I finally got a CentOS 5 domU running under Debian.
The xen-tools xen-create-image method didn’t work. I managed to find an appropriate build script for centos5, but it was pretty badly out of date, trying to install RPM versions that don’t exist on the mirror servers any more. Trying to bring it back up to date would have been a PITA. It has the RPM versions hard-coded in the script.
However the instructions at http://wiki.kartbuilding.net/index.php/Create_Centos5_DomU_on_Debian_Etch_Dom0 worked a treat.
After following those steps, I converted it from a file-based image, to an LVM, with the following steps:
Manually create logical volumes for the filesystem and swap. I use 40G filesystem LVs and 128M swaps.

# mkdir /mnt/loop
# mkdir /mnt/cenots
# mount /home/andrew/centos.5-0.img /mnt/loop -o loop
# mount /dev/mapper/ember-centos5–disk /mnt/centos
# cd /mnt/loop
# cp -Rp bin boot dev etc home lib media mnt opt root sbin selinux srv sys tmp usr var ../centos
# cd
# umount /mnt/loop
# umount /mnt/centos

Then edit /etc/xen/domains/centos.cfg and change the following lines:

kernel = “/boot/vmlinuz-2.6.18-4-xen-686″
ramdisk = “/boot/initrd.img-2.6.18-4-xen-686″
vif = ['bridge=xenbr0']
disk = ['file:/xens/name_of_new_server_to_be/centos.5-0.img,sda1,w','file:/xens/name_of_new_server_to_be/centos.swap,sda2,w']

To:

kernel = ‘/boot/vmlinuz-2.6.18-6-xen-686′
ramdisk = “/boot/initrd.img-2.6.18-6-xen-686″
vif = [ 'ip=192.168.1.13' ]
disk = [ 'phy:ember/centos5-disk,sda1,w', 'phy:ember/centos5-swap,sda2,w' ]

Then “xm create centos”. Boom! Centos 5, running as a domU on a Debian Etch dom0, from a logical volume.
And I still have the original centos5 image file for creating fresh domUs.

Originally published at /dev/zero. You can comment here or there.

Aught to be a good title for a book on Xen, no?

Anyway, while discussing Xen with the COO (and it just occurred to me, really this project should be the CTO’s, not the COOs… odd how the COO does all this stuff…) he came to the conclusion that, like openVZ and Virtuozzo, Xen guest systems shared the kernel with the Host. That didn’t sound right to me, but I couldn’t disprove it with my Xen server, where every DomU had an empty /boot.

So I updated the kernel in Dom0, but didn’t reboot. I now have a newer kernel installed than the one it’s currently running.
I then tweaked the /etc/xen-tools/xen-tools.conf and built a new DomU, to use the new kernel. Everything went without a hitch. I now have a Dom0 running 2.6.18-4-xen-686, with a domU running 2.6.18-6-xen-686. So it would seem that while they all “share” a kernel in the sense that they share a single install on the hard drive (all pulling from the dom0 /boot directory), they aren’t sharing a single instance of the kernel in memory.

I then tried to get a working CentOS 5 domU running, but ran into some snags. That will be another post.

Originally published at /dev/zero. You can comment here or there.

Just a personal note so I can find how to install Debian on a DomU again

Originally published at /dev/zero. You can comment here or there.

On the heels of my raving about Gentoo, I find that while from and administrative perspective I like it, from a user perspective? Not so much.

I have two workstations at work. One is a Celeron 1.7ish, 1.5GB of RAM, running Windows XP. The internal web sites we use tend toward lots of javascript, plus another application that sucks up resources. Thus Firefox, when viewing our ticket system, our order database system and our server locator / user database system was running very sluggish.

I managed to acquire a second desktop, a P4 1.8Ghz, 1GB RAM system, on which I intended to install Linux. When I got that far, I installed Gentoo, running Xfce4, as a learning exercise. Everything went beautifully. Once I got Firefox and Thunderbird installed, I moved all my work that that system, using the Windows box only for the non-web based application that only has a Windows client. And since the speakers are hooked up to that system, I left Pidgin there as well.
The performance of Firefox on the Linux box is barely a marginal improvement.

My personal laptop, however, a Centrino 1.6 with 512MB of RAM running Ubuntu 7.10 and Gnome, running all the same web sites is at least 3x more responsive.
I even made sure I had exactly the same addons installed on the two Linux systems. By all lights, the Gentoo box should be smoking the laptop.

It’s got a faster (model) processor.
It has a faster (clock rate) processor.
It has 2x the RAM.
It’sToques, Imagens, Jogos, vídeos E é compativel com http://www.toques1.com/baixar-toques-mp3-para-celular-ofertas-especiais.html de graça no iPhone.Beruhmte casino tropez. got an “optimized” OS installed.
It’s running the light-weight Xfce4 window manager, compared to Gnome’s (and all the other bells and whistles I’ve installed) bloat.
The only thing I can figure is there’s something about the default compile settings Gentoo uses when building Firefox.

I must remember to reboot the Gentoo box and check if Hyperthreading is turned off in the BIOS. I’m running an SMP kernel but only seeing one CPU. I also need to check if a P4 1.8 has HT support…

Originally published at /dev/zero. You can comment here or there.

I’m quickly becoming a fan of Gentoo.
I don’t think it will be replacing Ubuntu on my laptop, but I’m finding that for a “source based” system, it’s very easy to use. It doesn’t install anything you don’t absolutely need until you specifically ask for it, but when you do, it’s pretty painless. You just have to put up with it taking a little longer than other distros to get installed, since it has to download the source, then compile it.

Originally published at /dev/zero. You can comment here or there.

While I get back into the swing of blogging from a fairly long hiatus, I thought I’d start with something useful I discovered a while back, but that has recently shown just how really cool and useful it is.
With ssh connection mastering, you can open multiple sessions to a single host. Once you have satisfied all the authentication / authorization requirements of the host to log in the first time, as long as you have a master connection open, logging in additional times not only doesn’t require going through authentication again, it’s much, much faster.

For example, where I work, we SSH to a single server, we’ll call it jupiter, a “bastion host” if you will, from whence we can make ssh connections to any of our client’s servers. All our client’s servers have our public key in the root authroized_keys file, and all technicians on jupiter can ssh using the private key associated with that public key. To log into jupiter the technician must enter his RSA SecureID pin and rolling key.

If you’ve never used SecureID, it is a “two factor” authentication system. Two factor authentication basically means to log in, you must present both something you know (thus it can’t be taken away from you by force, though you can be coerced into revealing it) as well as something on your person. In this case the “something you know” is your PIN, which doesn’t change. The “something on your person” is the 6 digit number displayed on the SecureID token. This is more secure than a simple password or PIN in that you must have both that and a physical device that displays a constantly changing number. Either one by itself is insufficient authentication to log in.

So getting back to jupiter, to ssh to this server we use SecureID authentication. This means we must ssh to the server, wait while ssh negotiates keys and does any DNS foo the server wants to do, type our PIN, then dig out our token and enter the displayed number, then wait while jupiter checks with our SecureID server to verify the numbers entered.

Using the ssh connection mastering technique I’ve linked to, you only have to do this once. As long as that original connection is open, you can open another terminal window, or even a virtual terminal, and ssh to the server and be in, instantly. No delays for ssh key exchanges, DNS lookups SecureID. You don’t have to enter your PIN and token again. You’re just in. This is very useful if you have to log into multiple client servers at once.
Just don’t tell the security admin.

For some reason the trackback link isn’t showing up in the blog. The link referred to above is
http://www.newartisans.com/blog_files/ssh.connection.mastering.php

Originally published at /dev/zero. You can comment here or there.

Recently the network connection on my Ubuntu (7.04 “Feisty Fawn”) desktop failed. It had been working perfectly for weeks when suddenly it just couldn’t connect to my home network. Everything worked fine in Windows.
During boot, it would properly detect the device, load the driver, the networking init script would run without errors, and but for the fact that it couldn’t talk to the network, and thus couldn’t get a response from it’s DHCPDISCOVER probes, no errors.
A static IP configuration worked just fine, but still wouldn’t talk to the network.

Read the rest of this entry »

Originally published at /dev/zero. You can comment here or there.

So, what does it say that I'm blogging on LJ from a Windows box while a second machine under my desk is doing a FreeBSD "buildworld", while simultaneously installing the "vim" port...
Meanwhile the laptop next to me is doing an Ubuntu dist upgrade from Breezy Badger to Dapper Drake.

Of course, if I really wanted to go all-out, I'd fire up the Indigo2 and the SparcStation 10 and have them download and install patches. But they're nosy and slow and I don't actually USE them for anything any more.

Current Mood: geeky