community.riocities.com

Alpine Linux XEN dom0 from a USB stick - upgrading

Upgrade guide for Alpine based XEN dom0s

This guide describes how to upgrade a diskless (booting from USB stick) Alpine XEN dom0 between alpine releases.

It expects your usb stick to be mounted under /media/usb, if it not mounted there on your system, adjust the instruction to match your case.

Note The stick should be connected to your running dom0, do not unplug the stick.

Preparations

Backup all data under /media/usb so you have a fall-back.

Download the version of the xen iso you are upgrading to, as well as the gpg signature file, to your workstation.

Example with the files for an upgrade to Alpine v3.6

workstation $ curl -O .../alpine-xen-3.6.2-x86_64.iso
workstation $ curl -O .../alpine-xen-3.6.2-x86_64.iso.asc
workstation $ gpg --verify alpine-xen-3.6.2-x86_64.iso.asc

Replace ... above with the path on the download server used e.g. http://nl.alpinelinux.org/alpine/v3.6/releases/x86_64/

Turn of all running domUs, as you will not be able to to that later due to that you will have a upgraded XEN user land, that can not communicate with the running hypervisor.

dom0 $ sudo service xendomains stop

Copy alpine-xen-3.6.2-x86_64.iso to a disk device accessible in the dom0. If you have followed the other XEN howtos on this site, you can use /domU_installer.

Perform the upgrade of the running system.

Check that LBU_MEDIA in /etc/lbu/lbu.conf points to the device used to store the persistent configuration. In my case its usb. If its not usb in your case, adjust the commands below to fit your case (e.g. /media/usb -> /media/).

Edit /etc/apk/repositories to point at the version you are upgrading to then run the upgrade.

dom0 $ sudo -i
dom0 # apk update
dom0 # apk upgrade --update-cache --available

Commit the changes to /etc with lbu

dom0 # lbu commit

Upgrade the boot media in /media/usb

dom0 # setup-bootable -u /domU_installer/alpine-xen-3.6.2-x86_64.iso /media/usb
dom0 # umount /domU_installer
dom0 # sync

Now for the most important part to get right, editing /media/usb/boot/syslinux/syslinux.cfg to point at the new:

  • linux kernel (e.g. -grsec -> -hardened -> -vanilla)
  • linux initramfs (e.g. -grsec -> -hardened -> -vanilla)
  • xen hypervisor (e.g. -4.7.3.gz -> -4.8.1.gz)

All these files are located in /media/usb/boot edit syslinux.cfg to match the filenames.

Example for Alpine v.3.5 (alpine_dom0) before changing

TIMEOUT 20
PROMPT 1
DEFAULT grsec

LABEL grsec
MENU LABEL Xen/Linux grsec
KERNEL /boot/syslinux/mboot.c32
APPEND /boot/xen.gz  dom0_mem=1024M --- /boot/vmlinuz-grsec modules=loop,squashfs,sd-mod,usb-storage quiet nomodeset --- /boot/initramfs-grsec

After prepared to boot Alpine 3.6

TIMEOUT 20
PROMPT 1
DEFAULT hardened

LABEL hardened
MENU LABEL Xen/Linux hardened
KERNEL /boot/syslinux/mboot.c32
APPEND /boot/xen-4.8.1.gz dom0_mem=1536M --- /boot/vmlinuz-hardened modules=loop,squashfs,sd-mod,usb-storage quiet nomodeset --- /boot/initramfs-hardened

dom0 # mount /media/usb -o remount,rw
dom0 # vi /media/usb/boot/syslinux/syslinux.cfg
dom0 # mount /media/usb -o remount,ro

When you are sure that syslinux.cfg is correct you can reboot (use reboot -f). If boot fails you can use the servers integrated light out management to trouble-shoot, or if that is not possible you can connect the usb memory to your laptop and boot from usb in order to trouble-shoot and fix errors.

Published

Author

henrik

Category

HOWTOs

Tags