Boot Strapping Gentoo, the "Linode" way
Now the advantage of Boot Strapping and doing a Stage One is the entire system is built from the ground up to your specific needs/wants and environment. It's not difficult and the benefits are worth it in my opinion, so let us begin.
Preparation
1. In the Linode Dashboard Create the Disk/Disks you're going to install Gentoo to
2. Create a "Configuration Profile" with the Finnix kernel booting to the Finnix recovery iso
3. Assign the newly created Disk/Disks to /dev/xvdb and so on
4. Save
Install
1. Boot to the Finnix profile you created
2. Mount the disk, example -
cd /mnt
mkdir gentoo
mount /dev/xvdb /mnt/gentoo
3. Insure the date is correct
date
If not correct with the date command
4. Retrieve the Stage one image, example -
cd /mnt/gentoo
wget http://gentoo.osuosl.org/releases/x86/2008.0/stages/stage1-x86-2008.0.tar.bz2
For a list of the Gentoo mirrors see Gentoo Mirrors
5. Extract the image
tar -zxvf stage1-x86-2008.0.tar.bz2
Note- Don't forget to remove the tarball after you extract it
6. Set up your make.conf file
nano /mnt/gentoo/etc/make.conf
Here is a good make.conf file for Bootstrapping your Linode
FLAGS="-march=prescott -fomit-frame-pointer -O2 -pipe -mno-tls-direct-seg-refs"
CHOST="i686-pc-linux-gnu"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j5"
ACCEPT_KEYWORDS="x86"
PORTAGE_TMPDIR=/var/tmp
PORTDIR=/usr/portage
DISTDIR=${PORTDIR}/distfiles
PORTAGE_COMPRESS="bzip2"
PORTAGE_COMPESS_FLAGS="-9"
SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"
AUTOCLEAN="yes"
LINGUAS="en_US en"
PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes"
FEATURES="sandbox parallel-fetch"
USE="-acpi -alsa -arts bzip2 bash-completion bcmath -berkdb chroot curl curlwrappers \
dbus hal xml -ipv6 gmp -gnome -gtk -kde minimal mmx nptl nptlonly pam sse sse2 ssse3 \
ssl unicode -X X509 xattr zip zlib"
GENTOO_MIRRORS="http://gentoo.cites.uiuc.edu/pub/gentoo/ http://mirrors.cs.wmich.edu/gentoo http://mirror.csclub.uwaterloo.ca/gentoo-distfiles/ http://gentoo.mirrors.tds.net/gentoo
7. Mount proc
mount -t proc proc /mnt/gentoo/proc
8. Copy DNS info
cp /etc/resolv.conf /mnt/gentoo/etc/resolv.conf
9. Chroot
chroot /mnt/gentoo /bin/bash
10. Rehash the $path and environment
env-update && source /etc/profile
11. Create your package.use file
nano /etc/portage/package.use
Put in the values
net-misc/curl gnutls kerberos libssh2 ldn
net-misc/ntp opentpd
sys-apps/iproute2 -minimal
sys-libs/glibc glibc-omitfp
12. Get the Portage Tree
emerge --sync
Note - you "may" need to refresh portage, if so just "emerge portage" then continue on
13. Set up your Locale
nano /etc/locale.gen
14. Set the "Profile", I recommend/use the server profile. The only "Caveat" is this sets the "minimal" use flag system wide which is good. But you need to be aware that for specific packages like MySQL you need to set "-minimal" in /etc/portage/package.use to install/run LAMP. Also the same thing for iproute2 package which iptables depends on
unlink /etc/make.profile
ln -s /usr/portage/profiles/default/linux/x86/2008.0/server/ /etc/make.profile
15. Now it's time to Bootstrap and install the system
env-update && source /etc/profile && emerge --oneshot --nodeps gcc-config
USE="-* build bootstrap" emerge linux-headers && emerge --nodeps gdbm libperl perl
/usr/portage/scripts/bootstrap.sh
16. Finish Bootstrapping
emerge -O libperl && emerge -O python
emerge shadow && emerge --deep system
emerge syslog-ng hotplug vixie-cron reiserfsprogs xfsprogs sysfsutils udev
USE="openntpd" emerge --nodeps ntp
rc-update add syslog-ng default && rc-update add net.eth0 default && rc-update add vixie-cron default
rc-update add sshd default && rc-update add hotplug default && rc-update add ntp-client default
