Re: [Vserver] Cloning/Copying ... again!

From: Roderick A. Anderson <raanders_at_acm.org>
Date: Fri 23 Jun 2006 - 21:36:51 BST
Message-ID: <449C50E3.5040308@acm.org>

Herbert Poetzl wrote:
> On Fri, Jun 23, 2006 at 08:53:15AM -0700, Roderick A. Anderson wrote:
>
>>I'm trying to make copies of a Vserver guest. These will all be on
>>the same system.
>>
>>So far I have:
>>
>>Started with a FC5 Linux-Vserver install ( per
>>http://linux-vserver.org/VServer+installation+Fedora+Core+5. ) The
>>system was already running a stock FC5 install with some updates.
>>
>>I followed that with:
>>
>>[root@johann ~]# vserver $REF build -m yum \
>>--context $LO \
>>--hostname=$REF.$DOMAIN \
>>--interface site0=eth0:192.168.112.$LO/25 \
>>--initstyle sysv \
>>-- -d fc5
>>
>>Then a few packages to make the system usable plus a few to make it a
>>onetime vyum run for individual packages.
>>
>>[root@johann ~]# vyum $REF -- -y install \
>>rootfiles passwd ntsysv system-config-date vixie-cron \
>>crontabs vim-minimal openssh* which less \
>>make gzip tar wget gpg unzip bzip2 \
>>elinks perl-DBD-Pg
>>
>>Since most of the guests will be running web sites/applications.
>>
>>[root@johann ~]# vyum $REF -- -y groupinstall "Web Server"
>>
>>And we're always having to add in packages ( mostly from CPAN ) that
>>require a compile.
>>
>>[root@johann ~]# vyum $REF -- -y groupinstall "Development Tools"
>>
>>Now a little house keeping.
>>
>>[root@johann ~]# echo -e \
>>"nameserver 192.168.112.7\nnameserver 192.168.112.11\n" > \
>>/vservers/$REF/etc/resolv.conf
>>
>>vserver $REF start
>>
>>vserver $REF exec pwconv
>>vserver $REF exec pwck
>>vserver $REF exec passwd root
>>
>>---===+++***+++===---
>>
>>Now I'm ready to make several "clones" of this system that will then
>>be "enhanced".
>>
>>After much reading, searching, cursing, and drinking I'm still lost as
>>to what is the best route to do this. I think it is:
>>
>>vserver $NEW build -m skelton \
>> --context $NEWLO \
>> --hostname=$NEW.$DOMAIN \
>> --interface site1=eth0:192.168.112.$NEWLO/25 \
>>
>>Followed by some other stuff to wipe the /var/vservers/$NEW/* stuff and
>>copy the /var/vservers/$REF to /var/vservers/$NEW.
>
>
> yep, that sounds good, the following things should
> be considered though:
>
> - the 'copy' process must not change the uid/gids
> (i.e. --numeric for rsync, -a for cp, dump/restore)

( Type slowly please I'm a little thick sometimes. :-)

So should I use cp -a ( or not )?

> - if you use xid tagging, each guest should get its
> own tagging (which you have to apply after the copy)
> - when using unification, make sure that the flags
> and xid tags are correct

I once upon a time learned a little about xids. Where should I look for
some newbie background information?

> - make sure that the 'template' is secure and does not
> bring e.g. insecure device nodes into the guest

Hopefully it was created that way. I have no plans at this time to do
more than pretty basic stuff. The toughest thing I've encountered is
getting Catalyst ( with all its dependencies ) installed.

There will be a need to do some NFS mounts -- from the main host -- and
make parts of them available in the guests but I have a couple of ideas
of how to accomplish that.

>>Since we're retro-fitting this "running/working/testing" system to be
>>a Linux-Vserver I hesitate to try commands that might bring it to a
>>screaming halt.
>>
>>Is this a good route or are there other methods that will be
>>fast/safer/whatever?
>
>
> I was hoping that util-vserver would provide that by
> now, but as far as I know, it still doesn't ...

Me too. I realize most ( if not all ) of the Linux-Vserver developers
have 'day' jobs and do this as time allows. Hopefully the solutions to
my needs will be useful to the whole community.

Rod

-- 
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Fri Jun 23 21:40:33 2006
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 23 Jun 2006 - 21:40:41 BST by hypermail 2.1.8