Difference between revisions of "Archlinux Template creation"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(VE0->CT0, formatting fixes, other minor fixes)
(Added updated script and notice re: outdated instructions)
 
(9 intermediate revisions by 7 users not shown)
Line 1: Line 1:
Instructions manually create a minimal Archlinux (0.8) "Voodoo" OS Template.
+
Script & archived instructions for creating an Arch container.
  
== Prerequisites ==
+
== Script ==
 +
 
 +
Script for creating a minimal Arch Linux template adapted from the script in [[Talk:Archlinux_Template_creation|Disussion]].
 +
<pre>#!/bin/bash -x
 +
 
 +
DISTRO=arch
 +
VERSION=2013
 +
 
 +
# set up base system plus:
 +
#    syslinux (necessary? i don't think it is...)
 +
#    vim (because nano is lame)
 +
#    openssh
 +
# ...any other package from standard Arch repos...
 +
PACKS="base base-devel syslinux openssh vim"
 +
 
 +
MIRROR1=http://mirror.umoss.org/archlinux
 +
MIRROR2=http://mirror.rit.edu/archlinux
 +
 
 +
if [[ ${1} == 64 ]]; then
 +
  ARCH=x86_64
 +
else
 +
  if [[ ${1} == 32 ]]; then
 +
    ARCH=i686
 +
  else
 +
    echo "Usage: ${0} 32|64"
 +
    exit 1
 +
  fi
 +
fi
 +
 
 +
ROOT=${DISTRO}-${VERSION}-${ARCH}
 +
 
 +
TEMPLATE=$(pwd)/${ROOT}.tar.gz
 +
 
 +
if [[ "$(whoami)" == "root" ]]; then
 +
    echo "Building template: ${ROOT}"
 +
else
 +
    echo "This script must be run as root (or with sudo)"
 +
    exit 1
 +
fi
 +
 
 +
cat <<EOF > pacman.conf
 +
[options]
 +
HoldPkg    = pacman glibc
 +
SyncFirst  = pacman
 +
Architecture = ${ARCH}
 +
 
 +
[core]
 +
Server = ${MIRROR1}/\$repo/os/${ARCH}
 +
Server = ${MIRROR2}/\$repo/os/${ARCH}
 +
Include = /etc/pacman.d/mirrorlist
 +
[extra]
 +
Server = ${MIRROR1}/\$repo/os/${ARCH}
 +
Server = ${MIRROR2}/\$repo/os/${ARCH}
 +
Include = /etc/pacman.d/mirrorlist
 +
[community]
 +
Server = ${MIRROR1}/\$repo/os/${ARCH}
 +
Server = ${MIRROR2}/\$repo/os/${ARCH}
 +
Include = /etc/pacman.d/mirrorlist
 +
EOF
 +
 
 +
mkarchroot -C pacman.conf ${ROOT} ${PACKS}
 +
 
 +
if [[ $? -ne 0 ]]; then
 +
    echo "Build failed".
 +
    exit 1
 +
fi
 +
 
 +
chmod 666 ${ROOT}/dev/null
 +
chmod 666 ${ROOT}/dev/zero
 +
mknod -m 666 ${ROOT}/dev/random c 1 8
 +
mknod -m 666 ${ROOT}/dev/urandom c 1 9
 +
mkdir -m 755 ${ROOT}/dev/pts
 +
mkdir -m 1777 ${ROOT}/dev/shm
 +
mknod -m 666 ${ROOT}/dev/tty c 5 0
 +
mknod -m 666 ${ROOT}/dev/full c 1 7
 +
mknod -m 600 ${ROOT}/dev/initctl p
 +
mknod -m 666 ${ROOT}/dev/ptmx c 5 2
 +
 
 +
 
 +
# we don't need any getty entries in a container
 +
sed 's/^.*getty.*$//' -i ${ROOT}/etc/inittab
 +
 
 +
cd ${ROOT}
 +
tar czvf ${TEMPLATE} .
 +
 
 +
echo "Created template: ${ROOT}"</pre>
 +
 
 +
== Manual Instructions ==
 +
 
 +
The instructions below are informative but out of date and likely '''will not''' work with an Arch system built after 2011.
 +
 
 +
=== Prerequisites ===
  
 
I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/
 
I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/
 +
{{Note | This link is currently broken}}
 +
{{Note | One can use mkarchroot (provided by devtools) in place of archbootstrap if building the template on Archlinux. See [[Talk:Archlinux_Template_creation|Disussion]] for a bash script to do this. The script makes it easy to build an image on an arch machine, then copy the zipped template over to your VZ host.}}
  
 
Edit settings of script "archbootstrap" :
 
Edit settings of script "archbootstrap" :
Line 28: Line 121:
 
|}
 
|}
  
== bootstrapping Archlinux ==
+
=== bootstrapping Archlinux ===
  
 
Syntax:
 
Syntax:
Line 36: Line 129:
 
{{Note|Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror}}
 
{{Note|Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror}}
  
== enter the Build with chroot ==
+
=== enter the Build with chroot ===
  
 
All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created!
 
All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created!
Line 42: Line 135:
 
  CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/
 
  CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/
  
=== setting DNS server ===
+
==== setting DNS server ====
  
 
For the chroot BUILD we also need to specify a DNS for it:
 
For the chroot BUILD we also need to specify a DNS for it:
Line 48: Line 141:
 
  BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf
 
  BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf
  
=== update and install packages ===
+
==== update and install packages ====
  
 
Update (sync) pacman cache and update installed packages
 
Update (sync) pacman cache and update installed packages
Line 58: Line 151:
 
  BUILD_# pacman -S openssh quota-tools iproute
 
  BUILD_# pacman -S openssh quota-tools iproute
  
=== fix /etc/mtab ===
+
==== fix /etc/mtab ====
  
 
Add symlink /proc/mount /etc/mtab
 
Add symlink /proc/mount /etc/mtab
Line 64: Line 157:
 
  BUILD_# ln -s /proc/mounts /etc/mtab
 
  BUILD_# ln -s /proc/mounts /etc/mtab
  
=== fix /etc/inittab ===
+
==== fix /etc/inittab ====
  
 
Remove getty lines from inittab:
 
Remove getty lines from inittab:
Line 70: Line 163:
 
  BUILD_# sed -i -e '/getty/d' /etc/inittab
 
  BUILD_# sed -i -e '/getty/d' /etc/inittab
  
=== create device nodes ===
+
==== create device nodes ====
  
 
Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl
 
Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl
Line 85: Line 178:
 
  BUILD_# mknod -m 666 /dev/zero c 1 5
 
  BUILD_# mknod -m 666 /dev/zero c 1 5
  
=== sysinit script modification ===
+
==== sysinit script modification ====
  
 
Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts
 
Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts
Line 102: Line 195:
 
  [...]
 
  [...]
  
=== modify the main configuration file ===
+
==== modify the main configuration file ====
  
 
  BUILD_# nano /etc/rc.conf
 
  BUILD_# nano /etc/rc.conf
Line 126: Line 219:
 
  DAEMONS=(syslog-ng network netfs crond ssh)
 
  DAEMONS=(syslog-ng network netfs crond ssh)
  
=== enable ssh connections ===
+
==== enable ssh connections ====
  
 
{{Note|All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap}}
 
{{Note|All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap}}
Line 132: Line 225:
 
Allow ssh:
 
Allow ssh:
  
  BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow}
+
  BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow
  
=== lock (disable) the root account ===
+
==== lock (disable) the root account ====
  
 
  BUILD_# passwd -l root
 
  BUILD_# passwd -l root
  
=== exit the chroot to CT0 ===
+
==== exit the chroot to CT0 ====
  
 
  BUILD_# exit
 
  BUILD_# exit
  
== build a exclude list ==
+
=== build a exclude list ===
  
 
Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE
 
Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE
Line 160: Line 253:
 
We dont need no logs and history:
 
We dont need no logs and history:
  
  CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exlcude.list-$ARCH
+
  CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH
 
  CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH
 
  CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH
  
== create OS template ==
+
=== create OS template ===
  
  CT0_# tar -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./
+
  CT0_# tar --numeric-owner -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./
  
== use the OS template ==
+
=== use the OS template ===
  
 
  CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ...
 
  CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ...
  
== update the OS template ==
+
=== update the OS template ===
  
 
To update a template is really easy, enter the build with chroot, performing upgrade task
 
To update a template is really easy, enter the build with chroot, performing upgrade task
Line 179: Line 272:
 
Update the exclude list, and pack upgraded OS - Template
 
Update the exclude list, and pack upgraded OS - Template
  
== Links ==
+
=== Links ===
  
* [http://wiki.archlinux.org/index.php/Main_Page Archlinux wiki]
+
* [http://wiki.archlinux.org/index.php/Main_Page Arch Linux Wiki]
  
 
[[Category: HOWTO]]
 
[[Category: HOWTO]]
 
[[Category: Templates]]
 
[[Category: Templates]]

Latest revision as of 04:44, 21 February 2013

Script & archived instructions for creating an Arch container.

Script[edit]

Script for creating a minimal Arch Linux template adapted from the script in Disussion.

#!/bin/bash -x

DISTRO=arch
VERSION=2013

# set up base system plus:
#    syslinux (necessary? i don't think it is...)
#    vim (because nano is lame)
#    openssh
# ...any other package from standard Arch repos...
PACKS="base base-devel syslinux openssh vim"

MIRROR1=http://mirror.umoss.org/archlinux
MIRROR2=http://mirror.rit.edu/archlinux

if [[ ${1} == 64 ]]; then
  ARCH=x86_64
else
  if [[ ${1} == 32 ]]; then
    ARCH=i686
  else
    echo "Usage: ${0} 32|64"
    exit 1
  fi
fi

ROOT=${DISTRO}-${VERSION}-${ARCH}

TEMPLATE=$(pwd)/${ROOT}.tar.gz

if [[ "$(whoami)" == "root" ]]; then
    echo "Building template: ${ROOT}"
else
    echo "This script must be run as root (or with sudo)"
    exit 1
fi

cat <<EOF > pacman.conf
[options]
HoldPkg     = pacman glibc
SyncFirst   = pacman
Architecture = ${ARCH}

[core]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[extra]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[community]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
EOF

mkarchroot -C pacman.conf ${ROOT} ${PACKS}

if [[ $? -ne 0 ]]; then
    echo "Build failed".
    exit 1
fi

chmod 666 ${ROOT}/dev/null
chmod 666 ${ROOT}/dev/zero
mknod -m 666 ${ROOT}/dev/random c 1 8
mknod -m 666 ${ROOT}/dev/urandom c 1 9
mkdir -m 755 ${ROOT}/dev/pts
mkdir -m 1777 ${ROOT}/dev/shm
mknod -m 666 ${ROOT}/dev/tty c 5 0
mknod -m 666 ${ROOT}/dev/full c 1 7
mknod -m 600 ${ROOT}/dev/initctl p
mknod -m 666 ${ROOT}/dev/ptmx c 5 2


# we don't need any getty entries in a container
sed 's/^.*getty.*$//' -i ${ROOT}/etc/inittab

cd ${ROOT}
tar czvf ${TEMPLATE} .

echo "Created template: ${ROOT}"

Manual Instructions[edit]

The instructions below are informative but out of date and likely will not work with an Arch system built after 2011.

Prerequisites[edit]

I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/

Yellowpin.svg Note: This link is currently broken
Yellowpin.svg Note: One can use mkarchroot (provided by devtools) in place of archbootstrap if building the template on Archlinux. See Disussion for a bash script to do this. The script makes it easy to build an image on an arch machine, then copy the zipped template over to your VZ host.

