|
|
| (132 intermediate revisions by 3 users not shown) |
| Line 1: |
Line 1: |
| − | <h1 class="firstHeading">VNUML Tutorial</h1>
| + | #REDIRECT [[Tutorial 1.8]] |
| − | __TOC__
| |
| − | | |
| − | <small>version 1.7</small></h2>
| |
| − | | |
| − | <h3 style="text-align: center;">Authors:<br>
| |
| − | Fermín Galán (<a href="mailto:galan at dit.upm.es">galan at dit.upm.es</a>)<br>
| |
| − | | |
| − | David Fernández (<a href="mailto:david at dit.upm.es">david at dit.upm.es</a>)</h3>
| |
| − | | |
| − | <h4 style="text-align: center;">July 27th, 2006</h4><br>
| |
| − | | |
| − | | |
| − | | |
| − | <!-- 1. I N T R O D U C T I O N -->
| |
| − | | |
| − | | |
| − | == Introduction ==
| |
| − | | |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <p>VNUML (Virtual Network User Mode Linux) is a general purpose
| |
| − | virtualization tool designed to easily create complex
| |
| − | network simulation scenarios based on
| |
| − | <a href=http://user-mode-linux.sourceforge.net/>User Mode Linux (UML)</a>
| |
| − | virtualization software. It has been initially developed in
| |
| − | the context of <a href="http://www.euro6ix.org">Euro6IX</a> research
| |
| − | project to simulate IPv6 IX scenarios based on Linux and
| |
| − | zebra routing daemon. However, it is a useful tool that can be used
| |
| − | to simulate general Linux based network scenarios.</p>
| |
| − | | |
| − | <p>VNUML is aimed to help in testing network applications and
| |
| − | services over complex testbeds made of several nodes (even tens)
| |
| − | and networks inside one Linux machine, without involving the
| |
| − | investment and management complexity needed to create it using real
| |
| − | equipment.</p>
| |
| − | | |
| − | <p>This tutorial explains in detail how to use VNUML tool to simulate
| |
| − | a simple networking scenario. It is intended as a
| |
| − | hands-on approach for people that wants to start using VNUML tool, as well
| |
| − | as an overview of the philosophy and features behind VNUML tool for people
| |
| − | that do not want to install it yet.</p>
| |
| − | | |
| − | <p>Although VNUML hides from the user most of the details needed to use UML
| |
| − | virtualization software, a minimum knowledge about UML and how
| |
| − | it works is needed. The reader is referred to
| |
| − | <a href="http://user-mode-linux.sourceforge.net">UML</a> Web site to
| |
| − | gain that knowledge.</p>
| |
| − | | |
| − | <p>Throughout this document and the rest of the documentation, we refer to
| |
| − | the machine where VNUML is running as the <b>"host"</b>. The Linux virtual
| |
| − | machines that run over the host using UML virtualization software are
| |
| − | typically referred as <b>"virtual machines"</b> or simply <b>"UMLs"</b>.</p>
| |
| − | | |
| − | <p>This tutorial covers VNUML language version 1.7 and vnumlparser.pl 1.7.X.</p>
| |
| − |
| |
| − | | |
| − | === Tutorial Requirements ===
| |
| − | | |
| − | | |
| − | <p>In order to properly follow this tutorial you need:</p>
| |
| − | | |
| − | <ul>
| |
| − | | |
| − | <li>VNUML properly installed in your system. Use the most recent stable release. Please,
| |
| − | refer to the <a href="../install/index.html">VNUML Installation Guide</a> for more details.</li>
| |
| − |
| |
| − | <li>UML kernel (we recomend the most recent stable one provided by the VNUML Project).</li>
| |
| − |
| |
| − | <li>Root_fs filesystem (we recomend the most recent stable one provided by the VNUML Project).</li>
| |
| − |
| |
| − | <li>X-window environment. Some steps in the tutorial will launch xterm terminals,
| |
| − | so you need a X server.</li>
| |
| − |
| |
| − | <li>Be able to log as root in the host (for <a href="#user_privileges">step 3</a>
| |
| − | and <a href="#full_root_privileges">step 4</a>).</li>
| |
| − |
| |
| − | <li>The 10.0.x.x and 10.250.x.x address ranges are used in the VNUML specifications shown in this
| |
| − | tutorial. If these ranges collide with assigned addresses in you host environment
| |
| − | you must to change them to other prefixes.</li>
| |
| − | | |
| − | </ul>
| |
| − |
| |
| − | === Privileges ===
| |
| − |
| |
| − | <p>Old versions of VNUML parser (previous to 1.6.0) were very root-focused. Fortunately,
| |
| − | VNUML support for conventional users was highly improved in version 1.6.0.</p>
| |
| − |
| |
| − | <p>There are three ways of using VNUML, depending of what privileges you want
| |
| − | to use:</p>
| |
| − |
| |
| − | <ul>
| |
| − |
| |
| − | <li><strong>Limited User Privileges.</strong> To run vnumlparser.pl without root privileges.
| |
| − | The main limitation is that there is no network access to the virtual machines from/to host
| |
| − | and, therefore, no access to the external network the host is connected to (if any). The only way
| |
| − | to interact with the virtual machines is through direct login (typically, a xterm). As
| |
| − | a consequence, vnumlparser.pl can not be used to automatically run command sequences on
| |
| − | the virtual machines.</li>
| |
| − |
| |
| − | <li><strong>User Privileges.</strong> To run vnumlparser.pl without root privileges,
| |
| − | but use root privileges to enable host network access (management network) and access to
| |
| − | external networks using the root as router/NAT (layer 3 interconnection). Command
| |
| − | sequences can be run by vnumlparser.pl in the virtual machines using the management
| |
| − | network.</li>
| |
| − |
| |
| − | <li><strong>Full Root Privileges.</strong>To run vnumlparser.pl as root. This allow
| |
| − | host configuration performed by vnumlparser.pl, private management, mapping of
| |
| − | virtual machine names in /etc/hosts and direct connection of virtual machines to
| |
| − | external networks the host is connected to (layer 2 interconnection).</li>
| |
| − |
| |
| − | </ul>
| |
| − |
| |
| − | <p>The rest of the tutorial describe these three ways in detail, starting with
| |
| − | <a href="#limited_user_privileges">Limited User Privileges</a>, going to
| |
| − | <a href="#user_privileges">User Privileges</a> and finally,
| |
| − | <a href="#full_root_privileges">Full Root Privileges</a>.</p>
| |
| − | | |
| − | <br>
| |
| − | </td>
| |
| − | </tr>
| |
| − | | |
| − | == Limited User Privileges ==
| |
| − | | |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | === Writing the VNUML Specification ===
| |
| − | | |
| − | <p>VNUML tool is made of two main components: the VNUML language used
| |
| − | for describing simulations in XML; and the interpreter of the language
| |
| − | (vnumlparser.pl), that builds and manages the simulation, hiding all
| |
| − | UML complex details to the user.</p>
| |
| − | | |
| − | <p>If you managed to successfully install VNUML parser and all
| |
| − | related software packages, one of the hardest steps is over :). Now
| |
| − | it is time to create the XML description of the scenario to be
| |
| − | simulated using VNUML language (see <a href=
| |
| − | "../reference/index.html">VNUML Language Reference</a> for a complete
| |
| − | description of the language).</p>
| |
| − | | |
| − | <p>The specification of the tutorial scenario in VNUML language follows:</p>
| |
| − | | |
| − | <div align="center">
| |
| − | <img alt="Tutorial Limited User Scenario" src="tutorial_limited_user.png" width="480" height="164" border="0">
| |
| − | </div>
| |
| − | | |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-lu</simulation_name>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="none" />
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>Just copy the above XML code to a file named <b>tutorial_limited_user.xml</b>
| |
| − | and save it (if you don't want to do the copy-paste, you can
| |
| − | find it in the examples directory after VNUML installation in
| |
| − | /usr/share/examples).</p>
| |
| − | | |
| − | <p>Some initial comments about this description file:</p>
| |
| − | | |
| − | <ul>
| |
| − | <li>The <a href="../reference/index.html#global"><global></a> section defines certain parameters and options
| |
| − | that apply to the whole simulation. Within it, the <a href="../reference/index.html#vm_defaults"><vm_defaults></a>
| |
| − | tag defines some defaults for all virtual machines, like the kernel and
| |
| − | filesystem. Note the <a href="../reference/index.html#console"><console></a> tag, that
| |
| − | defines that we want a xterm to interact with each virtual machine.
| |
| − | </li>
| |
| − | | |
| − | <li>Virtual networks are created using the <a href=
| |
| − | "../reference/index.html#net"><net></a> tag. Each
| |
| − | network is identified by a name (e.g., "Net0") which is used later
| |
| − | in virtual machines descriptions to define the network each virtual
| |
| − | interface is connected to.
| |
| − | </li>
| |
| − | | |
| − | <li>Virtual machines (or UMLs) are created and described using the <a href=
| |
| − | "../reference/index.html#vm"><vm></a> tag. Inside
| |
| − | <vm> section, several different tags can be included to define each
| |
| − | UML characteristics. There are lot of tags that can be used in a virtual
| |
| − | machine but, well, this is a tutorial :), so only the
| |
| − | basic ones are shown here:
| |
| − | | |
| − | <ul>
| |
| − | <li><a href="../reference/index.html#if"><if></a> tag is
| |
| − | used to create and describe network interfaces (<a href=
| |
| − | "../reference/index.html#ipv4"><ipv4></a> tag is used to set up the IP
| |
| − | address; <a href=
| |
| − | "../reference/index.html#ipv6"><ipv6></a> is supported also), </li>
| |
| − | <li><a href=
| |
| − | "../reference/index.html#route"><route></a> tag is used to
| |
| − | add static routes, and </li>
| |
| − | <li><a href=
| |
| − | "../reference/index.html#forwarding"><forwarding></a>
| |
| − | to enable forwarding. Note we use this tag in uml3 and uml4, the
| |
| − | virtual machines that will act as routers (the others are end-systems).</li>
| |
| − | | |
| − | </ul>
| |
| − | | |
| − | </ul>
| |
| − |
| |
| − | === Building the Simulation ===
| |
| − |
| |
| − | <p>Once you have the VNUML specification written, you can build the scenario
| |
| − | using <b>"-t"</b> switch of VNUML parser. That is:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -t tutorial_limited_user.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>This command builds the virtual network topology
| |
| − | described in tutorial_limited_user.xml file and boots all the virtual machines
| |
| − | defined inside it.</p>
| |
| − |
| |
| − | <p>After the command execution, you will see a lot of output messages,
| |
| − | showing what the parser is
| |
| − | exactly doing. That is because "-v" (verbose) switch is being used (we
| |
| − | recommend always using "-v" to see how things are going).</p>
| |
| − | | |
| − | <p>By default, the output of each UML is redirected to the null device; if you
| |
| − | want to see that output (getting a even more verbose output) use "-o" switch (for
| |
| − | example "-o /tmp/boot").</p>
| |
| − | | |
| − | <p>After a few seconds, you should see five xterms popping up in
| |
| − | sequence: each one
| |
| − | correspond to one of the virtual machines defined in the simulation. After
| |
| − | the booting process you would identify each one by the name in the login
| |
| − | prompt (uml1, uml2, uml3, uml4 and uml5). VNUML allows several modes to
| |
| − | interact with the virtual machines, xterm is the only way allowed if
| |
| − | you don't have root privileges.</p>
| |
| − | | |
| − | <p>Be patient, because the boot process of each UML takes a while
| |
| − | (think about how long it takes a conventional Linux kernel to boot;
| |
| − | virtualized ones can take even more).
| |
| − | It can take easily several minutes to boot each UML, so it could
| |
| − | take from 1 minute (or less!) to around 10-15 minutes to boot the tutorial scenario (time
| |
| − | depends greatly on the host machine characteristics). Maybe even you
| |
| − | get the following prompt:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | Boot timeout for virtual machine uml1 reached. Abort, Retry, or Continue? [A/r/c]:
| |
| − | </pre>
| |
| − | | |
| − | <p>This use to mean that vnumlparser.pl has got tired of waitting for a
| |
| − | virtual machine. It could be that the virtual machine has not finishing
| |
| − | booting yet (that means, the login prompt has not appeared yet). Try
| |
| − | 'r' in that case. If the problem persists, contact the vnuml-user
| |
| − | mailing list.</p>
| |
| − | | |
| − | <h3><a name="testing_simulation">2. 3. Testing the Simulation</a></h3>
| |
| − |
| |
| − | <p>You can log in the virtual machines as root user using xxxx (for times
| |
| − | the 'x' letter) as password.
| |
| − | After logging, you can execute commands as in a conventional GNU/Linux
| |
| − | machine. For example try: 'ls /', 'ifconfig', 'df -h' or 'uname -ra'.</p>
| |
| − |
| |
| − | <p>To check connectivity between virtual machines you can use ping or traceroute, as
| |
| − | shown in the examples below. For example, from uml1 try
| |
| − | (you should see a similar trace, if everything is going right):</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | uml1:~ # traceroute -n 10.0.2.2
| |
| − | traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 38 byte packets
| |
| − | 1 10.0.0.3 1.282 ms 0.726 ms 0.678 ms
| |
| − | 2 10.0.1.2 1.243 ms 1.462 ms 1.010 ms
| |
| − | 3 10.0.2.2 1.396 ms 1.345 ms 1.303 ms
| |
| − | </pre>
| |
| − | <p>From uml5 try:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | uml5:~ # traceroute -n 10.0.0.1
| |
| − | traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 38 byte packets
| |
| − | 1 10.0.2.1 0.916 ms 0.743 ms 0.681 ms
| |
| − | 2 10.0.1.1 1.072 ms 1.019 ms 1.009 ms
| |
| − | 3 10.0.0.1 1.420 ms 1.363 ms 1.352 ms
| |
| − | </pre>
| |
| − | | |
| − | <p>You will see (using ifconfig) that the interfaces in the virtual machines starts with eth1,
| |
| − | not with eth0 as usual. Actually the eth0 interface is reserved to the
| |
| − | management network, <a href="#management_network">that will be described later</a>.</p>
| |
| − |
| |
| − | <h3><a name="releasing_simulation">2. 4. Releasing the Simulation Scenario</a></h3>
| |
| − |
| |
| − | <p>Once you have finished playing around with the simulation scenario,
| |
| − | you can release it in a "polite way" by means of "-d" switch of
| |
| − | VNUML parser.</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -d tutorial_limited_user.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>This sends a CAD (Ctrl+Alt+Delete) to each virtual machine, then
| |
| − | you will see how the halting process begins. After waiting
| |
| − | for a while (think that a conventional kernel
| |
| − | can take a couple of minutes to halt, so a set of virtualized
| |
| − | ones take quite a bit longer), the simulation scenario should be released
| |
| − | (all virtual machines should have been halted, xterms closed and
| |
| − | virtual networks released).</p>
| |
| − | | |
| − | <p>After releasing the scenario in this way, you can
| |
| − | recreate it with "-t". Note that releasing a scenario
| |
| − | does not mean that filesystems changes are lost. On the
| |
| − | contrary, any change performed on them remains after the
| |
| − | scenario has been released and restarted again. You can check it:
| |
| − | 'touch /root/foo.bar' and you will see how the file /root/foo.bar
| |
| − | remains next time you start using "-t" (the magic
| |
| − | behind this resides in certain files under ~/.vnuml that stores
| |
| − | user additions to the virtual machine filesystems: this files
| |
