TemplateLayer - OpenVZ Templates - Template Request's

[rmlhhd]

Hello,
 
I've nearly finished the development of TemplateLayer, my new project to provide up-to-date OpenVZ templates to providers for a small fee. All templates will be update every 2 weeks and redistributed to our CDN. 
 
Currently I have the following templates:
 

• CentOS 6.5 32/64bit Minimal
• Debian 7 32/64bit Minimal
• Ubuntu 12.04 32/64bit Minimal
• Ubuntu 12.10 32/64bit Minimal
• Ubuntu 13.04 32/64bit Minimal
• Ubuntu 13.10 32/64bit Minimal
• Ubuntu 14.04 32/64bit Minimal
• Scientific 6 32/64bit Minimal
• Ubuntu 14.04 32bit with Ghost
• Ubuntu 14.04 32 with WordPress (I've tested this with Blitz.io on RamNode with a 128MB VPS and I got 26,000 hit/s with no errors or timeouts)
• Ubuntu 14.04 32/64bit with Atlassain Jira
• CentOS 6.5 32bit with cPanel DNSONLY
• CentOS 6.5 64bit with cPanel
• CentOS 6.5 32bit with LookingGlass
• Debian 7 32bit with SoftEther VPN

 
I want to increase this list drastically, please comment with the templates you'd like to see your providers offering.

 

[KuJoe]

OpenVZ.org maintains their own minimal templates now so I would check there and remove any duplicates from your list to make your life easier.


I would like to see a somewhat updated, working Arch Linux template.

 

[Aldryic C'boas]

I would like to see a somewhat updated, working Arch Linux template.

FTFY >_>

 

[KuJoe]

FTFY >_>

Isn't there a template for a 2010 version of Arch that "works" as long as you don't run pacman or edit anything?

 

[Mid]

I saw some actually minimal ones, (centos 5 tar.gz at 46mb) at the "contributed templates" section on openvz.org

I don't know this is the one my provider used, buy they installed centos 5 minimal for me, but yet what I get for

yum list installed | wc -l

is 198

I don't need (70% to 85% of) 198 packages. This isn't really a minimal one. This is going to be a daunting task for me to remove all that I dont' need (is there any easy way to do it?). Security perspective says that don't install anything that you don't use, but you providers bang with unnecessary stuff (note that the template is named minmal).

I think one more category called "bare-bone" should be created and really only the basic stuff (nano, htop, etc) should be there. (even nano and htop is not in the default centos or debian I think, what are they doing?)

Better, a separate distro for vps should be ideal. (why anybody didn't make one so far?, probably somebody should make one with the new centos taken over by redhad)

 

[KuJoe]

@Mid OpenVZ.org does not have a minimal template for CentOS 5 so that template is either custom in which case it is specific to your provider or it's the template from 2008 which I wouldn't trust it.

 

[splitice]

True minimal templates, with everything setup correctly would be great

 

[KuJoe]

@Mid Another thing worth mentioning is that just because it's installed (yum list installed) doesn't mean it's running. I'm on a VPS with 154 packages installed with only 11 processes running.

 

[Mid]

@KuJoe, centos-6-x86-minimal.tar.gz (103 MB) is listed in openvz.org (6th from top). Does this contain any less number of packages than (198) centos 5 minimal, which they no longer maintain?

Of course I know that all the installed packages are not running (but I know sendmail and bind are running by default). My question is why pre install a thing that you don't want and not going to use, that too on a minimal. I know I have to stop sendmail (and remove from startup, and probably uninstall), but what if the vps client doesn't do it.

What I meant is, there is no actual "minimal" thing in a so called minimal template.

 

[KuJoe]

@KuJoe, centos-6-x86-minimal.tar.gz (103 MB) is listed in openvz.org (6th from top). Does this contain any less number of packages than (198) centos 5 minimal, which they no longer maintain?

Of course I know that all the installed packages are not running (but I know sendmail and bind are running by default). My question is why pre install a thing that you don't want and not going to use, that too on a minimal. I know I have to stop sendmail (and remove from startup, and probably uninstall), but what if the vps client doesn't do it.

What I meant is, there is no actual "minimal" thing in a so called minimal template.

It has 154 packages installed by default but only 10 processes running. It's using 6MB of RAM and 368MB of disk space.

Here is the list of the 10 processes:

init
[kthreadd/2779]
[khelper/2779]
/sbin/udevd -d
/sbin/rsyslogd -i /var/run/syslogd.pid -c 5
/usr/sbin/sshd
/sbin/mingetty console
/sbin/mingetty tty2
sshd: root@pts/0
-bash

This is as minimal as it gets. 6MB of RAM, 10 processes running.

 

[rmlhhd]

The factor "minimal" when it comes to OpenVZ templates is not the amount of RAM is uses, it's how many packages it has installed. A minimal template has the basic packages required for CentOS to run, not all the SendMail, Bind and Apache crap pre-installed. That's what feature templates are for.

