This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
manuals:vps:vpsadminos [2018/05/21 08:12] – [General] /proc/cpuinfo,stat Aither | manuals:vps:vpsadminos [2024/01/02 20:39] (current) – aither | ||
---|---|---|---|
Line 1: | Line 1: | ||
< | < | ||
====== vpsAdminOS ====== | ====== vpsAdminOS ====== | ||
- | Since [[information: | + | vpsAdminOS |
- | aren't supporting it, we had to find a way to upgrade our kernel, which | + | to run our VPS. |
- | meant choosing a different virtualization technology. Linux kernel now | + | |
- | has some support | + | |
- | we needed some distribution that we could use on nodes to serve as | + | |
- | hypervisors, | + | |
- | We've chosen [[https:// | + | |
- | the system and its configuration and then reproducibly build it. And since | + | |
- | we have a bit specific requirements, | + | |
- | on top of NixOS. | + | |
- | [[https:// | + | ===== About vpsAdminOS ===== |
- | [[https:// | + | vpsAdminOS is a spin of NixOS. The host system is rather small and includes only management |
- | It's a //live// distribution serving | + | services, |
- | virtualisation. Its as capable as OpenVZ Legacy was in its time. We have | + | is interconnected |
- | our own userspace tools to manage | + | of vpsFree.cz's infrastructure, e.g. on your home server. |
- | internally uses LXC. vpsAdminOS | + | |
- | administration interface with web interface, which you're all using to manage | + | |
- | your VPS. However, vpsAdminOS | + | |
- | a replacement to OpenVZ Legacy deployments. If you have some OpenVZ servers | + | |
- | and would like a newer system, you can consider vpsAdminOS. We also have | + | |
- | [[https:// | + | |
- | with migration of OpenVZ containers onto vpsAdminOS. | + | |
- | ===== Migration from OpenVZ to vpsAdminOS ====== | + | If you' |
- | The upgrade of our infrastructure with all VPSes to vpsAdminOS is divided into | + | |
- | several phases: | + | |
- | + | ||
- | - Developing vpsAdminOS into something usable | + | |
- | - Integration with vpsAdmin | + | |
- | - Opening of a staging environment with vpsAdminOS (:!: we're here :!:) | + | |
- | - Testing, fixing bugs, implementing missing features, preparing for production | + | |
- | - New production nodes are using vpsAdminOS, new VPS can be created only there | + | |
- | - Gradual migration of all VPS from OpenVZ nodes to vpsAdminOS, one node after another | + | |
- | - End of story | + | |
- | + | ||
- | ===== What does it mean for members ====== | + | |
- | We're trying to make the migration to vpsAdminOS as seamless as possible, so | + | |
- | that one day your VPS will stop on the OpenVZ node and will start on | + | |
- | vpsAdminOS node a while later, without you having to do anything. However, it | + | |
- | depends on what programs | + | |
- | have made. That's why we recommend for everyone to try VPS on vpsAdminOS | + | |
- | in the [[# | + | |
- | and solve problems before we start migration production VPS. | + | |
- | + | ||
- | ===== Changes in VPS behaviour ===== | + | |
- | ==== Network configuration ==== | + | |
- | Linux kernel doesn' | + | |
- | find a different way. Networking is done by a pair of veth interfaces: | + | |
- | one on the host, the other in the VPS. IP addresses are routed through | + | |
- | an interconnecting network that is assigned to every VPS. | + | |
- | + | ||
- | For example, let's say the assigned interconnecting network is | + | |
- | '' | + | |
- | '' | + | |
- | IP addresses are then routed via '' | + | |
- | would be routed as '' | + | |
- | in the VPS would be set as '' | + | |
- | interface on the host is configured automatically by '' | + | |
- | will also generate configuration files inside your VPS, depending on your | + | |
- | distribution. The init system from your VPS will then read those files | + | |
- | and setup the network interface. The first address on the interface will be | + | |
- | the address from the interconnecting network, not the public address, as has | + | |
- | been the case on OpenVZ. If you have some custom network configuration, | + | |
- | you need to be aware of how the networking is supposed to work. | + | |
- | + | ||
- | ==== User namespaces ==== | + | |
- | VPS in vpsAdminOS | + | |
- | means that your system user and group IDs are mapped to different values on | + | |
- | the host. For example, the root user in your VPS has UID 0, but from the | + | |
- | host's point of view, its UID is e.g. 666000. Every member has been assigned a | + | |
- | unique user namespace, which ensures that your data is isolated from other | + | |
- | users. In case an attacker manages to leave the container, he will not be able | + | |
- | to access data from VPS belonging to other members. | + | |
- | + | ||
- | Every member is assigned a user namespace of 524288 user/group IDs. It means | + | |
- | that you can use UID/GID from 0 to 524287. All VPS from one member are in the | + | |
- | same user namespace. In the future, it will be possible to define custom | + | |
- | UID/GID maps for VPS and NAS datasets, which will let each member to isolate | + | |
- | his own VPS and yet share some chosen range of user/group IDs. | + | |
- | + | ||
- | The user namespace significantly changes how you can share data between VPS | + | |
- | and NAS. At the moment, it is **not possible** to mount NAS to a VPS running | + | |
- | on a vpsAdminOS node so that you'd have access to the data. This will become | + | |
- | possible when custom UID/GID maps are properly implemented. | + | |
- | + | ||
- | ==== General ==== | + | |
- | Changes regarding VPS, but independent on the distribution used: | + | |
- | + | ||
- | * '' | + | |
- | * ''/ | + | |
- | * Swap is not shown in ''/ | + | |
- | * '' | + | |
- | + | ||
- | ==== Debian/ | + | |
- | + | ||
- | * Network is configured using '' | + | |
- | * ''/ | + | |
- | * If there is a directory called ''/ | + | |
- | + | ||
- | ===== Behaviour changes in vpsAdmin ===== | + | |
- | + | ||
- | * Reinstalling VPS on vpsAdminOS no longer deletes subdatasets and does not reset its configuration to the initial state, e.g. VPS features remain as they were. | + | |
- | * VPS features: bridge, iptables and NFS aren't configurable, | + | |
- | * It is possible to change the network interface name within the VPS in VPS details page. | + | |
===== Staging environment ====== | ===== Staging environment ====== | ||
In order for all members to test VPS on vpsAdminOS, we've created so called | In order for all members to test VPS on vpsAdminOS, we've created so called | ||
staging environment. It's similar to playground, where everyone can create a | staging environment. It's similar to playground, where everyone can create a | ||
- | VPS. When creating a VPS, just select location **Staging** and the VPS will be | + | VPS. When creating a VPS, just select location **Staging** and deselect **Keep platform**. |
- | created on a vpsAdminOS node. | + | The VPS will be created on a vpsAdminOS node. |
It's terms of use are similar to [[manuals: | It's terms of use are similar to [[manuals: | ||
Line 119: | Line 24: | ||
resources among 4 VPS. | resources among 4 VPS. | ||
- | It is not possible to clone or swap production VPS with VPS in the staging | + | You can either create a new VPS or clone an existing |
- | environment. Migration of OpenVZ VPS onto vpsAdminOS is not implemented yet. | + | |
- | Access to the NAS is also restricted, see [[# | + | |
- | + | ||
- | ==== Supported distributions ==== | + | |
- | + | ||
- | * Alpine 3.6, 3.7 | + | |
- | * Arch | + | |
- | * CentOS 7.5 | + | |
- | * Debian 8, 9 | + | |
- | * Fedora 27, 28 | + | |
- | * Gentoo | + | |
- | * NixOS | + | |
- | * Ubuntu 16.04, 18.04 | + | |
- | + | ||
- | ==== Other distributions ==== | + | |
- | + | ||
- | In case your distribution isn't supported yet, you can help us make | + | |
- | it happen, or wait until someone does it for you, see | + | |
- | [[https:// | + | |
- | + | ||
- | Distribution templates installable from vpsAdmin are built using scripts at | + | |
- | [[https:// | + | |
- | If your distribution isn't there, it has to be added. | + | |
- | + | ||
- | When the built script is done, it is necessary to add support for your | + | |
- | distribution into '' | + | |
- | resolvers, etc., see [[https:// | + | |
==== More about vpsAdminOS ==== | ==== More about vpsAdminOS ==== | ||
Line 152: | Line 30: | ||
* https:// | * https:// | ||
* https:// | * https:// | ||
- | * IRC chat.freenode.net #vpsadminos | ||
==== Reporting bugs and ideas ==== | ==== Reporting bugs and ideas ==== | ||
Choose at your own discretion: | Choose at your own discretion: | ||
- | * [[information: | + | * [[information: |
* podpora@vpsfree.cz | * podpora@vpsfree.cz | ||
* vpsAdminOS issues: https:// | * vpsAdminOS issues: https:// | ||
* vpsAdmin issues: https:// | * vpsAdmin issues: https:// | ||