| − | can be erases using the "-P", keep reading :).</p>
| |
| − | | |
| − | <p>You can also use the -F switch in the releasing mode, as follows:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -d tutorial_limited_user.xml -v -F
| |
| − | </pre>
| |
| − |
| |
| − | <p>Instead of sending the CAD signal to the virtual machines, this
| |
| − | sends a HALT signal, that is stronger: the virtual kernel halts
| |
| − | immediately. <strong>This could corrupt the virtual filesystems</strong> so you
| |
| − | only should use it when plain -d has failed.</p>
| |
| − | | |
| − | <p>There is even a stronger way to release the simulation: the purge mode
| |
| − | (-P), but it should only be used as a last-resort measure. See <a href=
| |
| − | "../user/index.html#how_to_destroy">VNUML User Manual</a>
| |
| − | for more details when -d mode fails (including the purge mode -P).</p>
| |
| − |
| |
| − | <p>When you get familiar starting and releasing simulation, continue to
| |
| − | main section in the tutorial: User Privileges.</p>
| |
| − |
| |
| − | <br>
| |
| − | </td>
| |
| − | </tr>
| |
| − | | |
| − | == User Privileges ==
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <p>In this mode, you are supposed to run vnumparser.pl as conventional user as
| |
| − | in limited user mode, but you also have root access in order to run some
| |
| − | commands as superuser (maybe using sudo). You will be able to connect the
| |
| − | simulation to the host (this way virtual machines could reach Internet, if
| |
| − | the host acts as router/NAT) and execute automatically command sequences in the
| |
| − | virtual machines, as will be described following.</p>
| |
| − |
| |
| − | <h3><a name="connecting_sim_host">3. 1. Connecting Simulations to Host</a></h3>
| |
| − |
| |
| − | <p>The following is a variation of the tutorial_user_limited.xml file. Copy it
| |
| − | to a file named <b>tutorial_user1.xml</b> and save it (if you don't want to
| |
| − | do the copy-paste, you can find it in the examples directory after VNUML
| |
| − | installation in /usr/share/examples).</p>
| |
| − |
| |
| − | <div align="center">
| |
| − | <!-- Map deactivated: it has to be reviewed
| |
| − |
| |
| − | <map name="FPMap0">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(uml1, CAPTION, 'UML1 XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="59, 40, 37">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(uml2, CAPTION, 'UML2 XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="138, 42, 36">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(uml5, CAPTION, 'UML5 XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="412, 39, 35">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(uml3, CAPTION, 'UML3 XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="189, 149, 37">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(uml4, CAPTION, 'UML4 XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="320, 147, 36">
| |
| − | <area onmouseout="return nd();"
| |
| − | onmouseover="return overlib(thehost, CAPTION, 'HOST XML Description',
| |
| − | HAUTO, VAUTO);"
| |
| − | shape="circle" coords="246, 247, 36">
| |
| − | </map>
| |
| − | <img alt="Tutorial Scenario" src="tutorial.png" usemap="#FPMap0"
| |
| − | width="480" height="320" border="0">
| |
| − | -->
| |
| − | <img alt="Tutorial User Scenario (1)" src="tutorial_user1.png" width="480" height="320" border="0">
| |
| − | </div>
| |
| − | | |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-u1</simulation_name>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="none" />
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <net name="Net3" mode="uml_switch" sock="/var/run/vnuml/Net3.ctl" />
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <if id="3" net="Net3">
| |
| − | <ipv4>10.0.3.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>The difference is the Net3 network in a
| |
| − | <a href="../reference/index.html#net"><net></a> tag, linked
| |
| − | to the virtual machine uml3 in a <a href="../reference/index.html#if"><if></a> tag.
| |
| − | This is the network that will be used
| |
| − | to get connectivity to the host.</p>
| |
| − |
| |
| − | <p>In order to have access to the host machine when running vnumlparser.pl as a
| |
| − | non-privileged user, certain configurations must be performed by a privileged
| |
| − | user prior to building the simulation scenario. In this example, the non-privileged
| |
| − | user that will run vnumlparser.pl is bauer.</p>
| |
| − |
| |
| − | <p>As part of the VNUML install process, a non-privileged user <em>vnuml</em>
| |
| − | was created (check it now with 'id vnuml'). This user is a member of the <em>uml-net</em> group, which owns
| |
| − | the /dev/net/tun cloning device. It will own the uml_switch process that will
| |
| − | be started for the Net3 network, so that this process won't need to be run by root.</p>
| |
| − |
| |
| − | <ol>
| |
| − | <li>The user bauer must be a member of the <em>vnuml</em> group which owns the
| |
| − | directory /var/run/vnuml, where the UNIX sockets for the uml_switch processes
| |
| − | will be stored. (The command below looks intimidating, but really all it does is
| |
| − | add the user bauer to the vnuml group, while preserving its current group membership; maybe
| |
| − | you prefer simple edit the /etc/group file). <span style="color: red"><strong>Note:</strong></span>
| |
| − | as group membership is not updated in running shells, after adding
| |
| − | user bauer to vnuml group, user bauer has to start a new shell or xterm
| |
| − | session before executing the simulation.</li>
| |
| − |
| |
| − | <pre class="box">
| |
| − | root@host# usermod -G vnuml,`groups bauer | sed 's/^.\+:[[:space:]]*//;s/[[:space:]]\\+/,/g'` bauer
| |
| − | </pre>
| |
| − |
| |
| − | <li>Create a TUN/TAP device owned by the vnuml user. This
| |
| − | TUN/TAP device acts as the termination point for the host connection
| |
| − | in the Net3 virtual network.</li>
| |
| − |
| |
| − | <pre class="box">
| |
| − | root@host# tunctl -u vnuml -t tap0
| |
| − | Set 'tap0' persistent and owned by uid 1037
| |
| − | </pre>
| |
| − |
| |
| − | <li>Set an address for the host in the Net3 network (for example,
| |
| − | 10.0.3.2) and configure a static route in the host to
| |
| − | reach all the virtual machines using uml3 as gateway.</li>
| |
| − |
| |
| − | <pre class="box">
| |
| − | root@host# ifconfig tap0 10.0.3.2 netmask 255.255.255.0 up
| |
| − | root@host# route -A inet add -net 10.0.0.0/16 gw 10.0.3.1
| |
| − | </pre>
| |
| − | <li>Start a uml_switch process, linked with the TUN/TAP device created
| |
| − | previously (tap0) and owned by the vnuml user. The socket location
| |
| − | is arbitrary. However, the /var/run/vnuml directory was created
| |
| − | at installation for this purpose. The socket location will be used as
| |
| − | the <strong>sock</strong> attribute in the
| |
| − | <a href="../reference/index.html#net"><net></a> tag for Net3.</li>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# su -pc 'uml_switch -tap tap0 -unix /var/run/vnuml/Net3.ctl < /dev/null > /dev/null &' vnuml
| |
| − | </pre>
| |
| − | <li>Give the vnuml group read/write privileges to the socket that is used.
| |
| − | Note that the UNIX socket for the uml_switch process isn't created
| |
| − | instantly, so if these commands are scripted, a minor wait (sleep)
| |
| − | is necessary before setting permissions on the file. (Of course, the 'ls'
| |
| − | commands are not really needed, but they are useful to check the chmod
| |
| − | commands has been sucessfull).</li>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# sleep 1
| |
| − | root@host# ls -l /var/run/vnuml/Net3.ctl
| |
| − | srwxr-xr-x 1 vnuml vnuml 0 2005-07-29 11:48 /var/run/vnuml/Net3.ctl
| |
| − | root@host# chmod g+rw /var/run/vnuml/Net3.ctl
| |
| − | root@host# ls -l /var/run/vnuml/Net3.ctl
| |
| − | srwxrwxr-x 1 vnuml vnuml 0 2005-07-29 11:48 /var/run/vnuml/Net3.ctl
| |
| − | </pre>
| |
| − | | |
| − | <p>Now that the /var/run/vnuml/Net3.ctl exists and is readable
| |
| − | and writeable by bauer, you can start the simulation.</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -t tutorial_user1.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>You should see the xterms starting as usual. After they have finished
| |
| − | booting, you could check that now the host is part of the simulation. From
| |
| − | uml1 you can try:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | uml1:~ # traceroute -n 10.0.3.2
| |
| − | traceroute to 10.0.3.2 (10.0.3.2), 30 hops max, 38 byte packets
| |
| − | 1 10.0.0.3 1.779 ms 2.572 ms 1.359 ms
| |
| − | 2 10.0.3.2 1.785 ms 1.641 ms 1.744 ms
| |
| − | </pre>
| |
| − | <p>From uml5 you can try:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | uml5:~ # traceroute -n 10.0.3.2
| |
| − | traceroute to 10.0.3.2 (10.0.3.2), 30 hops max, 38 byte packets
| |
| − | 1 10.0.2.1 1.407 ms 0.857 ms 1.243 ms
| |
| − | 2 10.0.1.1 1.265 ms 1.019 ms 0.980 ms
| |
| − | 3 10.0.3.2 1.545 ms 3.156 ms 2.033 ms
| |
| − | </pre>
| |
| − | | |
| − | <p>From host try:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ traceroute -n 10.0.0.1
| |
| − | traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 40 byte packets
| |
| − | 1 10.0.3.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | 2 10.0.0.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | bauer@host$ traceroute -n 10.0.2.2
| |
| − | traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 40 byte packets
| |
| − | 1 10.0.3.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | 2 10.0.1.2 0.000 ms 0.000 ms 0.000 ms
| |
| − | 3 10.0.2.2 0.000 ms 0.000 ms 0.000 ms
| |
| − | </pre>
| |
| − | | |
| − | <p>Virtual machines can reach the host this way. The scenario could be
| |
| − | improved by configuring routing and NATing properly in the
| |
| − | host, in order for virtual machines to reach any host on the Internet. Such a setup
| |
| − | would be a layer 3 interconnection: the host acts as router/NAT between virtual machines
| |
| − | and the external network. Details to configure NAT this way
| |
| − | can be found <a href="#nat">later in this document</a>. A stronger
| |
| − | interconnection (layer 2) can be implemented,
| |
| − | so virtual machines are connected to the external network directly, but root
| |
| − | privileges are needed. We describe <a href="#layer_2_interconnection">layer 2
| |
| − | interconnection later</a>.</p>
| |
| − | | |
| − | <p>To release the simulation:
| |
| − |
| |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -d tutorial_user1.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>When the simulation has been released, note that the uml_switch process for Net3
| |
| − | is still running, and its accompanying UNIX socket still exists in
| |
| − | /var/run/vnuml/Net3.ctl. Also, the tap0 device is still configured,
| |
| − | and its gateway still exists. As long as this setup
| |
| − | remains, new simulation scenarios may be built using the same configuration without
| |
| − | requiring it to be set up again.</p>
| |
| − | | |
| − | <p>When the user has finished running simulations that involve the network set up
| |
| − | for Net3, the uml_switch process can be killed, and the socket removed:
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# kill `lsof -t /var/run/vnuml/Net3.ctl`
| |
| − | /var/run/vnuml/Net3.ctl: 6280
| |
| − | root@host# rm /var/run/vnuml/Net3.ctl
| |
| − | </pre>
| |
| − | | |
| − | Now the tap0 device may be deconfigured:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | root@host# ifconfig tap0 down
| |
| − | root@host# tunctl -d tap0
| |
| − | Set 'tap0' nonpersistent
| |
| − | </pre>
| |
| − | | |
| − | <h3><a name="executing_commands">3. 2. Executing Commands</a></h3>
| |
| − | | |
| − | <h4><a name="generate_ssh_key">3. 2. 1. Generating SSH key</a></h4>
| |
| − | | |
| − | <p>VNUML parser uses SSH to access and manage the UMLs. To
| |
| − | avoid being asked for a password whenever this happens
| |
| − | (quite often) you must generate a public key that will be
| |
| − | installed automatically in the UMLs by the VNUML parser (<a href=
| |
| − | "../reference/index.html#ssh_key"><ssh_key></a>
| |
| − | tag).</p>
| |
| − | | |
| − | <p>To create the public key just type:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ ssh-keygen -t rsa1
| |
| − | </pre>
| |
| − | | |
| − | <p>Select the default file to save the key (~/.ssh/identity). The passphrase
| |
| − | is not relevant (although we recommend to use an empty passphrase,
| |
| − | in order no user input required whenever the key is used).</p>
| |
| − | | |
| − | <p>Anyway, the first time (and only once) that SSH is used,
| |
| − | you will have to confirm the server key answering
| |
| − | 'yes' to the question you will be asked.</p>
| |
| − |
| |
| − | <h4><a name="management_network">3. 2. 2. Management Network</a></h4>
| |
| − | | |
| − | <p>The following is a variation of the tutorial_user_limited.xml file. Copy it
| |
| − | to a file named <b>tutorial_user2.xml</b> and save it (if you don't want to
| |
| − | do the copy-paste, you can find it in the examples directory after VNUML
| |
| − | installation in /usr/share/examples).</p>
| |
| − | | |
| − | <div align="center">
| |
| − | <img alt="Tutorial User Scenario (2)" src="tutorial_user2.png" width="480" height="280" border="0">
| |
| − | </div>
| |
| − |
| |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-u2</simulation_name>
| |
| − | <ssh_version>1</ssh_version>
| |
| − | <ssh_key>~/.ssh/identity.pub</ssh_key>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="net" network="10.250.0.0" mask="24">
| |
| − | <mgmt_net sock="/var/run/vnuml/Mgmt_net.ctl" hostip="10.250.0.1"/>
| |
| − | </vm_mgmt>
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | <exec seq="start" type="verbatim">nohup /usr/bin/hello &lt;/dev/null &gt;/dev/null 2&gt;&amp;1 &amp; </exec>
| |
| − | <exec seq="stop" type="verbatim">killall hello</exec>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>VNUML uses SSH to send command sequences to the virtual machines. The
| |
| − | SSH protocol version and the SSH public key to be used are specified
| |
| − | in the <a href="../reference/index.html#ssh_version"><ssh_version></a>
| |
| − | and <a href="../reference/index.html#ssh_key"><ssh_key></a> tags, respectively.
| |
| − | Note that the SSH key file is the one generated in the
| |
| − | <a href="#generate_ssh_key">previous step</a>.</p>
| |
| − |
| |
| − | <p>In order to send commands to the virtual machines, a special kind of network
| |
| − | is set up for management. There are two kind of management networks: private--establishes
| |
| − | a peer-to-peer connection between the host and each one of the
| |
| − | virtual machines (this requires that vnumlparser.pl be run as root); and net--a uml_switched
| |
| − | network is used. This is set up with the <strong>type</strong> attribute in
| |
| − | the <a href="../reference/index.html#vm_mgmt"><vm_mgmt></a> tag.</p>
| |
| − |
| |
| − | <p>When using <strong>type</strong>="net" the <strong>network</strong>
| |
| − | and <strong>mask</strong> attributes specify a network address range that vnumlparser.pl
| |
| − | will use to assign addresses to the virtual machines. The <strong>hostip</strong>
| |
| − | attribute in the <a href="../reference/index.html#mgmt_net"><mgmt_net></a> tag
| |
| − | will be skipped in that range, reserved for use by the host.</p>
| |
| − |
| |
| − | <p>Let's see how the whole thing is working. As root, set up a tap device and start
| |
| − | the uml_switch process (similar to what was done in the <a href="#connecting_sim_host">previous example</a>):</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | root@host# tunctl -u vnuml -t tap0
| |
| − | Set 'tap0' persistent and owned by uid 1037
| |
| − | root@host# ifconfig tap0 10.250.0.1 netmask 255.255.255.0 up
| |
| − | root@host# su -pc 'uml_switch -tap tap0 -unix /var/run/vnuml/Mgmt_net.ctl < /dev/null > /dev/null &' vnuml
| |
| − | root@host# sleep 1
| |
| − | root@host# chmod g+rw /var/run/vnuml/Mgmt_net.ctl
| |
| − | </pre>
| |
| − | | |
| − | <p>Next, build the simulation:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -t tutorial_user2.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>After logging in to the xterms, you can check using ifconfig that an additional
| |
| − | interface is configured in each machine: the eth0 interface. All virtual
| |
| − | machines are connected to the host (and between them, as side effect), with
| |
| − | the following addresses:</p>
| |
| − | | |
| − | <table border="1">
| |
| − | <tr>
| |
| − | <td>host</td>
| |
| − | <td>10.250.0.1</td>
| |
| − | <td>assigned with the ifconfig command, before building simulation</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml1</td>
| |
| − | <td>10.250.0.2</td>
| |
| − | <td>assigned automatically by vnumlparser.pl</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml2</td>
| |
| − | <td>10.250.0.3</td>
| |
| − | <td>assigned automatically by vnumlparser.pl</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml3</td>
| |
| − | <td>10.250.0.4</td>
| |
| − | <td>assigned automatically by vnumlparser.pl</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml4</td>
| |
| − | <td>10.250.0.5</td>
| |
| − | <td>assigned automatically by vnumlparser.pl</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml5</td>
| |
| − | <td>10.250.0.6</td>
| |
| − | <td>assigned automatically by vnumlparser.pl</td>
| |
| − | </tr>
| |
| − | </table>
| |
| − |
| |
| − | <p>You can login in each virtual machine from host using SSH. For
| |
| − | example, to log in uml3:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ ssh -1 root@10.250.0.4
| |
| − | Last login: Fri Jun 16 10:33:46 2006
| |
| − | Linux (none) 2.6.15.7-bs3-tls-xt-2m #1 Wed Jul 19 15:23:08 CEST 2006 i686
| |
| − | | |
| − | The programs included with the Debian GNU/Linux system are free software;
| |
| − | the exact distribution terms for each program are described in the
| |
| − | individual files in /usr/share/doc/*/copyright.
