SMEServer v8.0 in OpenVZ

SMEServer v8.0 in OpenVZ

This is a work in progress and does not yet work.

Initial CentOS Virtual Machine

• Start with a CentOS 5 Minimal Template in Proxmox VE OpenVZ Container
• Rename template to conform to ProxmoxVE naming convention and move to template cache

cd /var/lib/vz/template/cache
wget http://download.openvz.org/contrib/template/precreated/centos-5-i386-minimal.tar.gz
mv centos-5-i386-minimal.tar.gz centos-5-minimal_5_i386.tar.gz

• 512 MB RAM / 8 GB HDD / IP address assigned during VM creation / SELinux disabled / sshd enabled
• Start Container
• 88 RPMs pre-installed list

rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}.rpm\n" > /tmp/centOS5_minimal_after_yum_with_arch.txt

• 590 RPMs in SME8 installed list - on Atom Hardware with 2GB RAM / 320 GB HDD
• Check the current CentOS Version with cat /etc/redhat-release to be CentOS release 5 (Final)

Install wget

rpm -Uvh http://vault.centos.org/5.8/os/i386/CentOS/wget-1.11.4-2.el5_4.1.i386.rpm

Install some certificates

rpm --import http://sme-mirror.firewall-services.com/releases/8/smeos/i386/RPM-GPG-KEY-SMEServer
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm --import https://fedoraproject.org/static/217521F6.txt
# rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
rpm --import http://www.salstar.sk/pub/yum/keys/RPM-GPG-KEY-Fedora-Pre-Extras
# rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
# rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL

https error workaround

[root@cent ~]# rpm --import https://fedoraproject.org/static/217521F6.txt
error: https://fedoraproject.org/static/217521F6.txt: import read failed(-1).

wget https://fedoraproject.org/static/217521F6.txt --no-check-certificate
rpm --import 217521F6.txt
rm -f 217521F6.txt

Install Yum Package Manager

References: ([1], [2], [3])

rpm -Uvh \
  http://vault.centos.org/5.8/os/i386/CentOS/elfutils-0.137-3.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/elfutils-libelf-0.137-3.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/elfutils-libs-0.137-3.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/expat-1.95.8-8.3.el5_5.3.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/gmp-4.1.4-10.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/m2crypto-0.16-8.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/readline-5.1-3.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/sqlite-3.3.6-5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/libxml2-2.6.26-2.1.12.el5_7.2.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-2.4.3-46.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/libxml2-python-2.6.26-2.1.12.el5_7.2.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-libs-2.4.3-46.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/logrotate-3.7.4-12.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/nss-3.12.10-8.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/nspr-4.8.8-2.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/popt-1.10.2.3-27.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/rpm-4.4.2.3-27.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/rpm-libs-4.4.2.3-27.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/rpm-python-4.4.2.3-27.el5.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/yum-3.2.22-39.el5.centos.noarch.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.i386.rpm \
  http://vault.centos.org/5.8/os/i386/CentOS/yum-protect-packages-1.1.16-21.el5.centos.noarch.rpm

• Check the installed groups with yum grouplist:

Installed Groups:
   System Tools
   Yum Utilities
Available Groups:
   Administration
....

The RPMs that now stand installed are listed here..

Install screen

To enable background updates, screen is installed.

yum install screen nano mlocate

It is invoked / re-attached with screen -aR scrname and detached from the session with Ctrl-A d.

Set keepcache=1 in /etc/yum.conf to retain the rpms for further use.

Take a backup of the Virtual Machine now before the mess that begins next.

Install the SME 8 RPMs

• Remove all current repos in /etc/yum.repos.d

mkdir /tmp/repo.bak
mv /etc/yum.repos.d/*.repo /tmp/repo.bak/

• Upload /etc/yum.repos.d/sme_base.repo

wget http://wiki.contribs.org/images/3/30/SME8_sme-base.repo.txt -O /etc/yum.repos.d/sme-base.repo

• YUM install sme rpms

yum --disablerepo=base,updates,extras upgrade --nogpg
yum install smeserver\* e-smith\* *.sme.* --enablerepo=smeos8,smeupdates8 --nogpgcheck

• 287 MB / 374 RPMs Installed
• SMEServer uses runlevels 7 and 4

rm -f /etc/rc4.d/*
cp -a /etc/rc7.d/* /etc/rc4.d/

• Now get the list of installed RPMs

ABC=`rpm -qa`
echo ${ABC} > sme8_rpms_after_yum.txt
ABC=

• Some RPMs get removed and others get updated.
• Use a MySQL database to check the differences:

CREATE DATABASE `rpmmatch`CHARACTER SET latin1 COLLATE latin1_general_ci; 
CREATE TABLE `rpmmatch`.`smerpms`( `rpmname` VARCHAR(100) NOT NULL, PRIMARY KEY (`rpmname`) ); 
CREATE TABLE `rpmmatch`.`c5minrpms`( `rpmname` VARCHAR(100) NOT NULL, PRIMARY KEY (`rpmname`) ); 
LOAD DATA LOW_PRIORITY LOCAL INFILE 'C:\\smerpms.csv' INTO TABLE `rpmmatch`.`smerpms` FIELDS ESCAPED BY '\\' TERMINATED BY '\t' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\r\n' (`rpmname`); 
LOAD DATA LOW_PRIORITY LOCAL INFILE 'C:\\c5minrpms.csv' INTO TABLE `rpmmatch`.`c5minrpms` FIELDS ESCAPED BY '\\' TERMINATED BY '\t' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\r\n' (`rpmname`); 
UPDATE c5minrpms SET rpmname=REPLACE(rpmname, ".(none).rpm", "") WHERE 1;
UPDATE smerpms   SET rpmname=REPLACE(rpmname, ".(none).rpm", "") WHERE 1;
SELECT a.* FROM c5minrpms a LEFT JOIN smerpms b USING (rpmname) WHERE b.rpmname IS NULL ORDER BY rpmname; 
SELECT a.* FROM smerpms a LEFT JOIN c5minrpms b USING (rpmname) WHERE b.rpmname IS NULL ORDER BY rpmname;

• 75 packages difference including 2 kernels not needed

Install Missing Packages

Since networking and sshd will not be working, ssh into the ProxmoxVE host and use vzctl enter <VEID> to work further. Edit the file /etc/sysconfig/network-scripts/ifcfg-venet0:

DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=127.0.0.1
NETMASK=255.255.255.255
BROADCAST=0.0.0.0
IPV6INIT="yes"

to be something like:

DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.60.110
NETMASK=255.255.255.0
GATEWAY=192.168.60.1
NETWORK=192.168.60.0
BROADCAST=192.168.60.255
IPV6INIT="yes"

Restart Networking with:

ifdown venet0 && ifup venet0

Alternatively, the VLANs can be used:

# cat /etc/sysconfig/network-scripts/ifcfg-venet0
DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=127.0.0.1
NETMASK=255.255.255.255
BROADCAST=0.0.0.0
IPV6INIT="yes"

# cat /etc/sysconfig/network-scripts/ifcfg-venet0:0
DEVICE=venet0:0
ONBOOT=yes
IPADDR=192.168.22.107
NETMASK=255.255.255.255

ifdown venet0 && ifup venet0
ifdown venet0:0 && ifup venet0:0

Now install the missing packages:

yum install mlocate xz xz-libs \
    zip unzip which vixie-cron vim-enhanced vim-common usbutils traceroute tnef time telnet tcpdump \
    syslinux sysfsutils strace setserial safecat rsync rp-pppoe rpm-build qmail-qfilter \
    pyxf86config perl-suidperl kudzu libgomp lockdev lsof maildrop man minicom mkbootdisk mod_ssl \
    mt-st mutt newt anacron at authconfig bc bind-libs bind-utils cdrecord cyrus-sasl \
    cyrus-sasl-md5 dhclient dhcp diald diald-top distcache dosfstools eject fetchmail ftp \
    gettext glib groff hdparm hesiod iptraf iptstate isdn4k-utils --nogpgcheck

• maildrop complained of key requirement and hence the --nogpgcheck
• pcmciautils is dependent on the kernel and hence avoided
• Restart the Virtual machine and set the IP again as done earlier (we need to address the VM startup sauce to do this atutmagically):

signal-event post-upgrade; signal-event reboot

Package Differences

One RPM from the pre-installed RPMs in the template remains:

beecrypt-4.1.2-10.1.1.i386.rpm

Two kernels and one kernel dependent RPM were not installed:

kernel-2.6.18-308.4.1.el5.i686.rpm
kernel-2.6.18-348.1.1.el5.i686.rpm
pcmciautils-014-5.i386.rpm

The final list of 574 RPMs and 4 extra keys are here.

