harry@aasterud.com
2010-Oct-28 07:18 UTC
[Xen-users] In the process of deciding to virtualize, many uncertainties
Hi all, I have 2 web servers running with Raid 5 (software raid). They run centos 5.4. No other devices attached. Then I have a windows 2003 server running backups on the network, including the web servers via samba. Backup is stored on a external hard disk, connected to the win server over USB. There is a fourth server running linux, that is used for general purpose and special scripting testing. It has a USB hub connected, with 2 or more smart card readers (type Smargo). No raid, just basic setup. I started testing of virtual servers with Oracle Virtualbox. The hosing OS was windows XP pro 32 bit. The entire OS and data was encrypted with truecrypt. Easy going, but found out the hard way that the virtual platform is only as safe as the host OS it is running on. Got a nasty virus, and after 2 weeks trying to get rid of the virus, I found that this is not safe enough as a production server solution. So I reformatted the new server and installed XenServer. One of the first things I found out was that the USB printer that I had connected did not show on the installed Win XP VM. After doing some reading, Is this a known problem? Also the DVD burner could read discs, and be used for installing software on the Win XP VM, but not for burning. The external HDD connected with USB cable was not recognized either, just as the USB pen was not recognized. So I am seeking assistance... . Is PCI and USB passthrough is supported in one of the XenServer products? By the way, my server hardware is 64 bit compatible, how tell I XenServer to run in 64 bit, and can I run 32 bit VM''s? In the mean time I am trying to anticipate any future issues. Next on my list is to do a basic test by installing Win XP VM. Can anyone advice me in if the know issues are going to be solved: - USB printer in XP VM - HDD via USB cable visible in XP VM - Burning DVDs on XP VM If this is working, next is the Linux server with the USB hub and USB Smargo card readers. Is this supported by XenServer? Next will be importing the 2 Centos web servers. Is software raid supported? Can anybody confirm this? If not, I wonder how to convert the server to VM? I can not make an image of the entire setup including all mirror partitions. Any suggestions? If raid5 is not supported, then what is the best solution to have my servers secured against HDD failures? What is the best strategy? Normally I consider one server at a time, like choosing the raid type, firewall, antivirus, etc . Backups are another concern. Right now I use Acronis Enterprise, but feel that this solution is not good enough, due to the fact that I am in big troubles when shit will hit the fan, and it will. Ive been there ;-). Acronis is just not fool proof when it comes to securing linux servers. I am looking for a bare metal recovery solution like R1Soft, where snapshots are being used, and hotcopying the partitions. What is the closed I get when using XenServer? I could consider running 2 VMware servers, and where server 2 is a mirrored copy of server one, to ensure load balancing / redundancy. Or is there an easier solution? Please your 2 cents. Last, but not least, is encryption. When using software like Truecrypt, does XenServer allow to encrypt the entire OS and underlying data, or it it advisable to encrypt only the VMs? I guess this is the foundation of my fear that I am trying to do the impossible. But I will let the VM structure architects be the judge of that. Looking forward to hear the verdict ;-). Regards, Harry -------------------------------------------------------------------- mail2web.com Enhanced email for the mobile individual based on Microsoft® Exchange - http://link.mail2web.com/Personal/EnhancedEmail _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
kcobler@coblercorp.com
2010-Oct-28 12:28 UTC
Re: [Xen-users] In the process of deciding to virtualize, many uncertainties
