R Consulting Linux Appliances are pre-prepared, customized nano-Linux system images.
They can be installed on a 8GB, or larger, SATA DOM, USB drive, SSD, or hard-disk drive. GPT layout is used to divide the storage device on two root file systems, a persistent configuration, and a persistent data partitions. Root file system is read-only in runtime, with /etc and /var directories being kept in RAM. As such, any change made in /etc must be explicitly saved or they will be lost upon system shutdown.
R Consulting Appliance is distributed as two files: a compressed disk image and this document. To install the disk image simply boot a live Unix OS on the target machine and execute
live# gunzip -c path/to/diskimage.gz | dd bs=131072 of=/dev/diskOn Linux disks are commonly named sda, sdb, etc.; information on which device matches to which disk can be found in boot messages (dmesg). On FreeBSD camcontrol devlist and geom disk list commands will list attached storage devices.
The cfg utility exists to manage /etc changes. Executing just cfg will list modified files. cfg save will list modified files and will ask whether to keep each change. cfg save -y will save changes unconditionally. For more information read cfg utility man page: man cfg.
Upgrades are shipped as compressed root file system images. Upgrade file can be downloaded to a remote Unix system, then the following command should be executed:
remote# cat path/to/rootimage.gz | ssh appliance img update -zUpgrade can also be applied from the appliance itself:
appliance# img update -z https://dropbox.rconsulting.bg/nanobsd/...img utility will write the OS upgrade into alt root file system partition and will instruct bootloader to boot from it upon next system startup. After system reboot, if upgraded OS image works, as intended, upgraded partition can be made persistently active using img commit. Otherwise rebooting the system will revert to previous root file system image.
The password for root account is initially root. sshd (secure shell daemon) is configured to allow only pre-shared key authentication; using password-based login is, by default, disabled.
Management IP address is used for configuration and monitoring, and is part of the management subnet: an isolated, secured, private network, where each machine is assigned an IP address from (for example 192.168.123.0/24). Since not all servers should be visible from the Internet (transcoders export no public services), remote administration can be provided using port forwarding. However it is important this network to be isolated and secured, since lots of un-firewalled services are accessible within.
A R Consulting Appliance requires the following mandatory configuration steps, before it is fully active:
assign a valid name: add hostname="sysname.example.com" to /etc/rc.conf;
assign a valid management IP address: add ifconfig_<netif>="inet 192.168.11.22/24 to /etc/rc.conf;
to create tagged VLANs use the following syntax:
vlans_<netif>="20 30"
ifconfig_<netif>_20="inet 10.0.20.55/24"
ifconfig_<netif>_30="inet 10.0.30.55/24"(optionally) assign a valid gateway: add defaultrouter="192.168.11.1" to /etc/rc.conf;
configure the DNS: populate /etc/resolv.conf;
synchronize clock: execute ntpdate pool.ntp.org and start the time server with sv start ntpd;
add host name aliases to /etc/hosts: mgmt to resolve to system’s management IP address, loghost to resolve to site’s syslog server, monhub to resolve to site’s R Consulting Monitoring server;
configure routing table for multicast sources: tell the OS on which network interface/VLAN source multicast signal will arrive. Sample configuration: add
static_routes="mcast200 mcast201"
route_mcast200="-net 239.0.200.0/24 dev vlan200"
route_mcast201="-net 239.0.0.0/21 dev vlan201"to /etc/rc.conf;
allow segment uploads initiated from this host. On the storage server: append transcoder’s source IP address to /etc/rcons/hls-sources.list configuration file and restart the web service with sv restart /etc/rcons/service/iptvws;
save initial configuration with cfg save.
Execute /etc/rcons/apply-rc.conf to apply /etc/rc.conf configuration changes. The first time /etc/hosts is populated nginx will have to be started manually with service nginx start.
cfg utility is able to verify initial configuration, to an extent, with cfg test.