Debian vserver [REPORT]

supervision - discussion about system services, daemon supervision, init, runlevel management, and tools such as s6 and runit
 help / color / mirror / Atom feed

From: Gilles <gilles@harfang.homelinux.org>
Subject: Debian vserver [REPORT]
Date: Mon, 9 May 2005 15:27:09 +0200	[thread overview]
Message-ID: <20050509132709.GC31001@harfang.homelinux.org> (raw)

[-- Attachment #1: Type: text/plain, Size: 1486 bytes --]

Hello.

I've successfully installed the "runit" and "runit-run"
packages in the vserver environment.

[I've attached the step-by-step procedure I've followed,
aiming at a "fairly" minimal vserver; nothing fancy, just
to help me remember :-)]

Host config:
 (vanilla) kernel: version 2.6.11.7
 vserver patch:
   http://vserver.13thfloor.at/Experimental/patch-2.6.11.7-vs2.0-pre3.diff
 "util-vserver" deb package: version 0.30.207-5

I should nevertheless point out the following minor
problems:

1. The executable bit (+x) is not set for stages "1", "2"
   and "3", resulting in a failure to start. Fixed by
   # chmod a+x /etc/runit/[123]
2. Hardware-related one-time system tasks (in stage "1")
   should be disabled in a vserver, hence commenting out
   the line "/etc/init.d/rcS"
3. The "getty" services shouldn't be enabled (doesn't harm
   but useless, I think), hence:
   # rm /var/service/getty*
4. Hardware-related shutdown tasks (in stage "3") should be
   disabled, hence commenting out "/etc/init.d/rc $LAST"

So finally restarting the vserver:
[Inside the vserver]

# ps ax
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:00 runit
20083 ?        Ss     0:00 runsvdir -P /var/service log: .......
20085 ?        Ss     0:00 runsv sshd
20086 ?        S      0:00 svlogd /var/log/service/sshd
20096 ?        S      0:00 sshd -D -e
20108 ?        Ss     0:00 sshd: root@pts/11
20112 pts/11   Ss     0:00 -bash
31623 pts/11   R+     0:00 ps ax

Best regards,
Gilles

[-- Attachment #2: vs_runit.txt --]
[-- Type: text/plain, Size: 2262 bytes --]

-----------------------------------------------
Step-by-step install of a "runit"-based vserver
-----------------------------------------------

(1)
[On the host]

Create the vserver

# vserver phony build -m debootstrap \
   --hostname phony.harfang.homelinux.org \
   --netdev dummy0 --interface 192.168.83.100/24 \
   --context 100 --initstyle plain -- -d sarge -- --include=less,ssh

Start and enter the vserver

# vserver phony start
# vserver phony enter

(2)
[Inside "phony"]

Start the ssh daemon and set the root password

# /etc/init.d/ssh start
# passwd

(3)
In "/etc/inittab", comment out the lines invoking "getty":
# nano /etc/inittab

(4)
# exit

(5)
[On the host]

Update "/etc/hosts"
  192.168.83.100  phony.harfang.homelinux.org     phony

Copy "/etc/apt/sources.list" over to the vserver directory
# cp /etc/apt/sources.list /var/lib/vservers/phony/etc/apt

(6)
# ssh root@phony

[Inside "phony"]

(7)
Update the packages list and remove useless packages

# apt-get update
# REMOVE_PACKAGES="
    pciutils fdutils
    makedev base-config klogd sysklogd
    logrotate cron at
    ppp pppconfig pppoe pppoeconf
    console-common console-data console-tools
    telnet netkit-inetd netbase tcpd ifupdown wget ipchains dhcp-client
    exim4 exim4-base exim4-config exim4-daemon-light
    cpio nvi
  "
# apt-get --purge remove $REMOVE_PACKAGES

(8)
Install runit and set up ssh as a supervised service

# apt-get install runit

Setting up ssh:

 1. File "/etc/runit/sshd/run"
  #!/bin/sh

  exec 2>&1
  exec sshd -D -e

 2. File "/etc/runit/sshd/log/run":
  #!/bin/sh

  exec svlogd /var/log/service/sshd

 3. Logging directory:
# mkdir /var/log/service/sshd

 4. Start the service
# ln -s /etc/runit/sshd /var/service

 5. Stop the daemon started through SysV scheme:
# /etc/init.d/ssh stop

Replace "/sbin/init"
# apt-get install runit-run

Notes:
1. Executable bit (+x) not set for stages "1", "2" and "3".
   # chmod a+x /etc/runit/[123]
2. Hardware-related one-time system tasks (in stage "1") should be disabled.
   Comment out the line "/etc/init.d/rcS"
3. "getty" services shouldn't be enabled
   # rm /var/service/getty*
4. Hardware-related shutdown tasks (in stage "3") should be disabled.
   Comment out the line "/etc/init.d/rc $LAST"

next             reply	other threads:[~2005-05-09 13:27 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-09 13:27 Gilles [this message]
2005-05-10 13:29 ` Gilles
2005-05-15 10:46   ` Gerrit Pape

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050509132709.GC31001@harfang.homelinux.org \
    --to=gilles@harfang.homelinux.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).