linux11ismak.txt

fernand0 Hello. fernand0 Our next speaker is Ismael Briones. fernand0 He works as a system administrator in fernand0 one of the most important journals in Spain. fernand0 He also is a fellow member of UniNET and part of the success in the fernand0 organizations of this conference is due to him, among others. fernand0 His talk is about 'User Mode Linux'. fernand0 Ismael ... ismak Hello... ismak Good night ;-) ismak ok This is an introduction to User Mode Linux ismak Basically is a mix of the documentation of the project, ismak that you can find in the project's web (http:/user-mode-linux.sourceforge.net). ismak I am going to explain what is UML, some descriptions of how people are using ismak User-Mode Linux, its capabilities and how you can install and run UML. ismak First, What is UML? ismak 1.1 - Run Linux inside itself ismak We can read a brief description of what is UML in the web of the project (http://user-mode-linux.sourceforge.net): ismak "User-Mode Linux is a safe, secure way of running Linux versions inside itself. It gives you a virtual machine that may have more hardware and software virtual resources than your actual, physical computer. ismak Disk storage for the virtual machine is entirely contained in a single file on your physical machine. You can provide to the virtual machine only the hardware access you want it to have an with properly limited access, nothing you can do on the virtual machine can damage your real computer, or its software." ismak That sound fun. We can have a running linux inside our linux, and we can do what we ismak want on it, because it's like another system. UML allows you to run a Linux kernel as a ismak user process under a normal Linux kernel. ismak Basically, uml is the port of the Linux kernel to Linux system call interface rather than to a hardware interface. What does it mean? ismak It treat Linux as a platform to which the kernel can be ported, like platforms such as Intel, Alpha, Mips, etc... ismak All of the devices accesibles inside the virtual machine are virtual and UML support the full range of devices suported by a Linux box, like: ismak - Console and serial lines. ismak - Block devices. ismak - Network devices. ismak Normaly, the Linux Kernel talks straight to the hardware (network card, video card, sound card....) and any program that run in the system ask the kernel to operate the hardware. ismak +-----------+-----------+----+ ismak | Process 1 | Process 2 | ...| ismak +-----------+-----------+----+ ismak | Linux Kernel | ismak +------------------------------+ ismak | Hardware | ismak +------------------------------+ ismak ismak ismak The UML kernel doesn't talk to the hardware, it talks to a 'real' Linux Kernel (the kernel of the system where we are running our UML) like any other program. That means that programns can run inside UML as if they were running in a normal kernel, like so: ismak +-----------------+ ismak | Process 2 | ...| ismak +-----------+--------------------+ ismak |Process 1 | User-Mode Linux | ismak +---------------------------------+ ismak | Linux Kernel | ismak +---------------------------------+ ismak | Hardware | ismak +---------------------------------+ ismak ismak ismak ismak Some of the benefits of UML are: ismak - If the user mode linux crash, the system running uml is still fine and this system can't be damage by an uml crash. ismak - The user mode linux can run as non-root user ismak - uml run like another process, so you can debug it ismak - you can use it for testing new aplications, new kernels, new distributions (run different distributions simultaneously) ismak II - What are people using it for? (wait for the translator) ismak virtual hosting ismak ismak We can use uml for Virtual hosting. UML provides us with a complet Linux System, so we can run anything than can be run in our host. ismak An example of a virtual hosting is usermodelinux.org, administrated by David Coulson, which is running in a user mode linux system. ismak Kernel development and debugging ismak ismak It is a very good method of kernel debugging. If our uml system crash, the system running uml is still fine, our system will not be damaged. ismak We can use some debug programs like gdb, gprof and gcov. The development of drivers is more efficient, because we haven't to reboot the machine, wich decrease the development time. ismak ismak Process debugging ismak ismak UML can be used to debug user-level processes. If we want to debug some process, we can launch UML, set a breakpoint on the system