Difference between revisions of "Archlinux Template creation"
(inital release) |
(Added updated script and notice re: outdated instructions) |
||
| (10 intermediate revisions by 7 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Script & archived instructions for creating an Arch container. | |
| − | == | + | == Script == |
| − | + | Script for creating a minimal Arch Linux template adapted from the script in [[Talk:Archlinux_Template_creation|Disussion]]. | |
| + | <pre>#!/bin/bash -x | ||
| + | |||
| + | DISTRO=arch | ||
| + | VERSION=2013 | ||
| + | |||
| + | # set up base system plus: | ||
| + | # syslinux (necessary? i don't think it is...) | ||
| + | # vim (because nano is lame) | ||
| + | # openssh | ||
| + | # ...any other package from standard Arch repos... | ||
| + | PACKS="base base-devel syslinux openssh vim" | ||
| − | + | MIRROR1=http://mirror.umoss.org/archlinux | |
| + | MIRROR2=http://mirror.rit.edu/archlinux | ||
| − | + | if [[ ${1} == 64 ]]; then | |
| − | ARCH= | + | ARCH=x86_64 |
| − | + | else | |
| + | if [[ ${1} == 32 ]]; then | ||
| + | ARCH=i686 | ||
| + | else | ||
| + | echo "Usage: ${0} 32|64" | ||
| + | exit 1 | ||
| + | fi | ||
| + | fi | ||
| − | + | ROOT=${DISTRO}-${VERSION}-${ARCH} | |
| − | |||
| − | + | TEMPLATE=$(pwd)/${ROOT}.tar.gz | |
| − | + | if [[ "$(whoami)" == "root" ]]; then | |
| − | + | echo "Building template: ${ROOT}" | |
| + | else | ||
| + | echo "This script must be run as root (or with sudo)" | ||
| + | exit 1 | ||
| + | fi | ||
| − | + | cat <<EOF > pacman.conf | |
| − | + | [options] | |
| + | HoldPkg = pacman glibc | ||
| + | SyncFirst = pacman | ||
| + | Architecture = ${ARCH} | ||
| − | + | [core] | |
| − | + | Server = ${MIRROR1}/\$repo/os/${ARCH} | |
| − | ARCH | + | Server = ${MIRROR2}/\$repo/os/${ARCH} |
| − | + | Include = /etc/pacman.d/mirrorlist | |
| + | [extra] | ||
| + | Server = ${MIRROR1}/\$repo/os/${ARCH} | ||
| + | Server = ${MIRROR2}/\$repo/os/${ARCH} | ||
| + | Include = /etc/pacman.d/mirrorlist | ||
| + | [community] | ||
| + | Server = ${MIRROR1}/\$repo/os/${ARCH} | ||
| + | Server = ${MIRROR2}/\$repo/os/${ARCH} | ||
| + | Include = /etc/pacman.d/mirrorlist | ||
| + | EOF | ||
| + | mkarchroot -C pacman.conf ${ROOT} ${PACKS} | ||
| − | + | if [[ $? -ne 0 ]]; then | |
| + | echo "Build failed". | ||
| + | exit 1 | ||
| + | fi | ||
| − | + | chmod 666 ${ROOT}/dev/null | |
| + | chmod 666 ${ROOT}/dev/zero | ||
| + | mknod -m 666 ${ROOT}/dev/random c 1 8 | ||
| + | mknod -m 666 ${ROOT}/dev/urandom c 1 9 | ||
| + | mkdir -m 755 ${ROOT}/dev/pts | ||
| + | mkdir -m 1777 ${ROOT}/dev/shm | ||
| + | mknod -m 666 ${ROOT}/dev/tty c 5 0 | ||
| + | mknod -m 666 ${ROOT}/dev/full c 1 7 | ||
| + | mknod -m 600 ${ROOT}/dev/initctl p | ||
| + | mknod -m 666 ${ROOT}/dev/ptmx c 5 2 | ||
| − | |||
| − | + | # we don't need any getty entries in a container | |
| + | sed 's/^.*getty.*$//' -i ${ROOT}/etc/inittab | ||
| + | cd ${ROOT} | ||
| + | tar czvf ${TEMPLATE} . | ||
| − | + | echo "Created template: ${ROOT}"</pre> | |
| − | + | == Manual Instructions == | |
| − | + | The instructions below are informative but out of date and likely '''will not''' work with an Arch system built after 2011. | |
| + | === Prerequisites === | ||
| − | + | I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/ | |
| + | {{Note | This link is currently broken}} | ||
| + | {{Note | One can use mkarchroot (provided by devtools) in place of archbootstrap if building the template on Archlinux. See [[Talk:Archlinux_Template_creation|Disussion]] for a bash script to do this. The script makes it easy to build an image on an arch machine, then copy the zipped template over to your VZ host.}} | ||
| − | + | Edit settings of script "archbootstrap" : | |
| − | + | ARCH="i686" | |
