This article will show you how to setup, install and config a Guest Centos5 Xen Virtual Server ontop of a Debian Etch Xen Install. This setup presumes you have a working Xen install (xen3) on a Debian Etch Server
Although xen-tools will create centos4 guest Xen VM's, it did not work well. Just as a debian system can be debootstrap'd Debian Etch has a “rpmstrap” package on apt which is meant to make creating a new install easier. There were problems providing a correct Centos mirror along with other issues. There was also little information on rpmstrapping Centos on Etch. The only guide available was: http://mark.foster.cc/wiki/index.php/Centos-4_on_Xen and was a little outdated.
Either xen-tools or a manual xen domU creation (manually using rpmstrap) didn't work. As a result, a prebuilt minimal Xen domU install image was chosen. http://jailtime.org provides Virtual filesystems for Xen and worked a treat. Note: The Xen images are file based Xen Images which are not intended for production use. The http://jailtime.org website has instructions for moving a file based domU to a LVM/Disk based partition.
cd /xens/name_of_new_server_to_be/ links http://jailtime.org/download:centos:v5.0 #choose to download “download:centos:centos.5-0.20070424.img.tar.bz2” as there is no direct URL link to the download.
bunzip2 centos.5-0.20070424.img.tar.bz2 tar -xvf centos.5-0.20070424.img.tar #if you like: rm centos.5-0.20070424.img.tar (its ~1gb)
#rm centos.5-0.xen2.cfg #Its only a basic config. The following config will suffice: vi /etc/xens/domains/name_of_new_server_to_be kernel = “/boot/vmlinuz-2.6.18-4-xen-686” ramdisk = “/boot/initrd.img-2.6.18-4-xen-686” memory = 64 name = “name_of_new_server_to_be” vif = 'bridge=xenbr0' disk = /xens/name_of_new_server_to_be/centos.swap,sda2,w' ip = “ip.address” gateway = “gateway” netmask = “255.255.255.0” root = “/dev/sda1 ro” extra = '4'
ln -s /etc/xen/domains/name_of_new_server_to_be /etc/xen/auto/ xm create name_of_new_server_to_be -c # The -c is to attach a console. Very handy for when booting for the first time.
Note: vi is not installed by default. The “nano” text editor is installed and can be used instead of vi for the time being.
The default login is: username: root password: password Although root is not permitted to ssh in via Centos default, the above password needs to be changed asap. Use “passwd” to change it.
The Network settings and location of eth0 configs in Centos (as in redhat and fedora) are something which is different to that of Debian and Ubuntu. All system settings are kept in /etc/sysconfig rather than as individual files in /etc (as with debian and ubuntu). nano /etc/sysconfig/network-scripts/ifcfg-eth0 #change to the following: TYPE=Ethernet DEVICE=eth0 BOOTPROTO=none #BOOTPROTO=dhcp ONBOOT=yes IPADDR=ip.address NETMASK=255.255.0.0 GATEWAY=gateway.ip
ifdown eth0 ifup eth0
Note: This is only for convience, and is not recommended on production machines. nano /etc/ssh/sshd_config #find and change the appropriate line to below: PermitRootLogin yes /etc/init.d/sshd restart
nano /etc/sysconfig/network #change: HOSTNAME=centos_pristine #to: HOSTNAME=server_name
nano /etc/resolv.conf #add the following: domain yourdomain.com search yourdomain.com nameserver ip.of.dns.server
If this was a debian domU, we would “apt-get install linux-image-2.6-xen-686” to provide the correct kernel modules in /lib/modules/. In this case, I done: ssh root@debian_domU cd /lib/modules/ tar -cvf 2.6.18-4-xen-686.tar 2.6.18-4-xen-686/ scp 2.6.18-4-xen-686.tar root@new_centos_server: ssh root@new_centos_server mv /root/2.6.18-4-xen-686.tar /lib/modules/ cd /lib/modules/ tar -xvf 2.6.18-4-xen-686.tar Reboot the Centos Xen machine, and watch it reboot to see if there are any complaints.
free df -h If you get an error such as “df: `/dev/pts': No such file or directory”, you need to edit the /etc/fstab to make sure everything is ok. I had to remove the “/dev/pts” offending line from /etc/fstab, reboot and then “df -h” showed up cleanly.
