[vserver] RedHat HOW-TOs

[Mark Sutton]

Hi All,   Don't know if this helps, but I've documented my experience with VServer so far in the form of a how-to...  If it helps anyone I've pasted it in below...  I should have these on my site within the next day or so, and there will be more VServer-RedHat how-to docs to come.   Hope it helps someone - especially the VServer newbies out there ;)   Mark.     ============================================================ VServer HOWTO Part 1 - "Set up a bare bones VServer from scratch on a RedHat 7.x System" (V.0.1) ============================================================   Preamble:   VServer is useful for many purposes, but I use it to create Virtual Private Servers (aka VServers, Virtual Dedicated Servers, Virtual Servers yada yada) for web hosting.  To this end, I have attempted to create a VServer environment starting with the absolute bare bones.  This may not be the best way to get VServer up and running on RedHat 7.x, but it seems to have worked well for me so far.   Please note that this installation is based on the precompiled CTX kernel and RPM.   Your mileage might vary, so if you have anything to add to this then please send an email to [EMAIL PROTECTED].   OK, now that's over lets get started.   1) Install 7.x Redhat System as normal - suggest 'Minimal Server Install' - ie no Apache etc etc. If you can do without them it will make your life easier.  What?!? You're installing this on a production server with live customers?  You crazy SoB!   Sorry no more help with the RedHat install here - if you can't get this far then you probably shouldn't be playing with VServer at all ;)   2) Make a few adjustments to your system so VServers can function properly and bind to necessary ports/IPs.  Basically you will need to modify any application that binds to '0.0.0.0' (ie every bound IP) so that it only binds to the main IP of the server.  The following example is for SSHd, and is the bare minimum:   Edit /etc/ssh/sshd_config, uncomment the 'ListenAddress' directive and insert the main server IP, for example 'ListenAddress 192.168.1.2'   Restart SSHd: # service sshd restart   Do the same for any other services binding to '0.0.0.0'.   3) Download/Install VServer Kernel and Userland Tools   Download the kernel and userland tools   # wget ftp.solucorp.qc.ca/pub/vserver/kernel-2.4.19ctx-15.tar.gz # wget ftp.solucorp.qc.ca/pub/vserver/vserver-0.21-1.i386.rpm   Next, as root, install the kernel: # cd / # tar zxvf kernel-2.4.19ctx-15.tar.gz # mkinitrd /boot/initrd-2.4.19ctx-15.img 2.4.19ctx-15   Next, add something like the following to /etc/grub.conf    title Red Hat Linux (2.4.19ctx-15)          root (hd0,0)          kernel /vmlinuz-2.4.19ctx-15 ro root=/dev/sda5          initrd /initrd-2.4.19ctx-15.img   ...And reboot into the new kernel...  If all goes well you should get something like the following from 'uname -a':    Linux host.domain.com 2.4.19ctx-15 #40 Sat Dec 7 01:25:53 EST 2002 i686 unknown   Finally, install the userland tools:   # rpm -ivh vserver-0.21-1.i386.rpm   Now you should be ready to create your first VServer.   