| − | + | IGNORE="rp-pppoe ppp wireless_tools xfsdump xfsprogs reiserfsprogs lshwd usbutils pciutils pcmciautils module-init-tools mdadm mkinitcpio libusb jfsutils lvm2 lilo cryptsetup device-mapper dhcpcd hwdetect dmapi gen-init-cpio grub" | |
| + | umark PACMAN_OPTS (remove '#') | ||
| − | |||
| − | + | {{Note|I suggest to place the build for OpenVZ templates to /vz/template/, schema: /vz/template/$DIST/$VERSION/$ARCH/}} | |
| − | + | Built this OS-Template with: | |
| + | {| class="wikitable" | ||
| + | || [[CT0]]_dist || Debian | ||
| + | |- | ||
| + | || [[CT0]]_ARCH || i386 | ||
| + | |- | ||
| + | || DIST || arch | ||
| + | |- | ||
| + | || VERSION || 0.8 | ||
| + | |- | ||
| + | || ARCH || depends on CT0 settings above | ||
| + | |} | ||
| − | + | === bootstrapping Archlinux === | |
| − | + | Syntax: | |
| + | CT0_# /usr/bin/archbootstrap /vz/template/$DIST/$VERSION/$ARCH/ [MIRROR] | ||
| − | + | {{Note|Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror}} | |
| − | + | === enter the Build with chroot === | |
| − | + | All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created! | |
| + | CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/ | ||
| − | === | + | ==== setting DNS server ==== |
| − | + | For the chroot BUILD we also need to specify a DNS for it: | |
| − | BUILD_# | + | BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf |
| + | ==== update and install packages ==== | ||
| − | + | Update (sync) pacman cache and update installed packages | |
| − | + | BUILD_# pacman -Syu | |
| − | + | Install openssh (client and server) , quota-tools and iproute | |
| − | BUILD_# | + | BUILD_# pacman -S openssh quota-tools iproute |
| − | + | ==== fix /etc/mtab ==== | |
| − | + | Add symlink /proc/mount /etc/mtab | |
| − | BUILD_# | + | BUILD_# ln -s /proc/mounts /etc/mtab |
| − | + | ==== fix /etc/inittab ==== | |
| − | + | Remove getty lines from inittab: | |
| − | BUILD_# | + | BUILD_# sed -i -e '/getty/d' /etc/inittab |
| − | + | ==== create device nodes ==== | |
| − | + | Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl | |
| + | BUILD_# mknod -m 600 /dev/console c 5 1 | ||
| + | BUILD_# mknod -m 666 /dev/tty c 5 0 | ||
| + | BUILD_# mknod -m 666 /dev/full c 1 7 | ||
| + | BUILD_# mknod -m 600 /dev/initctl p | ||
| + | BUILD_# mknod -m 666 /dev/null c 1 3 | ||
| + | BUILD_# mknod -m 666 /dev/ptmx c 5 2 | ||
| + | BUILD_# mkdir pts | ||
| + | BUILD_# mknod -m 666 /dev/random c 1 8 | ||
| + | BUILD_# mknod -m 444 /dev/urandom c 1 9 | ||
| + | BUILD_# mknod -m 666 /dev/zero c 1 5 | ||
| − | === sysinit script modification === | + | ==== sysinit script modification ==== |
Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts | Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts | ||
| − | BUILD_# nano /etc/rc.sysinit | + | BUILD_# nano /etc/rc.sysinit |
| − | + | [...] | |
| − | [...] | + | /bin/rm -f /etc/mtab |
| − | /bin/rm -f /etc/mtab | + | [...] |
| − | [...] | ||
| − | |||
to | to | ||
| − | + | [...] | |
| − | [...] | + | #/bin/rm -f /etc/mtab |
| − | #/bin/rm -f /etc/mtab | + | /bin/mount -t devpts none /dev/pts |
| − | /bin/mount -t devpts none /dev/pts | + | [...] |
| − | [...] | ||
| − | |||
| + | ==== modify the main configuration file ==== | ||
| − | + | BUILD_# nano /etc/rc.conf | |
| − | |||
| − | |||
# Localization | # Localization | ||
LOCALE="en_US.utf8" | LOCALE="en_US.utf8" | ||
| Line 147: | Line 218: | ||
# Add openssh to DAEMONS, start at bootup ; ssh-keys are build on first VE start !!! | # Add openssh to DAEMONS, start at bootup ; ssh-keys are build on first VE start !!! | ||
DAEMONS=(syslog-ng network netfs crond ssh) | DAEMONS=(syslog-ng network netfs crond ssh) | ||
| − | |||
| − | |||
| − | === enable ssh connections === | + | ==== enable ssh connections ==== |
{{Note|All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap}} | {{Note|All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap}} | ||
| − | Allow ssh : | + | Allow ssh: |
| − | |||