Edit settings of script "archbootstrap" :

ARCH="i686"
IGNORE="rp-pppoe ppp wireless_tools xfsdump xfsprogs reiserfsprogs lshwd usbutils pciutils pcmciautils module-init-tools mdadm mkinitcpio libusb jfsutils lvm2 lilo cryptsetup device-mapper dhcpcd hwdetect dmapi gen-init-cpio grub"
umark PACMAN_OPTS (remove '#')


Yellowpin.svg Note: I suggest to place the build for OpenVZ templates to /vz/template/, schema: /vz/template/$DIST/$VERSION/$ARCH/

Built this OS-Template with:

CT0_dist Debian
CT0_ARCH i386
DIST arch
VERSION 0.8
ARCH depends on CT0 settings above

bootstrapping Archlinux[edit]

Syntax:

CT0_# /usr/bin/archbootstrap /vz/template/$DIST/$VERSION/$ARCH/ [MIRROR]
Yellowpin.svg Note: Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror

enter the Build with chroot[edit]

All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created!

CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/

setting DNS server[edit]

For the chroot BUILD we also need to specify a DNS for it:

BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf

update and install packages[edit]

Update (sync) pacman cache and update installed packages

BUILD_# pacman -Syu

Install openssh (client and server) , quota-tools and iproute

BUILD_# pacman -S openssh quota-tools iproute

fix /etc/mtab[edit]

Add symlink /proc/mount /etc/mtab

BUILD_# ln -s /proc/mounts /etc/mtab

fix /etc/inittab[edit]

Remove getty lines from inittab:

BUILD_# sed -i -e '/getty/d' /etc/inittab

create device nodes[edit]

Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl

BUILD_# mknod -m 600 /dev/console c 5 1
BUILD_# mknod -m 666 /dev/tty c 5 0
BUILD_# mknod -m 666 /dev/full c 1 7
BUILD_# mknod -m 600 /dev/initctl p
BUILD_# mknod -m 666 /dev/null c 1 3
BUILD_# mknod -m 666 /dev/ptmx c 5 2 
BUILD_# mkdir pts
BUILD_# mknod -m 666 /dev/random c 1 8
BUILD_# mknod -m 444 /dev/urandom c 1 9 
BUILD_# mknod -m 666 /dev/zero c 1 5

sysinit script modification[edit]

Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts

BUILD_# nano /etc/rc.sysinit
[...]
/bin/rm -f /etc/mtab
[...]

to

[...]
#/bin/rm -f /etc/mtab
/bin/mount -t devpts none /dev/pts
[...]

modify the main configuration file[edit]

BUILD_# nano /etc/rc.conf


# Localization
LOCALE="en_US.utf8"
HARDWARECLOCK="localtime"
# example : German KEYMAP and Timezone to Berlin
TIMEZONE="Europe/Berlin"
KEYMAP="de-latin1-nodeadkeys"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# Network settings
HOSTNAME="localhost"
# DAEMONS
# Add openssh to DAEMONS, start at bootup ; ssh-keys are build on first VE start !!!
DAEMONS=(syslog-ng network netfs crond ssh)

enable ssh connections[edit]

Yellowpin.svg Note: All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap

Allow ssh:

BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow

lock (disable) the root account[edit]

BUILD_# passwd -l root

exit the chroot to CT0[edit]

BUILD_# exit

build a exclude list[edit]

Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE

Remove unused pacman backup files:

CT0_# find ./ -name '*.pacorig' > ../exclude.list-$ARCH

/etc/resolv.conf is added by vzctl:

CT0_# echo "etc/resolv.conf" >> ../exclude.list-$ARCH

Don't add downloaded pkg to ostemplate:

CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH

We dont need no logs and history:

CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH
CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH

create OS template[edit]

CT0_# tar --numeric-owner -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./

use the OS template[edit]

CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ...

update the OS template[edit]

To update a template is really easy, enter the build with chroot, performing upgrade task

CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/ 'pacman -Syu'

Update the exclude list, and pack upgraded OS - Template

Links[edit]