call, and run the program. ismak Safely playing with the latest kernels ismak ismak We can use UML to safely probe the latest kernel, so if the kernel contains any bugs, like file corruption bugs, it can't hurt any important data outside of the UML ismak ismak Trying out new distributions ismak ismak The filesystem of the UML is completely contained inside a file, so we don't need to use an entire disk partition for it. ismak We can find a number of ready-to-go root filesystems loaded with various distributions in the web of UML (http://sourceforge.net/project/showfiles.php?group_id=429) or we can make our filesystem from the scratch. Later we will see an example with the debian distribution. ismak ismak Education ismak ismak It's usefull for student than need a dedicated machine, to teach OS development, network administration, and more general system administration. ismak ismak Experimental development ismak ismak Our virtual machine can run with more devices than the physical system running UML, so we can have a virtual system with more memory, mode devices and with more processors. ismak We can development and testing of hardware capabilities even when we don't have the relevant hardware ismak ismak Poking around inside a running system ismak ismak We have a complete OS running outside UML, so we can use it to "look inside" this kernel, that are impossible for a native kernel. ismak ismak As a secure sandbox or jail ismak ismak Processes running inside uml have no access to the system running uml, so some malicious programs running inside uml can not damage our real system. ismak ismak Virtual networking ismak ismak We can use the network in a running uml. We can setup a virtual network if we want to test experimental services. Later I will explain how to setup a uml with network support. ismak ismak As a test environment ismak ismak Testing some software requires booting the machine, so with uml we can avoid this loss of time. We can automate this testing. There is a a small perl module implementing a UML object which provides methods to boot a virtual machine, log in to it, run commands, and shut it down. We can find it in the download page (http://sourceforge.net/project/showfiles.php?group_id=429) ismak ismak Disaster recovery practice ismak ismak If you want to know what happen whe you execute rm -rf / ;-) , or you want to practice recovering from a disaster, we can use uml as a practice box. It can be fun :-) ismak ismak A Linux environment for other operating systems ismak ismak UML only runs on Linux right now, but there are some projects to port uml to other OS, so we can have an entire linux environment in other OS ismak ismak ismak Now that we know what is user mode linux and how i can use it, i am going to explain some practical examples of uml. How to install, from scratch, a running uml based on Debian ismak ismak III - A Practical Example ismak ismak We need a UML kernel and a root filesystem to boot it on. We can get the kernel installing the .rpm or .deb package, or patching the kernel and compiling our UML kernel. ismak The .rpm and .deb packages also provide a set of userspace tools, kernel modules, and documentation. ismak ismak Source Installation ismak ismak If you want to build UML from source, you have to download the patch an apply it to the appropiate Linux source kernel: ismak cd linux-2.4.19 ismak patch -p1 < uml-patch-2.4.19-37 ismak ismak Compiling the user mode kernel is just like compiling any other kernel. This is the process. After patching the kernel we have to compile it: ismak make menuconfig ARCH=um (you can use make xconfig and make config) ismak ismak The default kernel configuration works as well, so you don't have to change anything. If you can change something. Its probably nothing will be damaged. Now we have to compile our new kernel: ismak make linux ARCH=um ismak ismak After compilation you have the user mode kernel, named linux, in the top directory of your source tree. ismak ismak Now we are going to compile and install the kernel modules. We compile the modules in the same way as a native kernel with the exception of the 'ARCH=um': ismak make modules ARCH=um ismak ismak You can install them by using ftp, uploading these to our UML, or we can mount our root filesystem and copy them in the appropiate directory: ismak mount root_fs_file mount_point -o loop ismak make modules_install INSTALL_MOD_PATH=`pwd`/mnt ARCH=um ismak umount mnt ismak this will use the kernel build process to install our modules in our uml root