Category Archives: Virtualization

Splendid Isolation

Here is my home network (or a bit of it, anyway):

(I apologise in advance for lack of abilities when it comes to using Dia, the Linux equivalent of Visio!)

What you have there is not very exciting: a couple of Centos-running servers called NEWTON and GALILEO, one of which connects to the Internet, thanks to a wireless dongle and the magic of 3G. There’s a wireless access point, handling all the “devices”: Nexus 7, Kindles, Smartphones and the like. Then there’s FEYNMAN, ToH’s Windows 8 PC doing sterling duty as a Photoshop workstation. RUTHERFORD’s the media centre (also running Windows 8, but with Windows Media Centre added). And my new PC is DIRAC, running Fedora 18. Everything is running on a 192.168.0… subnet.

I probably should expand this diagram, though: there are 7 different virtual machines which run routinely on Dirac: they all share the 192.168.0 subnet thanks to ‘bridged networking’ in VMware Workstation and can therefore access Galileo and, from there, the Internet. Though they are merely virtual machines in fact, they behave exactly as real, physical machines would: by sharing the same subnet as the PC they run on, they look just like real machines to all the other real machines on the network. Bridged networking is fine for VMs that are allowed to function as though they were real.

But here’s the problem: what if I want a bunch of new virtual machines to be able to talk amongst themselves as though they were part of a normal network but without any of the existing, physical machines being aware of the fact? For example, I may want to build a DHCP server -but I don’t want any of my ‘real’ PCs accidentally picking up their IP address from it. Similarly, I may want to build a new DNS server -but I wouldn’t want FEYNMAN trying to look up hostnames there.

The underlying reason for needing this ability is, in fact down to my laptop (which isn’t shown in the above diagram). I use it at work, so it needs to see proper, commercial DNS, DHCP, NTP and other servers -but if I want to run VMs on my laptop that are running their own DNS, DHCP, NTP and other servers, I have to be able to ensure that whatever I build can never, ever “leak” out onto the real network. I need, in fact, complete isolation of my network of virtual machines running on my laptop from the real corporate network my laptop is physically connected to.

Fortunately, this is easy to do with VMware Workstation -and VirtualBox: both employ a feature misleadingly called host-only networking. I say ‘misleadingly called’ there, because that name implies (to my mind, anyway) that virtual machines making use of it can only communicate with the physical host. If that were true, you could ‘network’ the host to the VM -but you’d be stuffed trying to network one VM with another VM. But happily, it’s the name that’s wrong, not the functionality: host-only networking in both virtualisation products actually means that any VM built to use the feature can communicate with the physical host and with every other host-only VM, too.

So here’s the network I want to build:

The virtual network is all the grey-coloured stuff at the bottom. My physical PC, DIRAC, will host six different virtual machines, all running in host-only mode, and using the 192.168.42 subnet. Note that DIRAC itself acquires a second IP address, allowing it and it alone both to connect to the rest of the world and to connect to any of the 192.168.42 virtual machines.

How exactly is that to be achieved, then? Well, if I persist with my usual desktop virtualisation software (VMware Workstation), I’d find the menu option for the Virtual Network Editor (in Linux, you can launch it from the command-line by typing /usr/bin/vmware-netcfg -you’ll be prompted to supply root’s password if you’re not root at the point of issuing that command):

When you install VMware Workstation, you get three different network interfaces created for you automatically: one of them is used for bridged networking, one for Network Address Translation …and one for host-only networking. Highlight that last one and you’ll be able to alter its properties in the lower part of the screen. Here you see that I’ve switched off the virtual DHCP server that VMware offers to run for you on this interface; I’ve also altered the default subnet IP so that it matches my desired ’192.168.42…’ subnet address range. Leave the last octet of that address set to zero and you will find that your physical host PC or laptop is automatically assigned a 192.168.42.1 address, which is fine.

You can create as many of these host-only network interfaces as you like: each one will create a new network adapter (if your host is running Windows) or a new network interface, visible via ifconfig, if your host runs Linux), meaning that if your host PC is powerful enough, there’s nothing to stop it running multiple, isolated virtual networks at the same time.

VirtualBox does it slightly differently: just use the File -> Preferences menu options to bring up a Settings dialog, then select the Network item:

By default (at least on Fedora 18!), you don’t have any host-only network adapters installed here, but if you click that little green ‘plus’ button, a new one will be created for you and will be automatically named virtualbox0. After creating it, click the third little icon on the right to configure its settings:

Again, just type in a ‘starting address’ for your new isolated network. With VirtualBox, I find it necessary to specify the ‘.1′ at the end of the IP address, otherwise it doesn’t work properly. By specifying the 192.168.42.1 address in full, therefore, I ensure my physical host is assigned that IP address on its new virtualbox0 interface. (As you can see from that last screenshot, too, I don’t have much use for IPv6 at the moment!)