yum install ntp nano /etc/ntp.conf #not required /etc/init.d/ntpd start
chkconfig –list chkconfig –level 2345 ntpd on chkconfig –list should now look like: “ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off”
rm /etc/localtime ln -s /usr/share/zoneinfo/Eire /etc/localtime See: http://wiki.vpslink.com/index.php?title=How_to_Centos
Vim is my default editor, and comes as standard with debian. yum search vim yum install vim-enhanced
#as vim is default, and vi is nothing, I chose to symlink it. which vim (didnt work ) whereis vim ln -s /usr/bin/vim /usr/bin/vi
adduser username passwd username
Note: When su 'ing in as root, you must go: su - otherwise the root file paths will be that of the users.
yum install mailx #this gives mail on the cmdline.
yum install system-config-securitylevel-tui
system-config-securitylevel-tui #tab down to “customise” and open up ssh etc.
http://www.centos.org/modules/newbb/print.php?form=1&topic_id=8099&forum=32&order=ASC&start=0
In order to get an idea of “yum” (Yellowdog Updater Modified), the following guide/how-to should be read: http://www.centos.org/docs/5/html/yum/index.html
The following are some basic commands for the searching, installation, updating and removal of packages from the default repositories for Centos5.
yum list #provides a list of all available packages
yum list | grep httpd #search for httpd/apache packages
yum info httpd #gives a brief overview of the main package
yum search httpd #searches for packages with any reference to httpd. Returns an untidy long list of packages.
yum update #updates Centos5 Packages.
yum install httpd /etc/init.d/httpd start
chkconfig –list chkconfig –level 2345 httpd on #the above adds httpd so it will start on boot.
system-config-securitylevel-tui #add http to the firewall for incoming
Read Snmpd_%26_mrtg firstly. yum list | grep snmp yum install net-snmp.i386 /etc/init.d/snmpd start
chkconfig –list chkconfig –level 2345 snmpd on
The main config I wanted was to allow an ip on my network access the snmp information. The simplest solution was to mv the original snmpd.conf and create a basic new one. Feel free to simply add in the single line and test.
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_orig vi /etc/snmp/snmpd.conf
#add the following line only. rocommunity public ip.address.of.snmp.server
/etc/init.d/snmpd restart netstat -a | more
#The following is an automatic snmpd.conf config maker. I didnt get very far with it though. The above 1 line config worked fine. snmpconf -g basic_setup snmpconf /etc/init.d/snmpd restart
system-config-securitylevel-tui Other ports: snmp:tcp snmp:udp iptables -L
Basic snmp tools need to be installed. This package includes snmpwalk. yum install net-snmp-utils.i386 snmpwalk -v 1 -OS -c public localhost snmpwalk -v2c -OS -c public localhost
Links: <br> http://www.cassatt.com/infocentral/collage/3.4/docs/RedHatOSOutput/index.php <br> http://www.schemathings.com/?p=11
http://wiki.vpslink.com/index.php?title=How_to_Centos
http://www.enterprisenetworkingplanet.com/netos/article.php/3665371
I wanted to get selinux working. It took a little bit of tweaking, the biggest part was getting a proper kernel on dom0 to run CentOs with selinux extensions, but essentially here is how: 1. ssh into centos box and go: yum install kernel-xen.i686 2. mkinitrd –omit-scsi-modules –with=xennet –with=xenblk –preload=xenblk initrd-$(uname -r)-no-scsi.img 2.6.18-128.1.16.el5xen
http://www.virtuatopia.com/index.php/A_Xen_Guest_OS_fails_to_boot_with_a_%22switchroot:_mount_failed:_No_such_file_or_directory_error_message%22_error_message.
3. Copy the following files to dom0:
initrd-2.6.18-6-xen-686-no-scsi.img /boot/vmlinuz-2.6.18-128.1.16.el5xen
4. Edit the domU startup script to include the above. 5. Boot up CentOS. It gave out about SELinux in enforcing mode, and it paniked. I mounted the centos drive and edited: /etc/selinux/config to change it to permissive. 6. Booted up ok then. More issues however with “PTY allocation request failed on channel 0”. Reading http://www.asteriosk.gr/blog/2009/02/20/pty-allocation-request-failed-on-channel-0/ including the comments got that resolved. I could ssh in ok, but the xm console did not work. More to do later on sorting this.
A few things in CentOS then: yum list installed | grep selinux libselinux.i386 1.33.4-5.1.el5 installed yum install selinux-policy.noarch
-bash-3.2# sestatus SELinux status: disabled should be enabled once the correct kernel in dom0 boots the centos domU.