filesystem. ismak If we want to use the uml utilities, we have to get the source code and compie it. ismak ismak Debian installation ismak ismak Ok, now i am going to explain the easy way of getting a running uml, with debian of course ;-) ismak First, the woody version of debian has the next uml packages: ismak user-mode-linux ismak user-mode-linux-doc ismak uml-utilities ismak ismak We have to install the user-mode-linux package: ismak apt-get install user-mode-linux (the uml-utilities package will be installed automatically ismak by package dependencies) ismak We said that the root uml filesystem will be a file, so we are going to create the appropriate file: ismak ismak dd if=/dev/zero of=root_fs_woody bs=1M count=100 ismak ismak By this way we are creating a file of 100 megas size. We can put the size we want. ismak This file may have an ext2 filesystem. We use mke2fs to create the ext2 filesystem: ismak /sbin/mke2fs -Fq root_fs_woody ismak Ok, we have our root filesystem file, now we are going to mount it and create our filesystem structure: ismak mkdir /mnt/uml ismak mount root_fs_woody /mnt/uml -o loop ismak ismak We get the base system package of our Debian version (i have use the latest Debian version: woody): ismak wget ftp://ftp.debian.org/debian/dists/woody/main/disks-i386/base-images-current/basedebs.tar ismak Install the base system in our file: ismak debootstrap --unpack-tarball /PATH/basedebs.tar woody /mnt/uml/ ismak ismak ok a question ismak <Arador> can't you use a partition as root fs UML? ismak no, The disk storage of UML is a file ismak ismak or more files if you want to simulate more Hard Drives ismak ismak Now we have to configure some files of our uml system: ismak cd /mnt/debinst ismak vi etc/fstab ismak # /etc/fstab: static file system information. ismak ismak ismak # /etc/fstab: static file system information. ismak # ismak # file system mount point type options dump pass ismak /dev/ubd0 / ext2 defaults 0 0 ismak proc /proc proc defaults 0 0 ismak another file: ismak ismak vi etc/inittab ismak we comment the above lines, so only an xterm will be launched when the system boot. ismak 1:2345:respawn:/sbin/getty 38400 tty1 ismak #2:23:respawn:/sbin/getty 38400 tty2 ismak #3:23:respawn:/sbin/getty 38400 tty3 ismak #4:23:respawn:/sbin/getty 38400 tty4 ismak #5:23:respawn:/sbin/getty 38400 tty5 ismak #6:23:respawn:/sbin/getty 38400 tty6 ismak ismak We create an empty source list: ismak ismak touch etc/apt/sources.list ismak ismak OK, now we can launch our uml kernel: ismak ismak linux ubd0=root_fs_woody devfs=nomount rw ismak ismak If we want with cdrom support: ismak ismak linux ubd0=root_fs_woody ubd2r=/dev/cdrom devfs=nomount rw ismak ismak What happen with the network support?. It is the last part of the conference. ismak User Mode Linux Networking ismak ismak We need the TUN/TAP device module, sou we need to recompile the kernel (not the uml kernel) with this module supported. ismak When we have TUN/TAP device as module, we insert this in the kernel: ismak insmod tun ismak Create the TUN/TAP interface: ismak tunctl -u uiduser ismak ismak where uiduser is the uid of the user running the uml. ismak The user that is going to use the TUN/TAP device ismak Configure the interface: ismak ismak ifconfig tap0 ip_system netmask netmask_system broadcast broadcast_system ismak ismak where ip_system, netmask_system and broadcast_system are the network parameters of our real system (the system running uml) ismak ismak Now we configure the routing table. We have to allow forwarding and manually create an ARP address mapping entry for the uml host: ismak ismak bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward' ismak route add -host uml_ip dev tap0 ismak bash -c 'echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp' ismak arp -Ds uml_ip eth0 pub ismak ismak uml_ip must be the ip of the uml network interface. ismak /dev/net/tun device must have write permissions for the user running uml: ismak chgrp gid /dev/net/tun ismak chgrp gid /dev/net/tun ismak chmod 660 /dev/net/tun ismak Our system is ready to run uml with network support: ismak linux ubd0=root_fs_woody devfs=nomount rw eth0=tuntap,tap0 ismak Now you have to configure your network parameters in the uml system (ip, gateway, dns,...) and you will have a running uml with network support. ismak ismak The only thing to do now is to enjoy with it ;-). ismak Thats all.... ismak Thanks and congratulations to all the translators ismak thx: Jacobo, Raul, raciel, Mjesus fernand0 plas plas plas plas plas