17. Set up your "Timezone Link"
rm /etc/localtime
ln -s /usr/share/zoneinfo/{path/to/your/timezonefile} /etc/localtime
18. Eliminate the clock skew, this is very critical especially with compiling your own OS!!!!
ntpdate -u -b us.pool.ntp.org
19. Configure your NIC
nano /etc/conf.d/net
example -
# This blank configuration will automatically use DHCP for any net.*
# scripts in /etc/init.d. To create a more complete configuration,
# please review /etc/conf.d/net.example and save your configuration
# in /etc/conf.d/net (this file :]!).
config_eth0=( "100.20.3.1/24" )
routes_eth0=( "default via 100.20.192.5" )
20. Set up your environment in the following places
/etc/rc.conf
/etc/conf.d/clock
/etc/conf.d/ntp-client
/etc/conf.d/rc
21. Edit your /etc/fstab appropriately
Example -
# <fs> <mountpoint> <type> <opts> <dump pass="">
/dev/xvdb / ext3 noatime 0 1
/dev/xvdf none swap sw 0 0
/dev/cdrom /mnt/cdrom auto noauto,ro 0 0
shm /dev/shm tmpfs nodev,nosuid,noexec 0 0
proc /proc proc defaults 0 0</dump></opts></type></mountpoint></fs>
Now a "Caveat"
I found that in Linode's console environment the base system didn't completely compile. It seemed to puke in the Linode console environment on one of the /dev/tty's being used during a chmod. To work around this I had to "emerge util-linux" for it was missing numerous things like "mount". So after you have completed editing your fstab and saving do the following -
emerge util-linux
A. Assign yourself a "root" password while in the chroot environment, this is a must
passwd
B. Exit out of your chroot
exit
C. Unmount the file systems
umount /mnt/gentoo/proc
umount /mnt/gentoo
D. Shutdown the system
E. Create the "Gentoo" Profile in the Linode Manager
F. Boot the new "Gentoo" Profile
G. Log into the booted image via the Linode Console
H. Emerge the system then world
emerge -e system
env-update && source /etc/profile
emerge -e world
Now this is going to take a little bit but it insures everything has been installed and compiled correctly.
Then to finish everything off run the following to complete the install.
emerge --sync
emerge -avuDN world
emerge -av gentoolkit
emerge --depclean
revdep-rebuild
Now you have a base image for the Linode environment. There are a couple of tools you may choose to install, here are the basic ones that I would recommend you to "emerge"
emerge -avD tcpdump bind-tools iproute2 eselect slocate
I would also recommend running mirrorselct to select the fastest/best Gentoo mirror's locations
mirrorselect -s4 -o -D >> /etc/make.conf
Don't forget to remove the old Gentoo mirror's in your make.conconf
This will give you very clean basic foundation to build a server streamlined to your specific needs/wants and desires.
Enjoy -
4 Replies
First it's going to want to look for modules, the ebuild will fail unless it finds modules.dep
To get around this for the kernel I was using I just did a touch to create
/lib/modules/2.6.18.8-linode10/modules.dep
Now let's install
emerge -avD iptables
This will want to pull in gentoo sources, let it for now just to get iptables installed.
I then set in my /etc/portage/profiles/package.provided the value
sys-kernel/gentoo-sources-2.6.22-r10
(set to the package it installed)
Once I did that I just removed it
emerge -C gentoo-sources
Then went into /usr/src to insure the kernel sources where all gone.
I also recommend denyhosts for protection from the Script Kiddies
The Wikipedia
Gentoo Wiki for DenyHosts
Since I read through the whole post though, I might as make a constructive comment:
I think using ntp on a linode is unnecessary, as the host os seems to take care of the clock for you. My office server running ntpd is definitely within 1 second of the time on my linode. Does it even work when you run ntpdate on the linode?
@Stever:
Nice detailed post - it's not far off the procedure I used to do an amd64 install for one of my linodes. I'm not sure what you want to do a stage one install for, but to each his own I guess
;)
Doing a stage one you have a system specific to your needs/wants, it also doesn't take much longer than the stage 3 then recompile Like I said doing so is like buying a house, strip it down town to the frame then rebuild, why?
@Stever:
Since I read through the whole post though, I might as make a constructive comment:
I think using ntp on a linode is unnecessary, as the host os seems to take care of the clock for you. My office server running ntpd is definitely within 1 second of the time on my linode. Does it even work when you run ntpdate on the linode? Yeah something to think about, but having ntpd only firing off on boot up wouldn't hurt.
Compilation is therefore easier on the system and faster. If there is sufficient ram, mounting PORTAGE_TMPDIR to a tmpfs would make it even faster.
I also recommend buildpkg feature in order to have pre-built binaries remain on the system for faster rollback of a broken update. Also backing up /usr/portage/packages every now and then will help a lot in rebuilding the world in case of major failure that would require installation of entire system. Personally, I always do buildpkgonly, and after the compilation is complete, I can quickly do the actual update. That way you can have portage way in the background (large niceness and makeopts -j1) do the compilations regularly, and then you manually update only when required, or to prevent bitrot (say once a month or so).