4) Get ready to install your first VServer   NOTE: OK, make sure you read this before going any further...  The main VServer documentation suggests to get started by creating a VServer based on the main server installation (ie newvserver).  Whilst this might work it is probably not the best way to go since 1GB+ per VServer is not exactly elegant, and X is rarely of any use for webhosting ;)  My way is to gather the bare bones RPMs for the VServer...  For this you will need to gather the following RPMs in a directory on your system (I put them in /home/software/vserver, but you can put them anywhere you have enough space).  After this point you can use the newvserver script to create new VServers in a more elegant way ;)   NOTE 2:  These packages are taken from the RedHat 7.3 ISO's, so don't include any errata/updates supplied by RedHat.  Therefore VSERVERS CREATED FROM THIS PACKAGE LIST MAY NOT BE VERY SECURE (did I say that loud enough?).  You have been warned.  As a further note, it is possible to run the RedHat up2date service within a VServer, so there is an easy way to bring everything up to the latest versions - the subject of another HOW-TO...   === Package list for a basic VServer ===   audiofile-0.2.3-1.i386.rpm basesystem-7.0-2.noarch.rpm bash-2.05a-13.i386.rpm bdflush-1.5-17.i386.rpm bind-utils-9.2.0-8.i386.rpm binutils-2.11.93.0.2-11.i386.rpm bzip2-1.0.2-2.i386.rpm bzip2-devel-1.0.2-2.i386.rpm bzip2-libs-1.0.2-2.i386.rpm chkconfig-1.3.5-3.i386.rpm chkfontpath-1.9.5-2.i386.rpm console-tools-19990829-40.i386.rpm cracklib-2.7-15.i386.rpm cracklib-dicts-2.7-15.i386.rpm crontabs-1.10-1.noarch.rpm curl-7.9.5-2.i386.rpm cyrus-sasl-1.5.24-25.i386.rpm cyrus-sasl-md5-1.5.24-25.i386.rpm cyrus-sasl-plain-1.5.24-25.i386.rpm dateconfig-0.7.5-5.i386.rpm db1-1.85-8.i386.rpm db1-devel-1.85-8.i386.rpm db2-2.4.14-10.i386.rpm db2-devel-2.4.14-10.i386.rpm db3-3.3.11-6.i386.rpm db3-devel-3.3.11-6.i386.rpm db3-utils-3.3.11-6.i386.rpm dev-3.3-4.i386.rpm diffutils-2.7.2-5.i386.rpm e2fsprogs-1.27-3.i386.rpm elinks-0.3.0-1.i386.rpm esound-0.2.24-1.i386.rpm expat-1.95.2-2.i386.rpm file-3.37-5.i386.rpm filesystem-2.1.6-2.noarch.rpm fileutils-4.1-10.i386.rpm findutils-4.1.7-4.i386.rpm freetype-2.0.9-2.i386.rpm gawk-3.1.0-4.i386.rpm gd-1.8.4-4.i386.rpm gdbm-1.8.0-14.i386.rpm gdbm-devel-1.8.0-14.i386.rpm gdk-pixbuf-0.14.0-8.i386.rpm glib-1.2.10-5.i386.rpm glib2-2.0.1-2.i386.rpm glibc-2.2.5-34.i386.rpm glibc-common-2.2.5-34.i386.rpm gmp-4.0.1-3.i386.rpm gnome-libs-1.4.1.2.90-14.i386.rpm gnupg-1.0.6-5.i386.rpm gpm-1.19.3-21.i386.rpm grep-2.5.1-1.i386.rpm groff-1.17.2-12.i386.rpm gtk+-1.2.10-15.i386.rpm gzip-1.3.3-1.i386.rpm imlib-1.9.13-3.7.x.i386.rpm info-4.1-1.i386.rpm initscripts-6.67-1.i386.rpm iproute-2.4.7-1.i386.rpm iputils-20020124-3.i386.rpm krb5-devel-1.2.4-1.i386.rpm krb5-libs-1.2.4-1.i386.rpm less-358-24.i386.rpm libcap-1.10-8.i386.rpm libjpeg6a-6a-8.i386.rpm libjpeg-6b-19.i386.rpm libpng-1.0.12-2.i386.rpm libstdc++-2.96-110.i386.rpm libtermcap-2.0.8-28.i386.rpm libtermcap-devel-2.0.8-28.i386.rpm libtiff-3.5.7-2.i386.rpm libtool-libs-1.4.2-7.i386.rpm libungif-4.1.0-10.i386.rpm libuser-0.50.2-1.i386.rpm