Changes

Jump to: navigation, search

Ubuntu Gutsy template creation

948 bytes removed, 20:49, 14 November 2007
upgrade to an easier install process with chroot
Run debootstrap to install a minimal Ubunty Gutsy system into that directory:
# debootstrap [--arch ''ARCH'' ] gutsy gutsy-chroot
Substitute your architecture instead If ARCH of ''ARCH''. For exampleVE0 is equal to VE, for AMD64/x86_64, use <code>amd64</code> or for ia64than you can skip the arch option, use <code>ia64</code>. For i386 but if you do not have need to give this option.build a VZ OS Template with another ARCH arch can be:
=== Preparing/starting a VE ===Substitute your architecture instead of ''ARCH'':
Now then you have an installation created by debootstrap AMD64/x86_64, you can run it as a VE. In the example below VE ID of 777 is used; of course you can use any other non-allocated ID.<code>amd64</code> ia64, use <code>ia64</code> i386 <code>i386</code>
==== Moving installation to VE private area =chrooting ===
You should move the contents of gutsy-chroot directory into new Without createing a running VE for building a VE private area, like thisOS Template it's another way :chroot
[VE0]# mkdir /vz/private/777 # mv cd gutsy-chroot; chroot ./ /vz/private/777
==== Setting VE config ====An initial config for the [ [VE]] is needed: # vzctl set 777 --applyconfig vps.basic -mount -savet proc none /proc
==== Setting VE OSTEMPLATE ====
Also, we need <tt>OSTEMPLATE</tt> to be set in VE configuration file, for the [[vzctl]] to work properly.
# echo "OSTEMPLATE=ubuntu-7.10" >> /etc/vz/conf/777.conf ==== Setting VE IP address ====For the [[VE]] to be able to download updates from the Internet, we need a valid IP address for it: # vzctl set 777 --ipadd x.x.x.x --save {{Note|if you use private IP for the VE, you have to set up NAT as described in [[Using NAT for VE with private IPs]].}} ==== Setting DNS server for VE ====For the [[VE]] to be able to download updates from the Internet, we also need to specify a DNS for it: # vzctl set 777 --nameserver x.x.x.x --save Instead of <code>x.x.x.x</code>, specify the same IP that you have in your <code>/etc/resolv.conf</code>. ==== Starting VE ====Now start the VE: # vzctl start 777 === Modify the installation === You have to do some things in order to modify the installation to better suit the environment it will be run in (i.e. a VE). First, enter a VE: # vzctl enter 777 {{Warning|Do not run the commands below on the hardware node, they are only to be run within the VE!}} ==== Remove unneeded packages ====
Some packages does not make sense in a VE. Remove those:
[VE]# rm -fr /lib/udev
==== Disable getty ====
On a usual Linux system, getty is running on a virtual terminals, which a VE does not have.
First way:
[VE]# rm /etc/event.d/tty*
 
Second way:
[VE]# dpkg -P system-services
Second way can be dangerous for future versions of system-services, but it's OK for now since the only service they carry is running gettys.
==== Set sane permissions for /root directory ====
[VE]# chmod 700 /root
==== Disable root login ====
[VE]# usermod -L root
==== Get new security updates ====
[VE]# apt-get update && apt-get upgrade
<small>This didn't show anything for me, but might do something in the future.</small>
==== Install some more packages ====
[VE]# apt-get install ssh quota
Feel free to add packages which you want to have in a default template to this command.
==== Fix SSH host keys ====
This is only useful if you installed SSH above. Each individual [[VE]] should have its own pair of SSH host keys. The code below will wipe out the existing SSH keys and instruct the newly-created [[VE]] to create new SSH keys on first boot.
==== Disable <code>sync()</code> for syslog ====
Turn off doing <tt>sync()</tt> on every write for <code>syslog</code>'s log files, to improve overall I/O performance.
<pre>[VE]# sed -i -e 's@\([[:space:]]\)\(/var/log/\)@\1-\2@' /etc/syslog.conf</pre>
==== Fix <code>/etc/mtab</code> ====
Link <code>/etc/mtab</code> to <code>/proc/mounts</code>, so <code>df</code> and friends will work:
[VE]# rm -f /etc/mtab
[VE]# update-rc.d -f mtab.sh remove
==== Get rid of tmpfs mounts ====
[VE]# sed -ie '/tmpfs/d' /etc/init.d/mountkernfs.sh
==== Disable some services ====
In most of the cases you don't want klogd to run -- the only exception is if you configure iptables to log some events -- so you can disable it:
[VE]# update-rc.d -f klogd remove
==== Clean packages ====
After installing packages, you'll have some junk packages laying around in your cache. Since you don't want your template to have those, this command will wipe them out.
[VE]# apt-get clean
Set propper hostname and file /etc/hosts
Set propper hostname and file /etc/hosts
[VE]# echo "localhost" > /etc/hostname
[VE]# echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
Now everything is done. Exit from the template and go back to the hardware node.
 
[VE]# umount /proc
[VE]# exit
== Build precreated VZ OS Template == [VE0]# tar -xzf /var/lib/vz/template/cache/ubuntu-7.10-<bigarch>-minimal.tar.gz ./   == Update a VE OS Template == Chroot to your debstrapped system [VE0]# cd <bigdir>To be continued; chroot ./  Update and Install updates [VE] # apt-get update && apt-get upgrade  Cleanup [VE] # apt-get clean  Clean unused log files, .bash_history etc. [VE] # exit Build your updated VE OS Template [VE0]# tar -xzf /var/lib/vz/template/cache/ubuntu-7.10-</bigarch><-minimal.tar.gz ./big>
Curx
59
edits
Retrieved from "https://wiki.openvz.org/Special:MobileDiff/3598"

Navigation menu