|
UML ("User Mode Linux") allows you to run multiple Linux servers on one physical machine. This can be handy for many different purposes. For example, you might want to give different people root rights, but prevent them from interfering with one another. Or, you might want to have several identically configured servers, one for production, one for development, and one for testing, but without investing in multiple physical machines.
Once you have prepared your machine for running UML instances as described in the following section, adding new instances will take less than five minutes. The preparation, however, might take a bit longer.
This HOWTO is based on an article in the German computer magazine c't 12/04, page 156 ("Linux: Sicherer Spiele-Server mit User Mode Linux" by Dirk Hartmann).
- You need a kernel with UML, LVM and reiserfs support. Here is a precompiled package.
- If you want to fine-tune the kernel or if you need special hardware, you can have a look at the .config file and compile your own kernel.
You need to install to the kernel sources (http://packages.debian.org/testing/devel/kernel-source-2.4.25) and the SKAS patch (http://packages.debian.org/testing/devel/kernel-patch-skas).
- You need the packages bzip2 and kernel-package for this.
Untar the files in /usr/src:
$ cd /usr/src
$ tar xjf kernel-source-2.4.25.tar.bz2
$ cd /kernel-source
and configure your kernel with
$ make menuconfig
or
$ make xconfig
(the latter requires X).
Compile your kernel with
$ make-kpkg clean
$ PATCH_THE_KERNEL=YES make-kpkg --revision=MyUML+SKAS.1.0 kernel-image
- Kernel for UML child. Here is my compiled kernel: linux
For real men and women who compile kernels themselves: Do not take any debian kernel, but download the plain kernel from kernel.org as Mr. Hartmann advises (http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.25.tar.bz2) and the UML patch (http://uml-pub.ists.dartmouth.edu/uml/uml-patch-2.4.25-1.bz2).
(Tip: download with wget -c URL. If download is aborted you can continue the download with same command.)
Untar the kernel:<br$ tar xjf linux-2.4.25.tar.bz2<br>$ cd linux-2.4.25
and run
$ bzcat <pathToPatch>/uml-patch-2.4.25-1.bz2 | patch -p1
Now you can configure your kernel with
$ make ARCH=um menuconfig
or
$ make ARCH=um xconfig
(Here is my .config file).
You should activate seperate kernel adress space, Management console, and Sysrq support. You can deactivate Threacing thread support, /proc/mm, and support for a.out and MISC (everything in General setup). You don't need LVM support here unless you want to mount additional partitions inside your UML.
Compile the kernel using
$ make linux ARCH=um
and strip the produced binary (linux) with:
$ strip linux
Packages: After installing the master kernel on your destination box, you need the following packages on it as well: reiserfsprogs, lvm10, debootstrap, bridge-utils, screen and uml-utilities. uml-utilites from woody gives an error message when you call uml_mconsole. I don't know if it is important. It seems to work anyway. The newest version doesn't have this problem, so I backported it.
- LVM volume group:
You need to have a free partition /dev/hdaX which you can use for LVM. (Other disks are also ok.) If you don't have any partition left look here how to shrink your root partition.
Add a volume group on your box using pvcreate and vgcreate. The scripts create_uml_instance.sh, delete_uml_instance.sh, and uml-child.sh assume that the volume group has the name vg1, but this can be changed easily.
- Configuration: You need to create the tun device and give it to the group uml-net:
$ mkdir /dev/net
$ mknod /dev/net/tun c 10 200
$ chgrp uml-net /dev/net/tun
$ chmod g+w /dev/net/tun
In order to communicate with the UML-children, you need to modify
/etc/network/interfaces
I added the following lines:
# for UML
auto br0
iface br0 inet static
pre-up brctl addbr br0
post-down brctl delbr br0
address 192.168.3.1
netmask 255.255.255.0
network 192.168.3.0
broadcast 192.168.3.255
bridge_fd 1
bridge_hello 1
bridge_stp off
I chose the network for the uml clients to be 192.168.3.XXX and I let the root server have the IP address 192.168.3.1. You can change this if you want. You must then change the constants IP_FIRST_3_NR, IP_GATEWAY_LAST_NR in the scripts create_uml_instance.sh and uml-child.sh.
Make sure you have "ip_forward=yes" in /etc/network/options. Otherwise you won't be able to access the uml instance from outside this machine.
After changing the networking configuration you need to restart networking:
/etc/init.d/networking restart
Then you need to place the uml binary (linux) and the create_uml_instance.sh and to /opt/uml/bin (if you want it someplace else change KERNEL in uml-child.sh.
- Finally, you need to put the uml-child.sh in /etc/init.d
All three files need to have execution bit (chmod a+x filename).
Run
$ /opt/uml/bin/create_uml_instance.sh test1 11 256M 4G
You will have to answer a few questions (just press the default) and type in the root password. This will create a new uml child with name test1, IP address 192.168.3.11, max. 256MB RAM and 4 GB disk space. Please use only small letters for the name, the script will create a user with that name. This will fail if there are capital letters.
To start it, simply type: /etc/init.d/uml-test1 start
You can ssh from outside to this instance on port 10000 + 1000 * 11 + 22 = 21022 (e.g. with ssh -p 21022 root@yourMachine). Since the IP number gets multiplied by 1000, you should not use IP numbers bigger than 55 unless you change PORTS_PER_UML in uml-child.sh.
You probably want to have more than the bare base system. I installed additional packages using dselect and stored the list of installed packages using:
$ dpkg --get-selections > myconf
To reproduce the installation, you only need to execute
$ dpkg --set-selections < myconf
$ apt-get -u dselect-upgrade
to have your packages back. This way you need to backup only files you or your programs modified. This is usually the files in /etc you changed, all files below /var and maybe /home.
You can do all of this without starting the uml instance. Just mount the
partition and do a chroot on it.
If you always want to run an instance with low priority (e.g. a test instance), you can insert --nice as first parameter in create_iml_instance.sh:
$ create_uml_instance.sh --nice test1 11 256M 4G
This only makes the uml-instance nice, not the creation of it. If you want this too, type:
$ nice create_uml_instance.sh --nice test1 11 256M 4G
Execute:
$ /etc/init.d/uml-test1 backup
This will give you a new logical volume /dev/vg1/test1-backup. The uml child is not halted afterwards. It was only
halted for less then a second.
You can mount it and do a backup now on this snapshot. When you are done with your backup, just delete the logical volume with lvremove.
Well, the total time of your backup probably takes longer than 1 second, but your UML child is interrupted for less than a second. No process inside this UML child suffers from this small break.
You need to do three things:
<typolist>
delete the logical volume with lvremove
delete the user (e.g. test1)
delete /etc/init.d/unl-test1
</typolist>
The script delete_uml_instance.sh does this for you.
All files mentioned above can be found here:
This document is free; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
This document is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You can get a copy of the GNU GPL at at
www.gnu.org/copyleft/gpl.html
Written by .
--- Fight spam with alias addresses from safersignup.com! ---
|