| |
| − | | |
| − | Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
| |
| − | permitted by applicable law.
| |
| − | uml3:~#
| |
| − | </pre>
| |
| − |
| |
| − | <p>Note that, given that you can SSH to each virtual machine from host,
| |
| − | you don't need xterms (just remove the
| |
| − | <a href="../reference/index.html#console"><console></a> tag in the VNUML file)
| |
| − | if you configure the management network properly. This
| |
| − | is very useful when you have a lot of virtual machines in your simulation
| |
| − | (ten or more) and don't want to be overwhelmed by the xterms.</p>
| |
| − | | |
| − | <h4><a name="command_sequences">3. 2. 3. Command Sequences</a></h4>
| |
| − | | |
| − | <p>Once the simulated scenario is up and running, you can
| |
| − | get access to each virtual machine using ssh and
| |
| − | execute the commands you desire. You could, for example,
| |
| − | manually start a web or ftp server inside uml1 and uml5
| |
| − | virtual machines. You could also start routing daemons in uml3 and
| |
| − | uml4 in order to set-up dynamic routing for the scenario.
| |
| − | You could even start automatically such services from the init scripts
| |
| − | in the root filesystem being used, although that would probably require
| |
| − | the use of a different filesystem for each UML.
| |
| − | </p>
| |
| − | | |
| − | <p>However, in order to be able to easily create and reproduce
| |
| − | simulation scenarios, a simple and powerful way to specify the
| |
| − | commands that each virtual machine has to execute to
| |
| − | start the scenario is needed, as well as the commands to stop
| |
| − | the simulation and return the virtual machine
| |
| − | to a known state.</p>
| |
| − | | |
| − | <p>That is basically what VNUML offers: a way to automate the execution
| |
| − | of commands in the virtual machines and host using the execute commands
| |
| − | mode (-x switch).
| |
| − | By means of the <a href=
| |
| − | "../reference/index.html#exec"><exec></a> tag
| |
| − | included inside each virtual machine definition, you can specify the
| |
| − | commands that will be executed. Commands are grouped using a <em>command
| |
| − | sequence identifier</em>, specified in the <strong>seq</strong> attribute
| |
| − | of the <a href=
| |
| − | "../reference/index.html#exec"><exec></a> tag. In this tutorial
| |
| − | we will to consider two command sequences: "start" and "stop".</p>
| |
| − | | |
| − | <p>To show this functionality in this tutorial we will use
| |
| − | the /usr/bin/hello program included in the tutorial root filesystem.
| |
| − | It is just a quite simple program whose only function is to output
| |
| − | 'hello' word to file /tmp/hello every 10
| |
| − | seconds (it is only for testing purposes, we suppose you'll use VNUML
| |
| − | for more useful tasks :).</p>
| |
| − | | |
| − | <p>In order to test it, look at the lines at the end of
| |
| − | uml1 description in tutorial_user2.xml:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | <exec seq="start" type="verbatim"> nohup /usr/bin/hello &lt;/dev/null &gt;/dev/null 2&gt;&amp;1 &amp; </exec>
| |
| − | <exec seq="stop" type="verbatim">killall hello</exec>
| |
| − | </pre>
| |
| − | | |
| − | <p>Basically, we have specified the following command to be executed
| |
| − | in uml1 whenever the simulation is started (note that <strong><</strong>,
| |
| − | <strong>></strong> and <strong>&</strong> characters had to
| |
| − | be escaped in XML files):</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | nohup /usr/bin/hello </dev/null >/dev/null 2>&1 &
| |
| − | </pre>
| |
| − |
| |
| − | <p>(Why not simply use 'nohup /usr/bin/hello
| |
| − | &'? There are ssh related problems that force to
| |
| − | redirect standard input and output; look at <a href=
| |
| − | "../user/index.html#ssh_hang">VNUML User Manual</a> for more details).</p>
| |
| − | | |
| − | <p>And the following one to be executed in uml1 whenever the
| |
| − | simulation is stopped:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | killall hello
| |
| − | </pre>
| |
| − | | |
| − | <p>Start the simulation using:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -x start@tutorial_user2.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>Note that the process is much shorter than when building the simulation
| |
| − | scenario (mode -t). Check the existence and growing of /tmp/hello file in
| |
| − | uml1: the hello daemon is working.</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | uml1:~ # tail -f /tmp/hello
| |
| − | Hello! Current date: Thu Jul 20 10:14:43 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:14:53 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:15:04 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:15:14 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:15:25 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:15:35 UTC 2006
| |
| − | Hello! Current date: Thu Jul 20 10:15:45 UTC 2006
| |
| − | </pre>
| |
| − | | |
| − | <p>In a similar way you can stop the simulation (killing the hello
| |
| − | daemon) with:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -x stop@tutorial_user2.xml -v
| |
| − | </pre>
| |
| − | | |
| − | <p>Access again to uml1 and check that hello daemon is not
| |
| − | working now ('ps axw | grep hello' for example)
| |
| − | and that /tmp/hello file has stopped growing.</p>
| |
| − |
| |
| − | <p>Once you have finished playing around with the simulation scenario,
| |
| − | release it as usual:.</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | bauer@host$ vnumlparser.pl -d tutorial_user2.xml -v
| |
| − | </pre>
| |
| − |
| |
| − | <p>As with the <a href="#connecting_sim_host">previous example</a>, in order to reset to the original state,
| |
| − | the uml_switch process will need to be killed and its accompanying UNIX socket
| |
| − | removed. Also the tap device will need will need to be deconfigured and removed.