Setting locale

/usr/bin/locale

LANG=
LC_CTYPE="POSIX"
LC_NUMERIC="POSIX"
LC_TIME="POSIX"
LC_COLLATE="POSIX"
LC_MONETARY="POSIX"
LC_MESSAGES="POSIX"
LC_PAPER="POSIX"
LC_NAME="POSIX"
LC_ADDRESS="POSIX"
LC_TELEPHONE="POSIX"
LC_MEASUREMENT="POSIX"
LC_IDENTIFICATION="POSIX"
LC_ALL=

Change the locale

/usr/bin/localedef -i en_US -f UTF-8 en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8

/usr/bin/locale

The new locale is:

LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=en_US.UTF-8

Current State of files

df

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/simfs             8388608   1344356   7044252  17% /
none                    549288         4    549284   1% /dev

cat /etc/fstab

#------------------------------------------------------------
# BE CAREFUL WHEN MODIFYING THIS FILE! It is updated automatically
# by the SME server software. A few entries are updated during
# the template processing of the file and white space is removed,
# but otherwise changes to the file are preserved.
# For more information, see http://www.e-smith.org/custom/ and
# the template fragments in /etc/e-smith/templates/etc/fstab/.
#
# copyright (C) 2002 Mitel Networks Corporation
#------------------------------------------------------------
none    /dev/pts        devpts  rw      0 0

cat /etc/mtab

/dev/simfs / simfs rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
/proc /proc proc rw,relatime 0 0
none /dev tmpfs rw,relatime,mode=755 0 0
none /dev/pts devpts rw,relatime,mode=600,ptmxmode=000 0 0
none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0

/var/lib/modules

This folder is empty as no CentOS kernel was installed.

dhcpd

dhcpd was exiting and respawning itself unable to get an IP. IT hardcoded in OpenVZ on NIC side for server only mode. Shut it down with:

service dhcpd stop
chkconfig dhcpd off

Errors

Init Boot Log

On startup, the VM emits the following error:

Applying Intel CPU microcode update: FATAL: 
Could not load /lib/modules/2.6.32-7-pve/modules.dep: No such file or directory
/etc/rc.d/init.d/microcode_ctl: microcode device /dev/cpu/microcode doesn't exist?
Starting system logger: [ OK ] 

The said package is:

rpm -qa | grep -i microcode microcode_ctl-1.17-3.el5

• Removing it would mean the removal of 41 smeserver and e-smith rpms which are dependent.
• Ref: Forum Post.
• Ref: CentOS Docs
• Hence:

/sbin/service microcode_ctl stop
/sbin/chkconfig --del microcode_ctl

• Copy the /lib/modules/2.6.32-7-pve folder from the host to the guest.
• Initial Boot Log of the VM will show the following error:

iscsid is stopped
Starting iSCSI daemon: WARNING: Error inserting libiscsi (/lib/modules/2.6.32-7-pve/kernel/drivers/scsi/libiscsi.ko): Unknown symbol in module, or unknown parameter (see dmesg)
WARNING: Error inserting libiscsi_tcp (/lib/modules/2.6.32-7-pve/kernel/drivers/scsi/libiscsi_tcp.ko): Unknown symbol in module, or unknown parameter (see dmesg)
WARNING: Error inserting mdio (/lib/modules/2.6.32-7-pve/kernel/drivers/net/mdio.ko): Unknown symbol in module, or unknown parameter (see dmesg)
WARNING: Error inserting cxgb3 (/lib/modules/2.6.32-7-pve/kernel/drivers/net/cxgb3/cxgb3.ko): Unknown symbol in module, or unknown parameter (see dmesg)
WARNING: Error inserting libcxgbi (/lib/modules/2.6.32-7-pve/kernel/drivers/scsi/cxgbi/libcxgbi.ko): Unknown symbol in module, or unknown parameter (see dmesg)
FATAL: Error inserting cxgb3i (/lib/modules/2.6.32-7-pve/kernel/drivers/scsi/cxgbi/cxgb3i/cxgb3i.ko): Unknown symbol in module, or unknown parameter (see dmesg)

• Remove offending RPM and it's dependancies:

# yum remove iscsi-initiator-utils

Removed:
  iscsi-initiator-utils.i386 0:6.2.0.872-16.el5

Dependency Removed:
  mkbootdisk.i386 0:1.5.3-2.1                            mkinitrd.i386 0:5.1.19.6-79.el5

Remove needless services

Ref: http://wiki.openvz.org/Physical_to_container

rpm --nodeps -e acpid auditd kudzu netplugd microcode_ctl lvm2_monitor irqbalance ntpd lm_sensors

If it complains with some being not installed like auditd netplugd lvm2_monitor ntpd, then

rpm --nodeps -e acpid kudzu microcode_ctl irqbalance lm_sensors

Current Status

• Networking and sshd works
• Pinging outside works
• yum update works
• venet0 and venet0:0 not recognised inside SMEServer
  • Try to take a look at /etc/udev/rules.d/70-persisten-net.rules. Specifically the MAC address [RequestedDeletion ]
• login as root and type console and enter the configuration menu
• Can test internet access
• elinks does not browse server-manager
• configuration of server fails since no network card is recognised as it relies on udev
• devnodes /dev/tun is available in the container