Finish things off by switching to the DHCP Server tab and uncheck the ‘Enable Server’ option: again, VirtualBox proposes to run a virtual DHCP server for you, which you might find desirable, but which I definitely don’t!

Incidentally, if you happen to have VMware Workstation and VirtualBox installed on the one physical guest, make sure each uses a different isolated subnet, because they can’t both be configured to use the same one meaningfully! In other words, if I’ve created a 192.168.42.x host-only subnet in VMware, I’ll have to create a 192.168.43.x host-only subnet in VirtualBox. Networking won’t work reliably if you try assigning the same IP address to two different interfaces at the same time!

Once your network interfaces are configured properly, it’s simply a matter of choosing the right sort of networking for each new Virtual Machine that you build. In VMware, you do that as part of the ‘create new VM’ wizard:

By default, VMware threatens to create new VMs with a NAT interface, but it’s easy to switch to using a host-only one.

VirtualBox is not as easy, because the wizard you use to create a new VM doesn’t offer you any opportunity to specify anything about the network interface to use at all. It’s therefore necessary to create a new VM ‘blind’, and after it’s been created, right-click it and select Settings. Select the Network item on the left:

You’ll discover that, once again, a NAT interface has been assigned to your new VM by default. Just click that combo-box, though, and you’ll find an item for Host-only adapter. Select that, click OK, and you’re all done.

Once built, you’ll find that all your host-only VMs can ping each other and your physical PC on which they’re running -but they won’t be able to ping beyond your physical PC. That means, in my case, that ALPHER and BETHE can ping each other, or MARCONI, TESLA or DIRAC (my physical PC). But they won’t be able to ping GALILEO -and since GALILEO controls access to the Internet, that means my host-only VMs can’t reach the Internet, either.

For my purposes, that’s fine: why would I need an Oracle server (say) to be able to access the Internet? You wouldn’t normally do that in production (I hope!), so having a set of servers that behave similarly is not a problem for me. It does mean I have to have one of my VMs hosting a software repository from which my other VMs can download packages and so on necessary for running Oracle (or anything else), but that’s usually not difficult to do.

The main issue is easily solved, therefore: host-only networking allows your virtual machines and all the networking services they provide and consume to be completely isolated from the rest of the world -and any real corporate networks your physical PC might be attached to at the time! Splendid!!

(Oh, and as a side benefit: my laptop will be able to run a virtual network of six VMs even when I’m running it on a train and it’s stuck in a tunnel without a 3G signal. The virtual network will keep running just fine, even if the physical one decides to die -or even if you don’t have a physical network at all. Host-only VMs are a great way of virtualising networks on standalone PCs, in other words).

VMware Blues

Leave a reply

VMware Workstation is annoying me. A recent Fedora 18 upgrade took the kernel to version 3.8.1-201, and a change in kernel necessitates a re-compilation of the bits and bobs that make VMware work (kernel modules and the like). Often, that is not a problem -but, far too often, it is, and such was the case this time. I suspect an upgrade to gcc version 4.7.2 is responsible.

So, when you launch VMware Workstation, you get this:

Which is fine: click the [Install] option, which brings up (after a prompt for the root password) this:

The yellow warning triangles are your first clue that this isn’t going as well as you hoped! The next screen just confirms it:

And if you check the log file mentioned there, you’ll see this sort of thing:

2013-03-10T11:19:29.891+10:00| vthread-3| I120: Building module with command 
       "/usr/bin/make -j8 -C /tmp/modconfig-eHRedb/vmci-only 
       auto-build HEADER_DIR=/lib/modules/3.8.1-201.fc18.x86_64/build/include 
       CC=/usr/lib64/ccache/gcc IS_GCC_3=no"
2013-03-10T11:19:30.562+10:00| vthread-3| W110: Failed to build vmci.  
       Failed to execute the build command.

So, that’s the end of that.

It turns out that there’s a newer version of VMware available (9.0.2 instead of the 9.0.0.something I’ve been using), and installing that fixes everything. But it was only about three weeks ago that I downloaded the 9.0.0 version, and it’s 400MB-a-download, which I consider excessive. A product shouldn’t, I think, be so damned fragile as to break every time some libraries change a bit. And slimmer would be better, too.