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# kill `lsof -t /var/run/vnuml/Mgmt_net.ctl`
| |
| − | /var/run/vnuml/Mgmt_net.ctl: 13746
| |
| − | root@host# rm /var/run/vnuml/Mgmt_net.ctl
| |
| − | root@host# ifconfig tap0 down
| |
| − | root@host# tunctl -d tap0
| |
| − | Set 'tap0' nonpersistent
| |
| − | </pre>
| |
| − |
| |
| − | <br>
| |
| − | </td>
| |
| − | </tr>
| |
| − |
| |
| − | <!-- 4. F U L L R O O T P R I V I L E G I E S -->
| |
| − | | |
| − | <tr>
| |
| − | <td class="title" colspan="2"><a name=
| |
| − | "full_root_privileges">4. Full Root Privileges</a></td>
| |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <h3><a name="host_configuration">4. 1. Host Configuration</a></h3>
| |
| − |
| |
| − | <p>The <a href="../reference/index.html#host"><host></a> tag, that can
| |
| − | be only be used if root runs vnumlparser.pl allows to automate host configuration.
| |
| − | For example, the following example (<strong>tutorial_root1.xml</strong>) is functionally equivalent
| |
| − | to tutorial_user1.xml (<a href="#connecting_sim_host">described here</a>), but vnumlparser.pl deals with the tap0 creation and
| |
| − | uml_switch starting. Note also that <strong>sock</strong> attribute in
| |
| − | <a href="../reference/index.html#host"><host></a> Net3 is not used.</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-r1</simulation_name>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="none" />
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <net name="Net3" mode="uml_switch" />
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <if id="3" net="Net3">
| |
| − | <ipv4>10.0.3.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | <host>
| |
| − | <hostif net="Net3">
| |
| − | <ipv4>10.0.3.2</ipv4>
| |
| − | </hostif>
| |
| − | <route type="ipv4" gw="10.0.3.1">10.0.0.0/16</route>
| |
| − | </host>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>To build, test and release the example use the usual commands:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# vnumlparser.pl -t tutorial_root1.xml -v
| |
| − | (...)
| |
| − | root@host# traceroute -n 10.0.0.1
| |
| − | traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 40 byte packets
| |
| − | 1 10.0.3.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | 2 10.0.0.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | root@host# traceroute -n 10.0.2.2
| |
| − | traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 40 byte packets
| |
| − | 1 10.0.3.1 0.000 ms 0.000 ms 0.000 ms
| |
| − | 2 10.0.1.2 0.000 ms 0.000 ms 0.000 ms
| |
| − | 3 10.0.2.2 0.000 ms 0.000 ms 0.000 ms
| |
| − | root@host# vnumlparser.pl -d tutorial_root1.xml -v
| |
| − | (...)
| |
| − | </pre>
| |
| − |
| |
| − | <h3><a name="private_management">4. 2. Private Management</a></h3>
| |
| − | | |
| − | <p>You can use <strong>type</strong>="private" in <a href="../reference/index.html#vm_mgmt"><vm_mgmt></a>
| |
| − | to establish peer-to-peer connection between the host and each one of the
| |
| − | virtual machines (/30 networks). The <a href="../reference/index.html#mgmt_net"><mgmt_net></a>
| |
| − | tag is not used in this case. The following example (<strong>tutorial_root2.xml</strong>) is functionally
| |
| − | equivalent to tutorial_user2.xml (<a href="#executing_commands">described here</a>), but using private management.</p>
| |
| − | | |
| − | <div align="center">
| |
| − | <img alt="Tutorial Root Scenario (2)" src="tutorial_root2.png" width="480" height="286" border="0">
| |
| − | </div>
| |
| − | | |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-r2</simulation_name>
| |
| − | <ssh_version>1</ssh_version>
| |
| − | <ssh_key>~/.ssh/identity.pub</ssh_key>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="private" network="10.250.0.0" mask="24">
| |
| − | <host_mapping />
| |
| − | </vm_mgmt>
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <vm name="uml1">
| |
| − | <console id="0">xterm</console>
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | <exec seq="start" type="verbatim">nohup /usr/bin/hello &lt;/dev/null &gt;/dev/null 2&gt;&amp;1 &amp; </exec>
| |
| − | <exec seq="stop" type="verbatim">killall hello</exec>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <console id="0">xterm</console>
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <console id="0">xterm</console>
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <console id="0">xterm</console>
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <console id="0">xterm</console>
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>The address assignment is as follows:</p>
| |
| − | | |
| − | <table border="1">
| |
| − | <tr>
| |
| − | <td><strong>uml connection</strong></td>
| |
| − | <td><strong>host-side</strong></td>
| |
| − | <td><strong>uml-side</strong></td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml1</td>
| |
| − | <td>10.250.0.1</td>
| |
| − | <td>10.250.0.2</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml2</td>
| |
| − | <td>10.250.0.5</td>
| |
| − | <td>10.250.0.6</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml3</td>
| |
| − | <td>10.250.0.9</td>
| |
| − | <td>10.250.0.10</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml4</td>
| |
| − | <td>10.250.0.13</td>
| |
| − | <td>10.250.0.14</td>
| |
| − | </tr>
| |
| − | <tr>
| |
| − | <td>uml5</td>
| |
| − | <td>10.250.0.17</td>
| |
| − | <td>10.250.0.18</td>
| |
| − | </tr>
| |
| − | </table>
| |
| − | | |
| − | <p>Previously to build the simulation, you have to generate the SSH public key for the root user,
| |
| − | as described in the <a href="#generate_ssh_key">generate ssh key section</a> of this tutorial. Otherwise, vnumlparser.pl will
| |
| − | complaint about the ~/.ssh/idenity.pub file.</p>
| |
| − | | |
| − | <p>The example uses the <a href="../reference/index.html#host_mapping"><host_mapping></a>
| |
| − | tag, only allowed to root. This tag enables virtual machine name mapping in /etc/hosts while
| |
| − | the simulation is running:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host# vnumlparser.pl -t tutorial_root2.xml -v
| |
| − | ...
| |
| − | root@host# cat /etc/hosts
| |
| − | ...
| |
| − | # BEGIN: tutorial-r2
| |
| − | # topology built: lun jul 4 21:48:08 CEST 2005
| |
| − | 10.250.0.2 uml1
| |
| − | 10.250.0.6 uml2
| |
| − | 10.250.0.10 uml3
| |
| − | 10.250.0.14 uml4
| |
| − | 10.250.0.18 uml5
| |
| − | # END: tutorial-r2
| |
| − | ...
| |
| − | root@host# vnumlparser.pl -d tutorial_root2.xml -v
| |
| − | ...
| |
| − | root@host# cat /etc/hosts
| |
| − | ...
| |
| − | # BEGIN: tutorial-r2
| |
| − | # topology destroyed: lun jul 4 22:04:16 CEST 2005
| |
| − | # END: tutorial-r2
| |
| − | </pre>
| |
| − | | |
| − | <p>Therefore, you can use 'ssh -1 uml1' instead of 'ssh -1 10.250.0.2', for example:
| |
| − | more intuitive!</p>
| |
| − |
| |
| − | <h3><a name="layer_2_interconnection">4. 3. Layer 2 interconnection</a></h3>
| |
| − | | |
| − | <p>Previously, we stated that is possible to connect a virtual machine directly to the
| |
| − | host external network (layer 2 interconnection). To do so, a special kind of
| |
| − | virtual network, specified with attribute <strong>type</strong>="virtual_bridge"
| |
| − | in <a href="../reference/index.html#net"><net></a> tag. In addition, the name of
| |
| − | the physical interface in the host is specified with the <strong>external</strong>
| |
| − | attribute.</p>
| |
| − |
| |
| − | <p>The following VNUML description (<strong>tutorial_root3.xml</strong>) is a
| |
| − | variation of tutorial_user1.xml (<a href="#connecting_sim_host">described here</a>), that directly
| |
