« October 2007 | Main | January 2008 »

November 29, 2007

Xen and the Gutsy Gibbon

We have recently started experimenting with Xen - the free software virtual machine monitor from Cambridge University. It has not been a pain free experience, and judging by the forums, I am not alone in this, especially when trying to install an Ubuntu 7.10 Gutsy Gibbon guest.

After a couple of days I have managed to distil the forums wisdom and my own experience down into a few simple steps. Read on for my procedure for installing Gutsy as both dom0 and domU.

Setting up the server

  1. Install Ubuntu 7.10 Server.

  2. Install the xen packages.

    aptitude install ubuntu-xen-server xen-tools libc6-xen
    
  3. Edit /etc/xen/xend-config.sxp to add a network bridge and remove the dummy network.

    (network-script network-bridge)
    # (network-script network-dummy)
    
  4. Edit /etc/xen-tools/xen-tools.conf to add or edit the following. Make sure you specify the correct network settings for your environment. You may also change the default disk and sizing options.

    dir = /var/xen
    gateway   = 192.168.0.1
    netmask   = 255.255.255.0
    broadcast = 192.168.0.255
    dhcp = 1
    accounts = 1
    # mirror = http://ftp.us.debian.org/debian/
    mirror_gutsy=http://archive.ubuntu.com/ubuntu
    serial_device = xvc0
    disk_device = xvda
    
  5. Reboot and make sure that grub boots the new Xen Kernel.

Creating the Guest

  1. Create a guest image - this will take a short while.

    xen-create-image --hostname=node0 --dist=gutsy
    
  2. Add two or amend /etc/xen/node0.cfg. Replace ?? with valid values - see the Xen manual for information on what valid MAC addresses you can use.

    vif         = [ 'mac=00:16:3e:??:??:??' ]
    extra       = 'console=xvc0'
    
  3. Remove the hwclock stuff that xen-tools missed, and allow root to log in to the virtual console.

    mount -o loop /var/xen/domains/node0/disk.img /mnt
    rm -f `find /mnt/etc -name "*hwclock*"`
    chmod -x /mnt/lib/udev/set_hwclock
    echo "xvc0" >> /mnt/etc/securetty
    sed "s/tty1/xvc0/g" /mnt/etc/event.d/tty1 > /mnt/etc/event.d/xvc0
    umount /mnt
    

Starting the new VM

  1. Start the guest.

    xm create -c /etc/xen/node0.cfg

  2. Log in with one of your users from the server.

November 28, 2007

David's at PacSec

As rubbish as we are about letting people know what we're up to it's probably worth a quick post about what David (our mystery third director) is up to at the moment.

Right now, as I type, he's over at PacSec07, giving a presentation on his work for the Honeynet Project, where he's been running the GDH project. His talk is on the problems, pitfalls, positives and results of the project. You can find out more at the PacSec website.

November 09, 2007

OS X dialog box overload

I started using a Mac 6 months ago. In some respects, it lives up to the hype for “just working” — networking in particular is a pleasure compared with WinXP. But in lots of other respects, it’s just as bad as any operating system I’ve ever used. Witness the following maze of similar-but-different dialog boxes I’ve had to wade through in my (unsuccessful) attempts to connect to the internet via my Nokia 6300: