Alpine Linux

From Segfault
Jump to navigation Jump to search

Installation

DomU

Let's install Alpine Linux as a Xen DomU.

setup-alpine

The easiest way would be to install from an ISO image.[1] Adjust the version numbers as needed: 

wget http://dl-cdn.alpinelinux.org/alpine/v3.7/releases/x86_64/alpine-virt-3.7.0-x86_64.iso{,.sha256,.asc}
sha256sum -c alpine-virt*.iso.sha256
gpg --verify alpine-virt*.iso.asc

Mount image: 

mount -t iso9660 -o loop,ro alpine-virt*.iso /mnt/

Create configuration: 

$ cat /etc/xen/alpine1.cfg 
kernel      = '/mnt/boot/vmlinuz-virthardened'                          # NOTE: the -hardened kernel has been deprecated[2][3] :-\
ramdisk     = '/mnt/boot/initramfs-virthardened'
extra       = 'modules=loop,squashfs console=hvc0'
vcpus       = '2'

memory      = '1024'
disk        = [
               'format=raw, vdev=xvda2, access=w, target=/dev/vg0/alpine1-disk',
               'format=raw, vdev=xvda1, access=w, target=/dev/vg0/alpine1-swap',
               'format=raw, vdev=xvdc,  access=r, target=/root/alpine-virt-3.7.0-x86_64.iso',
             ]
name        = 'alpine1'
dhcp        = 'dhcp'
vif         = [ 'mac=00:16:3E:0D:FC:91' ]

on_poweroff = 'destroy'
on_reboot   = 'restart'
on_crash    = 'restart'

Start VM and run the setup routine: 

xl create -c -f /etc/xen/alpine1.cfg 
> setup-alpine

After Alpine is installed, we need to configure the boot loader too: 

localhost:~# cat /boot/menu.lst 
default 0
timeout 5

title alpine-xen-pv
        root (hd0,0)
        kernel /boot/vmlinuz-virthardened modules=ext4 console=hvc0 root=/dev/xvda2
        initrd /boot/initramfs-virthardened

Exit and stop the VM, as we need to adjust its congfiguration and disable its CDROM drive: 

$ mkdir -m0700 /etc/xen/alpine1
$ cp -p /mnt/boot/{initramfs,vmlinuz}* /etc/xen/alpine1/

$ cat /etc/xen/alpine1.cfg
# bootloader = '/usr/lib/xen-4.8/bin/pygrub'                                          # Disabled for now :-\
kernel      = '/etc/xen/alpine1/vmlinuz-virthardened'
ramdisk     = '/etc/xen/alpine1/initramfs-virthardened'
extra       = 'root=/dev/xvda2 console=hvc0 modules=ext4 rootfstype=ext4'
[...]
disk        = [ 
               'format=raw, vdev=xvda2, access=w, target=/dev/vg0/alpine1-disk',
               'format=raw, vdev=xvda1, access=w, target=/dev/vg0/alpine1-swap',
       #       'format=raw, vdev=xvdc,  access=r, target=/root/alpine-virt-3.7.0-x86_64.iso',
             ]

With that, our VM should be able to boot.

Bootstrap

Bootstrap[4] Alpine Linux onto an LVM device: 

lvcreate -L 4G -n alpine0-disk vg0
lvcreate -L 512M -n alpine0-swap vg0

mkfs.ext4 -L root /dev/vg0/alpine0-disk
tune2fs -e remount-ro -c 20 -i 6m /dev/vg0/alpine0-disk

Prepare: 

export chroot_dir=/mnt branch=edge mirror=http://dl-cdn.alpinelinux.org/alpine
mount -t ext4 /dev/vg0/alpine0-disk ${chroot_dir}

wget ${mirror}/${branch}/main/x86_64/apk-tools-static-2.9.1-r3.apk            # Be sure to adjust the version
tar -xzf apk-tools*apk sbin/apk.static

sbin/apk.static -X ${mirror}/${branch}/main -U --allow-untrusted --root ${chroot_dir} --initdb add alpine-base

Mount kernel file systems and adjust a few settings: 

mount -t devtmpfs udev ${chroot_dir}/dev/ && mount -t devpts devpts ${chroot_dir}/dev/pts && mount -t proc proc ${chroot_dir}/proc/ && mount -t sysfs sysfs ${chroot_dir}/sys/
grep ^nameserver /etc/resolv.conf >> ${chroot_dir}/etc/resolv.conf
echo ${mirror}/${branch}/main        > ${chroot_dir}/etc/apk/repositories
echo ${mirror}/${branch}/community/ >> ${chroot_dir}/etc/apk/repositories

chroot ${chroot_dir} /bin/sh -l                                               # Other shells are not available yet

for s in devfs dmesg mdev; do rc-update add $s sysinit; done
for s in hwclock modules sysctl hostname bootmisc klogd syslog; do rc-update add $s boot; done
for s in mount-ro killprocs savecache; do rc-update add $s shutdown; done
passwd root
apk add linux-vanilla bash pv                                                 # Adjust as needed
^D

umount ${chroot_dir}/{{dev/pts,dev},proc,sys}

Install the kernel on the Dom0: 

mkdir -m0700 /etc/xen/alpine0
cp -p ${chroot_dir}/boot/{initramfs,vmlinuz}* /etc/xen/alpine0/
umount ${chroot_dir}

Create configuration file: 

$ cat /etc/xen/alpine0.cfg 
kernel      = '/etc/xen/alpine0/vmlinuz-vanilla'
extra       = 'elevator=noop'
ramdisk     = '/etc/xen/alpine0/initramfs-vanilla'

vcpus       = '2'
memory      = '1024'

root        = '/dev/xvda2 ro'
disk        = [
                  'phy:/dev/vg0/alpine0-disk,xvda2,w',
                  'phy:/dev/vg0/alpine0-swap,xvda1,w',
              ]

dhcp        = 'dhcp'
vif         = [ 'mac=00:16:3E:0D:FC:91' ]

on_poweroff = 'destroy'
on_reboot   = 'restart'
on_crash    = 'restart'

And try to boot the newly created machine: 

xl create -c -f /etc/xen/alpine0.cfg

Configuration

Global configuration options can be set in /etc/rc.conf, while program-specifcs can be set in /etc/conf.d/.

The Bootloader is using EXTLINUX and can be configured via /etc/update-extlinux.conf: 

[...]
default_kernel_opts="nomodeset rootfstype=ext4 log_buf_len=17"
modules=ext4
root=UUID=67ca741c-e736-4edb-ad98-ed76e7b4825e
verbose=1
hidden=0
timeout=5
default=linux

Update

Updates can be installed via apk: 

apk -s -v upgrade                                                               # Omit -s to actually perform the upgrade.

Be sure to check and adjust changed configuration files afterwards: 

update-conf

Or, as a one-liner: 

script -c "apk upgrade --no-progress --verbose" -a /var/log/apk.log && update-conf

Upgrade

While an upgrade process appears to be possible and explained in the documentation[5] we haven't used it as we're running the rolling edge release.

Links

References

  1. Create Alpine Linux PV DomU
  2. linux kernel packages and meltdown/spectre
  3. linux-hardened: remove unsupported kernel and 3rd party modules
  4. Alpine Linux in a chroot
  5. Upgrading Alpine
  6. Mostly needed due to: Add new option --exclude for apk upgrade
Retrieved from "https://trent.utfs.org/mediawiki/index.php?title=Alpine_Linux&oldid=14600"