R Consulting Linux Appliances are pre-prepared, customized nano-Linux system images.
They can be installed on a 8GB, or larger, SATA DOM, USB drive, SSD, or hard-disk drive. GPT layout is used to divide the storage device on two root file systems, a persistent configuration, and a persistent data partitions. Root file system is read-only in runtime, with /etc
and /var
directories being kept in RAM. As such, any change made in /etc
must be explicitly saved or they will be lost upon system shutdown.
R Consulting Appliance is distributed as two files: a compressed disk image and this document. To install the disk image simply boot a live Unix OS on the target machine and execute
live# gunzip -c path/to/diskimage.gz | dd bs=131072 of=/dev/disk
On Linux disks are commonly named sda
, sdb
, etc.; information on which device matches to which disk can be found in boot messages (dmesg
). On FreeBSD camcontrol devlist
and geom disk list
commands will list attached storage devices.
The cfg
utility exists to manage /etc
changes. Executing just cfg
will list modified files. cfg save
will list modified files and will ask whether to keep each change. cfg save -y
will save changes unconditionally. For more information read cfg
utility man page: man cfg
.
Upgrades are shipped as compressed root file system images. Upgrade file can be downloaded to a remote Unix system, then the following command should be executed:
remote# cat path/to/rootimage.gz | ssh appliance img update -z
Upgrade can also be applied from the appliance itself:
appliance# img update -z https://dropbox.rconsulting.bg/nanobsd/...
img
utility will write the OS upgrade into alt root file system partition and will instruct bootloader to boot from it upon next system startup. After system reboot, if upgraded OS image works, as intended, upgraded partition can be made persistently active using img commit
. Otherwise rebooting the system will revert to previous root file system image.
The password for root
account is initially root
. sshd
(secure shell daemon) is configured to allow only pre-shared key authentication; using password-based login is, by default, disabled.
Management IP address is used for configuration and monitoring, and is part of the management subnet: an isolated, secured, private network, where each machine is assigned an IP address from (for example 192.168.123.0/24
). Since not all servers should be visible from the Internet (transcoders export no public services), remote administration can be provided using port forwarding. However it is important this network to be isolated and secured, since lots of un-firewalled services are accessible within.
A R Consulting Appliance requires the following mandatory configuration steps, before it is fully active:
assign a valid name: add hostname="sysname.example.com"
to /etc/rc.conf
;
assign a valid management IP address: add ifconfig_<netif>="inet 192.168.11.22/24
to /etc/rc.conf
;
to create tagged VLANs use the following syntax:
vlans_<netif>="20 30"
ifconfig_<netif>_20="inet 10.0.20.55/24"
ifconfig_<netif>_30="inet 10.0.30.55/24"
(optionally) assign a valid gateway: add defaultrouter="192.168.11.1"
to /etc/rc.conf
;
configure the DNS: populate /etc/resolv.conf
;
synchronize clock: execute ntpdate pool.ntp.org
and start the time server with sv start ntpd
;
add host name aliases to /etc/hosts
: mgmt
to resolve to system’s management IP address, loghost
to resolve to site’s syslog server, monhub
to resolve to site’s R Consulting Monitoring server;
configure routing table for multicast sources: tell the OS on which network interface/VLAN source multicast signal will arrive. Sample configuration: add
static_routes="mcast200 mcast201"
route_mcast200="-net 239.0.200.0/24 dev vlan200"
route_mcast201="-net 239.0.0.0/21 dev vlan201"
to /etc/rc.conf
;
allow segment uploads initiated from this host. On the storage server: append transcoder’s source IP address to /etc/rcons/hls-sources.list
configuration file and restart the web service with sv restart /etc/rcons/service/iptvws
;
save initial configuration with cfg save
.
Execute /etc/rcons/apply-rc.conf
to apply /etc/rc.conf
configuration changes. The first time /etc/hosts
is populated nginx
will have to be started manually with service nginx start
.
cfg
utility is able to verify initial configuration, to an extent, with cfg test
.