libxml10-1.0.0-8.i386.rpm libxml-1.8.17-3.i386.rpm libxml2-2.4.19-4.i386.rpm libxml2-python-2.4.19-4.i386.rpm logrotate-3.6.4-1.i386.rpm losetup-2.11n-12.i386.rpm m4-1.4.1-7.i386.rpm mailcap-2.1.9-2.noarch.rpm man-1.5j-6.i386.rpm mingetty-1.00-1.i386.rpm mkinitrd-3.3.10-1.i386.rpm mktemp-1.5-14.i386.rpm mm-1.1.3-4.i386.rpm modutils-2.4.14-3.i386.rpm mount-2.11n-12.i386.rpm ncurses-5.2-26.i386.rpm net-tools-1.60-4.i386.rpm newt-0.50.35-1.i386.rpm ntp-4.1.1-1.i386.rpm openldap-2.0.23-4.i386.rpm openssh-3.1p1-3.i386.rpm openssh-askpass-3.1p1-3.i386.rpm openssh-askpass-gnome-3.1p1-3.i386.rpm openssh-clients-3.1p1-3.i386.rpm openssh-server-3.1p1-3.i386.rpm openssl095a-0.9.5a-11.i386.rpm openssl096-0.9.6-6.i386.rpm openssl-0.9.6b-18.i386.rpm openssl-devel-0.9.6b-18.i386.rpm openssl-perl-0.9.6b-18.i386.rpm ORBit-0.5.13-3.i386.rpm pam-0.75-32.i386.rpm passwd-0.67-1.i386.rpm pcre-3.9-2.i386.rpm pcre-devel-3.9-2.i386.rpm perl-5.6.1-34.99.6.i386.rpm perl-Archive-Tar-0.22-15.noarch.rpm perl-Bit-Vector-6.1-12.i386.rpm perl-BSD-Resource-1.14-11.i386.rpm perl-CGI-2.752-34.99.6.i386.rpm perl-CPAN-1.59_54-34.99.6.i386.rpm perl-Crypt-SSLeay-0.35-15.i386.rpm perl-Date-Calc-5.0-15.i386.rpm perl-DateManip-5.40-15.i386.rpm perl-DB_File-1.75-34.99.6.i386.rpm perl-DBI-1.21-1.i386.rpm perl-Devel-Symdump-2.01-15.i386.rpm perl-Digest-MD5-2.16-15.i386.rpm perl-File-MMagic-1.13-14.i386.rpm perl-Frontier-RPC-0.06-14.i386.rpm perl-HTML-Parser-3.26-2.i386.rpm perl-HTML-Tagset-3.03-14.i386.rpm perl-libnet-1.0901-17.i386.rpm perl-libwww-perl-5.63-9.i386.rpm perl-libxml-enno-1.02-15.i386.rpm perl-libxml-perl-0.07-14.noarch.rpm perl-MIME-Base64-2.12-14.i386.rpm perl-NDBM_File-1.75-34.99.6.i386.rpm perl-NKF-1.71-2.i386.rpm perl-Parse-Yapp-1.05-15.i386.rpm perl-Storable-1.0.14-15.i386.rpm perl-suidperl-5.6.1-34.99.6.i386.rpm perl-TermReadKey-2.17-14.i386.rpm perl-TimeDate-1.10-14.i386.rpm perl-Time-HiRes-1.20-14.i386.rpm perl-URI-1.17-16.i386.rpm perl-XML-Dumper-0.4-12.noarch.rpm perl-XML-Encoding-1.01-9.noarch.rpm perl-XML-Grove-0.46alpha-11.noarch.rpm perl-XML-Parser-2.30-15.i386.rpm perl-XML-Twig-2.02-9.noarch.rpm popt-1.6.4-7x.18.i386.rpm procinfo-18-2.i386.rpm procps-2.0.7-12.i386.rpm psmisc-20.2-2.i386.rpm pspell-0.12.2-8.i386.rpm pwdb-0.61.2-2.i386.rpm pygnome-1.4.2-3.i386.rpm pygtk-0.6.9-3.i386.rpm python-1.5.2-38.i386.rpm python-clap-1.0.0-3.noarch.rpm python-popt-0.8.8-7.x.2.i386.rpm python-xmlrpc-1.5.1-7.x.3.i386.rpm readline-4.2a-4.i386.rpm redhat-release-7.3-1.noarch.rpm rpm-4.0.4-7x.18.i386.rpm rpm-python-4.0.4-7x.18.i386.rpm sed-3.02-11.i386.rpm setup-2.5.12-1.noarch.rpm shadow-utils-20000902-7.i386.rpm sh-utils-2.0.11-14.i386.rpm slang-1.4.5-2.i386.rpm sysklogd-1.4.1-8.i386.rpm SysVinit-2.84-2.i386.rpm tar-1.13.25-4.i386.rpm tcl-8.3.3-67.i386.rpm termcap-11.0.1-10.noarch.rpm textutils-2.0.21-1.i386.rpm ttfonts-1.0-9.noarch.rpm unixODBC-2.2.0-5.i386.rpm unzip-5.50-2.i386.rpm usermode-1.53-2.i386.rpm utempter-0.5.2-6.i386.rpm util-linux-2.11n-12.i386.rpm VFlib2-2.25.6-4.i386.rpm vim-common-6.1-2.i386.rpm vim-minimal-6.1-2.i386.rpm vixie-cron-3.0.1-64.i386.rpm which-2.13-3.i386.rpm words-2-18.noarch.rpm