Meanwhile, VirtualBox has passed through the same upgrade unscathed and fully-functional -and it’s only about 68MB to download. Productivity suggests it’s time for VMware to lift their game -and for me to look elsewhere for all my virtualization needs.

Toshiba P870 and Fedora 18

Leave a reply

It hasn’t exactly been plain-sailing with my new laptop! It shipped with Windows 8 and I won’t touch that with the proverbial barge-pole, so it was clear from the outset that some sort of O/S re-installation would be required. I didn’t expect it to be such a trauma, though.

For starters, none of my distro CDs or DVDs would actually boot. Traditionally, this usually happens because the computer BIOS has a boot order set, and the hard disk often appears in that before the DVD drive. So, no problem: change boot order, make sure DVD is top of the list… and still nothing.

It turns out that this is a direct consequence of Microsoft’s insistence on “Secure Boot” (which you can read about here, for example). I’ve followed that particular saga on various websites for months, but never imagined I’d become one of its victims. But that’s exactly what I was: dig around in the P870′s UEFI settings long enough and you’ll find an option to disable secure boot… after which Linux distros will boot fine. I find it annoying that something trivially easy to do in the past has now become difficult and non-obvious to fix: if you didn’t know about Secure Boot and its consequences for Linux, how would you know to go looking for the option to disable it? You could well argue that someone wanting to boot Linux is likely to be technically clued-up enough to know about Secure Boot -but although I would consider myself to be in that bracket, it wasn’t the first thing that sprang to mind and I had no idea what I was looking for in the BIOS even after I suspected that it might be a secure boot problem. I call that irritating.

Anyway, I finally managed to boot Fedora 17 and install it on a partition I’d vacated from within Windows. Installation was smooth… except that Windows 8 was no longer bootable afterwards. I did everything I could think of to get WIndows 8 bootability back, but nothing worked. Fundamentally, I didn’t mind much, because I’d never expected to use the O/S much anyway -but having paid for the damn thing, it would have been nice to be able to at least burn some ‘rescue media’ to use later, if I wanted. I was, actually, a bit miffed that Toshiba supply absolutely nothing with their Prince of Laptops: no drivers disk, no O/S disk, nothing. Instead, it’s all on a ‘rescue partition’, and you’re supposed to burn off copies from there before you stuff around with anything. Being the gung-ho chap that I am, however, I didn’t do that. So, without Windows 8, I couldn’t access the rescue partition. And without that rescue partition, my license to use Windows 8 at some point in the future no longer existed.

In the end, I was reduced simply to wiping the whole thing and just kissing goodbye to Windows 8 entirely (my Technet subscription will get me a copy if I ever feel the need for it in the future, I guess). It disappoints me, though, that Toshiba don’t provide physical installation media for what is their their top-of-the-line laptop.(I’ve read that apparently they do… if you are prepared to pay them $66 for the privilege of them sending it to you. Seems a bit steep, to me).

On went Windows 7, with mercifully few dramas: Toshiba have a page-full of Windows drivers you can download and apply, so everything ended up working quite easily -except for the graphics. Before you can install the NVidia graphics driver (which Toshiba supply), you are told you have to install the Intel integrated graphics driver (which Toshiba doesn’t supply). A not-so-quick trip to Intel’s bewildering website later, however, and even that was sorted. So I had a fully-functioning Windows 7 laptop, finally… and only two days after I’d bought it!

Then, it was a new install -this time of Fedora 18, the latest and greatest from the Fedora fold. There are two fundamental problems with using Fedora on this laptop: the Ethernet port is not detected; and the Wireless Ethernet port is not detected either. So you can install the O/S perfectly well -but you’ll have zero connectivity, making it as useful as a chocolate teapot, basically.

Thankfully, this is fixable. First you will need to copy a bunch of rpms off your installation DVD to some directory or other (hunt around in the packages directory for each of them, being careful to match the names exactly):

cloog-ppl-0.15.11-4.fc18.1.x86_64.rpm
ppl-0.11.2-10.fc18.x86-64.rpm
ppl-pwl-0.11.2-10.fc18.x86_64.rpm
libmpc-0.9.3.fc18.2.x86_64.rpm
cpp-4.7.2-8.fc18.x86_64.rpm
gcc-4.7.2-8.fc18.x86_64.rpm
glibc-headers-2.6-24.fc18.x86_64.rpm
glibc-devel-2.16-24.fc18.x86_64.rpm
kernel-headers-3.6.0-4.fc18.x86_64.rpm
kernel-devel-3.6.10-4.fc18.x86_64.rpm

Install them all in one go with (as root) rpm -ivh *.rpm.

