All the content of other websites but none of the music!
One of my criteria for choosing a virtualization platform is that it had to run Windows and Linux guests. Linux, of course, works out of the box on most VM hosts. Windows is a whole other story. The good news is that Windows Server 2003 and Server 2008 work just fine on KVM. There are, however, a few weird things that I’ve noticed so I thought I’d share some of them with you today.
I thought I would take a few minutes and share some of my experiences with Linux KVM. In this first post, I’d like to share some things about live migration. First, live migration works great … if you have the right version of KVM. Kvm-69, which is included with Ubuntu Hardy, is broken. Starting with kvm-70, live migration works again and works very well. You hardly even notice at all if you’re logged into the machine remotely while it migrates.
We’re in the process of trying to virtualize our data center at work. I was given the task of testing and evaluating the various VM technologies. I have to say that I am not impressed. VMWare ESX Let’s start with the big player in the VM world, VMWare ESX. The Banner team uses ESX for a few of their servers. ESX stood head and shoulders over everything else that I looked at.
Ok, I have to get this off my chest because, 1) it drives me fracking bonkers everytime and see it and 2) I want a place I can point people at when they ask why this is a bad idea. What I’m talking about is the excessive number of HOWTOs that think it’s a good idea to use the same home directory for all virtual users. Most of these HOWTOs discuss using postfix with courier, but I have seen courier-mta HOWTOs that do this too.
Needed FreeBSD Ports lang/perl5 SpamAssassin requires Perl 5.6 or higher. Note: Remeber to run use.perl ports before builing SpamAssassin. mail/p5-Mail-SpamAssassin databases/mysql40-server databases/p5-DBD-mysql Needed so SpamAssassin can talk to MySQL /usr/local/etc/mail/spamassassin/local.cf I like to store users’ settings in a MySQL database. See the SpamAssassin SQL README for instructions on setting that up. user_scores_dsn DBI:mysql:Accounts:localhost user_scores_sql_username sa user_scores_sql_password <password> user_scores_sql_table SA_userprefs MySQL Table CREATE TABLE SA_userprefs ( username varchar(128) default '' NOT NULL, preference varchar(30) default '' NOT NULL, value varchar(100) default '' NOT NULL, prefid int(11) UNSIGNED NOT NULL auto_increment, PRIMARY KEY (prefid), INDEX (username) ) COMMENT = "Accounts' SpamAssassin preferences.
I currently use SpamAssassin on the mail cluster at work and it works pretty well. Unfortunately, it doesn’t work well enough according to many of our customers and, more importantly, my boss. So, I worked out this way to use dspam and SpamAssassin. “Why use both?” you might ask. The answer is “I don’t, really.” What I do is provide dspam as an opt-in service and leave SpamAssassin as the default filter for those that don’t want to be bothered with the reporting that dspam requires.
I recently got a Logitech Marble Mouse at work. It’s a nice little trackball but it has a minor problem. There is no button 2. “What is button 2?” you might ask. Button 2 is the middle mouse button. On your average scroll mouse, this is the button that is triggered when you click the scroll wheel. “So?” you might then ask. So, the middle mouse button is used in X to paste stuff from the X clip board.
Installing Many of the needed packages are masked. Add the following to /etc/portage/ packages.keywords sys-fs/gfs ~x86 sys-cluster/gfs-kernel ~x86 sys-cluster/cman ~x86 sys-cluster/cman-headers ~x86 sys-cluster/cman-kernel ~x86 sys-cluster/ccs ~x86 sys-cluster/magma ~x86 sys-cluster/magma-plugins ~x86 sys-cluster/dlm ~x86 sys-cluster/dlm-headers ~x86 sys-cluster/dlm-kernel ~x86 sys-cluster/iddev ~x86 sys-cluster/gfs-headers ~x86 sys-cluster/fence ~x86 sys-fs/clvm ~x86 sys-cluster/gnbd ~x86 sys-cluster/gnbd-headers ~x86 sys-cluster/gnbd-kernel ~x86 Now you can emerge the packages. All of these packages are needed for the client machines except for sys-fs/clvm.
FreeBSD Install the following from ports: mail/courier Note: Make sure you upgrade Perl before you build courier. This is so that perlfilter can find perl modules installed later, e.g. Courier::Filter. Add to /etc/make.conf # For Courier WITH_GNUPG=yes WITH_ISPELL=yes WITH_LDAP2=no WITH_MYSQL=yes Also, you need to make sure that courier is using Perl > 5.6 and not the system perl. During the build, courier uses /usr/bin/perl5. This is the system perl. Here’s the work around.
Install Kerberos 5 Add kerberos to the USE flag in /etc/make.conf. USE="kerberos" Then install everything: emerge -N world – Or – emerge mit-krb5 This will install the MIT kerberos 5 library which may be restricted under US export restrictions. The Heimdal krb5 implementation is free from those restrictions. You can install Heimdal by doing: emerge app-crypt/heimdal Because the kerberos install will change libgssapi, you will need to run revdep-rebuild to fix any apps that you build prior to install krb5.