This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/osmocom-event-orga@lists.osmocom.org/.
Peter Stuge peter at stuge.seNeels Hofmeyr wrote: > > Is such a "bare" buster container image available somewhere? > > At least lxc has scripts that install a debian by name, which I use > to test the eventgsm ansible. > Would it make sense to pull a tar of its root fs?? probably not. That would work fine, but we have more options. > Step 1: what would be the way to crypt it? > > - I know cryptmount (which I usually use with an image file, but IIRC works > with partitions as well) > - Then there's the ext4 encryption feature? > - ...? Alexander Couzens wrote: > With lxc I would do cryptsetup(LUKS) + lvm and use a lvm volume for > the container/vm. I've done the following: --8<-- One-time setup added /dev/sda2 with all unused SSD space cryptsetup luksFormat /dev/sda2 cryptsetup open /dev/sda2 container mkfs.ext4 /dev/mapper/container cat >> /etc/fstab << EOF /dev/mapper/container /var/lib/container auto noauto 0 0 EOF cryptsetup close container -->8-- --8<-- mounting; these are the manual steps after each reboot cryptsetup open /dev/sda2 container mount /var/lib/container -->8-- > Otherwise it is possible to install such debian using debootstrap. > Otherwise I'm not familiar with ready images. > I could make a fresh file system and debootstrap and then pull an > img of that partition?? .. > Step 2: install OS > > would something like this do?? > https://us.images.linuxcontainers.org/images/debian/buster/amd64/default/20181203_05:25/rootfs.tar.xz Yep! I downloaded it to /var/lib/container/lxcbuster.tar.xz and unpacked into /var/lib/container/lxcbuster/ which then shows up as an image with machinectl: # machinectl list-images NAME TYPE RO USAGE CREATED MODIFIED lxcbuster directory no n/a n/a n/a 1 images listed. # I prepared the unpacked dir: # systemd-machine-id-setup --root /var/lib/container/lxcbuster # echo lxcbuster > /var/lib/container/lxcbuster/etc/hostname Now the container can be started: # machinectl start lxcbuster And a shell opened: # machinectl shell lxcbuster > Though I see that the lxc images apparently are also put up using debootstrap, > so if we can get debootstrap to run manually, that would be preferable I guess. > I get this though: > > osmoserv ~ # emerge dev-util/debootstrap > > !!! /etc/portage/make.profile is not a symlink .. > !!! Your current profile is invalid. .. > I have infinite uncertainty there. Yes, I understand that. The osmoserv system is built by the catalyst tool on a build server (comparable result to debootstrap+ansible, but with complete configurability both during compilation and installation) so I haven't put any package database and not set up any profile. I've installed debootstrap, dpkg and debian-archive-keyring now. (I added them to the spec file on the build server, rebuilt, then copied the binary packages and installed them with qmerge on osmoserv.) Try it out in a new directory in /var/lib/container/ Alexander Couzens wrote: > I don't know machinectl. But I'll read shortly into it. I like it. See also systemd-nspawn, which is container parent. > > The bad news is that eth0 has now failed, seemingly permanently. This > > isn't critical, all production communication has always run over eth1, > > but I have to admit that this is a sign of (too) old hardware. :\ > > How many ethernet ports does it have? Two. The only use for eth0 was to ssh into the system when connected directly with a cable and no keyboard+monitor was availble. It's not critical for operations since all our VLANs come in through eth1. I think I can add a NIC to get more ports. I'll take a look. //Peter