| − | |||
| − | |||
| − | |||
| + | BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow | ||
| − | === lock (disable) the root account === | + | ==== lock (disable) the root account ==== |
| − | BUILD_# passwd -l root | + | BUILD_# passwd -l root |
| + | ==== exit the chroot to CT0 ==== | ||
| − | + | BUILD_# exit | |
| − | + | === build a exclude list === | |
| − | |||
| − | |||
| − | == build a exclude list == | ||
Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE | Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE | ||
| + | Remove unused pacman backup files: | ||
| − | + | CT0_# find ./ -name '*.pacorig' > ../exclude.list-$ARCH | |
| − | + | <code>/etc/resolv.conf</code> is added by vzctl: | |
| + | CT0_# echo "etc/resolv.conf" >> ../exclude.list-$ARCH | ||
| − | + | Don't add downloaded pkg to ostemplate: | |
| − | + | CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH | |
| + | We dont need no logs and history: | ||
| − | + | CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH | |
| + | CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH | ||
| − | + | === create OS template === | |
| + | CT0_# tar --numeric-owner -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./ | ||
| − | + | === use the OS template === | |
| − | + | CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ... | |
| + | === update the OS template === | ||
| − | + | To update a template is really easy, enter the build with chroot, performing upgrade task | |
| − | + | CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/ 'pacman -Syu' | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Update the exclude list, and pack upgraded OS - Template | Update the exclude list, and pack upgraded OS - Template | ||
| + | === Links === | ||
| − | + | * [http://wiki.archlinux.org/index.php/Main_Page Arch Linux Wiki] | |
| − | |||
| − | |||
| − | |||
[[Category: HOWTO]] | [[Category: HOWTO]] | ||
[[Category: Templates]] | [[Category: Templates]] | ||
Latest revision as of 04:44, 21 February 2013
Script & archived instructions for creating an Arch container.
Contents
Script[edit]
Script for creating a minimal Arch Linux template adapted from the script in Disussion.
#!/bin/bash -x
DISTRO=arch
VERSION=2013
# set up base system plus:
# syslinux (necessary? i don't think it is...)
# vim (because nano is lame)
# openssh
# ...any other package from standard Arch repos...
PACKS="base base-devel syslinux openssh vim"
MIRROR1=http://mirror.umoss.org/archlinux
MIRROR2=http://mirror.rit.edu/archlinux
if [[ ${1} == 64 ]]; then
ARCH=x86_64
else
if [[ ${1} == 32 ]]; then
ARCH=i686
else
echo "Usage: ${0} 32|64"
exit 1
fi
fi
ROOT=${DISTRO}-${VERSION}-${ARCH}
TEMPLATE=$(pwd)/${ROOT}.tar.gz
if [[ "$(whoami)" == "root" ]]; then
echo "Building template: ${ROOT}"
else
echo "This script must be run as root (or with sudo)"
exit 1
fi
cat <<EOF > pacman.conf
[options]
HoldPkg = pacman glibc
SyncFirst = pacman
Architecture = ${ARCH}
[core]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[extra]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[community]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
EOF
mkarchroot -C pacman.conf ${ROOT} ${PACKS}
if [[ $? -ne 0 ]]; then
echo "Build failed".
exit 1
fi
chmod 666 ${ROOT}/dev/null
chmod 666 ${ROOT}/dev/zero
mknod -m 666 ${ROOT}/dev/random c 1 8
mknod -m 666 ${ROOT}/dev/urandom c 1 9
mkdir -m 755 ${ROOT}/dev/pts
mkdir -m 1777 ${ROOT}/dev/shm
mknod -m 666 ${ROOT}/dev/tty c 5 0
mknod -m 666 ${ROOT}/dev/full c 1 7
mknod -m 600 ${ROOT}/dev/initctl p
mknod -m 666 ${ROOT}/dev/ptmx c 5 2
# we don't need any getty entries in a container
sed 's/^.*getty.*$//' -i ${ROOT}/etc/inittab
cd ${ROOT}
tar czvf ${TEMPLATE} .
echo "Created template: ${ROOT}"
Manual Instructions[edit]
The instructions below are informative but out of date and likely will not work with an Arch system built after 2011.
