| 1 |
On 23/12/2010 11:17, Arkadi Shishlov wrote: |
| 2 |
> On 12/21/10 16:58, Ed W wrote: |
| 3 |
>> However, if that developer/administrator is available, then Gentoo is a |
| 4 |
>> marvellous solution for quickly building few MB custom solution, or a 60MB |
| 5 |
>> virtual server base installation, or whatever other customised environment you |
| 6 |
>> desire? |
| 7 |
> Do you have such a setup for virtual server or, maybe, openvpz/vserver? ie. |
| 8 |
> profile/make.conf/install masks/whatever ready for public consumption you can share? |
| 9 |
|
| 10 |
Sorry, missed your email |
| 11 |
|
| 12 |
OK, I create |
| 13 |
|
| 14 |
/usr/local/portage/profiles/my-hardened/ |
| 15 |
|
| 16 |
this has a file "parent" which contains: |
| 17 |
../../../../portage/profiles/hardened/linux/amd64/10.0 |
| 18 |
|
| 19 |
Then simply create any overrides for completely global defaults and keywords |
| 20 |
|
| 21 |
I then create various subdirectories: |
| 22 |
|
| 23 |
vserver-host: this holds the generic host config |
| 24 |
vserver-guest: this is the base for the various guest configs |
| 25 |
(over-rides for all guests go here) |
| 26 |
|
| 27 |
In the vserver-guest I create more directories per vserver type, eg: |
| 28 |
|
| 29 |
vserver-guest/ |
| 30 |
vserver-guest/proxy |
| 31 |
vserver-guest/no-multilib |
| 32 |
vserver-guest/www |
| 33 |
vserver-guest/www/apache2 |
| 34 |
vserver-guest/www/nginx |
| 35 |
vserver-guest/mysql |
| 36 |
vserver-guest/fs |
| 37 |
vserver-guest/dns |
| 38 |
vserver-guest/glusterfs |
| 39 |
vserver-guest/mail |
| 40 |
|
| 41 |
|
| 42 |
The main thing to remember is that you need a "parent" file containing |
| 43 |
".." in each and every directory or else you just failed to inherit from |
| 44 |
the top level profile. However, after that just customise what you need |
| 45 |
for each guest type! |
| 46 |
|
| 47 |
|
| 48 |
Oh, further, in my host I have several package directories: |
| 49 |
/usr/portage/packages/ |
| 50 |
/usr/portage/packages/local |
| 51 |
/usr/portage/packages/uclibc.host |
| 52 |
/usr/portage/packages/uclibc |
| 53 |
/usr/portage/packages/guest32 |
| 54 |
/usr/portage/packages/guest64 |
| 55 |
|
| 56 |
The "local" one is for the host and the others are mounted to the |
| 57 |
appropriate class of guest. Note this isn't as granular as you desire, |
| 58 |
eg the PHP package will normally have different use flags between apache |
| 59 |
and nginx guests. However, portage simply uses or rebuilds the php |
| 60 |
package as it finds it previously built. This is satisfactory for me. |
| 61 |
Mysql is another example where most guests build with "-minimal", but |
| 62 |
the servers build the full server. Again handled automatically with a |
| 63 |
slight slowdown occasionally |
| 64 |
|
| 65 |
|
| 66 |
Good luck |
| 67 |
|
| 68 |
Ed W |
Archives