freeVSD Enables Safe Experimentation
I work in an environment where software developers and system administrators with varying capabilities aggressively and routinely use Linux. We frequently explore new applications but sometimes hesitate to actually initiate an installation because we lack confidence in the software. Our concern is that rogue software might disrupt essential services on production servers. In extreme cases, it is even possible that a poorly written installer might corrupt a workstation's operating system installation.
Typically, implementing even a slightly complicated application that interacts with the web server requires installing the application, adding a new user (for suid operation), adding lines to httpd.conf, restarting the web server and creating and manipulating files in root-owned places like /etc or /usr/local/. All of this has to be undone if we later decide not to put the system into production use. While uninstall scripts can assist in this, these scripts could fail, leaving the system in an indeterminate state.
freeVSD is a GPL product initially conceived to enable an ISP to provide virtual server hosting. It can also transform a stock Red Hat installation into a powerful, low-cost testing environment. freeVSD works by simulating up to 250 full-featured private servers. Hard links to system files facilitate compact and homogeneous environments for each virtual server. Logins to the virtual servers are restricted via the native chroot facility, effectively creating a secure sandbox.
Now, we can experiment recklessly, hand the keys over to inexperienced juniors or casually grant root privileges to strangers, with little concern for negative consequences.
From the system administrator's standpoint, freeVSD enables you to create multiple self-sufficient systems, each with its own administrative account and the ability to manage user accounts, as well as the ability to configure their own web services, mail services, database server—a “Lite” version of Linux, if you will.
freeVSD was originally developed for an ISP in the United Kingdom and has been under development for three years. Based on mailing list archives, freeVSD seems popular and well supported. Questions are answered quickly, either by users or the developers.
Many significant functions of each virtual server can be administered by a rootlike account named Admin. For example, the Admin account can add users, manipulate their privileges, make changes to httpd.conf, restart various aspects of the server and so on.
Installing freeVSD can be a bit tricky. You need to be especially careful if you intend to restore the hostsystem back to its original configuration. As always, it is imperative to back up anything you are not comfortable with catastrophically losing. According to the web site, support for Debian, Mandrake and Slackware is forthcoming, but so far only Red Hat 6.x and 7.x. are officially supported. Version 1.4.6 introduces support for Red Hat 7.0, but Red Hat 6.2 seems to have more of the kinks worked out.
It is recommended that freeVSD be installed on a nearly pristine system. Start with a freshly installed Red Hat 6.2. Then decide whether you want any special server software available, such as MySQL, Postgres or PHP. Apply patches. Ideally, all applications should be installed before configuring freeVSD. Note that freeVSD works quite well under VMware, which might prevent a bit of stress during the first few installs. You'll probably need around 800MB of free disk space to accommodate the filesystem skeleton.
I assume you have or can obtain a FQDN or dedicated IP number for your first virtual host (freeVSD uses IP aliases). Of course, you need to be sure to obtain permission from whomever is in charge of your network before engaging in behavior that might be considered aggressive.
Then choose a name for your first virtual host. A good idea might be the hostname, (e.g., “myhost” if your FQDN is myhost.mydomain.com) or the domain name (mydomain), if you are providing hosting for multiple domains.
Here's an overview of the freeVSD install process, described in detail by the file /usr/doc/freevsd-x.y.z/user-guide.txt.
Install main RPM (e.g., freevsd-1.4.6-2.i386.rpm).
Install pkgs RPM (e.g., freevsd-pkgs-1.4.6-1.i386.rpm).
Run /usr/sbin/vsd-genskel.pl (several hundred megabytes will be copied during this process, so be patient). It is simple to customize this installation process. The file /etc/freevsd.conf provides several customization opportunities to specify files to include and exclude during skeleton generation. Red Hat 7.x users may need to tweak /etc/xinetd.conf and/or restart xinetd at this point.
Create first virtual host with a command such as /usr/sbin/vsdadm vs_create localhost name-of-virtual-server IP-of-Virtual-Server FQDN-of-virtual-server 200 0.
Execute batch by running /usr/sbin/vsd-vsbatch.pl.
Start the virtual server(s) with vsboot --start.
Try out the virtual shell with /usr/bin/bevs -r [name of virtual] (become the virtual shell).
Set the administrative password with passwd -u admin.
Exit the virtual shell by typing exit.
At this point, assuming nothing went wrong, you will have a functioning virtual server to which you may connect via Telnet or FTP.
To uninstall, stop all virtual servers with /usr/sbin/vsboot --stop. Next, optionally delete existing virtual hosts with
/usr/sbin/vsdadm vs_delete localhost myhost
Then, run /usr/sbin/vsd-uninstall.pl to restore configurations and optionally delete files. Take care to answer these questions correctly the first time as you won't get a second chance, and you will have to restore configurations manually. Finally, remove the pkgs and main RPMs.
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
|The Many Paths to a Solution||Sep 21, 2016|
|Synopsys' Coverity||Sep 20, 2016|
|Naztech's Roadstar 5 Car Charger||Sep 16, 2016|
|RPi-Powered pi-topCEED Makes the Case as a Low-Cost Modular Learning Desktop||Sep 15, 2016|
- Android Browser Security--What You Haven't Been Told
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Nativ Disc
- The Many Paths to a Solution
- Naztech's Roadstar 5 Car Charger
- Synopsys' Coverity
- Securing the Programmer
- RPi-Powered pi-topCEED Makes the Case as a Low-Cost Modular Learning Desktop
- Identity: Our Last Stand
- Glass Padding
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide