Alpine on Scaleway

This blog is running on a vps hosted by Scaleway. I was in OVH before but the “cloud oriented” philosophy of Scaleway was more appealing to me, so I made the switch a couple of months back.

I also switched from debian to Alpine Linux and I wanted to document a bit what I did.

Scaleway ships Alpine in a persistent fashion. It doesn't use lbu.

Disk managment

Scaleway shipped my vps with a 50G drive. To avoid future hassle in case I need to increase the space available for some folders I restructured the virtual drive.

Reconfigure the main drive

To reconfigure something that low-level, you need to boot from another system. On Scaleway, you'll need to:

  • Stop the machine
  • Go to the Scaleway control panel
  • Disable “local boot”
  • Select the rescue bootscript
  • Start the machine & login to your server through ssh
  • Check that blkid, lsblk, resize2fs, fdisk, and fsck are installed.

⚠ Please be warned:

  • Do not ever try to shrink a live root system partition as it will fail.
  • Backup everything needed when you're downsizing a filesystem.

ℹ Note:

  • To my knowledge, resize2fs is the only tool capable of resizing an ext partition.
  • If you don't want to use fdisk, find an alternative.
  • Other programs are not critical to the process

Resizing the drive consist of:

  • Making sure the principal filesystem is sane
  • Shink the filesystem
  • Destroy and re-create the partition to the desired size
  • Creating a partition to be used by LVM (check the next section)

And it should look like that:

fsck.ext4 -f /dev/vda1
resize2fs /dev/vda1 2G
# output should look like this :
# resize2fs 1.42.13 (17-May-2015)
# Resizing the filesystem on /dev/vda1 to 524288 (4k) blocks.
# The filesystem on /dev/vda1 is now 524288 (4k) blocks long.
fdisk /dev/vda # destroy and recreate the partition to the same size as the fs, eg: +2G
# create a second partition for LVM at that moment

At that point, make sure that:

  • Main filesystem is ok
  • You get what you wanted (list block devices with lsblk)

Then, fix /etc/fstab if needed:

blkid
cat /mnt/etc/fstab

Now reboot to the standard OS.

Non-root partitions

I manage non-root partitions with lvm. It's not mendatory but it allow for more flexibility regarding future re-allocations or space increases. It can be sum up as:

  • Installing LVM
  • Setup “underlying” pieces of LVM to be functionnal
  • Create volumes
  • Format filesystems

These steps translated in commands should look somewhat like this:

apk add lvm2
pvcreate /dev/vda2 # declare this partition as physical space
vgcreate group_vol_name /dev/vda2 # say it's part of the group "group_vol_name"
lvcreate -L 50M --name funkynamevol group_vol_name # as much as you need volumes
mkfs.ext4 -L funkynamefs /dev/group_vol_name/funkynamevol # format filesystem

Then, Edit your fstab with all newly logical volumes and related filesystems :

UUID="123456-1337-hack-3335-this-isntarealuuid" /root ext4 rw,nodev,nosuid,noexec 0 0

Test your config with :

mount -a

If everything goes well, congrats !

Post-setup steps

The good practice require that next steps should be set in a configuration management tool. I personally use Ansible for that, but any current and well maintained tool will do the job.

What you'll want to do :

  • Setup an hostname
  • Update your system (and do that as often as possible then !)
  • Add a user (please don't manage a machine under a root account ..)
  • Install some admin tools
  • Configure sshd, access to ssh and sudoers
  • Configure the services you're using, if you use LVM, be sure that it launches at boot.

Translation in commands shoud give you that :

hostname machine-name.withfull.fqdnname.tld
echo "127.0.0.1 machine-name.withfull.fqdnname.tld" > /etc/hosts
hostname -f # check the result
vi /etc/apk/repositories # I've set the main repo to 3.8 explicitly
apk update && apk upgrade
apk add git htop screen # add what you want, now or later really ... :)
adduser myuser
adduser myuser coolgroup
cp /root/.ssh/authorized_keys /home/myuser/.ssh/authorized_keys
chown -R myuser:myuser /home/myuser/.ssh
echo "myuser ALL=(ALL) /sbin/apk /sbin/rc-service" > /etc/sudoers.d/00-myuser
rc-update add lvm boot
vi /etc/ssh/sshd_config
# setup stuff like these :
# PermitRootLogin no
# PubkeyAuthentication yes
# PasswordAuthentication no

Notes

Globaly speaking :

  • Take some time to understand how works sudo, and properly configure it, don't just throw some configs you found on internet.
  • Do the same for the ssh deamon
  • Firewalls and other ACLs are a topic on their own. you'll need to check those too
  • Ressource managment can be managed in a configuration managment tool. So you can managed your disk space, memory, cpu allocations in these tools but it's a bit over the top for a vps.

About Scaleway :

  • Ssh access are managed by scaleway. you can setup stuffs like anywhere else but some of them might be overriten by the provider. Check what needs to be done (I setup ssh keys with api calls through an ansible module for instance)
  • Hostname will also be rewritten by scaleway, just name the node properly in the admin console, it will the propagate in your system.
Avatar
Julien Pericat
Linux Sysadmin, SysOps & DevOps friendly

Happily automating and putting things in containers.

Related