Quoting "harry@aasterud.com" <harry@aasterud.com>:> Hi all, > > I have 2 web servers running with Raid 5 (software raid). They run centos > 5.4. No other devices attached. > > Then I have a windows 2003 server running backups on the network, including > the web servers via samba. Backup is stored on a external hard disk, > connected to the win server over USB. > > There is a fourth server running linux, that is used for general purpose > and special scripting testing. It has a USB hub connected, with 2 or more > smart card readers (type Smargo). No raid, just basic setup. > > I started testing of virtual servers with Oracle Virtualbox. The hosing OS > was windows XP pro 32 bit. The entire OS and data was encrypted with > truecrypt. Easy going, but found out the hard way that the virtual platform > is only as safe as the host OS it is running on. Got a nasty virus, and > after 2 weeks trying to get rid of the virus, I found that this is not safe > enough as a production server solution. > > So I reformatted the new server and installed XenServer. One of the first > things I found out was that the USB printer that I had connected did not > show on the installed Win XP VM. After doing some reading, Is this a known > problem? Also the DVD burner could read discs, and be used for installing > software on the Win XP VM, but not for burning. The external HDD connected > with USB cable was not recognized either, just as the USB pen was not > recognized. > > So I am seeking assistance... . Is PCI and USB passthrough is supported in > one of the XenServer products? By the way, my server hardware is 64 bit > compatible, how tell I XenServer to run in 64 bit, and can I run 32 bit > VM''s? > > In the mean time I am trying to anticipate any future issues. Next on my > list is to do a basic test by installing Win XP VM. Can anyone advice me in > if the know issues are going to be solved: > > - USB printer in XP VM > - HDD via USB cable visible in XP VM > - Burning DVDs on XP VM > > If this is working, next is the Linux server with the USB hub and USB > Smargo card readers. Is this supported by XenServer? > > Next will be importing the 2 Centos web servers. Is software raid > supported? Can anybody confirm this? If not, I wonder how to convert the > server to VM? I can not make an image of the entire setup including all > mirror partitions. Any suggestions? > > If raid5 is not supported, then what is the best solution to have my > servers secured against HDD failures? What is the best strategy? Normally I > consider one server at a time, like choosing the raid type, firewall, > antivirus, etc . > > Backups are another concern. Right now I use Acronis Enterprise, but feel > that this solution is not good enough, due to the fact that I am in big > troubles when shit will hit the fan, and it will. Ive been there ;-). > Acronis is just not fool proof when it comes to securing linux servers. I > am looking for a bare metal recovery solution like R1Soft, where snapshots > are being used, and hotcopying the partitions. What is the closed I get > when using XenServer? I could consider running 2 VMware servers, and where > server 2 is a mirrored copy of server one, to ensure load balancing / > redundancy. Or is there an easier solution? Please your 2 cents. > > Last, but not least, is encryption. When using software like Truecrypt, > does XenServer allow to encrypt the entire OS and underlying data, or it it > advisable to encrypt only the VMs? >PCI passthru was difficult for me (hardware had to support it). USB passthru was limited to one device. My solution for USB in a VM environment is USB over IP device. http://www.silexamerica.com/products/usb_device_connectivity/sx-3000gb.html This device allowed me to add a USB hub to support multiple USB devices. Also the device is supported by Windows 2003/XP, etc. I also could have different devices attached to different VMs at the same time. Ken Cobler _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
harry@aasterud.com
2010-Oct-30 09:04 UTC
Re: [Xen-users] In the process of deciding to virtualize, many uncertainties
OK, here is an update. Just to summarize: In order to be able to use USB over IP for Linux clients/VMs, it looks like the only solution available right now is the free software based USBserver&Client from incentivespro.com. All other suggested hardware based USB servers like from digi.com and Silex don''t support Linux. True, as Ken said, I could use cups for printing, and mount USB hdd over samba or nfs, but I am not convinced that a usb card reader (aka programmer) can be dealth with the same way. I also have my doubts about using a dvd burner from a VM that is installed on dom0, though nobody has so far told me that indeed this can be solved. So I am still in the dark ;-). With focus on having a true USB server for Linux, I have taken a few steps and have come this far: - I installed XenServer 5.6.0 - downloaded the USB server software from incentivespro.com - I ran the installer.sh and got an error that Make was not installed. - I edited the repository files on the Xenserver, and changed enabled=0 to 1 - ran yum make install, and then Make worked as it should - I ran the USB server installer and came across a new problem, that Incentivespro knew was bound to happen. On there web site they say: -------------------------------------------- If you''ve got an error during driver compilation, while installing USB Server and USB Client for Linux, please follow these instructions to compile a driver manually. Some USB Server & USB Client components are operating in kernel mode. So, you need to compile the special driver to install our software product. Source code of this driver is in usbserver.tar.gz/usb-server/modules/src/tusbd/ directory To compile USB Server & USB Client for Linux please use FULL kernel source codes! If you use header files only, please check the presence of the: - ~linux-source-directory/drivers/usb/core/hcd.h - ~linux-source-directory/drivers/usb/core/hub.h If there are no such files, please copy them from source code package of your kernel version. ----------------------------------------------- There are no files in the /usr/src directory, so I must assume that the linux headers are not default installed on XenServer. Googling learned me that somebody had the same problem before: (from http://purl.rikers.org/%23debian/20091202.html.gz) you need to install linux-headers-$(uname -r) then tell the installer the source dir is /usr/src/linux-headers-$(uname -r) instead of /usr/src/linux How to Build a Kernel Module for XenServer is explained here: http://support.citrix.com/article/CTX116387 But to be honnest, that is far out of my lead. I never done this before. On the other side, I have nothing to loose, so maybe I will give it a try. But my question to the real experts is: If this free software USB server is the answer to our prayers, then why isn''t it a part of the XenServer. It should be supported one way or another, don''t you agree? But untill this prayer is heard, I would love to get some help, so we can test this piece of software, and tell the XenServer community that this realy works. Looking forward to hear from anybody that can help. Regards, Harry Original Message: ----------------- From: harry@aasterud.com harry@aasterud.com Date: Fri, 29 Oct 2010 13:28:28 -0400 To: xen-users@lists.xensource.com Subject: Re: [Xen-users] In the process of deciding to virtualize,manyuncertainties Rudi, I changed the repository files by enabling all. Now I have no make errors. Up to the next problem. Something not Xenserver related. I''ll figure it out, and let you know how it goes. Harry Original Message: ----------------- From: Rudi Ahlers Rudi@SoftDux.com Date: Fri, 29 Oct 2010 16:52:29 +0200 To: harry@aasterud.com, xen-users@lists.xensource.com Subject: Re: [Xen-users] In the process of deciding to virtualize,manyuncertainties On Fri, Oct 29, 2010 at 4:49 PM, harry@aasterud.com <harry@aasterud.com> wrote:> Hi Ken, > > Your suggestion to let dom0 handle the usb hdd and the printer, is only a > partial solution. My Linux client needs access to the usb card readers.Are> you telling me that I can mount these with nfs ? > > If not, I would like to look closer to the software solution from > incentivespro.com. But it looks like I need some help in installing"make".> Did some reading on the subject, and find it hard to believe I need to > download the entire 250 mb dev kit, and go through what I find a > complicated virtualization routine to get make on the server. > > Grateful for any comments, looking forward to hear from you. Thank you for > your help so far. > > Regards, > > Harry > > Original Message: > ----------------- > From: kcobler@coblercorp.com > Date: Fri, 29 Oct 2010 07:10:59 -0500 > To: xen-users@lists.xensource.com > Subject: Re: [Xen-users] In the process of deciding to > virtualize,manyuncertainties > > > Quoting "harry@aasterud.com" <harry@aasterud.com>: > >> Hi all, >> >> did some more research after the tip on the USB server. Seems that noneof>> the hardware solutions support linux VMs. >> >> However, I found one link to a free software solution, tested by a linux >> user, and he claims it works just fine. His story you can find here: >> >> >http://www.virtualinsanity.com/index.php/2008/11/20/a-slick-usb-over-ip-solu>> tion-that-i-use-every-day/ >> >> The software you can find here: http://www.incentivespro.com >> >> Of course, I stumbled on my first problem: >> >> The installer tells me this: >> >> --------------------------------------------- >> >> Kernels versions 2.6.25 through 2.6.28.8 have a bug with EHCI USB >> controllers that leads to large memory leaks with isochronous deviceslike>> Webcams or Sound cards. >> >> If you have patched your kernel against this bug - please manually >> recompile the driver executing ''make USE_EHCI_FIX=n'' command. Otherwise > USB >> Server will try to automatically walk around this bug (withoutguaranties)>> >> See http://patchwork.kernel.org/patch/13428/ for more information. >> >> Please do not worry about this warning if you are not going to use USB2.0>> isochronous devices on your system. >> >> ---------------------------------------------- >> >> Xenserver 5.6.0 is running on 2.6.27.42. I basically don''t know if this >> will be an issue for me (I am only using USB HDDs, USB printer and USB > card >> readers), so I decided for now just to skip this recompiling message. > Would >> be nice though if anybody can tell me if XenServer still has this bug? >> >> Second problem is when I continue with the installer I get the error"make>> command not found". On the Xenserver site I found information on this >> topic, where it is said that make is not included. >> >> http://forums.citrix.com/thread.jspa?threadID=245559 >> >> Developer kid needs to be installed. Can somebody tell me if there is >> another way? Like downloading cmake from the internet and compile it? If >> not, is there a more detailed description in how to fix this? >> >> Would be great if this software would work. The software vendor claims > that >> it supports VMware. >> >> Regards, >> >> Harry >> >> >>> if the know issues are going to be solved: >>> >>> - USB printer in XP VM >>> - HDD via USB cable visible in XP VM >>> - Burning DVDs on XP VM >>> >>> >> My solution for USB in a VM environment is USB over IP device. >> >> >http://www.silexamerica.com/products/usb_device_connectivity/sx-3000gb.html>> >> This device allowed me to add a USB hub to support multiple USB >> devices. Also the device is supported by Windows 2003/XP, etc. I also >> could have different devices attached to different VMs at the same time. >> > > Since XP is supported by many USB over IP devices, there are solutions > for those guest OSes. > > As for Linux guest OS, I would let dom0 manage the device for the > Linux guests. Use Samba or NFS to mount the USB HDD to the Linux > guests. Use CUPS to access USB printer on dom0 inside Linux or XP guest. > > Ken Cobler > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > > -------------------------------------------------------------------- > myhosting.com - Premium Microsoft® Windows® and Linux web and application > hosting - http://link.myhosting.com/myhosting > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >yum install make -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users -------------------------------------------------------------------- mail2web - Check your email from the web at http://link.mail2web.com/mail2web _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users -------------------------------------------------------------------- mail2web.com What can On Demand Business Solutions do for you? http://link.mail2web.com/Business/SharePoint _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
harry@aasterud.com
2010-Oct-30 10:06 UTC
Re: [Xen-users] In the process of deciding to virtualize, many uncertainties
Trying to fix the linux-header issue my self, or see what it takes to make a driver disk for the software USB server. Following the correct procedure: Down load the DDK iso file from Citrix. To do so you need to register a "My Citrix account". Did so, and received confirmation e-mail. Great! Let''s log in and download... Read this: ----------------------- We''re sorry. Access to My Citrix is denied. Citrix Systems, Inc.s global trade policy strictly prohibits, as required under U.S. law, trade with entities in embargoed or sanctioned parties as applicable. Following the requisite internal review, we have determined that trade with your organization is prohibited under U.S. law. Therefore, Citrix Systems Inc. cannot provide your organization with access to My Citrix. Please contact a Customer Service representative for further information. Please note: If you have just created a new account and received this message, please try to log in again in 6 hours before contacting Customer Service. ----------------------- OK, this is crazy... Who can give me an open download link for XenServer-5.6.0-source-ddk.iso? Regards, Harry Original Message: ----------------- From: harry@aasterud.com harry@aasterud.com Date: Sat, 30 Oct 2010 05:04:07 -0400 To: xen-users@lists.xensource.com Subject: Re: [Xen-users] In the process of deciding to virtualize,many uncertainties OK, here is an update. Just to summarize: In order to be able to use USB over IP for Linux clients/VMs, it looks like the only solution available right now is the free software based USBserver&Client from incentivespro.com. All other suggested hardware based USB servers like from digi.com and Silex don''t support Linux. True, as Ken said, I could use cups for printing, and mount USB hdd over samba or nfs, but I am not convinced that a usb card reader (aka programmer) can be dealth with the same way. I also have my doubts about using a dvd burner from a VM that is installed on dom0, though nobody has so far told me that indeed this can be solved. So I am still in the dark ;-). With focus on having a true USB server for Linux, I have taken a few steps and have come this far: - I installed XenServer 5.6.0 - downloaded the USB server software from incentivespro.com - I ran the installer.sh and got an error that Make was not installed. - I edited the repository files on the Xenserver, and changed enabled=0 to 1 - ran yum make install, and then Make worked as it should - I ran the USB server installer and came across a new problem, that Incentivespro knew was bound to happen. On there web site they say: -------------------------------------------- If you''ve got an error during driver compilation, while installing USB Server and USB Client for Linux, please follow these instructions to compile a driver manually. Some USB Server & USB Client components are operating in kernel mode. So, you need to compile the special driver to install our software product. Source code of this driver is in usbserver.tar.gz/usb-server/modules/src/tusbd/ directory To compile USB Server & USB Client for Linux please use FULL kernel source codes! If you use header files only, please check the presence of the: - ~linux-source-directory/drivers/usb/core/hcd.h - ~linux-source-directory/drivers/usb/core/hub.h If there are no such files, please copy them from source code package of your kernel version. ----------------------------------------------- There are no files in the /usr/src directory, so I must assume that the linux headers are not default installed on XenServer. Googling learned me that somebody had the same problem before: (from http://purl.rikers.org/%23debian/20091202.html.gz) you need to install linux-headers-$(uname -r) then tell the installer the source dir is /usr/src/linux-headers-$(uname -r) instead of /usr/src/linux How to Build a Kernel Module for XenServer is explained here: http://support.citrix.com/article/CTX116387 But to be honnest, that is far out of my lead. I never done this before. On the other side, I have nothing to loose, so maybe I will give it a try. But my question to the real experts is: If this free software USB server is the answer to our prayers, then why isn''t it a part of the XenServer. It should be supported one way or another, don''t you agree? But untill this prayer is heard, I would love to get some help, so we can test this piece of software, and tell the XenServer community that this realy works. Looking forward to hear from anybody that can help. Regards, Harry Original Message: ----------------- From: harry@aasterud.com harry@aasterud.com Date: Fri, 29 Oct 2010 13:28:28 -0400 To: xen-users@lists.xensource.com Subject: Re: [Xen-users] In the process of deciding to virtualize,manyuncertainties Rudi, I changed the repository files by enabling all. Now I have no make errors. Up to the next problem. Something not Xenserver related. I''ll figure it out, and let you know how it goes. Harry Original Message: ----------------- From: Rudi Ahlers Rudi@SoftDux.com Date: Fri, 29 Oct 2010 16:52:29 +0200 To: harry@aasterud.com, xen-users@lists.xensource.com Subject: Re: [Xen-users] In the process of deciding to virtualize,manyuncertainties On Fri, Oct 29, 2010 at 4:49 PM, harry@aasterud.com <harry@aasterud.com> wrote:> Hi Ken, > > Your suggestion to let dom0 handle the usb hdd and the printer, is only a > partial solution. My Linux client needs access to the usb card readers.Are> you telling me that I can mount these with nfs ? > > If not, I would like to look closer to the software solution from > incentivespro.com. But it looks like I need some help in installing"make".