Once those packages are installed, you can download compat-wireless-2012-03-12-p.tar.bz2 from here using someone else’s PC, transfer them to the laptop via a USB stick, and (still as root) issue these commands:

tar xvf compat-wireless-2012-03-12-p.tar.bz2
cd compat-wireless-2012-03-12-p
./scripts/driver-select alx
make install
modprobe alx

The network icon on the top-right of your screen should spring in to life -at which point, click it, select Network Settings and type in appropriate IP, Gateway and DNS addresses: Ethernet wired networking should now be properly functional.

To get wireless networking going, you’ll have to download a driver for the Realtek adapter, unzip it, cd to the new rtl_92ce… directory and then issue the commands:

make
make install
modprobe rtl8723e

As soon as you’ve done that, clicking the Networking icon in the system tray area at the top of your screen should display a list of nearby wireless networks you can now connect to.

Just be warned that if you use your new-found network connectivity to update your kernel at any time, the kernel modules for both network interfaces that you’ve just compiled will immediately stop working… and I’ve not yet been able to get them to re-compile, despite using newer compat-wireless downloads ad infinitum. For the moment, at least, I’m therefore trapped using a 3.6 kernel, instead of the latest 3.7.x variety… but I can live with that.

On the whole, it’s a painless process getting both networking interfaces working -and as far as I could tell, pretty much everything else on the laptop works as advertised (speakers, webcam and so on). I was worried that the graphics wouldn’t be right (as mentioned above, the laptop uses a curious combination of Intel integrated graphics and NVidia GT 630M), but they appear to work fine. My standard test is the framerate displayed once Stellarium has been installed and run:

That screenshot shows I’m getting about 45 frames per second, which is a bit on the low side, but entirely usable. In the Windows 7 installation, Stellarium manages ~70 frames per second, so clearly there’s some graphical optimisation I could do on the Fedora side of things if I was so inclined… but really, it’s perfectly usable as it is, so I probably won’t bother.

The only other bother I had with Fedora on this laptop was a biggie: VMware Workstation 9.0 produced a kernel panic immediately it was installed …and repeated the feat routinely at every subsequent startup. This turns out to be a reasonably well-documented problem that VMware has with Linux kernels 3.5 and above, generally: it affects VMware Player, too, for example. Happily, a slightly more up-to-date 9.0.1 version cures the problem -though at 395MB, it’s a regrettably large download.

Of course, before you can install that new version, you have to uninstall the old version -which is a bit tricky to do when the presence of the old version causes your O/S to keel over before you get a chance to uninstall it. In my case, from the black screen full of dire warning messages that results when the crash occurs, I was able to press [Ctrl]+[Alt]+[F2] to get to a command-line login prompt. Logging in as root, I was then able to issue the command

vmware-installer -u vmware-workstation

…to get the old version removed. After a reboot, the graphical desktop starts perfectly, so installing the new version was trivial. Fiddlier than I’d have liked, for sure; but fortunately, on this occasion, not a show-stopper after all.

So, apart from a lack of networking and an incompatibility with VMware, Fedora 18 runs nicely on this laptop. Bizarrely, too, I find that Gnome 3 is nowhere near as ghastly as I remembered it: improvements have been made, and the thing now seems to run slickly, looking good as it does so. I found the original Gnome Shell hopeless for a multi-monitor setup, but this newer versions seems a much better fit on a single screen laptop. I had been intending to install Mate, but quite honestly (and much to my surprise) I think I’ll give this particular slick implementation of Gnome 3 a good long run first.

A cautious thumbs up, then: Fedora and the Toshiba P870 work quite well together, with a modest amount of fiddling first. I’ll be happier if and when I can upgrade my kernel, but there’s no functional deficiency in the meantime.

So true…

1 Reply

I couldn’t help but nod vigorously as I read this story: http://www.theregister.co.uk/2013/02/07/home_lab_career_saver/

In case that ever disappears, here are the salient bits:

IT professionals can’t assume their employers want, or can afford to, train them in the latest technologies and should hone and acquire new skills at home in a self-built test lab. That’s the opinion of Mike Laverick, VMware’s senior cloud infrastructure evangelist.

“The days of being sent on training courses is gone,” he told the user groups. “The burden is now on you to get the skills and knowledge you need. It is assumed you will learn as you go.”

