Difference between revisions of "Gentoo template creation"
(→Edit /etc/init.d/checkroot: This will do the same thing without completely screwing up your machine when you update baselayout...) |
(→Make distfiles and portage tree of the host system available in a VE) |
||
| Line 116: | Line 116: | ||
===Make distfiles and portage tree of the host system available in a VE=== | ===Make distfiles and portage tree of the host system available in a VE=== | ||
| + | |||
| + | {{Note|This step is optional and will result in shared files between VEs! These steps can save space on disk but trade isolation and security... consider your options carefully!}} | ||
To install software into a VE with portage you should mount /usr/portage into VE with "bind" option. Do this after VE starts: | To install software into a VE with portage you should mount /usr/portage into VE with "bind" option. Do this after VE starts: | ||
Revision as of 23:29, 24 February 2007
This page is about making a template cache for OpenVZ VE from Gentoo Linux. The method is basically the same as described in Slackware template creation article.
Contents
- 1 Download stage3
- 2 Create directory for the new VE and unarchive stage3
- 3 Create VE config
- 4 Edit config
- 5 Make /etc/mtab a symlink to /proc/mounts
- 6 Edit /etc/fstab
- 7 Edit /etc/inittab
- 8 Edit /etc/shadow
- 9 Edit /etc/init.d/checkroot
- 10 Edit /sbin/rc
- 11 Set up udev
- 12 Test
- 13 Make distfiles and portage tree of the host system available in a VE
- 14 Create the cache file
- 15 Test the new cache file
Download stage3
We shall make the template from stage3 file. OpenVZ OS template should be an archive of root of the working system, but without the kernel and some files. You can download stage3 from the nearest mirror here: http://www.gentoo.org/main/en/mirrors.xml.
Create directory for the new VE and unarchive stage3
mkdir /vz/private/777 tar -xjf /root/stage3-i686-2006.0.tar.bz2 -C /vz/private/777
Create VE config
Now you need to create the configuration file for the VE, 777.conf:
vzctl set 777 --applyconfig vps.basic --save
Edit config
Add to the /etc/vz/conf/777.conf:
DISTRIBUTION="gentoo" OSTEMPLATE="gentoo"
Make /etc/mtab a symlink to /proc/mounts
The VE root filesystem is mounted by the host system, not the guest -- and therefore root fs will not appear in /etc/mtab. It will lead to df command non-working.
rm -f /vz/private/777/etc/mtab ln -s /proc/mounts /vz/private/777/etc/mtab
After replacing /etc/mtab with a symlink to /proc/mounts, you will always have up-to-date information of what is mounted in /etc/mtab.
Edit /etc/fstab
echo "proc /proc proc defaults 0 0" > /vz/private/777/etc/fstab
We need only /proc to be mounted at the boot time.
Edit /etc/inittab
Edit /vz/private/777/etc/inittab, putting a hashmark (#) before the lines containing:
c?:1235:respawn:/sbin/agetty 38400 tty? linux
This prevents from starting getty and login on ttys that does not exist in VEs.
Edit /etc/shadow
Edit /vz/private/777/etc/shadow, change root's password in the first line to an exclamation mark (!):
root:!:10071:0:::::
This will disable the root login until the password changed with vzctl set VEID --userpasswd root:password.
Edit /etc/init.d/checkroot
The checkroot script should not be enabled on boot
rm /vz/private/777/etc/runlevels/boot/checkroot
Edit /sbin/rc
Comment line number 141 in /vz/private/777/sbin/rc:
try mount -n ${mntcmd:--t sysfs sysfs /sys}
This prevents from attepting to mount /sys.
Set up udev
Delete /lib/udev-state/devices.tar.bz2 and create some device nodes needed to enter a VE:
cd /vz/private/777/lib rm udev-state/devices.tar.bz2 mknod udev/devices/ttyp0 c 3 0 mknod udev/devices/ptyp0 c 2 0 mknod udev/devices/ptmx c 5 2
Set RC_DEVICES="static" in /vz/private/777/etc/conf.d/rc
You have to leave the directory you are in for the next step to be ok, otherwise you will get this error message :
vzquota : (error) Quota on syscall for 777: Device or resource busy
vzquota on failed [3]
cd /
Test
vzctl start 777 vzctl enter 777
You can check running services.
rc-status -a
All services in boot and default runlevels must be started. If everything all right, stop it
vzctl stop 777
Make distfiles and portage tree of the host system available in a VE
|
Note: This step is optional and will result in shared files between VEs! These steps can save space on disk but trade isolation and security... consider your options carefully! |
To install software into a VE with portage you should mount /usr/portage into VE with "bind" option. Do this after VE starts:
mkdir /vz/root/777/usr/portage mount -o bind /usr/portage /vz/root/777/usr/portage
If your /usr/portage/distfiles placed on the other partition do:
mount -n -o bind /usr/portage/distfiles /vz/root/777/usr/portage/distfiles
Now, to install package into a VE you just need enter there by vzctl enter and run
emerge package_name
while you have all the needed files in the /usr/portage/distfiles of host system.
For security reasons hold this directories mounted only while you are installing software into a VE.
|
|
Note: you have to umount /vz/root/777/usr/portage/distfiles before trying to stop your VE.
|
Create the cache file
cd /vz/private/777/ tar czf /vz/template/cache/gentoo.tar.gz *
Test the new cache file
vzctl create 800 --ostemplate gentoo --ipadd 192.168.0.10 --hostname testvps
If created successfully, try to start it:
vzctl start 800
If it started, and you can ssh in, congratulations, you've got a working Gentoo template!