> Did some reading on the subject, and find it hard to believe I need to > download the entire 250 mb dev kit, and go through what I find a > complicated virtualization routine to get make on the server. > > Grateful for any comments, looking forward to hear from you. Thank you for > your help so far. > > Regards, > > Harry > > Original Message: > ----------------- > From: kcobler@coblercorp.com > Date: Fri, 29 Oct 2010 07:10:59 -0500 > To: xen-users@lists.xensource.com > Subject: Re: [Xen-users] In the process of deciding to > virtualize,manyuncertainties > > > Quoting "harry@aasterud.com" <harry@aasterud.com>: > >> Hi all, >> >> did some more research after the tip on the USB server. Seems that noneof>> the hardware solutions support linux VMs. >> >> However, I found one link to a free software solution, tested by a linux >> user, and he claims it works just fine. His story you can find here: >> >> >http://www.virtualinsanity.com/index.php/2008/11/20/a-slick-usb-over-ip-solu>> tion-that-i-use-every-day/ >> >> The software you can find here: http://www.incentivespro.com >> >> Of course, I stumbled on my first problem: >> >> The installer tells me this: >> >> --------------------------------------------- >> >> Kernels versions 2.6.25 through 2.6.28.8 have a bug with EHCI USB >> controllers that leads to large memory leaks with isochronous deviceslike>> Webcams or Sound cards. >> >> If you have patched your kernel against this bug - please manually >> recompile the driver executing ''make USE_EHCI_FIX=n'' command. Otherwise > USB >> Server will try to automatically walk around this bug (withoutguaranties)>> >> See http://patchwork.kernel.org/patch/13428/ for more information. >> >> Please do not worry about this warning if you are not going to use USB2.0>> isochronous devices on your system. >> >> ---------------------------------------------- >> >> Xenserver 5.6.0 is running on 2.6.27.42. I basically don''t know if this >> will be an issue for me (I am only using USB HDDs, USB printer and USB > card >> readers), so I decided for now just to skip this recompiling message. > Would >> be nice though if anybody can tell me if XenServer still has this bug? >> >> Second problem is when I continue with the installer I get the error"make>> command not found". On the Xenserver site I found information on this >> topic, where it is said that make is not included. >> >> http://forums.citrix.com/thread.jspa?threadID=245559 >> >> Developer kid needs to be installed. Can somebody tell me if there is >> another way? Like downloading cmake from the internet and compile it? If >> not, is there a more detailed description in how to fix this? >> >> Would be great if this software would work. The software vendor claims > that >> it supports VMware. >> >> Regards, >> >> Harry >> >> >>> if the know issues are going to be solved: >>> >>> - USB printer in XP VM >>> - HDD via USB cable visible in XP VM >>> - Burning DVDs on XP VM >>> >>> >> My solution for USB in a VM environment is USB over IP device. >> >> >http://www.silexamerica.com/products/usb_device_connectivity/sx-3000gb.html>> >> This device allowed me to add a USB hub to support multiple USB >> devices. Also the device is supported by Windows 2003/XP, etc. I also >> could have different devices attached to different VMs at the same time. >> > > Since XP is supported by many USB over IP devices, there are solutions > for those guest OSes. > > As for Linux guest OS, I would let dom0 manage the device for the > Linux guests. Use Samba or NFS to mount the USB HDD to the Linux > guests. Use CUPS to access USB printer on dom0 inside Linux or XP guest. > > Ken Cobler > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > > -------------------------------------------------------------------- > myhosting.com - Premium Microsoft® Windows® and Linux web and application > hosting - http://link.myhosting.com/myhosting > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >yum install make -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users -------------------------------------------------------------------- mail2web - Check your email from the web at http://link.mail2web.com/mail2web _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users -------------------------------------------------------------------- mail2web.com What can On Demand Business Solutions do for you? http://link.mail2web.com/Business/SharePoint _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users -------------------------------------------------------------------- myhosting.com - Premium Microsoft® Windows® and Linux web and application hosting - http://link.myhosting.com/myhosting _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users