Single file version available here.
Last updated on 2008-03-29.
To discuss, comment here.
| Prev | ||
| Home |
http://www.howtoforge.com/linux_vserver_debian_etch
In this tutorial, I'll show you how to install Linux-Vserver on Debian Testing (Etch), the easy way. You may find it a bit verbose, as I try to explain things in enough detail so that everyone understands what I mean
What is Linux-Vserver, you ask? It's simple. Basically, Linux-Vserver is an open-source system used to separate a single physical server into multiple virtual servers. From the Linux-Vserver website:
"Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers."
Two terms you will need to know are:
Most tutorials mention that you need to compile your own kernel in order to use Linux-Vserver. However, Debian Etch includes a Linux-Vserver kernel as standard, so you don't need to compile it yourself. This has the advantage of being easier and faster to install, and it's easy to keep up-to-date with security updates.
The packages required by Linux-Vserver are:
install them with:
# apt-get install linux-image-vserver-686 util-vserver vserver-debiantools ssh
So, now that Linux-Vserver is set up and ready to use, we need to create a guest system. On a Debian system, you may do so using the newvserver command. The syntax of this command is:
newvserver --vsroot /var/lib/vservers/ --hostname <Hostname> \ --domain <Domain> --ip <IP Address>/<CIDR Range> \ --dist etch --mirror <Debian Mirror> --interface <Net Interface>
The command line arguments are:
So, let's make a test server. The settings for our test guest are like so:
Let's go!
# newvserver --vsroot /var/lib/vservers/ --hostname test1 --domain example.com --ip 10.1.1.7/8 --dist etch --mirror http://ftp.au.debian.org/debian/ --interface eth1
This will begin a Debian net install, which will only take a few minutes. Once the packages are all downloaded and installed, the Debian base setup will come up. This will prompt you for your time zone, and also ask for a root password. Once you've completed this, the VServer will be ready to use.
OK, so we've set up the guest, now to do anything useful, we need to start the guest, and enter into its context. To do so, we use the 'vserver' command. The basic syntax for it is:
vserver <name> [start | stop | restart | enter]
So, to start and enter the guest we created earlier, type the following:
vserver test1 start; vserver test1 enter
The output will be a bit like:
root@server1:/home/daniel# vserver test1 start; vserver test1 enter Starting system log daemon: syslogd. Starting internet superserver: no services enabled, inetd not started. Starting periodic command scheduler.... test1:/#
We're now 'inside' the virtual server. You can run any command you would normally run. Note that this is a very basic installation, so you should use apt to install whatever you want.
This tutorial doesn't cover everything, it's only meant to be a guide on beginning to use Linux-Vserver. The rest is up to your imagination… Have fun!
documented on: 2006-11-21, Daniel15 (Daniel Lo Nigro)
http://www.cedarcreeksoftware.com/an-even-easier-linux-vserver-tutorial.html
Linux-Vserver is a very interesting tool for setting up a quick virtual host without the pains and expense of some other system like XEN or VMWare. It's more secure and "standalone-ish" than any of the Jail packages I've tried.
I found a fairly good, easy-to-follow article, "Linux-Vserver on Debian Testing (Etch), the easy way " here: http://www.howtoforge.com/linux_vserver_debian_etch
However, that article left out a few small details that are worth jotting down in your notes.
I suggest you read the other article briefly and follow its instructions for installing the VServer kernel and utilities into the host system, then look at the following instructions for some hopefully pain-free steps to setting up a new vserver guest.
First, some modifications to the host system are in order:
The VServer "create" scripts will gather information from the host, including what goes into /etc/resolve.conf for nameservers. If you're running bind on the host system, temporarily comment out the "nameserver 127.0.0.1" lines in resolv.conf before creating a new vserver - or your guest will have some DNS resolution problems at the end of the setup.
Also, sshd on the host system will bind to all addresses, including the ones belonging to the vserver guests (which will cause the guest sshd to fail), so modify the host's /etc/ssh/sshd_config so that it only binds to the host's own IP: ListenAddress 192.168.0.2 (replace 192.168.0.2 with the primary IP of the host system, which should not be shared with any of the guests).
Create your new vserver guest, using the appropriate hostname, domain, IP, netmask and Debian mirror for your situation (run the following commands as root on your host vserver system):
newvserver --vsroot /vservers/ --hostname vsrv1 \ --domain local --ip 192.168.0.140/24 \ --dist etch --mirror http://ftp.us.debian.org/debian/
cd /etc/vservers/vsrv1/interfaces cp -a 0 1 cd 0 echo lo > dev echo 127.0.0.1 > ip cd ..
At this point you should be aware that by default, a new VServer guest is setup with a 16MB /tmp mounted from the hosts's tmpfs. Depending on what you are doing with your VServer guest, 16MB may be enough for you, and having it in RAM is nice. But 16MB is not much tmp space for most folks, so either make it bigger than 16MB, or remove the line from fstab so that /tmp is on-disk like most systems.
You can change this setting by editing the fstab file in the directory you are now in (/etc/vservers/vsrv1/). In my case I just commented out the line mounting the 16MB tmp. Now:
cd vserver vsrv1 start vserver vsrv1 enter
Your shell prompt is now inside your new virtual server.
At this point I would run "apt-get update", and install some extra packages. The initial package selection is pretty slim!
apt-get update ; apt-get install emacs21-nox ssh less
Be aware that by default the sources.list in the guest only contains "main" repositories, if you want contrib, non-free, or others, you'll have to configure them.
Edit /etc/ssh/sshd_config, set the ListenAddress directive to the IP you've designated for your guest. Then start sshd:
/etc/init.d/ssh start
To log out of the vserver console, hit Ctrl-D. The guest is still running.
If you want your vserver guest to start at boot time when the host system starts, run the following on the host system:
echo "default" > /etc/vservers/vsrv1/apps/init/mark
Another helpful hint I found - I did not have this problem, but it's worth noting in case you do:
Q: "If I shut down my vserver guest, the whole Internet interface ethX on the host is shut down. What happened?
A: When you shut down a guest (i.e. vserver foo stop), the IP is brought down on the host also. If this IP happens to be the primary IP of the host, the kernel will not only bring down the primary IP, but also all secondary IP addresses. But in very recent kernels, there is an option set table which prevents that nasty feature. It's called "alias promotion". You may set it via sysctl by adding net.ipv4.conf.all.promote_secondaries=1 in /etc/sysctl.conf or via sysctl command line."
documented on: 2007-11-08, Copyright 2007 Cedar Creek Software