 

[KuJoe]

Feel free to make a list of which packages can be safely uninstalled without breaking anything and then contact OpenVZ to get them to update their already minimal template:

MAKEDEV.i686                     
audit-libs.i686                  
basesystem.noarch                
bash.i686                        
binutils.i686                    
bzip2-libs.i686                  
ca-certificates.noarch           
centos-release.i686              
checkpolicy.i686                 
chkconfig.i686                   
coreutils.i686                   
coreutils-libs.i686              
cpio.i686                        
cracklib.i686                    
cracklib-dicts.i686              
curl.i686                        
cyrus-sasl-lib.i686              
db4.i686                         
db4-utils.i686                   
dbus-glib.i686                   
dbus-libs.i686                   
diffutils.i686                   
e2fsprogs.i686                   
e2fsprogs-libs.i686              
ed.i686                          
elfutils-libelf.i686             
ethtool.i686                     
expat.i686                       
file-libs.i686                   
filesystem.i686                  
findutils.i686                   
fipscheck.i686                   
fipscheck-lib.i686               
gamin.i686                       
gawk.i686                        
gdbm.i686                        
glib2.i686                       
glibc.i686                       
glibc-common.i686                
gmp.i686                         
gnupg2.i686                      
gpgme.i686                       
grep.i686                        
groff.i686                       
gzip.i686                        
hwdata.noarch                    
info.i686                        
initscripts.i686                 
iproute.i686                     
iptables.i686                    
iputils.i686                     
keyutils-libs.i686               
krb5-libs.i686                   
less.i686                        
libacl.i686                      
libattr.i686                     
libblkid.i686                    
libcap.i686                      
libcom_err.i686                  
libcurl.i686                     
libedit.i686                     
libffi.i686                      
libgcc.i686                      
libgcrypt.i686                   
libgpg-error.i686                
libidn.i686                      
libnih.i686                      
libnl.i686                       
libselinux.i686                  
libselinux-utils.i686            
libsemanage.i686                 
libsepol.i686                    
libss.i686                       
libssh2.i686                     
libstdc++.i686                   
libtasn1.i686                    
libusb.i686                      
libuser.i686                     
libutempter.i686                 
libuuid.i686                     
libxml2.i686                     
logrotate.i686                   
lua.i686                         
make.i686                        
mingetty.i686                    
module-init-tools.i686           
ncurses.i686                     
ncurses-base.i686                
ncurses-libs.i686                
net-tools.i686                   
nspr.i686                        
nss.i686                         
nss-softokn.i686                 
nss-softokn-freebl.i686          
nss-sysinit.i686                 
nss-tools.i686                   
nss-util.i686                    
openldap.i686                    
openssh.i686                     
openssh-clients.i686             
openssh-server.i686              
openssl.i686                     
p11-kit.i686                     
p11-kit-trust.i686               
pam.i686                         
passwd.i686                      
pcre.i686                        
pinentry.i686                    
pkgconfig.i686                   
policycoreutils.i686             
popt.i686                        
procps.i686                      
psmisc.i686                      
pth.i686                         
pygpgme.i686                     
python.i686                      
python-iniparse.noarch           
python-libs.i686                 
python-pycurl.i686               
python-urlgrabber.noarch         
quota.i686                       
readline.i686                    
rootfiles.noarch                 
rpm.i686                         
rpm-libs.i686                    
rpm-python.i686                  
rsyslog.i686                     
sed.i686                         
setup.noarch                     
shadow-utils.i686                
shared-mime-info.i686            
sqlite.i686                      
sysvinit-tools.i686              
tar.i686                         
tcp_wrappers.i686                
tcp_wrappers-libs.i686           
tmpwatch.i686                    
tzdata.noarch                    
udev.i686                        
upstart.i686                     
ustr.i686                        
util-linux-ng.i686               
vim-minimal.i686                 
vzdev.noarch                     
vzdummy-glibc.noarch             
vzdummy-init-fc13.noarch         
wget.i686                        
xz-libs.i686                     
yum.noarch                       
yum-metadata-parser.i686         
yum-plugin-fastestmirror.noarch  
zlib.i686

 

[KuJoe]

Ok, I was able to get the CentOS 6.5 32bit Minimal template down to 3MB of RAM (with OpenSSH running even)!!!!

I removed all of the packages that didn't break the OS, networking, or SSH:


MAKEDEV.i686
e2fsprogs.i686
e2fsprogs-libs.i686
ed.i686
logrotate.i686
passwd.i686
quota.i686
rootfiles.noarch
rsyslog.i686
tar.i686
tcp_wrappers.i686
tmpwatch.i686
vim-minimal.i686
wget.i686

I also saved a WHOPPING 13MB of disk space! Yay!

So let's see, I got the template down to 138 packages, saved 3MB of RAM, 13MB of disk space, and it's only running 8 processes... but was it worth it?

Things I can no longer due:

Download things with wget.

Change a user's password.

Log anything in the system.

Automatically rotate logs (what logs? we don't need no stinking logs.)

tar/untar files (not like it matters since wget is gone now).

View user quotas.

Have any default files in a new user's directory.

Clean up /tmp with a single command.

Edit files (I can't find any editor on here since I removed ed and vi).

Make use of /etc/hosts.allow and /etc/hosts.deny.

Now was it really worth removing those 14 packages now? Nope.

 

[splitice]

Agreed

Just for clarification my point was more a reflection on all the Debian 'minimal' templates that include Apache or Exim.