plas plas plas plas plas plas ismak Arador fernand0 plas plas plas plas plas plas plas plas plas plas plas fernand0 plas plas plas plas plas plas plas plas plas plas plas ismak Thanks fernand0 plas plas plas plas plas plas plas plas plas plas plas Ricardo plas plas plas plas plas plas plas plas plas plas plas fernand0 plas plas plas plas plas plas plas plas plas plas plas fernand0 plas plas plas plas plas plas plas plas plas plas plas Arador plas clap plas clap plas clap plas clap plas clap plas clap plas clap Arador plas clap plas clap plas clap plas clap plas clap plas clap plas clap Arador plas clap plas clap plas clap plas clap plas clap plas clap plas clap > clap clap clap clap clap clap clap clap clap clap > clap clap clap clap clap clap clap clap clap clap > clap clap clap clap clap clap clap clap clap clap > clap clap clap clap clap clap clap clap clap clap jacobo plas plas catfish There's an IRC channel for UML support if you have questions at irc.usermodelinux.org, channel #uml jacobo :) MiTo ismak podrias dar un ejemplo con los files COW ? sarnold ismak: thanks :) ismak ok, if you want the conference in pdf: jacobo clas plac clas plac clas plac > clap clap clap clap clap clap clap clap clap clap ismak MiTo, yes its not very dificult > clap clap clap clap clap clap clap clap clap clap > clap clap clap clap clap clap clap clap clap clap > clap clap clap clap clap clap clap clap clap clap MiTo pls, example ismak but, first the URL of the conference: catfish MiTo: ./linux ubd0=cow_file,base_file angelLuis good!! MiTo ok catfish ismak http://www.inkatel.int/new/textos/umeet/2002/umeet2002.pdf catfish MiTo: where base_file is a read only root filesystem. Make sure you never modify base_file from now on. slack clap clap clap clap clap clap clap ismak ok, catfish, thanks for your help :-) MiTo oks catfish Arador ismak: in UNIX everything is a file, why you couldn't use a partition as root fs? catfish Arador: You can use a partition as a root filesystem, but you're not required to. ismak :-) Arador i see Arador i tried uml once, but i couldn't run it in my root partition :( sergio ismak: isn't it inkatel.com instead of .int? ismak sorry ismak i have make copy/paste :-) ismak s/.int/.com/ ;-) catfish Arador: You should _never_ try to share a root partition between the host OS and a UML, or between two UML's., Arador catfish: i mean, a copy of the root partition ;) ismak yes, you can damage the root filesystem catfish Arador: OK, sorry. Arador bah reiserfs already damaged it :) ismak jeje catfish Arador: if you can find the error message, bring it over to irc.usermodelinux.org, #linux and we can troubleshoot there. Arador catfish: ok dg you mean #uml surely? :) DrBeck yeah! Arador As UML is a linux system, can you access the hardware if you want? DrBeck in time today :D catfish Sorry, channel #uml, not #linux. Thanks dg! catfish Arador: generally no. The UML kernel can be rescheduled, and that's bad for talking to physical chips. ismak i think you cant access the hardware catfish Arador: that's why most of the "devices" you use are virtual ones, and only the host kernel talks to physical chips. Arador i see, nothing real in UML :) catfish Arador: there are exceptions, however; a uml kernel can talk to some host usb devices and a few other specific things. catfish Arador: it's all fake. ;-) ismak catfish: and what kind of hardware the UML cant speak to? garoeda MJesus: and another fine dutch translation finished :-) catfish ismak: the uml kernel can't talk directly to most devices. ismak but it can talk to some usb devices ok?. I think that it cant talk to any Hardware devices. I have to probe this USB support.... :-) ismak its really fun to get a kernel panic.... :-) MiTo que pasa si hago un : mkdir /mnt/uml/; mount root_fs -o loop /mnt/uml/; cd /source/uml/kernel/; make modules_install INSTALL_MOD_PATH=/mnt/ ARCH=um , and run uml ? this is correct ? catfish ismak: yes, there's a kernel menu option for talking to a usb device. Check the kernel configuration help next time you compile a uml kernel. ismak MiTo: what is the problem? Arador but.....if it can access the hardware...how it's possible that you can test kernels, and they can crash? For example, i hac a sound driver that does full access to the sound card, i compile the uml kernel and i run it as a non-root user; does UML has access to hardware....or have i to change my midn to understand uml? ;) catfish MiTo: It's generally easier to compile a UML kernel that has all the support you need set to "yes" instead