Updating a Debian Squeeze Minimal Template

From Proxmox VE
Jump to: navigation, search

This article shows how to update a Minimal Debian Squeeze Template. Debian Squeeze v6.0.6 was released on 29th Sep 2012 whilst the first release of Debian Squeeze was in Feb 2011.

Get the Source Template

On the Proxmox VE host download the source template and name it according to Proxmox VE convention:

cd /var/lib/vz/template/cache
wget http://download.openvz.org/template/precreated/contrib/debian-6.0-i386-minimal.tar.gz
mv debian-6.0-i386-minimal.tar.gz debian-6.0-minimal_6.0-0_i386.tar.gz

Create Container

Create an OpenVZ container (assumed VEID 114 here) using the source template and study the existing version info:

# cat /etc/debian_version
6.0

# uname -a
Linux test 2.6.32-7-pve #1 SMP Mon Feb 13 07:33:21 CET 2012 i686 GNU/Linux

# uname -r
2.6.32-7-pve

# cat /etc/issue
Debian GNU/Linux 6.0 \n \l

# cat /proc/version
Linux version 2.6.32-7-pve (root@oahu) (gcc version 4.3.2 (Debian 4.3.2-1.1) ) #1 SMP Mon Feb 13 07:33:21 CET 2012

We will see that only the first command above will show a change in the version when using the updated template.

Update Container

vzctl enter 114
apt-get update && apt-get upgrade

rm -f /etc/ssh/ssh_host_*

cat << EOF > /etc/init.d/ssh_gen_host_keys
#!/bin/sh
### BEGIN INIT INFO
# Provides:          Generates new ssh host keys on first boot
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:
# Short-Description: Generates new ssh host keys on first boot
# Description:       Generates new ssh host keys on first boot
### END INIT INFO
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ""
insserv -r /etc/init.d/ssh_gen_host_keys
rm -f \$0
EOF

chmod a+x /etc/init.d/ssh_gen_host_keys
insserv /etc/init.d/ssh_gen_host_keys

apt-get --purge clean
> /etc/resolv.conf
history -c
exit

The above will update package list and upgrade container to latest version of Debian Squeeze (since only Squeeze repos are in the /etc/apt/sources.list). As Debian Squeeze uses dependency based startup, we use insserv. SSH keys must be generated at irst boot of the container and hence the insertion of the ssh_gen_host_keys script which removes itself after completing random key generation.

Stop Container and Remove IP

  • Stop the container in the PVE GUI.
  • Remove the IP from the container and save the config from the GUI.
  • and / or remove IP from container from the CLI:
vzctl set 114 --ipdel all --save

Remove unwanted files / folders

cd /var/lib/vz/private/114

## remove all needless file in container
rm -f etc/hostname
echo "localhost" > etc/hostname
rm -f aquota.group
rm -f aquota.user
rm -f var/lib/apt/lists/ftp*
rm -f var/lib/urandom/*
rm -f var/run/*.pid
rm -f var/run/*.reboot
rm -f var/log/apt/*
rm -f var/log/fsck/*
rm -rf var/log/news
# rm -f var/log/*.log
# rm -f var/log/dmesg*
cd var/log/
rm -f `ls -l | grep -v boot | grep -v wtmp | grep -v faillog | grep -v lastlog | awk '{print $9}'`
cd ../..

This will match the files present in the source template and remove others.

Build Updated Template

# rm /var/lib/vz/template/cache/debian-6.0-minimal_6.0-6_i386.tar.gz
tar --numeric-owner -czf /var/lib/vz/template/cache/debian-6.0-minimal_6.0-6_i386.tar.gz .

Uncomment the first command above if such a file already exists which would be the case if a build was done previously, possibly erroneously.

Listing the source and updated templates would show a marginal increase in file size which is to be expected:

cd /var/lib/vz/template/cache/
ls debian-6.0-minimal_6* -al
-rw-r--r-- 1 root root 77907288 Feb 18  2011 debian-6.0-minimal_6.0-0_i386.tar.gz
-rw-r--r-- 1 root root 78846692 Nov  9 22:05 debian-6.0-minimal_6.0-6_i386.tar.gz

Destroy Container

Remove the container from the PVE GUI.

Test Updated Template

Create a container using the updated template and start it. The first boot log would be like:

starting init logger
INIT: version 2.88 booting
stty: standard input: Invalid argument
Using makefile-style concurrent boot in runlevel S.
udev requires hotplug support, not started. ... failed!
failed!
Activating swap...done.
Cleaning up ifupdown....
Setting up networking....
Loading kernel modules...done.
Fast boot enabled, so skipping file system check. ... (warning).
Mounting local filesystems...done.
Activating swapfile swap...done.
Cleaning up temporary files....
Configuring network interfaces...done.
Cleaning up temporary files....
Setting kernel variables ...done.
startpar: service(s) returned failure: udev ... failed!
INIT: Entering runlevel: 2
stty: standard input: Invalid argument
Using makefile-style concurrent boot in runlevel 2.
Starting enhanced syslogd: rsyslogd.
Starting periodic command scheduler: cron.
Starting OpenBSD Secure Shell server: sshdCould not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
.
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
31:96:33:9c:43:2c:59:51:b1:38:04:8e:dd:0c:42:83 root@testing
The key's randomart image is:
+--[ RSA 2048]----+
| o+ o==oo. |
| E *oB.+ . |
| . o./ . |
| . B |
| S |
| |
| |
| |
| |
+-----------------+
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
The key fingerprint is:
da:a1:4c:ea:46:8a:82:a6:09:bf:3d:39:1c:12:5a:41 root@testing
The key's randomart image is:
+--[ DSA 1024]----+
| .E |
| . |
| . |
| o |
| o . . S |
|. . o+ + . |
|o. =.o+ . |
|=+.o* |
|* oooo |
+-----------------+
INIT: no more processes left in this runlevel

