Ok, new problem! I have been using Red Hats Virtual Machine monitor (VMM) to manage qemu sessions and would like to use VMM with nethserver.
I have just found out that the only way to use remote libvirt session with VMM is to access the session via root access using ssh, can I create a PAM user? and what group should the user have access to?
Question, would it not be easier to install virtualboxphp as qemu might show a limitation? my experience has been with Qemu it has been very limited on Unix and Linux in some areas. If you really had to create a user, create a user normal or PAM from scratch and grant it every permission to run what you need other then root, as this would leave a possible account for root escalations. SSH would work better also if kept the port in the intranet rather then the extranet,Use an extremely good hardware firewall,U like I use Cisco, as it can get quite grandular. If you had to port remotely use a secure VPN tunnel with IPSEC or some other two factor authentication. PAM users are good dont get me wrong but its smart to be secure in multiple areas. Also I would make sure I could monitor the traffic around that port to ensure if you are being exploited you can see whats being done and how to countermeasure.
Phil
Do you have seen this? You can manage them also with virt-manager: https://virt-manager.org/
WebVirtMgr module released
1 Like
I am not a fan of virtualbox and only use it as a ‘sandbox’ / development / testing environment. I have seen many benchmark reports that would suggest that libvirt / kvm - qemu has an edge over virtualbox (when compairing performance and the host resources). Also it is worth noting that the host server is using a cpu that allows for hardware virtuailzation (VT-d).
@PParker I would be interested to know what limitations you have found with qemu. Depending on the host hardware and configuration, it is possible to provide near native performance.
Red Hat provides a good guide about tuning KVM hosts and sessions.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-singl/Virtualization_Tuning_and_Optimization_Guide/
As an example of QEMU / KVM performance, I have found a YouTube video that demostrates a MS Win 7 guest running at 95% of the Linux based host.; https://www.youtube.com/watch?v=37D2bRsthfI (also read KVM VGA-Passthrough using the new vfio-vga support in kernel =>3.9 / Kernel & Hardware / Arch Linux Forums ).
Also, whilst I understand your issues about security of PAM user access, we both known that it is very easy to secure ssh sessions and control what the user has access to.
@alefattorini, yes I use Red Hats Virt-Manager (VMM). The are a couple of reasons I use this, the main reason is that it can connect and manage libvirt sessions from several host, also it is easy and fast to create and clone sessions / manage snapshots.
One requirement I have is that I have a 500gb hdd full with data that I want to mount on the host and pass through to multiple lbivirt guests.
Also, I have been doing some research about using containers (such as docker) instead of using vm and just wondering if anybody has any thoughts.
Read http://www.linuxjournal.com/content/containers—not-virtual-machines—are-future-cloud?page=0,1
VM is the only answer when you’ve got to use a different O.S. (windows anyone?)
docker and other containers are usefull when you need, for example, multiple version of the same sw on the same machine
they are (very) different tools with different aims
all IMVHO
2 Likes
Qemu has missed the mark for me on hard drive limitations, and adding memory(mind you all my servers are maxxed out,both in memory and hard drive space) I have used it in unix and I personally dont like the way it sets itself up, it cannot handle multiple hard drives and hard drives over a certain size gives errors on all of my machines. I have also tried it on Unix(mac) it does the same exact thing, but that is your preference and your selection it provides what you need, I personally would use virtualbox and call it a day, it runs mostly everything with good efficiency, Qemu is what is comfortable for you, i am not knocking your use of it,it is what you like, i personally favor something else. I have tried to run Windows 7 on it, and it spits errors about not handling memory and hard drive space, I dont understand it, I even have tried it on PPC same thing… so i dont use it for that reason.
I will be looking at that later, last time i tried it was horrible, so this is new to me… i will read thru it …
Quick question, is there any point of creating swap partitions on guest VMs?
I have created a swap partition on my host server but wondering if to create swap on the VMs, are there any real advantages to a swap partition on a virtual guest?
Just been thinking about DNS for VMs. Wouild it be a good idea to add a master / slave option to the DNS settings in the web interface. Also is it possible to reverse DNS (x.x.x.in-addr.arpa) via the web interface?
It’s better to always have SWAP even on virtual machine but it will a little bit slower than normal.
If you really want the best performance, a good (and expensive) practice is to add SSD disks dedicated for the SWAP attached to the VM.
But normally this kind of configuration is not necessary.
What do you exactly mean? Maybe we can create another topic?
The DNS already does reverse queries, are you asking for a web interface to query the DNS server?
You can use the host command or dig.
I have created a new post for this topic
(The Domain Name Server is the Achilles heel of the Web. The important thing is that it’s managed responsibly)
Unfortunately for me I use Virtualbox for my development and also for my personal use, my server are running over virtualbox. I must agree that I have not a strong usage with many users.
In fact I have a server ‘all_in_one’ an octocore with a 32G of Ram and 8 Teras of HD. Probably you have understood the usage I have
HTPC/xbmc, Virtualisation, local repository, development…
Therefore I must have an X-server, movies in ascii art are fun the first ten minutes, but no more after.
I would use Proxmox but the kernel prohibits the usage of HDMI with sound, at least I need the kernel 3.2, and thus It remains lib-virt directly and Virtualbox…OK in a near future I will send a letter to santa and I will have a raspberry V2 behind my TV. (Santa if you read me)
Virtualbox is simple but with defaults, for example you must close all VM if you upgrade virtualbox…that is an issue 
1 Like
Interesing to see what other hardware / backbone infrastructure other people are using (might be a good idea for a new topic.).
32 GB of RAM and 8 cores (what speed are they running at?) seems a bit of an overkill for a server (unless you are running it within a datacentre environment!), but seeing that you are using your server like a workstation with a desktop environment / X installed, I can understand the need for the high specifications. Does your bios / cpu support hardware virtualization (either VT-d or IOMMU support)?
Out of interest, as you are running Nethserver within a Virtualbox environment, how many processors and how much RAM have you given to the Nethserver environment?
I am not sure of the minimum hardware specification for Nethserver, but I reckon that Nethserver could be installed and run on a minimum based PC (eg. 1GB RAM, 2Ghz single core cpu, 10GB hdd)
I have installed and running Nethserver / CentOS on a Duel core (2.70Ghz), 4GB RAM, multiple HDDs (30GB root partition 5GB swap), 2 wired NICs (eth0 and eth1) and 1 wireless NIC (wlan0). The actual pc is a IBM Lenovo (modal: M75).
Obviously, as I am not using any DE / X-server and only accessing the server via ssh and the web interfaces (using both Nethserver and Webmin admin panels), the system is using only a small amount of the PC’s resources.
There is already one 
feel free To post there