Instant Xen guest (guest-magic tool)

Instant Xen guest (guest-magic tool)

[Gaurav Maheshbhai Patel]

Hello Everyone,
Let me introduce myself. I am Gaurav Patel. I am student of Internet System Administrator Program at Seneca College , Canada.
We built a GUI tool which creates Xen guest Domain in couple of seconds. 
Give new guest domain name and memory. You Are Done!!!!!!!!!!!!!!! 
We also successfully released it on sourceforge.net. 

Description: 

Tool Name : guest-magic
Version - 0.1
Tested Environment: Fedora Core 6
Written in : Python
download link: https://sourceforge.net/projects/guest-magic/

Detail description is also include in README.TXT file with this tool.

This is our first release. And development is in progress.
Comments and suggestion is HIGHLY appriciated.
Gaurav 

Re: Instant Xen guest (guest-magic tool)

[Steve Kemp]

On Tue, Apr 10, 2007 at 09:51:46PM -0500, Gaurav Maheshbhai Patel wrote:

> Give new guest domain name and memory. You Are Done!!!!!!!!!!!!!!! 
> We also successfully released it on sourceforge.net. 

> This is our first release. And development is in progress.
> Comments and suggestion is HIGHLY appriciated.

  Just two quick comments.

  Firstly it doesn't seem to do everything, just create an LVM volume
 and the configuration file.  I was hoping it would install fresh
 copies of Fedora/Debian/Gentoo/etc.

  Secondly you shouldn't really be using /tmp in the way that you
 are.  This is very dangerous:

        commands.getoutput('xm list > /tmp/guestmagic')

  "xm" has to be run as root, so what you're doing is writing the
 output of a command, as root, into a file in /tmp which anybody
 else upon the system might have created.

  Consider what happens if userA were to run:

        ln -s /tmp/guestmagic /etc/passwd

  The next time you run your application the password file would
 be trashed!

  I'd suggest you either use a pipe, or a secure *unpredictable*
 filename instead.

Steve
-- 
Debian GNU/Linux System Administration
http://www.debian-administration.org/

Re: Instant Xen guest (guest-magic tool)

[Gaurav Maheshbhai Patel]

Hi steve,
First of all , Thank you very much for your comments.
guest-magic  doesn't really install fresh versions of a guest but instead clones one that you already have running and just want a instant copy of it. Its basically take a snapshot of running guest and create another copy of it [cloning].
Also, We also appriciate the second comment. We haven't thought about that /tmp/guestmagic suggestion.
We will try to come up with a better way of doing things instead of using the temp file in the next release. Well piping is good suggestion. 

We kindly consider that there are some limitations in guest-magic tool. We released it so professionals can give their suggestion and comments.
Also , if you think we should also add this functionality in guest-magic, we could try our best.
Thank You.
Gaurav.

----- Original Message -----
From: Steve Kemp <steve@steve.org.uk>
Date: Wednesday, April 11, 2007 4:06 am
Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool)
To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca>
Cc: xen-devel@lists.xensource.com

> On Tue, Apr 10, 2007 at 09:51:46PM -0500, Gaurav Maheshbhai Patel 
> wrote:
> > Give new guest domain name and memory. You Are 
> Done!!!!!!!!!!!!!!! 
> > We also successfully released it on sourceforge.net. 
> 
> > This is our first release. And development is in progress.
> > Comments and suggestion is HIGHLY appriciated.
> 
>  Just two quick comments.
> 
>  Firstly it doesn't seem to do everything, just create an LVM volume
> and the configuration file.  I was hoping it would install fresh
> copies of Fedora/Debian/Gentoo/etc.
> 
>  Secondly you shouldn't really be using /tmp in the way that you
> are.  This is very dangerous:
> 
>        commands.getoutput('xm list > /tmp/guestmagic')
> 
>  "xm" has to be run as root, so what you're doing is writing the
> output of a command, as root, into a file in /tmp which anybody
> else upon the system might have created.
> 
>  Consider what happens if userA were to run:
> 
>        ln -s /tmp/guestmagic /etc/passwd
> 
>  The next time you run your application the password file would
> be trashed!
> 
>  I'd suggest you either use a pipe, or a secure *unpredictable*
> filename instead.
> 
> Steve
> -- 
> Debian GNU/Linux System Administration
> http://www.debian-administration.org/
> 
> 

Re: Instant Xen guest (guest-magic tool)

[Steve Kemp]

On Wed, Apr 11, 2007 at 01:54:35PM -0500, Gaurav Maheshbhai Patel wrote:

> First of all , Thank you very much for your comments.

  You're welcome.  I've been doing similar(ish) things for a while
 now so it is nice to check out the "competition".

> Its basically take a snapshot of running guest and create another 
> copy of it [cloning].

  Sounds good, although the obvious comment is that there are
 going to be things that you will need to change to make the
 second system/copy fully functional.

  Networking details being one obvious issue, although if the source
 and the clone are both setup to use DHCP that might not be important.
 Still hostname, SMTP hostname, etc might need to vary on a per-instance
 basis.

> Also, We also appriciate the second comment. We haven't thought about 
> that /tmp/guestmagic suggestion.

  Just something that jumped out.  Piping without the temporary file,
 or using mkstemp, or similar, function should be sufficient.

Steve
-- 
http://www.steve.org.uk/

Re: Instant Xen guest (guest-magic tool)

[Gaurav Maheshbhai Patel]

Hi Steve,
Well good to hear that you are working on same kind of project.
I was wondering about your suggestion. If we make a copy/snapshot of it. Then Installing fresh copy of Some linux distro....
1) How can we do that? 
2) If we do that then, doesn't it take the same time to installing new distro on guest?

Also have you looked at the snap shot of guest-magic on sourceforge.net? Well IP assignment is still issue there because of short deadline of the project. But we are still going to do that.
Also, can you please tell me about what are you working on? Might be it helps us some what
Again thank you very much
Gaurav.

----- Original Message -----
From: Steve Kemp <steve@steve.org.uk>
Date: Wednesday, April 11, 2007 6:42 pm
Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool)
To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca>
Cc: xen-devel@lists.xensource.com

> On Wed, Apr 11, 2007 at 01:54:35PM -0500, Gaurav Maheshbhai Patel 
> wrote:
> > First of all , Thank you very much for your comments.
> 
>  You're welcome.  I've been doing similar(ish) things for a while
> now so it is nice to check out the "competition".
> 
> > Its basically take a snapshot of running guest and create another 
> > copy of it [cloning].
> 
>  Sounds good, although the obvious comment is that there are
> going to be things that you will need to change to make the
> second system/copy fully functional.
> 
>  Networking details being one obvious issue, although if the source
> and the clone are both setup to use DHCP that might not be important.
> Still hostname, SMTP hostname, etc might need to vary on a per-
> instance basis.
> 
> > Also, We also appriciate the second comment. We haven't thought 
> about 
> > that /tmp/guestmagic suggestion.
> 
>  Just something that jumped out.  Piping without the temporary file,
> or using mkstemp, or similar, function should be sufficient.
> 
> Steve
> -- 
> http://www.steve.org.uk/
> 

Re: Instant Xen guest (guest-magic tool)

[Steve Kemp]

On Thu, Apr 12, 2007 at 12:17:47PM -0400, Gaurav Maheshbhai Patel wrote:

> Well good to hear that you are working on same kind of project.
> I was wondering about your suggestion. If we make a copy/snapshot of it. Then Installing fresh copy of Some linux distro....
> 1) How can we do that? 

  Depends on the type of distribution you've got.  For Debian dom0 you
 can use tools like debootstrap to automatically install fresh copies
 of Debian inside a directory/partition.  Similarly you could use a tool
 like rpmstrap to install copies of CentOS.  (Though rpmstrap is very
 fragile and prone to breakage).

> 2) If we do that then, doesn't it take the same time to installing new distro on guest?

  I don't fully understand what you're asking there.  If you're using
 a tool like rpmstrap, or debootstrap, then it'd take a few minutes to
 install (or more depending on your network link).

  If you had several Linux distribution images locally you could do
 a copy in a few seconds.

  (That's what we do at work - we have a collection of configured Linux
 distributions mounted read-only, and we simply copy those into new
 guests automatically.  The process of installing Gentoo, Debian,
 Ubuntu, or CentOS takes only a few minutes - but it does rely upon
 you creating the "source" installations manually first.  There are
 a small collection of fixups applied after the copy to setup unique
 IPs, hostnames, etc, but otherwise the new copies are basically 
 clones of the centralized master copy of each distribution.)

> Also have you looked at the snap shot of guest-magic on sourceforge.net? 

  Yes ..

> Well IP assignment is still issue there because of short deadline of the project. But we are still going to do that.

> Also, can you please tell me about what are you working on? 
> Might be it helps us some what

  xen-tools :

    http://xen-tools.org/software/xen-tools/

  Developed and used primarily upon Debian GNU/Linux, but apparently
 portable to things like CentOS and Fedora Core.

Steve
-- 

Re: Instant Xen guest (guest-magic tool)

[Gaurav Maheshbhai Patel]

Hi steve,
The comment on /tmp/guestmagic was really good.
I was wondering what if we use /tmp/$$ 

>     commands.getoutput('xm list > /tmp/$$')

Is it create the same problem as /tmp/guestmagic?

