[CoLoCo] XEN and QEMU

Ringo Kamens 2600denver at gmail.com
Thu Jun 12 05:42:56 BST 2008 

Thanks so much for all the advice and the links. I'll go ahead and try
xen and if it doesn't work out, go for qemu.
Thanks again,
Comrade Ringo Kamens

On Wed, Jun 11, 2008 at 12:29 PM, Kevin Fries <kfries at cctus.com> wrote:
> On Wed, 2008-06-11 at 09:37 -0600, Ringo Kamens wrote:
>> Thanks for all of that information! I have a few more questions. The
>> reason I'm looking into this is to set up a tor secure desktop type
>> thingey. Even though it's secure to run things through tor or a VPN or
>> something, if there is a zero-day in Firefox then the remote attacker
>> might be able to view the files on your drive and have something to
>> identify you with or install a trojan or something. My idea would be
>> to run a VM so even if firefox etc. had a zero-day, the attacker
>> wouldn't be able to do anything because I would be running from a disk
>> image. If I used xen, since I'm running a 64-bit vm on a 64-bit
>> processor, it sounds like it would be faster. Would I still get that
>> separation of the OSes I'm looking for?
>
> Yes it would.  However, Xen is probably the hardest VM to set up.  Since
> your needs are basically simple, and you are looking for a minimal
> server, I would recommend Ubuntu Jeos, which is not Xen aware (does not
> include the Xen aware kernel).  Instead, I would look to VMWare.
>
> You can download the VMWare server from the repositories, but I have
> often had trouble with them.  I usually just go to VMWare and download
> it directly.  The current server version is 1.06 and you can download
> the software at:
>
> http://download3.vmware.com/software/vmserver/VMware-server-1.0.6-91891.tar.gz
>
> If you want to manage the VMs easily, their web console is drop dead
> easy to use.  You can also download it at:
>
> http://download3.vmware.com/software/vmserver/VMware-mui-1.0.6-91891.tar.gz
>
> Generally if you install the web console, it will allow you to download
> and install the "thick client" or "control console" from the web login
> page. You can also just download that to your CLIENT machine (i.e. not
> the VMWare server).  The  client tools are able to be downloaded at:
>
> http://download3.vmware.com/software/vmserver/VMware-server-linux-client-1.0.6-91891.zip
>
> All three download and installs are extremely straight forward, unzip
> into a temp directory, then run the binary installer.  All in all, its
> about a 20 minute install including download time (assuming DSL).
>
> Now, once that is done, its time to set up a VM... but with VMWare,
> someone has already done that.  VMWare has what is called appliances.
> These are machines already set up in a Virtual Machine, ready to be
> deployed.  You can find a minimalistic Ubuntu Hardy Heron Jeos server
> with only the VMWare tools, and SSH-Server installed and setup at:
>
> http://www.vmware.com/appliances/directory/1282
>
> All you would need from there is to install your TOR router onto the
> Ubuntu HH Jeos appliance.  The appliance will have plenty of room.  It
> was configured to use 512MB of ram, and 8GB of hard drive.  I have had
> Jeos running fast with minimal usage on 128MB/2GB in VMWare before, so
> these settings are very reasonable.  Since the appliance uses expanding
> disks, the image you download is only 192MB zipped.  Once unzipped,
> expect it to be somewhere about 512MB, and will expand as needed to a
> max of 8GB.  Jeos is tiny, and includes basically nothing, which is
> perfect in a secured application such as an anonymity router.
>
> Total time for setup should be approximately 1 hr.  My experience with
> Xen tells me you will still be screwing with getting your host machine
> setup correctly with Xen and its specialized kernels after 1 hr.
>
> This solution is simple, clean, and extremely  straight forward.
>
> Hope that helps.
>
>
> --
> Kevin Fries
> Senior Linux Engineer
> Computer and Communications Technology, Inc
> A Division of Japan Communications Inc.
>
> --
> Ubuntu-us-co mailing list
> Ubuntu-us-co at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
>

More information about the Ubuntu-us-co mailing list