Linux-VServer - User contributions [en]

Fuse GlusterFS

2008-05-20T02:06:09Z

Edwardcapriolo:

GlusterFS is a userspace filesystem which can create network mirrors/stripes etc. While I have not fully investigated all the functionality of GlusterFS, this article will get you started fast and fill in the blanks. Doing this process taught me a little something about Linux VServer and its kernel interactions as well. This process is very short in terms of compile but the steps were spread out all over the place.

References <br>
[http://www.gluster.org/docs/index.php/Install_and_run_GlusterFS_v1.3_in_10mins GlusterFS 10 minute Setup Doc]
[http://wiki.openvz.org/FUSE | Fuse on OpenVZ]
[http://www.paul.sladen.org/vserver/archives/200705/0084.html | Fuse in VServer]

===ServerSystem===
<pre>
i686 server
CentOS 5
Kernel 2.6.22.19-vs2.3.0.34.1
internal IP 10.10.10.1
+Nat
</pre>

===Guest1===
<pre>
test01 10.10.10.2 pkgmgmt internalize
test02 10.10.10.3 pkgmgmt internalize
</pre>

===Stated Goal===
Serve a gluster filesystem from test01 to test02

===Fuse Patched===
on server first you need the kernel source matching your kernel
<pre>
yum install kernel-devel
</pre>

<pre>
mkdir /usr/local/src/fuse
cd /usr/local/src/fuse
wget http://ftp.zresearch.com/pub/gluster/glusterfs/fuse/fuse-2.7.3glfs10.tar.gz
rpmbuild -ta fuse-2.7.2glfs9.tar.gz
rpm -Uvh /usr/src/redhat/RPMS/$(uname -m)/fuse-*rpm
rmmod fuse
depmod -a
modprobe fuse
</pre>

==Copy the device into the guests==
This is trick one. guest systems share the kernel so you are not going to be able to install any kernel modules inside the guest.

<pre>
cp -a /dev/fuse /etc/vservers/test01/vdir/dev
cp -a /dev/fuse /etc/vservers/test02/vdir/dev
</pre>

==Create fuse group and ensure proper permissions==
This is the GID that the Cent RPM will use for fuse
<pre>
vserver test01 enter
groupadd -g 102 fuse
chmod g+rw /dev/fuse
chgrp fuse /dev/fuse
</pre>

==Compile fuse WITHOUT kernel module==
This is trick two. Being that the guest cant load a kernel module it can not install one either. This is why I am guessing yum list fuse will not list any packages inside the guest. Also I had trouble with the RPM build technique inside the guest, this time i elected to use the ./configure method

<pre>
mkdir /usr/local/src/fuse
cd /usr/local/src/fuse
wget http://ftp.zresearch.com/pub/gluster/glusterfs/fuse/fuse-2.7.3glfs10.tar.gz
tar -xzf fuse-2.7.3glfs10.tar.gz
cd fuse-2.7.3glfs10
./configure && make && make install
exit
</pre>

==Adding capabilities==
The guest has to have special capabilities in order to mount file systems. INSERT TOKEN SECURITY LESSON HERE :)

<pre>
/etc/vservers/test01/ccapabilities
SECURE_MOUNT
SECURE_REMOUNT
BINARY_MOUNT
</pre>

<pre>
/etc/vservers/test01/bcapabilities
SYS_ADMIN
</pre>

==Restart both vservers==
<pre>
vserver test01 stop
vserver test01 start

vserver test02 stop
vserver test02 start
</pre>

==Install GlusterFS==
<pre>
mkdir /usr/local/src/gluster
cd /usr/local/src/gluster
wget http://ftp.zresearch.com/pub/gluster/glusterfs/1.3/glusterfs-1.3.9.tar.gz
tar -xzf glusterfs-1.3.8.tar.gz
cd glusterfs-1.3.8
./configure
make && make install
</pre>

Fuse GlusterFS

2008-05-20T02:00:21Z

Edwardcapriolo:

GlusterFS is a userspace filesystem which can create network mirrors/stripes etc. While I have not fully investigated all the functionality of GlusterFS, this article will get you started fast and fill in the blanks. Doing this process taught me a little something about Linux VServer and its kernel interactions as well. This process is very short in terms of compile but the steps were spread out all over the place.

