Like many people, once I'd heard about them (and their good prices), I wanted a virtual (or collocated) Linux server from Johncompanies. Being a Debian developer and user, though, the restriction to use Red Hat only was a bit onerous. (It's not optional, either - the system needs to boot Red Hat.)
Luckily for those of us who are fans of Debian, Linux has a facility
for switching into a functional base system called chroot. By
setting up a Debian system within a directory - say, /debian
on the Red Hat filesystem - one can execute chroot /debian and
have a fully-functional shell which thinks it's operating under a
Debian system. Meanwhile, the previously running system, and any services
running on it, continues running, oblivious of the Debian goings-on.
It's a little bit like a virtual server of your own, except that you're
sharing all the same resources with the "external" system - same kernel,
same IPs, same process table.
In order to get started, you need to get an adequate set of Debian packages
installed so that your system functions like a normal, but bare-bones UNIX
system. This utility is called debootstrap,
and it's what many of the modern Debian installers are based on.
debootstrap which is in Debian stable, currently
0.1.17. Later versions are compiled against newer releases of
glibc than is available on most distributions..deb file, even though you
don't have dpkg or any related utilities installed yet.
This is okay.
Unpacking the debootstrap_0.1.17_i386.deb is a simple process:
# ar x debootstrap_0.1.17_i386.deb
# ls
control.tar.gz data.tar.gz debian-binary debootstrap_0.1.17_i386.deb
# tar xzf data.tar.gz -C /
.deb files are actually only ar archives which
contain several files. All that we're interested in here is the
data.tar.gz, which contains all of the files we need to get
debootstrap running. The final tar command simply puts
debootstrap in the standard file heirarchy, starting at /.
Now you can run debootstrap, like so:
debootstrap woody /debiandebootstrap will download the standard set of archives which
comprise the base system of Debian 3.0 and unpack them into the directory
/debian. (Don't worry - you can upgrade to
sid, also known as unstable, later if you want.)
This directory can be any directory which already exists.
The preceding command will probably take a while to run.
Once it's done, but before you jump into your Debian system, you'll want to configure the nameservers. This is pre-configured for you on Johncompanies Red Hat machines. Simply execute the command
cp /etc/resolv.conf /debian/etc/resolv.conf
/debian whatever directory you told
debootstrap to use, if applicable). You may need to use these
server addresses when configuring your Debian system (using
base-config, below), so keep an extra terminal window open or
jot them down.
On Johncompanies virtual servers, the file /jc_traffic_dump
contains your current transfer information. In order to make this available
to your Debian chroot, I suggest making a hard link to it.
ln /jc_traffic_dump /debian/jc_traffic_dump/debian if applicable).
Finally, you can enter your new Debian system, which I suggest you do with the following command:
chroot /debian su -/debian if applicable.)
Before you do anything else, mount /proc:
mount -t proc none /procRight after, you're going to want to run the basic configuration program:
base-confighwclock doesn't function under these systems). That's okay.
Of note is the fact that I've heard of problems when running base-config from an ssh session running in kterm, the KDE Terminal emulator. If you run into trouble, try using plain xterm.
Now, if you've got the ability, I suggest getting a second IP for your new Debian system. While most of the time you're going to want to run Debian, from time to time you still need to get back to your Red Hat system for administrative purposes, and I know of no way to escape from a chroot once you're in it. (Don't turn off ssh on the Red Hat system!) Alternately, you can choose some alternate ports for the Red Hat system's services.
Due to some quirks with certain (x)inetd services, it's significantly easier
if you just don't run xinetd on Red Hat. For those who haven't administered
a Red Hat machine before, it's fairly simple to turn off xinetd permanently
by using the chkconfig utility. Simply say
chkconfig xinetd off/etc/init.d/xinetd stopchkconfig only modifies configuration, not running
processes).
Similarly, you can configure most of your Red Hat services.
chkconfig --list will show you what is currently running in each
runlevel. (You're in level 3, very likely.) Simply turn off what you don't
need (for example, most likely httpd can be turned off) and configure the
rest to function only on your Red Hat IP address. My only enabled services
are: syslog, iptables, network, sshd, crond.
Once you've configured your Debian system to your liking, you'll want to
start the services you need automatically. While configuring a runlevel
to do exactly what you want and then calling /etc/init.d/rc is entirely
possible, I didn't want to have to deal with Debian services which assumed
they needed to set things up on the system (like networking). Therefore,
I created an /etc/init.d/startup-chroot, which has the calls for each of the
Debian services I want to run. I suggest you start from a base of
sysklogd, cron, inetd and ssh and then work
your way up to whichever other services you need.
Inserting the line
chroot /debian su -c /etc/init.d/startup-chroot -
/etc/rc.local on your Red Hat system will then
automatically run the script from within the chroot when your virtual machine
boots.
I ran into trouble with certain things when setting up this system:
apache2: the vzfs module doesn't support
sendfile(), so you need to put the configuration option
EnableSendfile off into your /etc/apache2/apache2.conf
file. Unfortunately, as of this writing no version of apache 2 which supports
this configuration option exists in Debian, unstable or not. Look for
version 2.0.44, or stick with apache 1.Others reported the following issues:
--without-capabilities
--without-sendfile as configure options, since the virtual server
platform doesn't support either of these features.
Questions? Comments? Criticisms? Email Joe Drew.
Changelog:
2003-06-12: Add information about kterm, jc_traffic_dump, pure-ftpd caveat.
2003-03-10: Add note about resolv.conf.
2003-01-02: Initial Revision.