User Tools

Site Tools


docs:vserver

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docs:vserver [2013-11-26 10:30]
arekm
docs:vserver [2015-10-05 15:07] (current)
glen syn on
Line 15: Line 15:
 ===== Installing Vserver host on PLD Linux ===== ===== Installing Vserver host on PLD Linux =====
  
-vserver support is included in PLD Linux main kernels, so you can just install kernel package +Ensure ​you have appropriate [[packages:kernel]] installed.
- +
-<​file>​ +
-# poldek -u kernel +
-</​file>​ +
- +
-or alternatively,​ a longterm stable kernel: +
-<​file>​ +
-# poldek -u kernel-longterm +
-</​file>​+
  
 +You can check this from kernel config:
 +<​code>​
 +# modprobe configs
 +# zgrep CONFIG_VSERVER /​proc/​config.gz ​
 +CONFIG_VSERVER=y
 +</​code>​
 ===== Installing guest PLD Linux Vserver ===== ===== Installing guest PLD Linux Vserver =====
  
Line 65: Line 62:
 If you need to use another combination,​ then there are two versions of PLD available for guest systems: ​ If you need to use another combination,​ then there are two versions of PLD available for guest systems: ​
  
-  * pld-ac - [[:AcInfo|PLD 2.0 (Ac)]]  +  * pld-ac - [[:ac|PLD 2.0 (Ac)]]  
-  * pld-th - [[:ThInfo|PLD 3.0 (Th)]]+  * pld-th - [[:th|PLD 3.0 (Th)]]
  
 You may choose one using ''​-d''​ option: ​ You may choose one using ''​-d''​ option: ​
Line 579: Line 576:
  
 ==== Running 32 bit vserver on an 64 bit host ==== ==== Running 32 bit vserver on an 64 bit host ====
-With recent PLD util-vserver package you can create 32-bit guest systems inside a 64-bit host. First you need to prepare a new distribution definition skeleton: ​ 
  
 +With recent [[package>​util-vserver]] package you can create 32-bit guest systems inside a 64-bit host.
  
 +To specify arch during guest creation, use ''​-d''​ option, and to change what ''​uname''​ returns, use arguments ''​%%--personality linux_32bit --machine i686%%'':​
  
-<​file># ​mkdir -p /​etc/​vservers/​.distributions/​pld-th-i686/​poldek/​repos.d+<​file># ​vserver test build --context <num> -n test -m poldek -- -d pld-th-i686 ​--personality linux_32bit --machine i686
 </​file>​ </​file>​
-Then copy your repository configuration to ''/​etc/​vservers/​.distributions/​pld-th-i686/​poldek/​repos.d/​pld.conf''​ and change the architecture and source paths to your liking. When configuration is ready, create a new guest vserver using the ''​-d''​ command line option: ​ 
  
- +If you need to set ''​uts''​ parameters afterwards, you can just echo them
- +<​file>​ 
-<​file>#​ vserver test build --context <num> -n test -m poldek -- -d pld-th-i686 +# echo linux_32bit >> /​etc/​vservers/​test/​personality
-</​file>​ +
-Later to force i686 32bit use +
- +
- +
- +
-<​file>#​ echo linux_32bit >> /​etc/​vservers/​test/​personality+
 # echo i686 > /​etc/​vservers/​test/​uts/​machine # echo i686 > /​etc/​vservers/​test/​uts/​machine
 </​file>​ </​file>​
-however, you can do that at vserver build time using arguments ''​--personality linux_32bit --machine i686''​. ​+
  
  
Line 722: Line 713:
  
