Gentoo Logo

Gentoo Linux-VServer Howto

Content:

1.  Introduction

The Linux-VServer Concept

The basic concept of the Linux-VServer solution is to separate the user-space environment into distinct units (sometimes called Virtual Private Servers) in such a way that each VPS looks and feels like a real server to the processes contained within.

Terms used in this Howto

Term Description
Linux-VServer, VServer Linux-VServer is the official name of the project and used in this Howto the same way
virtual server, vserver, guest system All these are interchangable and refer to one instance of a server (i.e. one virtual server)
host system, host The physical machine running your Gentoo Linux will host all virtual servers
util-vserver The util-vserver package contains all programs necessary for maintaining your virtual servers

2.  Host configuration

Install a VServer kernel

Code Listing 2.1: Install vserver-sources

# emerge vserver-sources

After the vserver-sources are installed it's time to configure them using make menuconfig.. Below is a common configuration for 2.1.1 and above. If you are using 2.0.x some configuration options may not be present.

Code Listing 2.2: Configure vserver-sources

# cd /usr/src/linux-<KERNELVERSION>-vserver-<VSERVERVERSION>
# make menuconfig

Linux VServer --->
(Do not enable the legacy options)
  [ ] Enable Legacy Kernel API
  [ ] Enable Legacy Networking Kernel API
(Read help text)
  [ ] Remap Source IP Address
  [*] Enable COW Immutable Link Breaking
  [ ] Enable Virtualized Guest Time
  [*] Enable Proc Security
  [*] Enable Hard CPU Limits
  [*]   Avoid idle CPUs by skipping Time
  [*]   Limit the IDLE task
      Persistent Inode Tagging (UID24/GID24)  --->
  [ ] Tag NFSD User Auth and Files
  [*] Enable Inode Tag Propagation
  [*] Honor Privacy Aspects of Guests
  [ ] VServer Debugging Code

Note: If you are using reiserfs as filesystem on the partition where guest images are stored, you will need to enable extended attributes for reiserfs in your kernel config and additionally add the attrs option in /etc/fstab.

Code Listing 2.3: Configure reiserfs options

File systems  --->
  <*> Reiserfs support
  [*]   ReiserFS extended attributes

Code Listing 2.4: Example fstab with extended attributes

/dev/hdb1 /vservers reiserfs noatime,attrs 0 0

After you've built and installed the kernel, update your boot loader and finally reboot to see if the kernel boots correctly.

Code Listing 2.5: Install the kernel

(Building the kernel)
# make
(Installing)
# make modules_install
# cp arch/<arch>/boot/bzImage /boot/kernel-<KERNELVERSION>-vserver-<VSERVERVERSION>
(Edit bootloader config file as required and)
# reboot

Setup host environment

To maintain your virtual servers you need the util-vserver package which contains all necessary programs and many useful features.

Code Listing 2.6: Install util-vserver

# emerge >=sys-cluster/util-vserver-0.30.212

You have to run the vprocunhide command after every reboot in order to setup /proc permissions correctly for vserver guests. Two init scripts have been installed by util-vserver which run the vprocunhide command for you and take care of virtual servers during shutdown of the host.

Code Listing 2.7: util-vserver init scripts

# rc-update add vprocunhide default
# /etc/init.d/vprocunhide start
# rc-update add util-vserver default
# /etc/init.d/util-vserver start

3.  Guest creation

Download a precompiled stage3/4

Since many hardware related commands are not available inside a virtual server, there has been a patched version of baselayout known as baselayout-vserver. However, since baselayout-1.13.0_alpha12, all required changes have been integrated into normal baselayout, eliminating the need for seperate vserver stages, profiles and baselayout. The only (temporary) drawback is that baselayout-1.13 is still considered to be in alpha stage and there are no stages with baselayout-1.13 available on the mirrors yet.

As soon as baselayout-1.13 is stable you can use a precompiled stage3/4 from one of our mirrors. In the meantime please download a stage3/4 from here. Since a stage3/4 contains a complete root filesystem you can use the template build method of util-vserver. However, this method is only works reliable since util-vserver-0.30.213_rc5, so make sure you have the right version installed.

You have to choose a context ID for your vserver (dynamic context IDs are discouraged) as well as the necessary network device information (In this example eth0 is configured with 192.168.1.253/24 and the context ID is equivalent to the last two parts of the virtual servers IP).

Note: The context ID should be 1 < ID < 49152.

Using the template build method

For a long time now, plain init style was the only init style available for gentoo, i.e. a normal init process will be started inside the guest, just like on any common Unix system. However this approach has some drawbacks:

  • No possibility to see output of init/rc scripts
  • Wasted resources for idle init processes in each guest
  • Annoying conflicts for /etc/inittab

Therefore, many users have requested to reimplement the gentoo init style, which has been abandonned since it was a very hacky implementation and more or less worked by accident due to other modifications done to baselayout back then. However, as of util-vserver-0.30.212 the gentoo init style has been reimplemented in a concise manner and will get the default in the future.

Note: If there is not a good reason for using an extra init process for each guest or if you don't know what to do here, you should stick with gentoo init style.

Code Listing 3.1: Start stage3 installation

# vserver myguest build \
  --context 1253 \
  --hostname gentoo \
  --interface eth0:192.168.1.253/24 \
  --initstyle gentoo \ (replace if needed)
  -m template -- \
    -d gentoo \
    -t /path/to/stage4-<arch>-<version>.tar.bz2

Note: To reflect your network settings you should change /etc/conf.d/hostname, /etc/conf.d/domainname and /etc/hosts inside the guest to your needs. See chapter 8.b.1 and chapter 8.b.4. The rest of your virtual servers network setup will be done on the host.

You should now be able to start and enter the vserver by using the commands below.

Code Listing 3.2: Test the virtual server

# vserver myguest start


Gentoo/Linux 1.13.0_alpha12; http://www.gentoo.org/
 Copyright 1999-2007 Gentoo Foundation; Distributed under the GPLv2

Press I to enter interactive boot mode

 * Using existing device nodes in /dev                    [ ok ]
 * root filesystem is mounted read-write - skipping
 * Checking all filesystems                               [ ok ]
 * Mounting local filesystems                             [ ok ]
 * Activating (possible) swap                             [ ok ]
 * Setting hostname to myguest                            [ ok ]
 * Updating environment                                   [ ok ]
 * Cleaning /var/lock, /var/run                           [ ok ]
 * Cleaning /tmp directory                                [ ok ]
 * Initializing random number generator                   [ ok ]
 * Setting system clock using the hardware clock [VPS]    [ ok ]
 * Starting syslog-ng                                     [ ok ]
 * Starting vixie-cron                                    [ ok ]
 * Starting local                                         [ ok ]
# vserver-stat
CTX   PROC    VSZ    RSS  userTIME   sysTIME    UPTIME NAME
0       90   1.4G 153.4K  14m00s11   6m45s17   2h59m59 root server
1252     2     3M   286    0m00s45   0m00s42   0m02s91 myguest
# vserver myguest enter
# ps ax
PID   TTY      STAT   TIME COMMAND
    1 ?        S      0:00 init [3]
22887 ?        Ss     0:00 /usr/sbin/syslog-ng
20496 pts/0    S      0:00 /bin/bash -login
20508 pts/0    R+     0:00 ps ax
# logout

4.  Maintenance made easy

Start guests on boot

You can start certain guests during boot. Each guest can be assigned a MARK. Now everything you have to do is configure these MARKs in the guests configuration and add the approriate init scripts to the default runlevel.

Code Listing 4.1: Configure MARKs for each guest

(Do this for every guest you want to start)
# mkdir -p /etc/vservers/myguest/apps/init
# echo "default" > /etc/vservers/myguest/apps/init/mark

Code Listing 4.2: Add init script to the default runlevel

# rc-update add vservers.default default

Keep portage in sync

The script vesync will help you to keep the metadata cache and overlays in sync. vemerge is a simple wrapper for emerge in guests.

Code Listing 4.3: Examples

(Sync metadata for 'myguest')
# vesync myguest
(Sync metadata for all guests)
# vesync --all
(Sync 'myoverlay' for all guests)
# vesync --all \
  --overlay /usr/local/overlays/myoverlay \
  --overlay-host rsync://rsync.myhost.com/myoverlay \
  --overlay-only
(emerge app-editors/vim in 'myguest')
# vemerge myguest -- app-editors/vim -va

Update guests

Gentoo guests can share packages to save compilation time. In order to use shared packages, you have to create a central directory for packages on the host. We will use /var/cache/vpackages on the host and mount it to /usr/portage/packages in every guest.

Code Listing 4.4: Add bind mount to guest configuration

# mkdir -p /var/cache/vpackages
# $EDITOR /etc/vservers/myguest/fstab
(Add this line at the end)
/var/cache/vpackages /usr/portage/packages none bind,rw 0 0

Now you can use vupdateworld to update every guest. The command is equivalent to something like emerge --deep --update --newuse world depending on command line options.

Code Listing 4.5: vupdateworld examples

(Pretend update for 'myguest')
# vupdateworld myguest -- -vp
(Update 'myguest' using binary packages)
# vupdateworld myguest -- -k
(Update all guests using binary packages)
# vupdateworld --all -- -k

Note: In order to get binary packages you can either use PORTAGE_BINHOST (see man make.conf) or set FEATURES="buildpkg" in one or more guests.

After a successful update you can easily update all configuration files with vdispatch-conf. It is a simple wrapper for dispatch-conf and behaves exactly the same.

Code Listing 4.6: vdispatch-conf examples

(Update configuration files for 'myguest')
# vdispatch-conf myguest
(Update configuration files for all guests)
# vdispatch-conf --all

Contact

Please feel free to contact the author or file a bug on Bugzilla in case of any problems.


The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.


Print

Updated March 26, 2007

Summary: In this Howto you will learn to setup a basic virtual server using the Linux-VServer Technology

Benedikt Boehm
Author

Shyam Mani
Editor

Donate to support our development efforts.

Support OSL

Support OSL

Gentoo Centric Hosting: vr.org

VR Hosted

Tek Alchemy

Tek Alchemy

SevenL.net

SevenL.net

Global Netoptex Inc.

Global Netoptex Inc.

Linux World Expo

Linux World Expo
Copyright 2001-2008 Gentoo Foundation, Inc. Questions, Comments? Contact us.