Editing Gentoo template creation
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 3: | Line 3: | ||
== Download stage3 == | == Download stage3 == | ||
− | We will make the template from a stage3 file. An OpenVZ OS template should be an archive (.tar.gz) of the root of a working system, but without the kernel and some files. You can download stage3 from the nearest mirror | + | We will make the template from a stage3 file. An OpenVZ OS template should be an archive (.tar.gz) of the root of a working system, but without the kernel and some files. You can download stage3 from the nearest mirror here: http://www.gentoo.org/main/en/mirrors.xml. |
− | |||
− | + | == Create directory for the new container and unarchive stage3 == | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | == Create | ||
<pre> | <pre> | ||
− | + | mkdir /vz/private/777 | |
− | mkdir /vz/private/ | + | tar -xjf /root/stage3-i686-2008.0_beta2.tar.bz2 -C /vz/private/777 |
− | tar - | ||
</pre> | </pre> | ||
== Create CT config == | == Create CT config == | ||
− | Now you need to create the configuration file for the container, | + | Now you need to create the configuration file for the container, 777.conf: |
<pre> | <pre> | ||
− | vzctl set | + | vzctl set 777 --applyconfig vps.basic --save |
</pre> | </pre> | ||
− | + | == Edit CT config == | |
− | |||
− | |||
− | |||
− | + | Add the following to <code>/etc/vz/conf/777.conf</code>: | |
<pre> | <pre> | ||
− | + | OSTEMPLATE="gentoo" | |
− | |||
− | |||
− | |||
</pre> | </pre> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Make /etc/mtab a symlink to /proc/mounts == | == Make /etc/mtab a symlink to /proc/mounts == | ||
The container's root filesystem is mounted by the host system, not the guest — and therefore root fs will not appear in <code>/etc/mtab</code>. It will lead to a non-working <code>df</code> command. To fix, link /etc/mtab to /proc/mounts. | The container's root filesystem is mounted by the host system, not the guest — and therefore root fs will not appear in <code>/etc/mtab</code>. It will lead to a non-working <code>df</code> command. To fix, link /etc/mtab to /proc/mounts. | ||
<pre> | <pre> | ||
− | rm -f /vz/private/ | + | rm -f /vz/private/777/etc/mtab |
− | ln -s /proc/mounts /vz/private/ | + | ln -s /proc/mounts /vz/private/777/etc/mtab |
</pre> | </pre> | ||
− | After replacing <code>/etc/mtab</code> with a symlink to <code>/proc/mounts</code>, you will always have up-to-date information of what is mounted in <code>/etc/mtab</code>. | + | After replacing <code>/etc/mtab</code> with a symlink to <code>/proc/mounts</code>, you will always have up-to-date information of what is mounted in <code>/etc/mtab</code>. |
== Replace /etc/fstab == | == Replace /etc/fstab == | ||
<pre> | <pre> | ||
− | echo "proc /proc proc defaults 0 0" > /vz/private/ | + | echo "proc /proc proc defaults 0 0" > /vz/private/777/etc/fstab |
</pre> | </pre> | ||
We need only <code>/proc</code> to be mounted at boot time. | We need only <code>/proc</code> to be mounted at boot time. | ||
− | == Edit /etc/inittab | + | == Edit /etc/inittab == |
− | Edit <code>/vz/private/ | + | Edit <code>/vz/private/777/etc/inittab</code> and put a hash mark (#) at the beginning of the lines containing: |
− | <pre> | + | <pre>c?:1235:respawn:/sbin/agetty 38400 tty? linux</pre> |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | </pre> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
This prevents <code>getty</code> and login from starting on ttys that do not exist in containers. | This prevents <code>getty</code> and login from starting on ttys that do not exist in containers. | ||
Line 140: | Line 52: | ||
== Edit /etc/shadow == | == Edit /etc/shadow == | ||
− | Edit <code>/vz/private/ | + | Edit <code>/vz/private/777/etc/shadow</code> and change root's password in the first line to an exclamation mark (!): |
<pre>root:!:10071:0:::::</pre> | <pre>root:!:10071:0:::::</pre> | ||
Line 149: | Line 61: | ||
The checkroot and consolefont init scripts should not be started inside containers: | The checkroot and consolefont init scripts should not be started inside containers: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | + | rm /vz/private/777/etc/runlevels/boot/checkroot | |
− | + | rm /vz/private/777/etc/runlevels/boot/consolefont | |
</pre> | </pre> | ||
== Edit /sbin/rc == | == Edit /sbin/rc == | ||
− | Edit <code>/vz/private/ | + | Edit <code>/vz/private/777/sbin/rc</code> and put a hash mark (#) at the beginning of line 244 (your line number may be different): |