“I drove my career development by not waiting for my employer to say this is an interesting technology. I told my employer I have used this in my home lab and this is what it can do.”

My new PC (see last blog) was a nod in this direction (though taken long before that article appeared). With some solid state hard disks of sufficient capacity, an 8-thread CPU, 32Gigs of RAM and some virtualization software, there’s not a lot you can’t simulate for a thousand dollars or so at home. (I have been coping with 3 other PCs, 4 laptops and a Xeon server before the latest acquisition, but the new PC makes a lot of that redundant).

Similar thinking has just lead me to buy a ‘mobile home lab’, in the form of one of these. It wasn’t cheap ($1900), but 1.5TB of hard disk (spinning variety) and 16GB RAM means I can simulate the key things I need (RAC, DataGuard, Oracle/SQL Server integration, Active Directory authentication of Oracle users and so on) on the train.

Those comments about knowing what interesting technology can do, without having to wait for formal training to find out, are key, I think. I used to get asked a lot what it took to become a good DBA… and one of the key ingredients, in my view, was the willingness and the ability to experiment with the technology at home. The magic ingredient for that was virtualization above all -and it’s funny that it’s now a VMware man humming the same sort of tune. Virtualization plus a decent bit of hardware (without going overboard!) means that’s truly possible in a way it wasn’t always when I was first banging on about it back in 2000.

I particularly liked Mike’s comments about “the Girlfriend impact” of a home lab, though: ToH can attest to the accuracy of his description of the way this metric waxes and wanes, depending on how many cables, screwdrivers, mice, keyboards, RAM sticks and hard drives are left scattered around the dining room, against how much money is spent on new kit that renders that sort of tinkering redundant! I reckon we’ll have to have won the world’s biggest lottery draw before ToH nods through an £870-per-month server hosting arrangement, though! Obviously Mike is blessed with more technologically-understanding other halves than some of us!!

VirtualBox Installations on Scientific Linux

3 Replies

I’ve mentioned previously that my preferred virtualization platform is VMware Workstation. That remains true …but VirtualBox does have the distinct advantage of being free-of-charge. So unless I want to insist that my readers find AU$291.50 for VMware’s offering, it behooves me instead, from time to time, to use the virtualization platform I know we can all afford.

So here is my two-minute recipe guide to getting the latest VirtualBox product installed (for zero dollars!) on Scientific Linux 6.1. (You could always just download the relevant rpm and install it directly, but I prefer to do all my package management via yum wherever possible, so that’s the approach described here).

1. Get the gpg key

VirtualBox is supplied as a bunch of rpm packages which have been digitally signed. By checking the signature, you know no-one’s messed about with the packages before they reached you. It therefore makes sense to obtain and install the digital key needed to do that signature check. It’s easy to do, as root, at a command prompt, by issuing these two commands:

wget http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc
rpm --import oracle_vbox.asc

2. Create the yum repository

Again as root, issue this command to create a new, blank repository file:

gedit /etc/yum.repos.d/virtualbox.repo

Now paste in these contents to the empty file:

[virtualbox]
name=RHEL/CentOS-$releasever / $basearch - VirtualBox
baseurl=http://download.virtualbox.org/virtualbox/rpm/rhel/6.0/$basearch
enabled=1
gpgcheck=1
gpgkey=http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc

Save the file changes and close down gedit. Just in passing, you might note that I’ve changed this file from the version which Oracle themselves makes available on the VirtualBox website. Specifically, their baseurl uses an environment variable, called $releasever, where I have hard-coded in the number 6.0. The trouble, of course, is that if you are using the latest versions of Scientific Linux or Centos, you’ll be picking up a releasever of 6.1 or 6.2 …and no such directory exists on the VirtualBox servers. You’d need to manually check out those server’s directory structure to see if that situation changes over time.

3. Install the Software

As root once more, the following one-liner will display all the different versions of VirtualBox that are available for installation:

yum search VirtualBox

You might see this sort of output in return:

Loaded plugins: refresh-packagekit
virtualbox | 951 B 00:00
virtualbox/primary | 4.4 kB 00:00
virtualbox 17/17
============== N/S Matched: VirtualBox ==============
VirtualBox-3.2.x86_64 : Oracle VM VirtualBox
VirtualBox-4.0.x86_64 : Oracle VM VirtualBox
VirtualBox-4.1.x86_64 : Oracle VM VirtualBox

This shows that Oracle keeps a couple of older versions of the software alive and available, should you need to use them. Most people, though, will really only need the latest version, so pick that from the list and issue an appropriate “yum install” command. In my case, given the above output, this command will do the right thing:

yum -y install VirtualBox-4.1.x86_64

It’s a 58MB download or so, and as it’s installed you might see this message appear:

Running Transaction
 Installing : VirtualBox-4.1-4.1.8_75467_rhel6-1.x86_64 1/1

Creating group 'vboxusers'. VM users must be member of that group!

