Downloadable chroots for Debian, Ubuntu, and Fedora Core 

http://www.debian-administration.org/articles/559

*Tags*: chroot, downloads, offsite, rsync, vserver Add New Tag

I'm a frequent user of vserver and I like to create fresh installations as quickly as I can, for packaging or test purposes mostly. Unfortunately there aren't many current images available for download. So I made my own.

I've found a small number of vserver images available for download, unfortunately they tend to be obsolete or impractical to use compared to the standard debootstrap method.

I also like to have a repository of chroots available via rsync and so I've made them available at:

rsync rsync://packaging-farm.dachary.org/packaging-farm/

(That link can be found in the vserver downloads section. http://linux-vserver.org/Downloads#Chroot_repositories)

The rsync server contains the following distributions:

I update them from time to time (typically once a month) and they have been around for over two years now. The area in which these chroot are most usefull to me is for building packages. I've started to use them recently to create tests for sysadmin shell scripts: it is run in a chroot that is reset with "rsync —delete" before and after running.

I initialy thought that the lack of virgin chroot on the net was because my use case was wrong. I expected to hear from friends that there is a much better way to handle packaging and tests. After two years I'm still happy with my chroot collection and decided to share them with a broader audience.

documented on: 5 Nov 2007, loic

Creating and using vserver virtual servers 

http://www.unixshell.com/wiki/index.php?title=Creating_and_using_vserver_virtual_servers

Linux-Vserver [1] is a virtualization layer that allows you to run a Linux distribution within Linux. Using this method has many benefits, most apparent of which are: added security, new and easier ways to perform backups, "hot swap-able" servers, full root access on all vservers, and multiple flavors of linux installed under the same main server.

This howto will focus on Debian as both the host and guest, however, it should be easily enough to adapt for other flavors of linux. Also, because of the nature of this wiki, it will include some unixshell specific details. Because of the way the emulation is done in linux-vserver, there is very little overhead. That said, each vserver will still consume the same amount of resources as a full installation. As a result, vservers should probably not be used on some of the more modest plans. I would suggest at least the 64, preferably the 96.

Contents

 1 Prepare the Vserver Host
     o 1.1 Kernel and vserver-utils
     o 1.2 Host Networking
           + 1.2.1 xinetd
           + 1.2.2 Networking Option A
           + 1.2.3 Networking Option B
           + 1.2.4 Saving IP Tables Rules
 2 Create a Vserver Guest
 3 Configure the Guest
     o 3.1 Guest Networking
           + 3.1.1 Guest Networking Option A
           + 3.1.2 Guest Networking Option B
 4 Tips, Tricks, and Goodies
     o 4.1 Other Guest Distros
     o 4.2 Hot swapping
     o 4.3 Backups
     o 4.4 Reselling
     o 4.5 Other
 5 External Resources
[... rest omitted, check the source instead ...]

Page last modified 5 March 2006

documented on: 2008-02-03

Linux-Vserver on Debian Testing, the easy way 

http://www.howtoforge.com/linux_vserver_debian_etch

In this tutorial, I'll show you how to install Linux-Vserver on Debian Testing (Etch), the easy way. You may find it a bit verbose, as I try to explain things in enough detail so that everyone understands what I mean

What is Linux-Vserver, you ask? It's simple. Basically, Linux-Vserver is an open-source system used to separate a single physical server into multiple virtual servers. From the Linux-Vserver website:

"Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers."

Two terms you will need to know are:

Most tutorials mention that you need to compile your own kernel in order to use Linux-Vserver. However, Debian Etch includes a Linux-Vserver kernel as standard, so you don't need to compile it yourself. This has the advantage of being easier and faster to install, and it's easy to keep up-to-date with security updates.

The Packages 

The packages required by Linux-Vserver are:

install them with:

# apt-get install linux-image-vserver-686 util-vserver vserver-debiantools ssh

Creating a virtual server (guest) 

So, now that Linux-Vserver is set up and ready to use, we need to create a guest system. On a Debian system, you may do so using the newvserver command. The syntax of this command is:

newvserver --vsroot /var/lib/vservers/ --hostname <Hostname> \
--domain <Domain> --ip <IP Address>/<CIDR Range> \
--dist etch --mirror <Debian Mirror> --interface <Net Interface>

The command line arguments are:

So, let's make a test server. The settings for our test guest are like so:

Let's go!

# newvserver --vsroot /var/lib/vservers/ --hostname test1 --domain example.com --ip 10.1.1.7/8 --dist etch --mirror http://ftp.au.debian.org/debian/ --interface eth1

This will begin a Debian net install, which will only take a few minutes. Once the packages are all downloaded and installed, the Debian base setup will come up. This will prompt you for your time zone, and also ask for a root password. Once you've completed this, the VServer will be ready to use.