XFree86-font-utils-4.2.0-8.i386.rpm XFree86-libs-4.2.0-8.i386.rpm XFree86-xfs-4.2.0-8.i386.rpm zip-2.3-12.i386.rpm zlib-1.1.3-25.7.i386.rpm   5) OK, let's go build a VServer:   Create /etc/vservers/<vservername>.conf with something like the following contents:    IPROOTDEV="eth0"  IPROOT="192.168.1.100"  ONBOOT="no"  S_DOMAINNAME="none"  S_HOSTNAME="host.domain.com"  S_FLAGS=fakeinit   Next, create a directory to hold your VServers:   # mkdir /vservers # mkdir /vservers/<vservername>   Now you are ready to build your VServer:   NOTE:  For the VServer build to work you need to put an empty RPM database into the VServer environment so that everything drops nicely into place.  You only need to make this empty RPM database once, then you can use it again and again...  You can create an empty RPM database as follows:   # mkdir /root/rpmdb # cd /root/rpmdb # cp -a /var/lib/rpm .   Then create a shellscript called mkemptyrpmdb.sh with the following contents:    #!/bin/bash  RPMS=`rpm -qa --root=/root/rpmdb`  for rpms in $RPMS; do  rpm -e --justdb --root=/root/rpmdb $rpms  done   ...And execute the shell script...   # chmod 755 mkemptyrpmdb.sh # ./mkemptyrpmdb.sh   Next, create a var/tmp directory as well (this helps when you come to build the VServer):   # cd /root/rpmdb # Just to be sure ;) # mkdir var/tmp   Next, tar up a copy of the var directory for subsequent use...   # tar cvfz rpmdb.tar.gz var/*   ...And on with the VServer build...   # cd /vservers/<vservername> # tar zxvf rpmdb.tar.gz   Now you can go for it and build the VServer environment:   # rpm -ivh --root=/vservers/<vservername> /home/software/vserver/*.rpm   Now that the VServer has been built you need to do a few more tasks to make everything work properly:   # echo none /proc proc defaults 0 0 > /vservers/<vservername>/etc/fstab # echo <IP> <host.domain.com> localhost.localdomain > /vservers/<vservername>/etc/hosts   Next, create an /etc/sysconfig/network file in the <vservername> directory and add the following to it:    NETWORKING=yes  HOSTNAME=<host.domain.com>   Next, give the VServer some nameserver addresses to resolve DNS - add the following to /vservers/<vservername>/etc/resolv.conf:    nameserver www.xxx.yyy.zzz  nameserver www.xxx.yyy.zzz   Next you'll need to turn off the network service in the VServer and move the rc.sysinit file out of the way so everything boots up nicely:   # vserver <vservername> enter # chkconfig --levels 2345 network off # mv /etc/rc.sysinit /etc/rc.sysinit.backup # exit   And there it is, you should have a working VServer ready to boot!   6) Fire up your VServer:   # vserver <vservername> start   Afterword:   As I said at the beginning, this is a bare bones VServer and is only useful for the exercise...   In my next HOW-TO I will turn this bare bones VServer into a pretty functional system with Apache/Sendmail/Perl/PHP/MySQL etc.   ============================================================= VServer HOWTO Part 2 - "Moving From a Bare Bones VServer to a Fully Functional VServer for Web Hosting" (V.0.1) =============================================================   Preamble:   So you've got a bare bones VServer up and running, and now you want to make it useful.  