This gives you the clue to the last stage of the installation process…

4. Assigning Group Privileges

The software installation has created a new O/S group, called vboxusers, but it won’t have made your user account a member of that group. That needs to be fixed.

From the Gnome top panel, clieck System > Administration > Users and Groups. Find your user details on the Users tab and double-click the entry. Switch to the Groups tab, scroll down and check the vboxusers group name:

Click [OK] to save the change, and you’re done, though you’ll need to log off and back on before the group membership changes take practical effect.

If you prefer doing everything at the command line, just edit /etc/group (as root, of course) and add a :your-username entry to the end of the vboxusers line, which will probably be the last line of the file. In my case, for example, the line ended up reading vboxusers:x:501:hjr -which simply means that user ‘hjr’ is now a member of the vboxusers group. (Again, it’ll take a log off and fresh log on before the new group membership actually takes effect).

Either way, you’re now done and can run the VirtualBox program successfully, with the program launcher being found in Applications > System Tools.

5. USB Support

The version of VirtualBox installed by the above procedure will be unable to access USB 2.0 devices that might be plugged into your physical host. However, this shortcoming can be fixed by installing the “Oracle/VirtualBox Extension Pack”. Download it from the VirtualBox website and then just double-click the file when the download completes. You should see the following appear:

Click the [Install] button there, agree to the license, authenticate as root and all should be done in a matter of seconds. You’re now ready to build and run fully-functional virtual machines.

VMware at the Command Line

Leave a reply

I use VMware Workstation for all my virtualisation needs. It runs (IMHO) more reliably than VirtualBox. With version 8, too, you can do neat things like close the virtual machine but have it continue to run in the background: perfect for a little web server ‘virtual appliance’, say, which needs to be providing a service but definitely doesn’t need to be in your face whilst doing so.

Generally, I do all my VM maintenance with the GUI, but it’s nice to know that there are command line alternatives -especially since the command line often lets you do things which are not exposed in the GUI.

For example, I recently created a virtual machine without noticing I’d accepted the default option of having its hard drive split into multiple 2GB files. Once I’d loaded data into the thing, I was the proud owner of over 100 separate files making up the virtual disk! Is there a way to consolidate all those files back into one, single giant file? Not in the GUI there isn’t (update: actually, there is in Version 8, but regardless…), but this command did the trick:

vmware-vdiskmanager -r /path/to/disk/filename.vmdk -t 0 /path/to/disk/newfilename.vmdk

The “-t 0″ means ‘create a single, growable virtual disk’. Obviously, there are multiple files which make up the original virtual disk: you only specify the ‘parent file’ in this command. So, instead of mentioning vdisk-s001.vmdk, vdisk-s002.vmdk and so on, you just specify the plain “vdisk.vmdk”.

This doesn’t do anything to make the virtual machine aware of the new disk, or to get it to boot up from the new disk rather than the old: you still have to edit the machine details (using the GUI) to achieve that, but at least I don’t have hundreds of files littering my physical hard disk any more!

That same utility, vmware-vdiskmanager, can additionally be used to create new virtual disks in the first place (with the -c /path/filename.vmdk option). It also allows you to resize a virtual disk if you created it inappropriately small (using the -x option, plus a size… so -x 300GB /path/filename.vmdk would do the trick). Disks that were created inappropriately large can be shrunk with the -k /path/filename.vmdk option (no size is specified… the thing shrinks to the smallest size that can contain all existing data). There’s also the option to defragment a virtual disk (-d /path/filename.vmdk).

To see the complete list of options, just type the command vmware-vdiskmanager without any options at all. Very handy!

Kickstart and IIS

Leave a reply

I posted a while back about how you can store a Red Hat/Centos/Scientific Linux kickstart file and use it to perform repeatable, minimal Operating System installs which are then suitable to be used as the foundation for an Oracle 10g or 11g database installation.

I also posted a while back that you can serve these kickstart configuration files to the Operating System installer via a relatively small Apache web server running on a USB stick. Very convenient, very portable and absolutely no permanent installation of anything on your main PC required: everything runs directly from the USB device itself.