Entering the guest 

OK, so we've set up the guest, now to do anything useful, we need to start the guest, and enter into its context. To do so, we use the 'vserver' command. The basic syntax for it is:

vserver <name> [start | stop | restart | enter]

So, to start and enter the guest we created earlier, type the following:

vserver test1 start; vserver test1 enter

The output will be a bit like:

root@server1:/home/daniel# vserver test1 start; vserver test1 enter
Starting system log daemon: syslogd.
Starting internet superserver: no services enabled, inetd not started.
Starting periodic command scheduler....
test1:/#

We're now 'inside' the virtual server. You can run any command you would normally run. Note that this is a very basic installation, so you should use apt to install whatever you want.

Other Stuff 

This tutorial doesn't cover everything, it's only meant to be a guide on beginning to use Linux-Vserver. The rest is up to your imagination… Have fun!

documented on: 2006-11-21, Daniel15 (Daniel Lo Nigro)

An Even Easier Linux-VServer -Virtual Server - Tutorial 

http://www.cedarcreeksoftware.com/an-even-easier-linux-vserver-tutorial.html

Linux-Vserver is a very interesting tool for setting up a quick virtual host without the pains and expense of some other system like XEN or VMWare. It's more secure and "standalone-ish" than any of the Jail packages I've tried.

I found a fairly good, easy-to-follow article, "Linux-Vserver on Debian Testing (Etch), the easy way " here: http://www.howtoforge.com/linux_vserver_debian_etch

However, that article left out a few small details that are worth jotting down in your notes.

I suggest you read the other article briefly and follow its instructions for installing the VServer kernel and utilities into the host system, then look at the following instructions for some hopefully pain-free steps to setting up a new vserver guest.

First, some modifications to the host system are in order:

The VServer "create" scripts will gather information from the host, including what goes into /etc/resolve.conf for nameservers. If you're running bind on the host system, temporarily comment out the "nameserver 127.0.0.1" lines in resolv.conf before creating a new vserver - or your guest will have some DNS resolution problems at the end of the setup.

Also, sshd on the host system will bind to all addresses, including the ones belonging to the vserver guests (which will cause the guest sshd to fail), so modify the host's /etc/ssh/sshd_config so that it only binds to the host's own IP: ListenAddress 192.168.0.2 (replace 192.168.0.2 with the primary IP of the host system, which should not be shared with any of the guests).

Create your new vserver guest, using the appropriate hostname, domain, IP, netmask and Debian mirror for your situation (run the following commands as root on your host vserver system):

newvserver --vsroot /vservers/ --hostname vsrv1 \
--domain local --ip 192.168.0.140/24 \
--dist etch --mirror http://ftp.us.debian.org/debian/
cd /etc/vservers/vsrv1/interfaces
cp -a 0 1
cd 0
echo lo > dev
echo 127.0.0.1 > ip
cd ..

At this point you should be aware that by default, a new VServer guest is setup with a 16MB /tmp mounted from the hosts's tmpfs. Depending on what you are doing with your VServer guest, 16MB may be enough for you, and having it in RAM is nice. But 16MB is not much tmp space for most folks, so either make it bigger than 16MB, or remove the line from fstab so that /tmp is on-disk like most systems.

You can change this setting by editing the fstab file in the directory you are now in (/etc/vservers/vsrv1/). In my case I just commented out the line mounting the 16MB tmp. Now:

cd
vserver vsrv1 start
vserver vsrv1 enter

Your shell prompt is now inside your new virtual server.

At this point I would run "apt-get update", and install some extra packages. The initial package selection is pretty slim!

apt-get update ; apt-get install emacs21-nox ssh less

Be aware that by default the sources.list in the guest only contains "main" repositories, if you want contrib, non-free, or others, you'll have to configure them.

Edit /etc/ssh/sshd_config, set the ListenAddress directive to the IP you've designated for your guest. Then start sshd:

/etc/init.d/ssh start

To log out of the vserver console, hit Ctrl-D. The guest is still running.

If you want your vserver guest to start at boot time when the host system starts, run the following on the host system:

echo "default" >  /etc/vservers/vsrv1/apps/init/mark

Another helpful hint I found - I did not have this problem, but it's worth noting in case you do:

Q: "If I shut down my vserver guest, the whole Internet interface ethX on the host is shut down. What happened?

A: When you shut down a guest (i.e. vserver foo stop), the IP is brought down on the host also. If this IP happens to be the primary IP of the host, the kernel will not only bring down the primary IP, but also all secondary IP addresses. But in very recent kernels, there is an option set table which prevents that nasty feature. It's called "alias promotion". You may set it via sysctl by adding net.ipv4.conf.all.promote_secondaries=1 in /etc/sysctl.conf or via sysctl command line."

documented on: 2007-11-08, Copyright 2007 Cedar Creek Software