2.6.12.4-vs2.0.diff.gz

# mv patch-2.6.12.4-vs2.0.diff /usr/src/linux-2.6.12.4

# Patch the kernel sources:

# cd /usr/src/linux-2.6.12.4

# cat patch-2.6.12.4-vs2.0.diff | patch -p1

If you're already running a similar 2.6.x kernel you can copy your current config before building. It should be somewhere like "/boot/config-2.6.x"

# cp /boot/config-2.6.X /usr/src/linux-2.6.12.4/.config

That last command is only if you want to use an existing config... please don't attempt to use a 2.4.X config file... pretty please.  ;)

Ok, lets make this happen. There are a few things that you want to include when we compile. First things first though, you need to have a working compile for your system... and that I can not help you with. Please reference link if you need help compiling a kernel.

make menuconfig

For future use, you should probably include LVM (and dev-mapper support)... as this is handy for virtual servers.

You see a category for "Linux Vserver". The default selections should be groovy, however you should have something like the following selected:

Enable Legacy kernel API
Enable Proc Security
Enable Hard CPU Limits

Cool... now we have our config.... lets make the kernel:

# make

# make modules_install

# cp .config /boot/config-2.6.12.4-vs2.0

# cp System.map /boot/System.map-2.6.12.4-vs2.0

# cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.12.4-vs2.0

# mkinitrd -o /boot/initrd.img-2.6.12.4-vs2.0 2.6.12.4-vs2.0

Then we will want to update out grun config:

Using the 'vi' command edit '''/boot/grub/menu.lst''' and add the following lines *BEFORE* the other entries already there... and make sure that the line "default" is set to "0":

<pre>
title           Vanilla 2.6.12.4-vs2.0
root            (hd0,0)
kernel          /vmlinuz-2.6.12.4-vs2.0 root=/dev/hda2 ro
initrd          /initrd.img-2.6.12.4-vs2.0
savedefault
boot

And there you have it. Now, we should be able to reboot and have our new kernel ready for some virtual servers.

# reboot

Check that kernel after we boot up to make sure we're running on the new one:

# uname -r
2.6.12.4-vs2.0

Nice!

Setting Up The Virtual Servers

Creating virtual Debian Servers on a Debian host is next to ridiculously simple. The following lays it out for you:

# vserver <VSERVER_NAME> build \
  -n <VSERVER_NAME> \
  --hostname <FQDN> \
  --interface <NET_DEVICE>:<IP>/<CIDR> \
  -m debootstrap -- -d <DEBIAN_DISTRO>

So, our first virtual server will have the following information:

VSERVER_NAME	vserver1
FQDN	vserver1.mydomain.com
NET_DEVICE	eth0
IP	192.168.1.10
CIDR	24 (255.255.255.0)
DEBIAN_DISTRO	sarge

Therefore, the following command will create it:

# vserver vserver1 build \
  -n vserver1 \
  --hostname vserver1.mydomain.com \
  --interface eth0:192.168.1.10/24 \
  -m debootstrap -- -d sarge

The backslashes '\' signify a new line... however you can execute this all as one command without the use of backslashes.

If you would like to provide a specific Debian mirror to install from, you can simply add the "-m" option at the end. For example:

... -- -d sarge -m http://<anothre mirror>/<basedir>/

(Thank you Patryk D.)

And there you go... the installation begins a debian net install of the selected distro. This should take no more than a few minutes. On my system, the base install only takes up 144MB. Now lets see what we have:

# ls -lah /var/lib/vservers/vserver1

total 80K
drwxr-xr-x  20 root root  4.0K Nov 10 08:17 .
drwxr-xr-x   4 root root  4.0K Nov 10 08:13 ..
drwxr-xr-x   2 root root  4.0K Nov 10 08:17 bin
drwxr-xr-x   2 root root  4.0K Dec 15  2004 boot
drwxr-xr-x   3 root root  4.0K Nov 10 08:13 dev
drwxr-xr-x  37 root root  4.0K Nov 10 08:17 etc
drwxrwsr-x   2 root staff 4.0K Dec 15  2004 home
drwxr-xr-x   2 root root  4.0K Nov 10 08:16 initrd
drwxr-xr-x   7 root root  4.0K Nov 10 08:17 lib
drwxr-xr-x   2 root root  4.0K Nov 10 08:16 media
drwxr-xr-x   2 root root  4.0K Dec 15  2004 mnt
drwxr-xr-x   2 root root  4.0K Nov 10 08:16 opt
drwxr-xr-x   2 root root  4.0K Dec 15  2004 proc
drwxr-xr-x   2 root root  4.0K Nov 10 08:16 root
drwxr-xr-x   2 root root  4.0K Nov 10 08:17 sbin
drwxr-xr-x   2 root root  4.0K Nov 10 08:16 srv
drwxr-xr-x   2 root root  4.0K May 10  2005 sys
drwxrwxrwt   2 root root  4.0K Nov 10 08:17 tmp
drwxr-xr-x  11 root root  4.0K Nov 10 08:16 usr
drwxr-xr-x  13 root root  4.0K Nov 10 08:16 var


# ls -lah /etc/vservers/vserver1

total 28K
drwxr-xr-x  5 root root 4.0K Nov 10 08:13 .
drwxr-xr-x  6 root root 4.0K Nov 10 08:13 ..
drwxr-xr-x  4 root root 4.0K Nov 10 08:13 apps
-rw-r--r--  1 root root  112 Nov 10 08:13 fstab
drwxr-xr-x  3 root root 4.0K Nov 10 08:13 interfaces
-rw-r--r--  1 root root    5 Nov 10 08:13 name
lrwxrwxrwx  1 root root   22 Nov 10 08:13 run -> /var/run/vservers/vserver1
drwxr-xr-x  2 root root 4.0K Nov 10 08:13 uts
lrwxrwxrwx  1 root root   37 Nov 10 08:13 vdir -> /etc/vservers/.defaults/vdirbase/vserver1

Now that we have our vserver installed, lets start it up. The syntax for the 'vserver' command is:

# vserver <VSERVER_NAME> [ start | stop | restart | enter ]

And for our vserver1:

# vserver vserver1 start
Starting system log daemon: syslogd.
Starting kernel log daemon: klogd.
Starting MTA: exim4.
Starting internet superserver: inetd.
Starting deferred execution scheduler: atd.
Starting periodic command scheduler: cron.
...


# vserver-stat 
CTX   PROC    VSZ    RSS  userTIME   sysTIME    UPTIME NAME
0       35  73.4M   5.4K   0m05s21   0m02s33   1m13s00 root server
49152    5    11M   967    0m00s00   0m00s00   0m30s52 vserver1


# vserver vserver1 enter
vserver1:/#

And you're now in the context of the virtual server. To get out and back to the host system, just type "exit".

Notes on Configuration

You'll first need to run "apt-setup" and configure apt same as any other debian system. The debian bootstrap install is a very minimal base installation. You will need to install everything that you want.

It should be mentioned that each virtual server has its own IP address. However, since these IPs are configured as Aliases to you actually net device (i.e. eth0) they are all listening on the same physical device. This can pose a problem when default configurations specify to "Listen" on all interfaces. Every service within the vserver must specify a Listen Address.

For example:

SSH:

# apt-get install sshd

# vi /etc/ssh/sshd_config

Change the line:

#ListenAddress 0.0.0.0

To

ListenAddress 192.168.1.10

And...

# /etc/init.d/ssh restart

Resources

• The Linux-vserver Project
• Linux-vserver Patches/Utilites/Files
• Debian GNU Linux