Jan-Piet Mens

My candidates for top notch utilities in 2007:

• Exim and OpenLDAP remain high on the list of enterprise utilities; they are both unbeatable.


• VMware continues to be a daily lifesaver.


• I've probably spent more time with a text editor in the last six months than in the last several years. All the more reason to appreciate vi.


• 2007 marks the year in which I got to know LaTeX, the document preparation system. An incredible tool.


• RedHat has the best Linux server distribution, and CentOS make it available free of charge.

One thing I experienced several times this year is what lousy tools Windows has on board; I commiserate with all who have to fight with or against Windows, and I hope 2008 brings you a real operating system.

VMWare has announced the next generation of the free VMware Server.

The question of whether VMware Server running on Linux supports LDAP authentication, arose this afternoon. It turns out it is very simple, since the VMware authentication modules use PAM, the Pluggable Authentication Modules.

Setup is a cinch, if you've fiddled with PAM before, and it is used by the VMware console to grant access to the server.

Nice.

Xen is a virtual machine monitor that runs on Linux. Think VMware but built-in to Linux.

Starting with Xen version 3.0, it can run unmodified guest operating systems such as Windows XP.

The Xen machine description I used for a CentOS 5 host is here.

kernel = "/usr/lib/xen/boot/hvmloader"
builder='hvm'
memory = 512
shadow_memory = 16
name = "winxp"
vif = [ 'type=ioemu, bridge=xenbr0' ]
disk = [
  'file:/etc/xen/jp/winxp,hda,w',
  'file:/etc/xen/jp/winxp.iso,hdc:cdrom,r'
  ]
boot = 'c'
on_poweroff = 'destroy'
on_reboot   = 'destroy'
on_crash    = 'destroy'
device_model = '/usr/' + arch_libdir + '/xen/bin/qemu-dm'
sdl=0
vnc=1
vnclisten="10.0.2.2"
vncdisplay=1
vncpasswd=''
stdvga=0
serial='pty'

When first starting the machine with a xm create winxp.hvm, ensure that boot is set to the CD image (boot='d'). I can directly connect to it with a VNC viewer. Cool.

I just wanted to see if it is possible to actually boot and install XP, and it is. The screen shot above proves it.

The Open Source FreeNAS server is a NAS server which supports a large number protocols with which users can access files (OpenFiler is a similar project based on Linux). Those wishing to have a peek at FreeNAS without sacrificing a PC can do so with the VMware image supplied by the project.

A newer addition to the software is an iSCSI target which can be used to test iSCSI initiators.

After installing FreeNAS on a spare machine I created added a couple of iSCSI targets on it, which resulted in a configuration like this one:

Targets are created as container files of the size specified when adding them, and if you've enabled SSH access to the appliance, you can see the container file on the file system it is mounted on, after logging in.

On a CentOS 4 machine, I added the necessary software built from the Linux iSCSI Project with a

# yum install iscsi-initiator-utils

and then configured the initiator to access my FreeNAS target.

# grep -v '^#' /etc/iscsi.conf
DiscoveryAddress=192.168.1.180

After starting the iscsi service, the kernel messages on my server reported:

iscsi-sfnet: Loading iscsi_sfnet version 4:0.1.11-3
iscsi-sfnet: Control device major number 254
iscsi-sfnet:host6: Session established
scsi6 : SFNet iSCSI driver
iscsi-sfnet:host5: Session established
scsi5 : SFNet iSCSI driver
  Vendor: NetBSD    Model: NetBSD iSCSI      Rev: 0
  Type:   Direct-Access                      ANSI SCSI revision: 03
  Vendor: NetBSD    Model: NetBSD iSCSI      Rev: 0
  Type:   Direct-Access                      ANSI SCSI revision: 03
SCSI device sdc: 204800 512-byte hdwr sectors (105 MB)
SCSI device sdc: drive cache: write through
SCSI device sdc: 204800 512-byte hdwr sectors (105 MB)
SCSI device sdc: drive cache: write through
 sdc: unknown partition table
Attached scsi disk sdc at scsi5, channel 0, id 0, lun 0
SCSI device sde: 1024000 512-byte hdwr sectors (524 MB)
SCSI device sde: drive cache: write through
SCSI device sde: 1024000 512-byte hdwr sectors (524 MB)
SCSI device sde: drive cache: write through
 sde: unknown partition table
Attached scsi disk sde at scsi6, channel 0, id 0, lun 0

I then created a partition on one of the new disks with a fdisk /dev/sdc and, after creating a file system on that, I could mount and start using the remote disk. It is quite that simple.

If you intend using the initiator or target on a SLES 9 machine, there is a good description of how that is done here, and this one is for Fedora Core 4.

For Windows, Nimbus have an iSCSI Target for Windows which might also be of interest, as apparently

anyone can create an IP SAN in seconds using their existing server and storage hardware. MySAN works by turning any Windows partition (such as a hard drive, internal RAID array, external storage system, or even Fibre Channel storage) into an iSCSI target

I can't vouch for that, but it sounds interesting.

As far as initiators are concerned, Microsoft has one which can be downloaded from the iSCSI Software Initiator page. I tried it and it successfully attached my sample iSCSI target to a Windows XP client machine.

This is all good stuff. Now I just need a small iSCSI capable appliance. Any suggestions?

It seems like ages ago when we submitted DAD/miniDAD as our entry to the VMware competition, but we still get the odd question asked via email.

I spent some time on Sunday answering a few of them as best I could.

A guest operating system in VMware's Workstation can access a shared folder of the host OS, which is very useful for transferring files from the guest to the host or vice versa.

Unfortunately, neither the Player nor the Server products support that feature, meaning that transport of data from guest to host or back requires rethinking.

For a guest image running on a Linux host, there are a number of simple solutions: the guest can use FTP or HTTP providing the host has an appropriate server on it.

Another simple method is to set up a Samba server on the host, and let the guest (yes, also Windows) access a share on that host.

If the host's Samba should only be visible from the guest (i.e. it shouldn't be reachable from outside the host's environment), I can limit its visibility either by adjusting firewall rules (iptables) or by letting the Samba name daemon and server listen only on a specific interface.

bind interfaces only = True
interfaces = vmnet8

In this example, my guest is using a NATted interface which is defined on the host as vmnet8, and I'm forcing Samba to listen only to that interface.

Neat.

If you think you know it all with regard to backup and recovery, I'm quite sure there is some little bit you are missing. One person who doesn't appear to miss much is W. Curtis Preston who, early 2007, published Backup & Recovery.

The book is quite amusing, although I did wince a couple of times upon reading some of the anecdotes in the book, remembering a few of the foobars that have happened to me in the past…

It is packed full of background information as to why and when to do backups, what media and devices to use, how to recover, and Preston concentrates on readily available tools which belong to Unix/Linux, Mac OS X and Windows. A few larger Open Source products are also discussed, notably Amanda and Bacula, and these certainly whet the appetite for more. Database backup for DB2, Oracle, PostgreSQL and MySQL are also discussed in detail.

I highly recommend Backup & Recovery to any person in charge of backups, be it in a multi–billion–euro corporation or be it in a small office or home office, because the author has recommendations for a very low budget as well as a very high backup budget.

O'Reilly have the table of contents online, and it is worth a look.