So far so good -but what if, instead of Apache, your web server happens to be Microsoft’s own IIS (Internet Information Services). That is, after all, supplied as an installable option on most versions of Vista and Windows 7, so a lot of desktop users have ‘intrinsic ability’ to run IIS, even though they might not notice it. Personally, too, I have a Windows 2008 R2 server sitting in the corner of the study. It mostly runs Hyper-V, but one of its other roles is to run IIS. So the question is then: can IIS serve up kickstart configuration files the same way as Apache can?

To which this is the initial answer:

So that’s a ‘no’, then!

The problem here is simply that “.cfg” (which is the extension I use on my rh5 and rh6 kickstart files) is not, by default, recognised as a proper sort of thing for IIS to be handling. But this is fixable with a nasty-looking command in a command prompt, like so:

C:WindowsSystem32inetsrv>appcmd set config /section:staticContent /+[fileExtension='.cfg',mimeType='text/plain']
Applied configuration changes to section "system.webServer/staticContent" for "MACHINE/WEBROOT/APPHOST" at configuration commit path "MACHINE/WEBROOT/APPHOST"

As you can see, I’ve cd’d to the windowssystem32inetsrv directory and used the appcmd utility to add details of a new ‘.cfg’ MIME type. I’m declaring it to be a document which contains merely plain text, so IIS won’t think it needs to launch any helper programs to let you read it. The “+” in that lot tells you I’m adding a new MIME type record; if you ever wanted to change your mind and remove a reference to this MIME type, you’d simply issue the exact same command but with a “-” where the “+” currently is.

Having added that new MIME type, I didn’t need to re-start the IIS service. I simply re-loaded the above page in my browser …and got this:

And if you can read the file in your browser, then it’s a certainty that the RHEL/Centos/SL installation process will be able to read it and use it, too.

VirtualBox Boot-time BIOS Error

2 Replies

A slightly annoying error message always appears whenever you boot Ubuntu 11.04 Server as a guest O/S in VirtualBox:

piix4_smbus 0000.00.07.0: SMBus base address uninitialized - upgrade bios or use force_addr=0xaddr

It doesn’t actually do any harm to the guest (as far as I can tell), so one could perfectly well leave it alone. But it’s possible to get rid of it altogether simply by issuing three commands and editing one configuration file. First:

sudo nano /etc/modprobe.d/blacklist.conf

Add the text

blacklist i2c_piix4

…to the end of the file. Finally, issue the commands:

sudo update-initramfs -u -k all
sudo reboot

When the machine comes back up after that last reboot, you won’t see the error message. What this is doing is simply preventing an attempt to load the i2c_piix4 kernel module. VirtualBox doesn’t emulate the hardware for which this module is actually needed, but Ubuntu doesn’t know that and tries to load it anyway. Blacklisting the module prevents Ubuntu doing that and thus makes the error disappear.

Apache on a Stick

3 Replies

I had been idly wondering how you’d go about running Apache (or some other webserver) from a USB stick when I came across this site that makes doing it so ridiculously simple that I nearly fell off my chair!

Just start the “Mowes Mixer” mentioned in the last line of that home page and then select the ‘I do not have…’ option. You can then complete the software selection screen like so:

I’ve gone for the “Small Edition” Apache, MySQL and PHP5 -which is a 9MB download and yields as much functionality as you’ll need for the purposes of serving a Kickstart configuration file (for example). From the list of application software, you could add something like WordPress or Drupal: that will give you a portable website in which you could document Oracle-related tips or ideas (or anything else for that matter!) Add WordPress, for example, and your download goes up to 11MB, which is no big deal.

Once you download, you’ll end up with a zip-file sitting on your Desktop (or wherever you downloaded to, obviously). Unzip it, and copy the uncompressed folder to a USB drive that’s got around 100MB of free space.

Now double-click the mowes.exe file in that folder and an “installation” process takes place. The name’s a bit misleading, I think, because absolutely nothing gets installed on your PC to which the USB drive is attached. Instead, all that happens is that some directories and configuration files are created on the USB drive itself, once you’ve picked a language and agreed to the GNU GPL license. Your host PC’s firewall will probably also throw a fit when MySQL starts (allow it access, basically) and there’ll be a similar alert when Apache gets going (again, allow it access). Otherwise, that’s it!

You end up with this ‘control panel’ running on your host PC:

…which allows you to stop and start the web server. When you click End, the software quits completely, leaving nothing behind on the host PC. To get to the web server in your host PC’s browser, simply type the address http://localhost. If you’re trying to get to it from another PC (as you would if trying to Kickstart a Linux install on a virtual machine, for example), you refer to it by your host PC’s IP address -so, in my case, http://192.168.0.42.

