Virtualization refers to the creation of virtual machines that acts like real computers with an operating system. Software executed on these virtual machines is separated from the underlying hardware resources.
This article discusses LXC, a lightweight virtualization technology built into Linux kernel. The user space LXC tool is distributed with a number of templates that allow the creation of different Linux distro filesystems, usually one template for each major Linux distribution. The problem with these templates is they never work, or they stop working with every new release of LXC tool or of the particular Linux distribution. This is the case with all Linux distributions, and Debian is no exception. Currently, the Debian template is borken under “wheezy”. The relevant Debian bug is here, and history shows that as soon such a bug gets fixed, lxc user space driver changes again and breaks it. It could be worse, in Fedora LXC was broken in Fedora 15 and it was never fixed.
The simple way to handle the problem is to forget all about the template mechanism and roll your own containers. In Debian you can build the container filesystem using the standard debootstrap, or mount read-only the host filesystem, and then use lxc-execute to start a simple bash session inside the container. In this session you can than start all the programs you need to run in the container. It is an application container, very similar to the containers created using the official ssh template distributed with LXC.
The virtual machine I will describe in this article uses a root filesystem build using debootstrap (apt-get install debootstrap). The procedure is simple and it should work on any Debian machine. It will probably work also on any other distro based on Debian, such as Ubuntu, Mint etc.
A live CD or live DVD is a complete bootable Linux operating system loaded from a CD or DVD. Although there are a lots of live Linux CDs, for seemingly every taste and purpose, it might still be useful on occasion to build your own. This guide details the steps to build a bootable live CD/DVD based on Debian “wheezy”.
Step 1 – Installing the necessary software
These are the software packages you need to install on your Debian system:
# apt-get install xorriso live-build syslinux squashfs-tools
Step 2 – Create a basic filesystem
Start by creating a new work directory, and bring in a basic Debian filesystem using debootstrap. Depending on your network connection, it will take some time downloading all the necessary packages:
# mkdir ~/livework && cd ~/livework
# debootstrap --arch=amd64 wheezy chroot
The new filesystem was created in ~/livework/chroot directory. It is time to chroot into the new filesystem and finish the installation.
Virtualization allows the creation of multiple virtual machines (VM) on top of an existing computer, each VM configured in a very specific way. All virtual machines run in parallel alongside the regular host applications, without affecting the host system. The type of virtualization I am currently using is Linux containers (LXC), a lightweight virtualization technology built into Linux kernel.
This is my third Debian virtualization article. In the first article, I’ve described the steps to create and run a basic virtual machine using LXC. In the second article I’ve isolated the VM on its own network segment, with its own TCP/IP networking stack. Both articles were dealing with server VMs, I’ve used Lighttpd as an example throughout my articles.
I will describe now how to run desktop applications such as Mozilla Firefox and LibreOffice in a virtual machine. I will use virtenv to build and run the VM. virtenv is a QT4 application released under GPLv2 license. It is basically a configuration wizard that allows you to configure and start the LXC-based virtual machines. Once the VM is started, you get a regular controlling terminal (xterm) and a desktop window running the lightweight Openbox window manager. In this window you can run your GUI applications, very similar to VMware Workstation or Oracle’s VirtualBox.
virtenv desktop and controlling terminal
Linux containers (LXC) is a lightweight virtualization technology built into Linux kernel. In my previous article, Debian Virtualization: LXC Application Containers, I have detailed the steps to configure and run a simple application container using LXC. LXC application containers are very lean and consume strictly the resources the application requires. This is in sharp contrast with other virtualization technologies which are running a full Linux distribution in VM.
The container uses its own file system, built by mounting read-only the relevant directories from the host file system. The host is an older computer running Debian 7 “wheezy”. The virtual machine is controlled through GNU screen if the VM was started automatically at boot time, or through a regular xterm.
One thing I left out was the networking stack. In my Lighttpd web server example, the VM uses the same networking stack as the host. This could become a problem if someone manages to compromise the web server: the intruder could then probe the networks connected to our host, in search for the next victim.