of "module". You can use modules if you want catfish Arador: UML generally does _not_ get direct access to the hardware; that's why the uml kernel can crash and your host system stays stable. catfish Arador: To use sound, for example, you use UML's virtual sound card, which takes sound requests and hands them off to the host kernel to feed to the real sound card. Arador catfish: that's why i though, i need to change my mind o_O catfish Arador: it's confusing at first. ismak all the devices that you can use are virtual devices ok? catfish ismak: ypu. catfish yup ismak and the uml kernel "speak" to the "host kernel" running the uml instead to the hardware Arador catfish: but the host kernel (the real one yes?) shouldnt allow you to do it if you aren't root¿? catfish Arador: that's not correct. catfish Arador: A normal application can talk to the sound card even if it's not running as root, right? Arador yes, through /dev/dsp for example catfish Arador: as far as the host (=real) kernel is concerned, the uml kernel is an application running as a non-root user. Arador but that doesn't allow you to change register in the chip, etc catfish Arador: exactly! So the UML kernel opens /dev/dsp. MiTo catfish pero no hay problema si esta montado /mnt/uml/ y corro el uml y luego compilo los modulos y hago make modules_install y su PATH?, pls, translate catfish Arador: the UML kernel doesn't want to twiddle bits in the sound card, it just wants to play sound through the established devices. MiTo my english is bad ShawnX ismak: I love UML :) it's helped me and will be helping me blow up the IDE layer tonight ;-) catfish Mito: My espanol is worse. :-) ShawnX clap clap clap clap clap clap for ismak MiTo haha catfish oks MiTo no problem angelLuis clap clap clap clap :)) * ShawnX scrolls up to read the lecture catfish Mito: You can copy compiled modules into the root filesystem that way if you'd like. ShawnX ok now im caught up :) Arador catfish: but what if the uml kernel needs to change that because a module hack requires it? ShawnX ismak: UML 2.5.50 patch broke 2.5.51 ;-( ShawnX a function changed which affects some platforms. catfish Arador: Such as? ismak ShawnX: oh... What happen with 2.5.51? MiTo ok, this understand, my question is other ShawnX ismak: function: garoeda ismak: i don't know whether you have already a dutch install guide on the usermodelinux website but you can add my translation if you want to catfish If hardware needs to have special treatment, the host kernel needs to do it. Arador catfish: nah, i need to read more UML docs ;) garoeda ismak: it will appear on the umeet website ShawnX sec getting function catfish garoeda: you might want to get in touch with Jeff Dike, the UML kernel developer, and see if he would like a dutch translation of the UML howto. ismak garoeda: i am not a user mode linux develop, but i think catfish can help with this ismak or send directly to Jeff Dike catfish Jeff Dike <jdike@karaya.com> garoeda ok, i'll put it on my todo list jacobo <MiTo> catfish, but isn't it troublesome if /mnt/uml/ is mounted and I launch uml and then I build the modules and make modules_install ad its PATH? catfish jacobo: thanks ShawnX -unsigned long do_mmap_pgoff(struct file * file, unsigned long addr, ShawnX -unsigned long len, unsigned long prot, ShawnX -unsigned long flags, unsigned long pgoff) ShawnX +unsigned long do_mmap_pgoff(struct mm_struct *mm, struct file * file, ShawnX + unsigned long addr, unsigned long len, ShawnX + unsigned long prot, unsigned long flags, ShawnX + unsigned long pgoff) MiTo gracias jacobo ShawnX ismak: this broke alot of platforms ShawnX due to the extra argument 'struct mm_strict' catfish MiTo: You should unmount the root filesystem before you start the uml, yes. MiTo ohh, thanks catfish ismak ok ShawnX, i wil to probe it catfish ShawnX : Jeff would love patches if you're willing to provide them. ShawnX ismak :-) ShawnX catfish: well i could fix but im still learning the kernel ShawnX :( catfish ismak: I hope to see more of you one the mailing lists. catfish ismak: you, and everyone else, are welcome to take part. ismak catfish: the next time i invited you, or Jeff Dike to speak about UML ShawnX time go to ;) fernand0 Thanks for the conference and thank you to all for comming fernand0 the conversation can follow here fernand0 and later there is another talk catfish ismak: You did a nice job - neither of us would have done better! ismak :-) thank you fernand0 see you Generated by irclog2html.pl by Jeff Waugh - find it at freshmeat.net!