Prerequisites[edit]
I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/
|
Note: This link is currently broken |
|
|
Note: One can use mkarchroot (provided by devtools) in place of archbootstrap if building the template on Archlinux. See Disussion for a bash script to do this. The script makes it easy to build an image on an arch machine, then copy the zipped template over to your VZ host. |
Edit settings of script "archbootstrap" :
ARCH="i686" IGNORE="rp-pppoe ppp wireless_tools xfsdump xfsprogs reiserfsprogs lshwd usbutils pciutils pcmciautils module-init-tools mdadm mkinitcpio libusb jfsutils lvm2 lilo cryptsetup device-mapper dhcpcd hwdetect dmapi gen-init-cpio grub" umark PACMAN_OPTS (remove '#')
|
|
Note: I suggest to place the build for OpenVZ templates to /vz/template/, schema: /vz/template/$DIST/$VERSION/$ARCH/ |
Built this OS-Template with:
| CT0_dist | Debian |
| CT0_ARCH | i386 |
| DIST | arch |
| VERSION | 0.8 |
| ARCH | depends on CT0 settings above |
bootstrapping Archlinux[edit]
Syntax:
CT0_# /usr/bin/archbootstrap /vz/template/$DIST/$VERSION/$ARCH/ [MIRROR]
|
|
Note: Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror |
enter the Build with chroot[edit]
All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created!
CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/
setting DNS server[edit]
For the chroot BUILD we also need to specify a DNS for it:
BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf
update and install packages[edit]
Update (sync) pacman cache and update installed packages
BUILD_# pacman -Syu
Install openssh (client and server) , quota-tools and iproute
BUILD_# pacman -S openssh quota-tools iproute
fix /etc/mtab[edit]
Add symlink /proc/mount /etc/mtab
BUILD_# ln -s /proc/mounts /etc/mtab
fix /etc/inittab[edit]
Remove getty lines from inittab:
BUILD_# sed -i -e '/getty/d' /etc/inittab
create device nodes[edit]
Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl
BUILD_# mknod -m 600 /dev/console c 5 1 BUILD_# mknod -m 666 /dev/tty c 5 0 BUILD_# mknod -m 666 /dev/full c 1 7 BUILD_# mknod -m 600 /dev/initctl p BUILD_# mknod -m 666 /dev/null c 1 3 BUILD_# mknod -m 666 /dev/ptmx c 5 2 BUILD_# mkdir pts BUILD_# mknod -m 666 /dev/random c 1 8 BUILD_# mknod -m 444 /dev/urandom c 1 9 BUILD_# mknod -m 666 /dev/zero c 1 5
sysinit script modification[edit]
Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts
BUILD_# nano /etc/rc.sysinit
[...] /bin/rm -f /etc/mtab [...]
to
[...] #/bin/rm -f /etc/mtab /bin/mount -t devpts none /dev/pts [...]
modify the main configuration file[edit]
BUILD_# nano /etc/rc.conf
# Localization LOCALE="en_US.utf8" HARDWARECLOCK="localtime"
# example : German KEYMAP and Timezone to Berlin TIMEZONE="Europe/Berlin" KEYMAP="de-latin1-nodeadkeys"
CONSOLEFONT= CONSOLEMAP= USECOLOR="yes"
# Network settings HOSTNAME="localhost"
# DAEMONS # Add openssh to DAEMONS, start at bootup ; ssh-keys are build on first VE start !!! DAEMONS=(syslog-ng network netfs crond ssh)
enable ssh connections[edit]
|
|
Note: All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap |
Allow ssh:
BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow
lock (disable) the root account[edit]
BUILD_# passwd -l root
exit the chroot to CT0[edit]
BUILD_# exit
build a exclude list[edit]
Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE
Remove unused pacman backup files:
CT0_# find ./ -name '*.pacorig' > ../exclude.list-$ARCH
/etc/resolv.conf is added by vzctl:
CT0_# echo "etc/resolv.conf" >> ../exclude.list-$ARCH
Don't add downloaded pkg to ostemplate:
CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH
We dont need no logs and history:
CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH
create OS template[edit]
CT0_# tar --numeric-owner -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./
use the OS template[edit]
CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ...
update the OS template[edit]
To update a template is really easy, enter the build with chroot, performing upgrade task
CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/ 'pacman -Syu'
Update the exclude list, and pack upgraded OS - Template