| − | connects uml3 with the host external network, using IP 192.168.0.150 (of course, you
| |
| − | have to change this address to one with meaning in your host external network).</p>
| |
| − | | |
| − | <div align="center">
| |
| − | <img alt="Tutorial Root Scenario (3)" src="tutorial_root3.png" width="480" height="299" border="0">
| |
| − | </div>
| |
| − | | |
| − | <pre class="box">
| |
| − | <?xml version="1.0" encoding="UTF-8"?>
| |
| − | <!DOCTYPE vnuml SYSTEM "/usr/share/xml/vnuml/vnuml.dtd">
| |
| − | | |
| − | <vnuml>
| |
| − | <global>
| |
| − | <version>1.7</version>
| |
| − | <simulation_name>tutorial-r3</simulation_name>
| |
| − | <automac/>
| |
| − | <vm_mgmt type="none" />
| |
| − | <vm_defaults>
| |
| − | <filesystem type="cow">/usr/share/vnuml/filesystems/root_fs_tutorial</filesystem>
| |
| − | <kernel>/usr/share/vnuml/kernels/linux</kernel>
| |
| − | <console id="0">xterm</console>
| |
| − | </vm_defaults>
| |
| − | </global>
| |
| − | <net name="Net0" mode="uml_switch" />
| |
| − | <net name="Net1" mode="uml_switch" />
| |
| − | <net name="Net2" mode="uml_switch" />
| |
| − | <net name="Net3" mode="virtual_bridge" external="eth0"/>
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml2">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | </vm>
| |
| − | <vm name="uml3">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.3</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net1">
| |
| − | <ipv4>10.0.1.1</ipv4>
| |
| − | </if>
| |
| − | <if id="3" net="Net3">
| |
| − | <ipv4>192.168.0.150</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.2">10.0.2.0/24</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml4">
| |
| − | <if id="1" net="Net1">
| |
| − | <ipv4>10.0.1.2</ipv4>
| |
| − | </if>
| |
| − | <if id="2" net="Net2">
| |
| − | <ipv4>10.0.2.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.1.1">default</route>
| |
| − | <forwarding type="ip" />
| |
| − | </vm>
| |
| − | <vm name="uml5">
| |
| − | <if id="1" net="Net2">
| |
| − | <ipv4>10.0.2.2</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.2.1">default</route>
| |
| − | </vm>
| |
| − | <host>
| |
| − | <hostif net="Net3">
| |
| − | <ipv4>192.168.0.39</ipv4>
| |
| − | </hostif>
| |
| − | <physicalif name="eth0" ip="192.168.0.39" mask="255.255.255.0" gw="192.168.0.1" />
| |
| − | <route type="ipv4" gw="192.168.0.1">default</route>
| |
| − | </host>
| |
| − | </vnuml>
| |
| − | </pre>
| |
| − | | |
| − | <p>The <a href="../reference/index.html#host"><host></a> section is not
| |
| − | mandatory, but very recommended due to the virtual bridging set up process
| |
| − | during "-t" deconfigures the physical interface in the host. The
| |
| − | <a href="../reference/index.html#ipv4"><ipv4></a> and
| |
| − | <a href="../reference/index.html#route"><route></a> tags ensures the
| |
| − | host remains properly configured by vnumlparser.pl after "-t" mode
| |
| − | (we are supposing that the host address in eth0 is 192.168.0.39 and the default
| |
| − | gateway in the external network 192.168.0.1).</p>
| |
| − | | |
| − | <p>During virtual bridge releasing during "-d", the external connection is also
| |
| − | deconfigured. To restore configuration the
| |
| − | <a href="../reference/index.html#physicalif"><physicalif></a> tag is
| |
| − | needed.</p>
| |
| − |
| |
| − | <p>After building the simulation you can check that uml3 reach the gateway and
| |
| − | the host interface in the external network:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | uml3:~# ping -c 1 192.168.0.1
| |
| − | PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
| |
| − | 64 bytes from 192.168.0.1: icmp_seq=1 ttl=150 time=0.629 ms
| |
| − | | |
| − | --- 192.168.0.1 ping statistics ---
| |
| − | 1 packets transmitted, 1 received, 0% packet loss, time 0ms
| |
| − | rtt min/avg/max/mdev = 0.629/0.629/0.629/0.000 ms
| |
| − | uml3:~# ping -c 1 192.168.0.39
| |
| − | PING 192.168.0.39 (192.168.0.39) 56(84) bytes of data.
| |
| − | 64 bytes from 192.168.0.39: icmp_seq=1 ttl=64 time=31.1 ms
| |
| − | | |
| − | --- 192.168.0.39 ping statistics ---
| |
| − | 1 packets transmitted, 1 received, 0% packet loss, time 0ms
| |
| − | rtt min/avg/max/mdev = 31.162/31.162/31.162/0.000 ms
| |
| − | </pre>
| |
| − | | |
| − | <br>
| |
| − | </td>
| |
| − | | |
| − | </tr><!-- 6. N A T -->
| |
| − | | |
| − | <tr>
| |
| − | <td class="title" colspan="2"><a name="nat">6.
| |
| − | Configuring NAT</a></td>
| |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − |
| |
| − | <p>This section describes a procedure to configure NAT in the host
| |
| − | for the scenarios described in section 3 of this tutorial, althought
| |
| − | it could be easily adapted to others VNUML scenarios using layer 3
| |
| − | interconnection at host. The procedure has been provided thanks to
| |
| − | Carlos Sanmartín.</p>
| |
| − |
| |
| − | <p>How to configure NAT? Well, we can use iptables(8), included in linux
| |
| − | kernels from 2.4.x We can have included into kernel or load it with a
| |
| − | module:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host:~# modprobe ipt_MASQUERADE
| |
| − | </pre>
| |
| − | | |
| − | <p>It will load ip_tables, ip_conntrack and iptable_nat.</p>
| |
| − | | |
| − | <p>Let's follow next steps:</p>
| |
| − |
| |
| − | <ol>
| |
| − |
| |
| − | <li>We have to enable forwarding into kernel, for managing
| |
| − | packets which target isn't is our host.
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host:~# echo 1 > /proc/sys/net/ipv4/ip_forward
| |
| − | </pre>
| |
| − | | |
| − | For same configuration at any startup, we can add to /etc/sysctl.conf:
| |
| − | | |
| − | <pre class="box">
| |
| − | net.ipv4.ip_forward=1
| |
| − | </pre>
| |
| − | </li>
| |
| − | | |
| − | <li>We have to enable NAT rule, for translating virtual machines
| |
| − | addresses to host output interface IP address (we suppose eth0 is the
| |
| − | output interface):
| |
| − | | |
| − | <pre class="box">
| |
| − | root@host:~# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
| |
| − | </pre>
| |
| − | | |
| − | </li>
| |
| − | | |
| − | <li>Finally, we have to add a default route for managing outgoing
| |
| − | packages, at uml3:
| |
| − | | |
| − | <pre class="box">
| |
| − | root@uml3:~# route add default gw 10.0.3.2
| |
| − | </pre>
| |
| − | | |
| − | </ol>
| |
| − | | |
| − | <p>It looks like this:</p>
| |
| − |
| |
| − | <pre class="box">
| |
| − | uml3:~# route
| |
| − | Kernel IP routing table
| |
| − | Destination Gateway Genmask Flags Metric Ref Use Iface
| |
| − | 10.0.0.0 * 255.255.255.0 U 0 0 0 eth1
| |
| − | 10.0.1.0 * 255.255.255.0 U 0 0 0 eth2
| |
| − | 10.0.2.0 10.0.1.2 255.255.255.0 UG 0 0 0 eth2
| |
| − | 10.0.3.0 * 255.255.255.0 U 0 0 0 eth3
| |
| − | default 10.0.3.2 0.0.0.0 UG 0 0 0 eth3
| |
| − | </pre>
| |
| − | | |
| − | <p>Now, we can try:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | uml1:~# ping -c 1 www.google.es
| |
| − | PING www.l.google.com (66.249.93.104) 56(84) bytes of data.
| |
| − | 64 bytes from 66.249.93.104: icmp_seq=1 ttl=235 time=56.7 ms
| |
| − | | |
| − | --- www.l.google.com ping statistics ---
| |
| − | 1 packets transmitted, 1 received, 0% packet loss, time 0ms
| |
| − | rtt min/avg/max/mdev = 56.781/56.781/56.781/0.000 ms
| |
| − | </pre>
| |
| − | | |
| − | <p>Enjoy it!</p>
| |
| − | | |
| − | <p>For further information, please visit: the
| |
| − | <a href="http://www.tldp.org/HOWTO/html_single/Masquerading-Simple-HOWTO">Masquerading Simple HOWTO</a>.</p>
| |
| − | | |
| − | <br>
| |
| − | </td>
| |
| − |
| |
| − | </tr><!-- 6. A D D I T I O N A L T I P S -->
| |
| − | | |
| − | <tr>
| |
| − | <td class="title" colspan="2"><a name="tips">6.