<pre># try mount -n ${mntcmd:--t sysfs sysfs /sys -o noexec,nosuid,nodev}</pre> | <pre># try mount -n ${mntcmd:--t sysfs sysfs /sys -o noexec,nosuid,nodev}</pre> | ||
Line 170: | Line 75: | ||
This prevents the container from attempting to mount <code>/sys</code>. | This prevents the container from attempting to mount <code>/sys</code>. | ||
− | To ensure that this change isn't automatically overwritten on update, add the following to <code>/vz/private/ | + | To ensure that this change isn't automatically overwritten on update, add the following to <code>/vz/private/777/etc/make.conf</code>: |
− | <pre>CONFIG_PROTECT= | + | <pre>CONFIG_PROTECT = /sbin/rc</pre> |
− | |||
− | |||
== Set up udev == | == Set up udev == | ||
Line 181: | Line 84: | ||
For example sshd will fail to start since /dev/random and /dev/urandom are missing. | For example sshd will fail to start since /dev/random and /dev/urandom are missing. | ||
So it's recommended to disable udev. | So it's recommended to disable udev. | ||
− | Edit <code>/ | + | Edit <code>/var/lib/vz/private/777/etc/conf.d/rc</code> and change the <code>RC_DEVICES</code> line to: |
<pre> | <pre> | ||
RC_DEVICES="static" | RC_DEVICES="static" | ||
</pre> | </pre> | ||
− | |||
If you want to enable udev read on. | If you want to enable udev read on. | ||
Line 193: | Line 95: | ||
<pre> | <pre> | ||
− | cd /vz/private/ | + | cd /var/lib/vz/private/777/lib |
mknod udev/devices/ttyp0 c 3 0 | mknod udev/devices/ttyp0 c 3 0 | ||
mknod udev/devices/ptyp0 c 2 0 | mknod udev/devices/ptyp0 c 2 0 | ||
Line 199: | Line 101: | ||
</pre> | </pre> | ||
− | Edit <code>/ | + | Edit <code>/var/lib/vz/private/777/etc/conf.d/rc</code> and change the <code>RC_DEVICES</code> and <code>RC_DEVICE_TARBALL</code> lines to: |
<pre> | <pre> | ||
Line 207: | Line 109: | ||
You have to leave the directory you are in for the next step to be OK, otherwise you will get this error message: | You have to leave the directory you are in for the next step to be OK, otherwise you will get this error message: | ||
− | vzquota : (error) Quota on syscall for | + | vzquota : (error) Quota on syscall for 777: Device or resource busy |
vzquota on failed [3] | vzquota on failed [3] | ||
<pre> | <pre> | ||
cd / | cd / | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
</pre> | </pre> | ||
Line 226: | Line 119: | ||
<pre> | <pre> | ||
− | vzctl start | + | vzctl start 777 |
− | vzctl enter | + | vzctl enter 777 |
</pre> | </pre> | ||
Line 236: | Line 129: | ||
</pre> | </pre> | ||
− | All services in boot and default runlevels must be started. | + | All services in boot and default runlevels must be started. If everything all right, stop the container: |
− | |||
− | |||
<pre> | <pre> | ||
− | + | vzctl stop 777 | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | vzctl stop | ||
</pre> | </pre> | ||
Line 259: | Line 142: | ||
<pre> | <pre> | ||
− | mkdir /vz/root/ | + | mkdir /var/lib/vz/root/777/usr/portage |
− | mount -o bind /usr/portage /vz/root/ | + | mount -o bind /usr/portage /var/lib/vz/root/777/usr/portage |
</pre> | </pre> | ||
Line 266: | Line 149: | ||
<pre> | <pre> | ||
− | mount -n -o bind /usr/portage/distfiles /vz/root/ | + | mount -n -o bind /usr/portage/distfiles /var/lib/vz/root/777/usr/portage/distfiles |
</pre> | </pre> | ||
Line 279: | Line 162: | ||
For security reasons, you should have these directories mounted only while installing software into a container. | For security reasons, you should have these directories mounted only while installing software into a container. | ||
− | {{Note|you have to <code>umount /vz/root/ | + | {{Note|you have to <code>umount /var/lib/vz/root/777/usr/portage/distfiles</code> before trying to stop your container.}} |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Create the template cache file == | == Create the template cache file == | ||
<pre> | <pre> | ||
− | cd /vz/private/ | + | cd /var/lib/vz/private/777/ |
− | tar | + | tar czf /var/lib/vz/template/cache/gentoo.tar.gz * |
</pre> | </pre> | ||
Line 335: | Line 176: | ||
<pre> | <pre> | ||
− | vzctl create 800 -- | + | vzctl create 800 --ostemplate gentoo --ipadd 192.168.0.10 --hostname testvps |
</pre> | </pre> | ||
Line 344: | Line 185: | ||
</pre> | </pre> | ||
− | If it started, and you can | + | If it started, and you can ssh in, congratulations, you've got a working Gentoo template! |
− | |||
− | |||
− | |||
− | |||
− | |||
− | congratulations, you've got a working Gentoo template! | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
[[Category: HOWTO]] | [[Category: HOWTO]] | ||
[[Category: Templates]] | [[Category: Templates]] | ||
[[Category: Gentoo]] | [[Category: Gentoo]] |