Thanks in advance
Gaurav


----- Original Message -----
From: Steve Kemp <steve@steve.org.uk>
Date: Thursday, April 12, 2007 1:52 pm
Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool)
To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca>
Cc: xen-devel@lists.xensource.com

> On Thu, Apr 12, 2007 at 12:17:47PM -0400, Gaurav Maheshbhai Patel 
> wrote:
> > Well good to hear that you are working on same kind of project.
> > I was wondering about your suggestion. If we make a copy/snapshot 
> of it. Then Installing fresh copy of Some linux distro....
> > 1) How can we do that? 
> 
>  Depends on the type of distribution you've got.  For Debian dom0 you
> can use tools like debootstrap to automatically install fresh copies
> of Debian inside a directory/partition.  Similarly you could use a 
> tool like rpmstrap to install copies of CentOS.  (Though rpmstrap 
> is very
> fragile and prone to breakage).
> 
> > 2) If we do that then, doesn't it take the same time to 
> installing new distro on guest?
> 
>  I don't fully understand what you're asking there.  If you're using
> a tool like rpmstrap, or debootstrap, then it'd take a few minutes to
> install (or more depending on your network link).
> 
>  If you had several Linux distribution images locally you could do
> a copy in a few seconds.
> 
>  (That's what we do at work - we have a collection of configured 
> Linux distributions mounted read-only, and we simply copy those 
> into new
> guests automatically.  The process of installing Gentoo, Debian,
> Ubuntu, or CentOS takes only a few minutes - but it does rely upon
> you creating the "source" installations manually first.  There are
> a small collection of fixups applied after the copy to setup unique
> IPs, hostnames, etc, but otherwise the new copies are basically 
> clones of the centralized master copy of each distribution.)
> 
> > Also have you looked at the snap shot of guest-magic on 
> sourceforge.net? 
> 
>  Yes ..
> 
> > Well IP assignment is still issue there because of short deadline 
> of the project. But we are still going to do that.
> 
> > Also, can you please tell me about what are you working on? 
> > Might be it helps us some what
> 
>  xen-tools :
> 
>    http://xen-tools.org/software/xen-tools/
> 
>  Developed and used primarily upon Debian GNU/Linux, but apparently
> portable to things like CentOS and Fedora Core.
> 
> Steve
> -- 
> 

Re: Instant Xen guest (guest-magic tool)

[Steve Kemp]

On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel wrote:

> The comment on /tmp/guestmagic was really good.
> I was wondering what if we use /tmp/$$ 
> 
> >     commands.getoutput('xm list > /tmp/$$')
> 
> Is it create the same problem as /tmp/guestmagic?

  Pretty much.  Process IDs are still *predictable* since they
 tend to be sequential under most systems.

  Still this is better than a static name.  You should really
 use a pipe.  If you can't then use a secure filename which
 can't be guessed by a local user.

  This is pretty off-topic for the xen list though, so I'll
 just suggest you look at the Secure Programming Howto:

    http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html

 Specifically the section on temporary files being used in 
 races.

Steve
-- 

Re: Instant Xen guest (guest-magic tool)

[Gaurav Maheshbhai Patel]

Thankyou very much steve,
Its very helpful. 
Gaurav

----- Original Message -----
From: Steve Kemp <steve@steve.org.uk>
Date: Saturday, April 14, 2007 7:19 pm
Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool)
To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca>
Cc: xen-devel@lists.xensource.com

> On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel 
> wrote:
> > The comment on /tmp/guestmagic was really good.
> > I was wondering what if we use /tmp/$$ 
> > 
> > >     commands.getoutput('xm list > /tmp/$$')
> > 
> > Is it create the same problem as /tmp/guestmagic?
> 
>  Pretty much.  Process IDs are still *predictable* since they
> tend to be sequential under most systems.
> 
>  Still this is better than a static name.  You should really
> use a pipe.  If you can't then use a secure filename which
> can't be guessed by a local user.
> 
>  This is pretty off-topic for the xen list though, so I'll
> just suggest you look at the Secure Programming Howto:
> 
>    http://www.dwheeler.com/secure-programs/Secure-Programs-
> HOWTO/index.html
> Specifically the section on temporary files being used in 
> races.
> 
> Steve
> -- 
> 

Re: Instant Xen guest (guest-magic tool)

[Tom Wisniewski]

[-- Attachment #1.1: Type: text/plain, Size: 139 bytes --]

Thanks for the tip Steve.  Using a pipe worked great.


>I'd suggest you either use a pipe, or a secure *unpredictable*
>filename instead.

[-- Attachment #1.2: Type: text/html, Size: 172 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel