Differences

This shows you the differences between two versions of the page.

--- manuals:vps:vpsadminos [2020/09/21 14:47] – [Debian/Ubuntu/Alpine] /etc/network/interfaces.{tail,head} Aither
+++ manuals:vps:vpsadminos [2023/02/02 23:36] – deleted openVZ parolek
@@ Line 1: / Line 1: @@
 <page>manuals:vps:vpsadminos</page>
 ====== vpsAdminOS ======
-Since [[information:openvz|OpenVZ]] is dead and new distributions
+Since OpenVZ Legacy is no longer supported and new distributions
-aren't supporting it, we had to find a way to upgrade our kernel, which
+don't work there, we had to find a way to upgrade our kernel, which
 meant choosing a different virtualization technology. Linux kernel now
-has some support for containers, so we've decided to stick with that. Next,
+has some support for containers, so we've decided to use it.
-we needed some distribution that we could use on nodes to serve as
+We needed some distribution that we could use on nodes to serve as
-hypervisors, as a replacement of Scientific Linux 6 with OpenVZ kernel.
+a hypervisor, as a replacement of Scientific Linux 6 with OpenVZ kernel.
-We've chosen [[https://nixos.org|NixOS]], which allows you to declare
+We've chosen [[https://nixos.org|NixOS]], because it allows us to declaratively
-the system and its configuration and then reproducibly build it. And since
+configure the system and its services. And since our requirements are quite specific,
-we have a bit specific requirements, we've created our own distribution
+we're maintaining our own spin of NixOS called vpsAdminOS.
-on top of NixOS.
 [[https://github.com/vpsfreecz/vpsadminos|vpsAdminOS]] is based on
 [[https://nixos.org|NixOS]] and [[https://github.com/cleverca22/not-os/|not-os]].
 It's a //live// distribution serving as a hypervisor for container
-virtualisation. Its as capable as OpenVZ Legacy was in its time. We have
+virtualisation.
-our own userspace tools to manage containers called ''osctl'', which
+vpsAdminOS naturally integrates with vpsAdmin, our administration interface
-internally uses LXC. vpsAdminOS naturally integrates with vpsAdmin, our
+with web interface. However, vpsAdminOS is meant to be fully usable even on its own,
-administration interface with web interface, which you're all using to manage
+outside vpsFree.cz's infrastructure.
-your VPS. However, vpsAdminOS is meant to be fully usable even on its own, as
-a replacement to OpenVZ Legacy deployments. If you have some OpenVZ servers
-and would like a newer system, you can consider vpsAdminOS. We also have
-[[https://vpsadminos.org/migration-paths/openvz-legacy/|scripts]] to help
-with migration of OpenVZ containers onto vpsAdminOS.
-===== Migration from OpenVZ to vpsAdminOS ======
-The upgrade of our infrastructure with all VPSes to vpsAdminOS is divided into
-several phases:
-  - Developing vpsAdminOS into something usable
-  - Integration with vpsAdmin
-  - Opening of a staging environment with vpsAdminOS
-    - Testing, fixing bugs, implementing missing features, preparing for production
-  - New production nodes are using vpsAdminOS (:!: we're here :!:)
-    - vpsAdminOS is available in Prague
-  - Gradual migration of all VPS from OpenVZ nodes to vpsAdminOS, one node after another
-  - End of story
-===== What does it mean for members ======
-We're trying to make the migration to vpsAdminOS as seamless as possible, so
-that one day your VPS will stop on the OpenVZ node and will start on
-vpsAdminOS node a while later, without you having to do anything. However, it
-depends on what programs you're running and what configuration changes you
-have made. That's why we recommend for everyone to try VPS on vpsAdminOS
-in the [[#staging_environment| staging environment]], so that we can find
-and solve problems before we start migration production VPS.
-===== Changes in VPS behaviour =====
-==== User namespaces ====
-VPS in vpsAdminOS are using so called //user namespaces//. User namespace
-means that your system user and group IDs are mapped to different values on
-the host. For example, the root user in your VPS has UID 0, but from the
-host's point of view, its UID is e.g. 666000. Every member has been assigned a
-unique user namespace, which ensures that your data is isolated from other
-users. In case an attacker manages to leave the container, he will not be able
-to access data from VPS belonging to other members.
-Every member is assigned a user namespace of 524288 user/group IDs. It means
-that you can use UID/GID from 0 to 524287. All VPS from one member are in the
-same user namespace. In the future, it will be possible to define custom
-UID/GID maps for VPS and NAS datasets, which will let each member to isolate
-his own VPS and yet share some chosen range of user/group IDs.
-==== General ====
-Changes regarding VPS, but independent on the distribution used:
-  * ''/proc/stat'' reports only user (including system) and idle
-  * Swap is not shown in ''/proc/meminfo''
-==== Debian/Ubuntu/Alpine ====
-  * Network is configured using ''ip'' from ''iproute2'', you no longer need ''ifconfig'' from ''net-tools''
-  * If there is a directory called ''/etc/network/interfaces.d'', it is sourced before ''/etc/network/interfaces.tail''.
-===== Behaviour changes in vpsAdmin =====
-  * NAS and snapshots are not accessed using vpsAdmin [[manuals:vps:vpsadminos:storage|mounts, but NFS exports]]
-  * IP address management is split into routed and interface addresses
-  * Reinstalling VPS on vpsAdminOS no longer deletes subdatasets and does not reset its configuration to the initial state, e.g. VPS features remain as they were.
-  * VPS features: bridge, iptables and NFS aren't configurable, they're always on.
-  * It is possible to change the network interface name within the VPS in VPS details page.
 ===== Staging environment ======
@@ Line 102: / Line 39: @@
 Features can be turned on/off individually. When any change is made, the VPS restarts.
-{{ :navody:vps:features.png?300 |}}
+{{ :navody:vps:vps_features.png |}}
-  * Docker (experimental) - Enables support for Docker.
   * FUSE - "Filesystem in Userspace" Enables the kernel module to allow non-privileged users create their own file systems.
   * KVM - "Kernel-based Virtual Machine" Enables KVM for hardware support of virtualization.
@@ Line 110: / Line 46: @@
   * PPP - "Point-to-Point Protocol" Enables communications protocol used to establish a direct connection between point-to-point links.
   * TUN/TAP - "TUN routing/TAP bridging" Enables the creation of virtual interfaces that are then bridged.
-We recommend only setting the features that your really need.
 ==== More about vpsAdminOS ====

Knowledge base

User Tools

Site Tools

Differences

Page Tools