You should have followed Part 1 of this guide to have all the prerequisite software in place before going any further.   1) Gather all the software you need   To make your life easier, create the following directories containing the listed rpms:   sendmail  procmail-3.22-5.i386.rpm  sendmail-8.11.6-15.i386.rpm  sendmail-cf-8.11.6-15.i386.rpm  sendmail-devel-8.11.6-15.i386.rpm  sendmail-doc-8.11.6-15.i386.rpm   apachephp  apache-1.3.23-11.i386.rpm  php-4.1.2-7.i386.rpm  php-devel-4.1.2-7.i386.rpm  php-imap-4.1.2-7.i386.rpm  php-ldap-4.1.2-7.i386.rpm  php-odbc-4.1.2-7.i386.rpm   mysql  mysql-3.23.49-3.i386.rpm  mysqlclient9-3.23.22-6.i386.rpm  mysql-devel-3.23.49-3.i386.rpm  mysql-server-3.23.49-3.i386.rpm  perl-DBD-MySQL-1.2219-6.i386.rpm  php-mysql-4.1.2-7.i386.rpm   postgresql  perl-DBD-Pg-1.01-8.i386.rpm  php-pgsql-4.1.2-7.i386.rpm  postgresql-7.2.1-5.i386.rpm  postgresql-devel-7.2.1-5.i386.rpm  postgresql-libs-7.2.1-5.i386.rpm  postgresql-server-7.2.1-5.i386.rpm   gcc  cpp-2.96-110.i386.rpm  gcc-2.96-110.i386.rpm  gcc-c++-2.96-110.i386.rpm  gcc-chill-2.96-110.i386.rpm  gcc-g77-2.96-110.i386.rpm  gcc-java-2.96-110.i386.rpm  gcc-objc-2.9cd ../6-110.i386.rpm  glibc-devel-2.2.5-34.i386.rpm  glibc-kernheaders-2.4-7.14.i386.rpm  libgcj-2.96-29.i386.rpm  libgcj-devel-2.96-29.i386.rpm  libstdc++-devel-2.96-110.i386.rpm  make-3.79.1-8.i386.rpm   up2date  rhn_register-2.7.21-7.x.3.i386.rpm  up2date-2.7.86-7.x.3.i386.rpm   2) Install the software you need   Change into each directory respectively (note that it is usually unnecessary to install MySQL and PostgreSQL in the same VServer) and issue the following command:   # rpm -ivh --root=/vserver/<vservername> *.rpm   And that's it!  How easy is that?   3) Do some post-install stuff within the VServer   # vserver <vservername> enter   If you installed the apachephp RPMs you'll need to enable the httpd service using chkconfig and start the service manually:   # chkconfig --levels 345 httpd on # service httpd start   If you installed the mysql RPMs you'll need to initialise the database and start MySQL:   # mysql_install_db # chkconfig --levels 345 mysqld on # service mysqld start   If you installed the postgresql RPMs you'll need to initialise the database and start PostgreSQL:   # initialise postgreSQL # do chkconfig # start postgreSQL   If you installed the up2date RPMs you'll need to register your VServer with RedHat Network and fire off up2date:   # rhn_register # up2date -u   And that's it...   Afterword:   You can use this method to modularise the installation of pretty much any software within the VServer environment.  All you need to do is work out which packages are required, put them in a directory of their own and run the rpm command as above.   Some applications might need some post-install configuration before they work fully, but this has nothing at all to do with VServer.   In my next HOW-TO I will detail how you can run a centralised up2date system that automatically updates all of your VServers on a cron job.  Keep your eyes peeled ;)