References <br>
[http://www.gluster.org/docs/index.php/Install_and_run_GlusterFS_v1.3_in_10mins GlusterFS 10 minute Setup Doc]
[http://wiki.openvz.org/FUSE | Fuse on OpenVZ]
[http://www.paul.sladen.org/vserver/archives/200705/0084.html | Fuse in VServer]

===ServerSystem===
<pre>
i686 server
CentOS 5
Kernel 2.6.22.19-vs2.3.0.34.1
internal IP 10.10.10.1
+Nat
</pre>

===Guest1===
<pre>
test01 10.10.10.2 pkgmgmt internalize
test02 10.10.10.3 pkgmgmt internalize
</pre>

===Stated Goal===
Serve a gluster filesystem from test01 to test02

===Fuse Patched===
on server first you need the kernel source matching your kernel
<pre>
yum install kernel-devel
</pre>

<pre>
mkdir /usr/local/src/fuse
cd /usr/local/src/fuse
wget http://ftp.zresearch.com/pub/gluster/glusterfs/fuse/fuse-2.7.3glfs10.tar.gz
rpmbuild -ta fuse-2.7.2glfs9.tar.gz
rpm -Uvh /usr/src/redhat/RPMS/$(uname -m)/fuse-*rpm
rmmod fuse
depmod -a
modprobe fuse
</pre>

==Copy the device into the guests==
This is trick one. guest systems share the kernel so you are not going to be able to install any kernel modules inside the guest.

<pre>
cp -a /dev/fuse /etc/vservers/test01/vdir/dev
cp -a /dev/fuse /etc/vservers/test02/vdir/dev
</pre>

==Create fuse group and ensure proper permissions==
This is the GID that the Cent RPM will use for fuse
<pre>
vserver test01 enter
groupadd -g 102 fuse
chmod g+rw /dev/fuse
chgrp fuse /dev/fuse
</pre>

==Compile fuse WITHOUT kernel module==
This is trick two. Being that the guest cant load a kernel module it can not install one either. This is why I am guessing yum list fuse will not list any packages inside the guest. Also I had trouble with the RPM build technique inside the guest, this time i elected to use the ./configure method

<pre>
mkdir /usr/local/src/fuse
cd /usr/local/src/fuse
wget http://ftp.zresearch.com/pub/gluster/glusterfs/fuse/fuse-2.7.3glfs10.tar.gz
tar -xzf fuse-2.7.3glfs10.tar.gz
cd fuse-2.7.3glfs10
./configure && make && make install
exit
</pre>

===Adding capabilities===
The guest has to have special capabilities in order to mount file systems. INSERT TOKEN SECURITY LESSON HERE :)

<pre>
/etc/vservers/test01/ccapabilities
SECURE_MOUNT
SECURE_REMOUNT
BINARY_MOUNT
</pre>

<pre>
/etc/vservers/test01/bcapabilities
SYS_ADMIN
</pre>

===Start stop both vservers===
<pre>
vserver test01 stop
vserver test01 start

vserver test02 stop
vserver test02 start
</pre>

Fuse GlusterFS

2008-05-20T01:47:26Z

Edwardcapriolo:

Fuse GlusterFS

2008-05-20T01:30:40Z

Edwardcapriolo: New page: GlusterFS is a [GlusterFS|http://www.gluster.org/docs/index.php/Install_and_run_GlusterFS_v1.3_in_10mins]

GlusterFS is a

[GlusterFS|http://www.gluster.org/docs/index.php/Install_and_run_GlusterFS_v1.3_in_10mins]

Documentation

2008-05-20T01:26:50Z

Edwardcapriolo: /* Guides and Howtos */

<div style="margin: 2em auto 2em auto; padding: 10px; background-color: #F9ECCD; border: 1px solid #004433; text-align: center;">
[[Image:Icon-Caution.png|left]]
We are currently migrating to MediaWiki from our old system, but not all content has been migrated yet. Take a look at the [[Wiki Team]] page for instructions how to help or look at the [http://oldwiki.linux-vserver.org old wiki] to find the information not migrated yet.

'''To ease migration we created a [[List of old Documentation pages]].'''
</div>

== Introduction ==

* [[Overview|Virtualization Overview]]
* [[Usage Scenarios]]
* [[Feature Matrix]]

== Installation ==

* [[Installation Considerations]]
* [[Installation on Linux 2.6]]
* [[Installation on ArchLinux]]
* [[Installation on CentOS]]
* [[Installation on Debian]]
* [[Installation on Fedora]]
* [[Installation on Gentoo]]
* [[Installation on Mandrake]]
* [http://pld-linux.org/Vserver Installation on PLD-Linux]
* [[Installation on Redhat]]
* [[Installation on Slackware]]
* [[Installation on SuSE/OpenSUSE]]
* [[Installation on Ubuntu]]

== Configuration ==

* [[util-vserver:Documentation|util-vserver Documentation]]
* [[vcd:Documentation|VServer Control Daemon Documentation]]
* [[Share a directory among multiple guests]]

== Guides and Howtos ==

* [[Building Guest Systems]]
* [[util-vserver:Howto virtualize an exisiting Linux server|Howto virtualize an existing Linux server]]
* [[VCMD HowTo]]
* [[Howto make bsd-style init sysv-compatible|Howto make Bsd-style init sysv-compatible (archlinux guest system)]]
* [[Installing 32-bit Fedora on 64-bit Debian]]
* [[Installing Ubuntu on Debian]]
* [[Installing an openSUSE vserver guest]]
* [[Networking vserver guests]]
* [[Howto HostAuth]]
* [[Fuse_GlusterFS| Fuse and GlusterFS]]
* [[yum-patch|How to patch vyum]]
* [[yum-upgrade-3.2.4|Upgrading existing installations to yum-3.2.4]]