In this article I’ll modify the VM to run on a separate networking stack. I will place the VM on its own network segment, connected to the host through a Linux bridge interface. I will then go and set up the host firewall using iptables. This effectively isolates the VM and limits the potential damage that could be inflicted on the larger network. The final setup looks like this:
Linux containers (LXC) is a lightweight virtualization technology built into Linux kernel. Unlike other similar technologies, the virtual machines (VM) are driven without any overhead by the kernel already running on the computer. In VM you run only the processes you need, most of the time without even going through the regular SysV or Linux init. This means that memory is used very conservatively. These lightweight containers are sometimes called application containers, as opposed to distribution containers where you run a full distro starting with SysV/Linux init.
In this article I’ll take a look at installing and building a small web server application container using LXC on a Debian 7 workstation. Debian is a popular distribution for personal use among software developers, and the amount of software packaged far exceeds any other Linux disto out there. It also encourages tinkering, experimenting, and in a more general sense, learning about Linux and Free/Open Source Software.
The computer I am using is an old amd64 dual-core computer with a minimal LXDE desktop manager installed. For those of you interested, I have detailed the installation steps in my Lightweight Debian: LXDE Desktop From Scratch article. Since we are dealing with kernel utilities, all the commands in this article are specified as user root.
A friend of yours tells you one day he’s heard so much about Linux and he’s decided to install it on his Windows machine. His computer is already a few years old, a Windows 7 or maybe a Windows XP, and he’s come to you for advice. Could you please help him to install it? No problem, happy to oblige!
The only concern I would have is the RAM memory. It is virtually impossible to persuade anybody to add more memory to an old box, we better make sure the desktop environment we chose will not be slower than his Windows. A memory comparison of various Debian desktop environments helps in this moment:
Debian 7 Memory (MB)
I usually install for them Debian because it is rock solid, and it will more than tamper with some of the bad habits they accumulated as Microsoft users. Once Debian installed, using it is as easy as using Ubuntu. Installation is no different once you go trough it once or twice.
Software-based routers have always played a role in the Internet, and are becoming increasingly important in data centers due to the convergence of video, mobile, and cloud services. Data traffic no longer moves simply from the subscriber into the network and then out again. Instead, most of the traffic is located inside the data center between various application servers within the network.
All this traffic can be routed easily using software-based routers running on commodity PC hardware. Such a router looks like just another server in the data center, and most of the time it is implemented using open-source software. The availability of the source code and the right to modify the software enables the unlimited tuning and optimization of the network traffic.
This article describes how to set up RCP100 routing suite on a Debian 7 computer. RCP100 is a full OSPF/RIP router for Linux. It works on 64bit computers, it is licensed under GPL, and it is actively developed.
The computer I am setting up has two Ethernet interfaces, eth0 (192.168.20.20) and eth1 (10.1.10.1), and it is meant to connect a small private network segment (10.1.10.0/24) to the larger public network. To isolate the private network, I configure Network Address Translation on the router and enable the firewall. Computers on the private network are assigned IP addresses using DHCP. The router also provides NTP and DNS proxy services.
Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. net-snmp is the main SNMP implementation for Linux and BSD platforms. On Ubuntu or Debian net-snmp tools are installed as follows:
$ sudo apt-get install snmp
You can also install snmpd package. This package contains the SNMP agent.
For licensing reasons, net-snmp package installs only a small number of MIBs in /usr/share/mibs directory. A large number of standard MIBs can be installed using snmp-mibs-downloader package:
$ sudo apt-get install snmp-mibs-downloader
$ sudo download-mibs
To have the new MIBs recognized by net-snmp, edit /etc/snmp/snmp.conf file as follows:
$ cat /etc/snmp/snmp.conf
In my neck of the woods the Internet doesn’t get any faster, and my six year old dual-core AMD computer still holds up nicely. I don’t like Gnome 3 and I don’t care about Ubuntu’s run everywhere there is lots of memory vision. Linux is all about choice, and I do have plenty of them.
In this article I’ll take a look at Debian. Debian is one of the oldest distributions still in active development. It is a popular distribution for personal use among software developers, it is also the most popular Linux web server platform. Debian has a great community and the amount of software packaged far exceeds any other Linux disto out there.
As usual I’ll keep an eye on memory. I’ll start with a basic server install, I’ll add X Window followed by LXDE desktop environment. What I am after is a picture like this:
openSUSE 12.3 Desktops Memory (MB)
The numbers represent the memory consumed by the system immediately after it was started and the user logged in.