The first time I tried this from a different PC (i.e., trying to access the server remotely), I obtained a 403 – You don’t have permission to access / on this server error. This is simply because the default Apache installation is very restrictive. To ease things up a bit (i.e., a lot!), click the Options menu in the MoWeS control panel and make the Security Options bit look like this:

Essentially, that means switch off the ‘only allow access to this server’ option; also switch off the one about ‘do not change the file .htaccess’; and then add an IP address of ‘ALL’ to the ‘allow access from…’ dialog. Stop and re-start the server and you should find remote PCs can now get to the web server’s home page OK.

Just note that WordPress (and, I’m guessing, quite a lot of the other applications) has its own configuration which, by default, expects all pages to be living on “http://localhost”. This means that accessing WordPress remotely won’t work properly (because ‘localhost’ on that remote PC means something very different than on the PC running the web server). The configuration option to change in WordPress is this one:

That’s found under the Settings option: just change the URLs to the IP address of the machine hosting the USB stick, and you’re good to go.

I wasn’t looking forward to getting Apache working from a USB device… but this makes it trivially easy to do and you get practically a complete “LAMP stack” thrown in for nothing… though without the “L”, obviously!

Should you need it, here’s my already-configured version as a zip file: just download, unzip, done. It doesn’t get much easier, I think!

The Case of VMware and the missing SCSI ID

6 Replies

When you’re setting up Oracle’s Automatic Storage Management feature (ASM), you have to ensure that the ‘raw’ devices that you have added to your server for ASM’s use are assigned the correct device names and usable permissions every time the server bounces.

In the dark days of Red Hat 3 and 4, we generally arranged for that to happen by creating raw device mappings -but that’s no longer supported on RH5 or RH6. Instead, you’re supposed to create new udev rules which do the job of declaring which devices exist and which permissions they should at every server boot.

And one of the first things you have to do to write a decent udev rule is to correctly identify the hard disks that exist: you can’t apply a permissions rule to something which you can’t uniquely identify in the first place, after all.

So when this happens, you have a bit of a problem:

That’s four SCSI hard disks, previously added to my VMware Workstation virtual machine and partitioned, resolutely failing to respond to the scsi_id command, which is what you’re supposed to use to get a unique ‘id string’ returned for a device. This happens when I use virtual machines built on VMware’s ESXi 4.1 server, too.

But, funnily enough, it doesn’t happen if you use VirtualBox as your virtualization platform:

Now, I’m not going to say this proves VirtualBox is better than VMware (because it’s not), but I am going to point out that, by default, all VMware virtual machines exhibit this behaviour, which will stop you dead in your tracks if you’re trying to build a virtual ASM or RAC machine. Without that ID string, you can’t identify your ASM disks uniquely -and that means you can’t get those disks correctly discovered by the operating system …and it’s downhill all the way after that.

Lucky, then, that this is all fixable with a modest bit of re-configuration!

If you were running ESXi 4.1, that bit of re-configuration consists of

shut down your virtual machine
right-click the VM’s entry in the left-hand panel and select Edit Settings
click the Options tab
Select the Advanced -> General item on the left and click the Configuration Parameters… button you then see displayed on the right
Click the Add Row button
Add disk.EnableUUID as the name of the new row, and the word TRUE as its value (don’t use quotation marks around either of these entries).
Click OK to make the new parameter addition ‘stick’.

You can then reboot your virtual machine.

Sadly, VMware Workstation has no interface like this that allows you to add this new configuration key to your VMs. Instead, you are reduced to having to do it yourself, by hand, using a text editor. It’s easy enough, however.

First, find the directory where the files representing your virtual machine are stored. One of them will be called the name of your VM, with an extension of .vmx. In my case, for example, the file is called sl6.vmx, because when I created my VM, I called it “SL6″. The file will be 3 or 4KB in size. Open it in the text editor of your choice and at the very end of the file, add this line:

disk.EnableUUID = "TRUE"

The quotation marks around the word “TRUE” here are important and must be typed. Now save the edited file and reboot your virtual machine. You should find that scsi_id is now capable of returning perfectly usable values:

As you can see from this screenshot, my VMware virtual machine is now displaying SCSI IDs for my hard disks just fine. The values being returned are quite different from those shown earlier in my VirtualBox VM, of course, because VMware and VirtualBox handle virtual disk identification quite differently. Whatever the specific values might be, though, the important point is to be able to see a value of any sort!