== Lists & Theory ==

* Basic configuration
** [[Capabilities and Flags]]
** [[CPU Scheduler]]
** [[Disk Limits and Quota]]
** [[Resource Limits]]
*** [[Memory Limits]]
** [[Virtual System Information]]
** [[Unification]]

* Security Considerations
** [[Secure Capabilities]]
** [[Secure chroot Barrier]]
** [[Secure Device Nodes]]
** [[Secure ProcFS Entries]]

* Performance and Stability
** [[Virtualization Overhead]]

* Implementation Details
** [[Context Accounting]]
** [[Filesystem Attributes]]
** [[Filesystem Tagging]]
** [[Filesystem Namespaces]]
** [[Kernel Userspace Helper]]
** [[Mainline Kernel Virtualization]]
** [[ProcFS]]
** [[Syscall Command Switch]]

== External Resources ==

Networking vserver guests RHEL

2008-05-06T23:33:33Z

Edwardcapriolo: New page: ==Public IP Space== ==Chose a private IP range== Private IP Range: 192.168.1.0<br> Host Private IP: 192.168.1.1<br> Guest Private IP: 192.168.1.2<br> ==network-scripts== In a RHEL based ...

==Public IP Space==

==Chose a private IP range==
Private IP Range: 192.168.1.0<br>
Host Private IP: 192.168.1.1<br>
Guest Private IP: 192.168.1.2<br>

==network-scripts==
In a RHEL based system many configurations are stored in /etc/sysconfig. The network settings are /etc/sysconfig/network-scripts.

<pre>
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:1
vi /etc/sysconfig/network-scripts/ifcfg-eth0:1
</pre>

<pre>
DEVICE=eth0:1
HWADDR=00:0e:0c:69:ed:e0
ONBOOT=yes
NETMASK=255.255.255.0
IPADDR=192.168.1.1
TYPE=Ethernet
</pre>

This IP address will now start at boot up.
<pre>
ifup eth0:1
</pre>

Networking vserver guests

2008-05-06T23:20:41Z

Edwardcapriolo: /* See also */

Setting up network access to and from your vserver guests.
__TOC__
==Introduction==

Lets imagine, you have only one external IP -- <code>$EXTIP</code>.

You want to have several vservers running without worrying about port overlapping.

Example:

Two vservers run a default webserver, running on port 80. If each "guest" vserver shares an IP with the host, then the two webservers will conflict.

One solution is:

* All vservers are contained in a "virtual lan", say 192.168.1.x
* Each vserver has its own IP
* Control port forwarding on "parent" host. That is, run a router.

==Configuration==
===Host===
Set up <code>dummy0</code> interface on the parent host
# /etc/network/interfaces on a Debian box,
# configure on other distros with your preferred way
auto dummy0
iface dummy0 inet static
address 192.168.1.250
netmask 255.255.255.0

===Guests===
Set up each guest vserver:
cd /etc/vservers/$VSERVER/interfaces/0
echo dummy0 > dev
echo 192.168.1.1 > ip
echo 1 > name
echo 24 > prefix
Consider using a value of <code>name</code> equal to the last digit of the IP for easy separation.

===Host as router===
Configure the host to act as a router.

For internal packets going outside, pretend each packet came from our external IP (put it in one line without backslash):
# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 \
-d ! 192.168.1.0/24 -j SNAT --to-source $EXTIP
For each service that runs on a vserver, map it to an external port. Vserver local address <code>$VHOST</code> and port <code>$INTPORT</code> you select one external port <code>$EXTPORT</code> and run the following (put it in one line without backslash):
# iptables -t nat -A PREROUTING -s ! 192.168.1.0/24 \
-m tcp -p tcp --dport $EXTPORT
-j DNAT --to-destination $VHOST:$INTPORT
That's all!

==Verifying==
Try <code>ping pool.ntp.org</code> from your vserver -- it should ping fine.

Try to connect to your <code>$EXTIP:$EXTPORT</code> (from another external host) -- you will successfully connect to service running on a guest vserver.
==See also==
* [[Frequently_Asked_Questions#If_my_host_has_only_one_a_single_public_IP.2C_can_I_use_RFC1918_IP_.28e.g._192.168.foo.bar.29_for_the_guest_vservers.3F |FAQ on private networking]]
* [[Frequently_Asked_Questions#When_I_try_to_ssh_to_the_guest.2C_I_log_into_the_host.2C_even_if_I_installed_sshd_on_the_guest._What.27s_wrong_here.3F |Permit guest sshd to bind to its IP address's port 22]]
* [[Networking_vserver_guests_RHEL|Networking_vserver_guests_RHEL]]

Networking vserver guests

2008-05-06T23:18:19Z

Edwardcapriolo: /* See also */