|
Written by Jason Kendall
|
|
Sunday, 22 March 2009 19:33 |
|
And thanks for all the fish? No, wait.. wrong book ;)
Yeah, it's been a while since I updated. Mostly due to other projects - and nothing in those projects to really write about. I do have a few news projects that some readers may be interested in;
Silent-Chaos - This website is being built to share information relating to security issues. Notifications, and other cool tools will be made available as I have time to build them.
If you happen to be on twitter, You can also follow silentchaos for important security alerts - mostly FOSS projects I either use or know people that use. But someday i'll have a team to post all kinds of alerts.
|
|
Written by Jason Kendall
|
|
Wednesday, 07 January 2009 21:51 |
I've been working on a special project.. one that requires the building of multiple virtual machines on the fly. My VM of choice (as seen in previous entries) is Xen.
Part of my requirements is the ability to have a base image of a root drive, then have each of the dynamic VMs have their own dynamic image based on the original. One, if they wanted to, and had the space - could just copy the drive image multiple times. And this would work.
Fortunately, there is a better way. Copy-on-write disks are disks that write changes from a base image to a separate file. Thus, reducing the overall usage. This is what I want.
Xen wiki has multiple solutions to doing this, however, I wanted something simple, and supported at the xen level. This left me with qcow files.
In order to save some people some time. I wanted to describe how I went about getting the images to work -- pain for me, means less pain for you in the long run.
To make a long story short:
- Created a image with dd (see previous posts)
- Made my changes to the image
- used "qemu-img convert -O qcow2 (base-img) (qcow-img)" to convert the image to a base qcow format
- built the actual qcow files with "create-qcow (image-size) (container-qcow) (qcow-img)"
Some notes:
- When building your base image with dd - it CAN NOT be a spare file (meaning using the seek) it must be a full img
- img2qcow does not work! (or at least it didn't for me)
Some errors you might see
- Failed to write new L1 table (Usually after: Converting image to big endian L1 table)
- Your using qcow files, not qcow2 - probably because you used img2qcow or -O qcow with qemu-img
- QCOW Open failed
- You may have used qcow-create, but referenced a raw image - not a qcow image.
- XENBUS: Waiting for devices to initialise
- One of your devices didn't init in dom0 - look at /var/log/syslog to find the error in your ways
|
|
Written by Jason Kendall
|
|
Monday, 29 December 2008 00:26 |
A little back ground: I like Xen - works (almost) great on my hardware. However there is a few bugs that still exist in the Ubuntu kernels, that newer kernels don't have. I've been told (via IRC) that SUSE (Open in my case) has some of the best support for Xen in it's kernels. So I'm documenting my Jurny in updating my Ubuntu Xen machine's Kernel to a newer OpenSuse Kernel:
First off, You need to download the new RPM from the website. The following link will give you a list of Xen Kernels for the [Almost] latest version of OpenSuse: http://software.opensuse.org/search?baseproject=openSUSE%3A11.0&p=1&q=Kernel-xen Look for the one with the highest number - At this time it is: kernel-xen-2.6.25.20-13.1.i586.rpm
Download and extract the RPM into a temp directory: (Need to figure this one out - I use Midnight Commander, and I was able to enter the RPM, then enter the CPIO file, extracting tha data from there)
Once you have the extracted Directories (/boot, /etc, /lib, /usr) copy them to the root drive. There shouldn't be any duplicate files.
Ubuntu provides two scrtipts you need to run next;
- Create a initrd.img file for the kernel by running: update-initramfs -k [kernel name] -c
- Look for the installed System.map file to find the name, in this case it is 2.6.25.20-13-xen
- Update your grub by running: update-grub
[At this point, I did things in the wrong order so I Crashed, I'll update this after I test again.]
Update 1:
- I just rebooted the server after re-running the update-grub command. This time, I got a full boot, but Xend didn't seem work. I'll need to work on this issue next. |
|
Written by Jason Kendall
|
|
Friday, 31 October 2008 12:11 |
There have been some reports that Sprint and Cogent are having a bit of a problem.
Seems they are in a tiff about the peering agreement. Sprint has since removed their peering from Cogent.
This basically means, traffic to/from sprint and cogent need to find a different way to route between them. This effects anyone down stream as well. Meaning, if you have a internet link from Sprint, and try to get to someone on Cogent's network - you may not be able too.
This would all hinge on whether or not they have peering agreements with others that allow them to route the other networks - which may not exist since they already had peering.
This is gonna cause some internet instability for some users.
http://isc.sans.org/diary.html?storyid=5264
http://tech.slashdot.org/tech/08/10/31/0439245.shtml
PR from Cogent is here: http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/10-30-2008/0004915721&EDATE=
I was not able to find PR from Sprint.
Internet Heath Report: http://www.internetpulse.net/Main.aspx?Period=RH1
(Sorry for the unlinkable links - seems something is messed up with my Beta Browsers - Teach me to run only beta browsers)
** UPDATE 11/3/08 11:00AM **
It seems Sprint was disconnecting Cogent from it's network back in early October. The finally cuts only happened on the 31st. This will get interesting to see what happens next.
Sprint's response to the disconnect: https://www.sprint.net/cogent.php
On a good note - it appears as tho the link was brought back up in the last 24 hours.
|
|
Written by Jason Kendall
|
|
Thursday, 23 October 2008 14:59 |
** MS Security ALERT **
Please note a critical security patch has been released out-of-cycle for Microsoft Products.
Please patch ASAP.
** UPDATE 10/24/08 11:00 EST **
Ensure you block the following at your Web Gateways:
- hxxp://summertime.1gokurimu.com
- hxxp://perlbody.t35.com
- hxxp://doradora.atzend.com
** UPDATE 10/24/08 14:30 EST **
** UPDATE 10/27/08 09:30 EST **
Details on the Milw0rm POC: http://www.dontstuffbeansupyournose.com/?p=35
Regards,
Jason
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
|
Page 3 of 14 |
