Archlinux Template creation

From OpenVZ Virtuozzo Containers Wiki
Revision as of 04:44, 21 February 2013 by 66.183.88.152 (talk) (Added updated script and notice re: outdated instructions)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Script & archived instructions for creating an Arch container.

Script[edit]

Script for creating a minimal Arch Linux template adapted from the script in Disussion.

#!/bin/bash -x

DISTRO=arch
VERSION=2013

# set up base system plus:
#    syslinux (necessary? i don't think it is...)
#    vim (because nano is lame)
#    openssh
# ...any other package from standard Arch repos...
PACKS="base base-devel syslinux openssh vim"

MIRROR1=http://mirror.umoss.org/archlinux
MIRROR2=http://mirror.rit.edu/archlinux

if [[ ${1} == 64 ]]; then
  ARCH=x86_64
else
  if [[ ${1} == 32 ]]; then
    ARCH=i686
  else
    echo "Usage: ${0} 32|64"
    exit 1
  fi
fi

ROOT=${DISTRO}-${VERSION}-${ARCH}

TEMPLATE=$(pwd)/${ROOT}.tar.gz

if [[ "$(whoami)" == "root" ]]; then
    echo "Building template: ${ROOT}"
else
    echo "This script must be run as root (or with sudo)"
    exit 1
fi

cat <<EOF > pacman.conf
[options]
HoldPkg     = pacman glibc
SyncFirst   = pacman
Architecture = ${ARCH}

[core]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[extra]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
[community]
Server = ${MIRROR1}/\$repo/os/${ARCH}
Server = ${MIRROR2}/\$repo/os/${ARCH}
Include = /etc/pacman.d/mirrorlist
EOF

mkarchroot -C pacman.conf ${ROOT} ${PACKS}

if [[ $? -ne 0 ]]; then
    echo "Build failed".
    exit 1
fi

chmod 666 ${ROOT}/dev/null
chmod 666 ${ROOT}/dev/zero
mknod -m 666 ${ROOT}/dev/random c 1 8
mknod -m 666 ${ROOT}/dev/urandom c 1 9
mkdir -m 755 ${ROOT}/dev/pts
mkdir -m 1777 ${ROOT}/dev/shm
mknod -m 666 ${ROOT}/dev/tty c 5 0
mknod -m 666 ${ROOT}/dev/full c 1 7
mknod -m 600 ${ROOT}/dev/initctl p
mknod -m 666 ${ROOT}/dev/ptmx c 5 2


# we don't need any getty entries in a container
sed 's/^.*getty.*$//' -i ${ROOT}/etc/inittab

cd ${ROOT}
tar czvf ${TEMPLATE} .

echo "Created template: ${ROOT}"

Manual Instructions[edit]

The instructions below are informative but out of date and likely will not work with an Arch system built after 2011.

Prerequisites[edit]

I used a modified archbootstrap script which can be found at http://forzza.systs.org/openvz-misc/

Yellowpin.svg Note: This link is currently broken
Yellowpin.svg Note: One can use mkarchroot (provided by devtools) in place of archbootstrap if building the template on Archlinux. See Disussion for a bash script to do this. The script makes it easy to build an image on an arch machine, then copy the zipped template over to your VZ host.

Edit settings of script "archbootstrap" :

ARCH="i686"
IGNORE="rp-pppoe ppp wireless_tools xfsdump xfsprogs reiserfsprogs lshwd usbutils pciutils pcmciautils module-init-tools mdadm mkinitcpio libusb jfsutils lvm2 lilo cryptsetup device-mapper dhcpcd hwdetect dmapi gen-init-cpio grub"
umark PACMAN_OPTS (remove '#')


Yellowpin.svg Note: I suggest to place the build for OpenVZ templates to /vz/template/, schema: /vz/template/$DIST/$VERSION/$ARCH/

Built this OS-Template with:

CT0_dist Debian
CT0_ARCH i386
DIST arch
VERSION 0.8
ARCH depends on CT0 settings above

bootstrapping Archlinux[edit]

Syntax:

CT0_# /usr/bin/archbootstrap /vz/template/$DIST/$VERSION/$ARCH/ [MIRROR]
Yellowpin.svg Note: Please use mirrors! A full list of Archlinux mirrors: http://wiki.archlinux.org/index.php/Mirror

enter the Build with chroot[edit]

All the commands below are executed from the root shell. I this howto "chroot" is used to enter as NEWROOT, a BUILD-VE must not be created!

CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/

setting DNS server[edit]

For the chroot BUILD we also need to specify a DNS for it:

BUILD_# mv /etc/resolv.conf.pacorig /etc/resolv.conf

update and install packages[edit]

Update (sync) pacman cache and update installed packages

BUILD_# pacman -Syu

Install openssh (client and server) , quota-tools and iproute

BUILD_# pacman -S openssh quota-tools iproute

fix /etc/mtab[edit]

Add symlink /proc/mount /etc/mtab

BUILD_# ln -s /proc/mounts /etc/mtab

fix /etc/inittab[edit]

Remove getty lines from inittab:

BUILD_# sed -i -e '/getty/d' /etc/inittab

create device nodes[edit]

Create device nodes at /dev, like console, full, null, zero, urandom, ptmx and fifo of initctl

BUILD_# mknod -m 600 /dev/console c 5 1
BUILD_# mknod -m 666 /dev/tty c 5 0
BUILD_# mknod -m 666 /dev/full c 1 7
BUILD_# mknod -m 600 /dev/initctl p
BUILD_# mknod -m 666 /dev/null c 1 3
BUILD_# mknod -m 666 /dev/ptmx c 5 2 
BUILD_# mkdir pts
BUILD_# mknod -m 666 /dev/random c 1 8
BUILD_# mknod -m 444 /dev/urandom c 1 9 
BUILD_# mknod -m 666 /dev/zero c 1 5

sysinit script modification[edit]

Remove deleting of /etc/mtab in /etc/rc.sysinit and add mounting of /dev/pts

BUILD_# nano /etc/rc.sysinit
[...]
/bin/rm -f /etc/mtab
[...]

to

[...]
#/bin/rm -f /etc/mtab
/bin/mount -t devpts none /dev/pts
[...]

modify the main configuration file[edit]

BUILD_# nano /etc/rc.conf


# Localization
LOCALE="en_US.utf8"
HARDWARECLOCK="localtime"
# example : German KEYMAP and Timezone to Berlin
TIMEZONE="Europe/Berlin"
KEYMAP="de-latin1-nodeadkeys"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# Network settings
HOSTNAME="localhost"
# DAEMONS
# Add openssh to DAEMONS, start at bootup ; ssh-keys are build on first VE start !!!
DAEMONS=(syslog-ng network netfs crond ssh)

enable ssh connections[edit]

Yellowpin.svg Note: All connection are disabled to VE, see /etc/hosts.deny, only affected server built-in with libwrap

Allow ssh:

BUILD_# echo "ssh: ALL : ALLOW" >> /etc/hosts.allow

lock (disable) the root account[edit]

BUILD_# passwd -l root

exit the chroot to CT0[edit]

BUILD_# exit

build a exclude list[edit]

Shrink the OS-Template, so not all files needed in a VE - OS - TEMPLATE

Remove unused pacman backup files:

CT0_# find ./ -name '*.pacorig' > ../exclude.list-$ARCH

/etc/resolv.conf is added by vzctl:

CT0_# echo "etc/resolv.conf" >> ../exclude.list-$ARCH

Don't add downloaded pkg to ostemplate:

CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH

We dont need no logs and history:

CT0_# find ./var/cache/ -name '*.tar.gz' >> ../exclude.list-$ARCH
CT0_# find ./root/.bash_history >> ../exclude.list-$ARCH

create OS template[edit]

CT0_# tar --numeric-owner -X ../exclude.list-$ARCH -czf /vz/template/cache/arch-0.8-$ARCH-minimal.tar.gz ./

use the OS template[edit]

CT0_# vzctl create <VEID> --ostemplate arch-0.8-$ARCH-minimal ...

update the OS template[edit]

To update a template is really easy, enter the build with chroot, performing upgrade task

CT0_# chroot /vz/template/$DIST/$VERSION/$ARCH/ 'pacman -Syu'

Update the exclude list, and pack upgraded OS - Template

Links[edit]