| |
| − | Additional Tips</a></td>
| |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <p>In addition to the basic tutorial you can try the following tips:
| |
| − | </p>
| |
| − | <ul>
| |
| − | | |
| − | <li>Improve performance. A virtualized kernel runs slower than a conventional one. Anyway, UML
| |
| − | provides a mechanism of improving efficiency using SKAS mode. Different from previous versions
| |
| − | of vnumlparser.pl, version 1.3.0 and beyond works fine with SKAS: you just need to compile a
| |
| − | host kernel with SKAS support enabled. <a href="http://user-mode-linux.sourceforge.net/skas.html">More information</a> in the UML Project Web site.</li>
| |
| − |
| |
| − | <li>Capture traffic in virtual networks. You can use a patched version of uml_switch (look in
| |
| − | the contrib/uml_router/ directory inside VNUML package) that, once compiled and installed, can
| |
| − | be used to capture traffic in selected virtual networks. This is a powerfull feature, allowing
| |
| − | capturing the traffic in simulation experiments for later study (capturing to a file) or even
| |
| − | in real time with software tools like Ethereal (although this needs root
| |
| − | privilegies). Please have a look to the <strong>capture_*</strong> attributes of
| |
| − | <a href="../reference/index.html#capture"><net></a> tag
| |
| − | to know how to configure it. In addition, you will find a variation of the tutorial for limited
| |
| − | user using capture features in the <strong>tutorial_limited_user_capture.xml</strong> that comes with the VNUML examples).
| |
| − | | |
| − | <pre class="box">
| |
| − | ...
| |
| − | <net name="Net1"
| |
| − | mode="uml_switch"
| |
| − | uml_switch_binary="/usr/local/bin/uml_switch4capture"
| |
| − | capture_expression="icmp"
| |
| − | capture_file="/tmp/net1.pcap" />
| |
| − | ...
| |
| − | </pre>
| |
| − | | |
| − | </li>
| |
| − |
| |
| − | <li>Adding users and groups in the virtual machines. In the examples shown so far, there is only one
| |
| − | user in the virtual machines: the root user. However, vnumlparser.pl can add users to the virtual
| |
| − | machines using <a href="../reference/index.html#user"><user></a> tag. Try
| |
| − | replacing the following vm section for uml1 in the tutorial_limited_user.xml file
| |
| − | (or use the <strong>tutorial_limited_user2.xml</strong> file that comes with the VNUML examples):
| |
| − | | |
| − | <pre class="box">
| |
| − | ...
| |
| − | <vm name="uml1">
| |
| − | <if id="1" net="Net0">
| |
| − | <ipv4>10.0.0.1</ipv4>
| |
| − | </if>
| |
| − | <route type="ipv4" gw="10.0.0.3">default</route>
| |
| − | <user username="yoda" group="jedi">
| |
| − | <group>jedi</group>
| |
| − | <group>lightside</group>
| |
| − | </user>
| |
| − | <user username="anakin" group="sith">
| |
| − | <group>sith</group>
| |
| − | <group>darkside</group>
| |
| − | </user>
| |
| − | </vm>
| |
| − | ...
| |
| − | </pre>
| |
| − | | |
| − | Once built the simulation, you can check how the yoda and anakin users are created in uml1:
| |
| − | | |
| − | <pre class="box">
| |
| − | uml1:~# id yoda
| |
| − | uid=1002(yoda) gid=1003(jedi) groups=1003(jedi),1004(lightside)
| |
| − | uml1:~# id anakin
| |
| − | uid=1001(anakin) gid=1001(sith) groups=1001(sith),1002(darkside)
| |
| − | </pre>
| |
| − | | |
| − | </li>
| |
| − | | |
| − | <!--li>Inter-boot delay. It's possible (depending on the UML stability related with certain
| |
| − | host Linux distributions and kernels) that some UMLs may not boot properly when you build
| |
| − | the topology (mode -t). This situation is detected when vnumlparser.pl dies on startup
| |
| − | (indicating that something went wrong with booting one of the UMLs before the init process was
| |
| − | started) or waits indefinitely in blocking mode (-B switch).<br>
| |
| − | In some cases, adding a small delay between UML booting seems to fix the situation. You can introduce
| |
| − | such a delay using "-w" switch. For example, a "-w 10" introduces 10 seconds interval
| |
| − | between UML boots.</li-->
| |
| − |
| |
| − | <li>UML kernel and filesystem selection. In the examples shown so far, the
| |
| − | kernel and UML filesystem for all the virtual machines is set up with the
| |
| − | <a href="../reference/index.html#vm_defaults"><vm_defaults></a>.
| |
| − | However, you can specify a different UML kernel using
| |
| − | <a href="../reference/index.html#kernel"><kernel></a> and
| |
| − | <a href="../reference/index.html#filesystem"><filesystem></a> tags
| |
| − | in a per-vm basis.</li>
| |
| − | | |
| − | </ul>
| |
| − |
| |
| − | <br>
| |
| − | </td>
| |
| − | </tr><!-- 7. F U R T H E R R E A D I N G -->
| |
| − | | |
| − | <tr>
| |
| − | <td class="title" colspan="2"><a name="further_reading">7.
| |
| − | Further Reading</a></td>
| |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <p>This tutorial does not show all features of VNUML
| |
| − | tool. Concurrent simulation execution, filetree copying, hostfs filesystems,
| |
| − | blocking modes,
| |
| − | VLAN integration and other interesting capabilities are available
| |
| − | in VNUML. To know about them in detail you should next read <a href=
| |
| − | "../user/index.html">VNUML User Manual</a> and <a href=
| |
| − | "../reference/index.html">VNUML Language Reference</a>. If
| |
| − | you need to hack vnumparser.pl to adapt it to your needs,
| |
| − | you should read the source code (we think it's very
| |
| − | clear! :). A VNUML Developers Manual could be released in
| |
| − | the future if needed.</p><br>
| |
| − | <br>
| |
| − | </td>
| |
| − | </tr>
| |
| − |
| |
| − | <!-- A P P E N D I X : E X E C U T I O N L O G S >
| |
| − | | |
| − | <tr>
| |
| − | <td class="title" colspan="2"><a name="appendix_0">Appendix:
| |
| − | Execution Logs (1.7.0)</a></td>
| |
| − | </tr>
| |
| − | | |
| − | <tr>
| |
| − | <td colspan="2">
| |
| − | <br>
| |
| − | | |
| − | <p>The following logs were taken while performing this tutorial
| |
| − | at morfeo (Debian system running 2.6.10-skas3-7), using verbose switch (-v) of
| |
| − | vnumlparser.pl version 1.7.0. UMLs run 2.6.10-1m.</p>
| |
| − | | |
| − | <p>Building topology:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@morfeo# vnumlparser.pl -t tutorial.xml -v
| |
| − | TODO
| |
| − | </pre>
| |
| − | | |
| − | <p>Executing commands (start):</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@morfeo# vnumlparser.pl -x start@tutorial_plus.xml -v
| |
| − | TODO
| |
| − | </pre>
| |
| − | | |
| − | <p>Executing commands (stop):</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@morfeo# vnumlparser.pl -x stop@tutorial_plus.xml -v
| |
| − | TODO
| |
| − | </pre>
| |
| − | | |
| − | <p>Destroying topology:</p>
| |
| − | | |
| − | <pre class="box">
| |
| − | root@morfeo# vnumlparser.pl -d tutorial_plus.xml -v
| |
| − | TODO
| |
| − | </pre>
| |
| − | | |
| − | </td>
| |
| − | </tr-->
| |
| − |
| |
| − | <td colspan="2">
| |
| − | <hr>
| |
| − | | |
| − | <center>
| |
| − | <font face="Tahoma"><em>Last update: <script src=
| |
| − | "../js/fecha.js" type="text/javascript">
| |
| − | </script> <script language="JavaScript" type=
| |
| − | "text/javascript">
| |
| − | | |
| − | var cur = new Date(document.lastModified);
| |
| − | fixDate(cur);
| |
| − | var str = getString(cur);
| |
| − | document.write(str);
| |
| − | </script><br></em></font>
| |
| − | </center>
| |
| − | </td>
| |
| − | </tr>
| |
| − | </tbody>
| |
| − | </table>
| |
| − | </div>
| |
| − | </body>
| |
| − | </html>
| |