 You need ''​CAP_AUDIT_CONTROL''​ in ''​bcapabilities''​ and lower ''​priority_boost''​ to ''​0''​ in ''/​etc/​audit/​auditd.conf''​ You need ''​CAP_AUDIT_CONTROL''​ in ''​bcapabilities''​ and lower ''​priority_boost''​ to ''​0''​ in ''/​etc/​audit/​auditd.conf''​
 +
 +==== XFS filesystem - kernel upgrade causes xfs related oops (xfs_filestream_lookup_ag) ====
 +
 +After upgrading from 2.6-3.4 kernels (possibly other versions) to 3.18 (tested, possibly other versions) kernel ooppses
 +almost immediately after accessing some files on xfs filesystem with ''​xfs_filestream_lookup_ag''​ visible in stack trace
 +(or other filestream related function).
 +
 +That's because vserver patch for kernels earlier than 2.6.23 patched xfs filesystem to introduce new flag:
 +
 +<file c>
 +#define XFS_XFLAG_BARRIER ​    ​0x00004000 ​     /* chroot() barrier */
 +</​file>​
 +
 +and files/dirs with such flag got saved on your filesystem.
 +
 +Starting with kernel 2.6.23 kernel introduced filestreams which are using 0x00004000 bit, thus causing conflict with vserver.
 +
 +<file c>
 +#define XFS_XFLAG_FILESTREAM ​  ​0x00004000 ​     /* use filestream allocator */
 +</​file>​
 +
 +Vserver stopped adding such xfs xflag in 3.13 BUT your existing filesystem can still have XFS_XFLAG_BARRIER (0x00004000) set
 +causing oops in newer kernels.
 +
 +How to find out if I'm affected?
 +
 +IIF you don't use filestream feature then modify http://​oss.sgi.com/​cgi-bin/​gitweb.cgi?​p=xfs/​cmds/​xfstests.git;​a=blob_plain;​f=src/​bstat.c;​hb=HEAD to show only files containing XFS_XFLAG_FILESTREAM
 +
 +<file diff>
 +diff --git a/​src/​bstat.c b/​src/​bstat.c
 +index 4e22ecd..887512f 100644
 +--- a/​src/​bstat.c
 ++++ b/​src/​bstat.c
 +@@ -34,19 +34,21 @@ dotime(void *ti, char *s)
 + void
 + ​printbstat(xfs_bstat_t *sp)
 + {
 +-       ​printf("​ino %lld mode %#o nlink %d uid %d gid %d rdev %#​x\n",​
 +-               (long long)sp->​bs_ino,​ sp->​bs_mode,​ sp->​bs_nlink,​
 +-               ​sp->​bs_uid,​ sp->​bs_gid,​ sp->​bs_rdev);​
 +-       ​printf("​\tblksize %d size %lld blocks %lld xflags %#x extsize %d\n",
 +-               ​sp->​bs_blksize,​ (long long)sp->​bs_size,​ (long long)sp->​bs_blocks,​
 +-               ​sp->​bs_xflags,​ sp->​bs_extsize);​
 +-       ​dotime(&​sp->​bs_atime,​ "​atime"​);​
 +-       ​dotime(&​sp->​bs_mtime,​ "​mtime"​);​
 +-       ​dotime(&​sp->​bs_ctime,​ "​ctime"​);​
 +-       ​printf( "​\textents %d %d gen %d\n",
 +-               ​sp->​bs_extents,​ sp->​bs_aextents,​ sp->​bs_gen);​
 +-       ​printf( "​\tDMI:​ event mask 0x%08x state 0x%04x\n",​
 +-               ​sp->​bs_dmevmask,​ sp->​bs_dmstate);​
 ++       if (sp->​bs_xflags & XFS_XFLAG_FILESTREAM) {
 ++               ​printf("​ino %lld mode %#o nlink %d uid %d gid %d rdev %#​x\n",​
 ++                               (long long)sp->​bs_ino,​ sp->​bs_mode,​ sp->​bs_nlink,​
 ++                               ​sp->​bs_uid,​ sp->​bs_gid,​ sp->​bs_rdev);​
 ++               ​printf("​\tblksize %d size %lld blocks %lld xflags %#x extsize %d\n",
 ++                               ​sp->​bs_blksize,​ (long long)sp->​bs_size,​ (long long)sp->​bs_blocks,​
 ++                               ​sp->​bs_xflags,​ sp->​bs_extsize);​
 ++               ​dotime(&​sp->​bs_atime,​ "​atime"​);​
 ++               ​dotime(&​sp->​bs_mtime,​ "​mtime"​);​
 ++               ​dotime(&​sp->​bs_ctime,​ "​ctime"​);​
 ++               ​printf( "​\textents %d %d gen %d\n",
 ++                               ​sp->​bs_extents,​ sp->​bs_aextents,​ sp->​bs_gen);​
 ++               ​printf( "​\tDMI:​ event mask 0x%08x state 0x%04x\n",​
 ++                               ​sp->​bs_dmevmask,​ sp->​bs_dmstate);​
 ++       }
 + }
 +</​file>​
 +
 +and then run it with mounted directory of each filesystem (bstat /; bstat /home etc). It will print "ino ..." information for filestream files.
 +
 +
 +How to clean up?
 +
 +rsync files to other partition, recreate problematic partition and then copy files back. 
  
 ===== Debian or Ubuntu guest installation ===== ===== Debian or Ubuntu guest installation =====
Line 1154: Line 1219:
 </​file>​ </​file>​
 For these to work you need at least util-vserver-0.30.216-1.pre2955.3 (that .3 is important) and turn on per subsys support by doing: ​ For these to work you need at least util-vserver-0.30.216-1.pre2955.3 (that .3 is important) and turn on per subsys support by doing: ​
- 
  
  
 <​file>#​ mkdir /​etc/​vservers/​.defaults/​cgroup <​file>#​ mkdir /​etc/​vservers/​.defaults/​cgroup
 # touch /​etc/​vservers/​.defaults/​cgroup/​per-ss # touch /​etc/​vservers/​.defaults/​cgroup/​per-ss
 +</​file>​
 +
 +===== cgroups mountpoint =====
 +
 +if you have cgroups mounted somewhere else, you can inform vserver of that (it searching in ''/​sys/​fs/​cgroup''​ by default)
 +
 +<​file>​
 +none        /​dev/​cgroup ​    ​cgroup ​ cpuset,​cpu,​cpuacct,​devices,​freezer,​net_cls ​ 0 0
 +</​file>​
 +
 +you need to tell vserver where it mounted: ​
 +<​file>​
 +# cat /​etc/​vservers/​.defaults/​cgroup/​mnt
 +/dev/cgroup
 </​file>​ </​file>​
docs/vserver.1385458214.txt.gz · Last modified: 2013-11-26 10:30 by arekm