Check the updated version with:

# cat /etc/debian_version
6.0.6
# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0   2028   700 ?        Ss   14:09   0:00 init [2]
root         2  0.0  0.0      0     0 ?        S    14:09   0:00 [kthreadd/114]
root         3  0.0  0.0      0     0 ?        S    14:09   0:00 [khelper/114]
root        37  0.0  0.0    104    12 ?        S    14:09   0:00 [init-logger]
root       240  0.0  0.1  33440  1372 ?        Sl   14:09   0:00 /usr/sbin/rsyslogd -c4
root       266  0.0  0.0   2288   768 ?        Ss   14:09   0:00 /usr/sbin/cron
root       272  0.0  0.0   5488   948 ?        Ss   14:09   0:00 /usr/sbin/sshd
root       286  0.0  0.0  18572   528 ?        Ss   14:11   0:00 vzctl: pts/0
root       287  0.0  0.1   2976  1632 pts/0    Ss   14:11   0:00 -bash
root       298  0.0  0.0   2348   916 pts/0    R+   14:13   0:00 ps aux
# ls -al
total 72
drwxr-xr-x 20 root root 4096 Nov  9 14:09 .
drwxr-xr-x 20 root root 4096 Nov  9 14:09 ..
lrwxrwxrwx  1 root root   39 Nov  9 14:09 aquota.group -> /proc/vz/vzaquota/00000028/aquota.group
lrwxrwxrwx  1 root root   38 Nov  9 14:09 aquota.user -> /proc/vz/vzaquota/00000028/aquota.user
drwxr-xr-x  2 root root 4096 Nov  9 06:24 bin
drwxr-xr-x  2 root root 4096 Dec 14  2010 boot
drwxr-xr-x  5 root root 4096 Nov  9 14:09 dev
drwxr-xr-x 46 root root 4096 Nov  9 14:09 etc
drwxr-xr-x  2 root root 4096 Dec 14  2010 home
drwxr-xr-x 10 root root 4096 Nov  9 06:24 lib
drwxr-xr-x  2 root root 4096 Feb 13  2011 media
drwxr-xr-x  2 root root 4096 Dec 14  2010 mnt
drwxr-xr-x  2 root root 4096 Feb 13  2011 opt
dr-xr-xr-x 20 root root    0 Nov  9 14:09 proc
drwx------  2 root root 4096 Nov  9 06:20 root
drwxr-xr-x  2 root root 4096 Nov  9 06:24 sbin
drwxr-xr-x  2 root root 4096 Jul 21  2010 selinux
drwxr-xr-x  2 root root 4096 Feb 13  2011 srv
drwxr-xr-x  6 root root    0 Nov  9 14:09 sys
drwxrwxrwt  2 root root 4096 Nov  9 14:09 tmp
drwxr-xr-x 10 root root 4096 Feb 13  2011 usr
drwxr-xr-x 13 root root 4096 Feb 13  2011 var

Stop and Destroy the container from the GUI.

Update the apl-available

To make the template available with a proper name in the PVE 1.9 GUI, append the following to /var/lib/pve-manager/apl-available (it will get overwritten on next startup of PVE Host or next day when HQ updates the file):


Package: debian-6.0-minimal
Version: 6.0-0
Type: openvz
OS: debian-6.0
Section: system
Maintainer: Ap.Muthu <apmuthu@usa.net>
Location: http://www.gnuacademy.org/appliances/debian-6.0-minimal_6.0-0_i386.tar.gz
Infopage: http://pve.proxmox.com/wiki/Debian_6.0_Minimal
md5sum: d85e631e443865a51e9ef8d83d09fc5a
Description: Debian 6.0 (minimal)
 A small Debian Squeeze system having only the basic packages.
 The original template is at 
 http://download.openvz.org/template/precreated/contrib/debian-6.0-i386-minimal.tar.gz

Package: debian-6.0-minimal
Version: 6.0-6
Type: openvz
OS: debian-6.0
Section: system
Maintainer: Ap.Muthu <apmuthu@usa.net>
Location: http://www.gnuacademy.org/appliances/debian-6.0-minimal_6.0-6_i386.tar.gz
Infopage: http://pve.proxmox.com/wiki/Debian_6.0_Minimal
md5sum: edcaf02eda98edc06f1138d2371ff866
Description: Debian 6.0.6 (minimal)
 A small Debian Squeeze system having only the basic packages.
 Updated to Debian v6.0.6

Note that each stanza must have a blank line separating them. Adjust the md5sum to suit your updated template file if you are placing yours in some other Location.

64 bit equivalent

The 64 bit equivalent of the the same can be obtained:

cd /var/lib/vz/template/cache
wget http://download.openvz.org/template/precreated/contrib/debian-6.0-amd64-minimal.tar.gz
mv debian-6.0-amd64-minimal.tar.gz debian-6.0-minimal_6.0-0_amd64.tar.gz

and similar steps can be taken to get it updated.

Alternatively start with a standard 64 bit container and update it. Then strip away what is not required by comparing the packages installed vis-a-vis the method above.

References