qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] Qemu sandbox for teaching
@ 2005-05-28 12:42 Jerome Warnier
  2005-05-28 13:13 ` Paul Brook
  2005-05-28 13:22 ` Tom Sandholm
  0 siblings, 2 replies; 8+ messages in thread
From: Jerome Warnier @ 2005-05-28 12:42 UTC (permalink / raw)
  To: List qemu-devel

Does someone here have an idea on how to do the following using Qemu,
but I'm open to other suggestions:

I would like to provide a UNIX CLI sandbox for users to poke around in a
UNIX course. It would be better if available from the web (preferably
without having to install anything on the users' PC), and Free (as in
free speach).
The problem is that I need to give them root access, or at least a
simulation.
It would be even better if we could for instance install RedHat in it,
but it's not really required.

Thanks
-- 
Jerome Warnier <jwarnier@beeznest.net>
BeezNest

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 12:42 [Qemu-devel] Qemu sandbox for teaching Jerome Warnier
@ 2005-05-28 13:13 ` Paul Brook
  2005-05-28 17:50   ` Jerome Warnier
  2005-05-28 13:22 ` Tom Sandholm
  1 sibling, 1 reply; 8+ messages in thread
From: Paul Brook @ 2005-05-28 13:13 UTC (permalink / raw)
  To: qemu-devel

On Saturday 28 May 2005 13:42, Jerome Warnier wrote:
> Does someone here have an idea on how to do the following using Qemu,
> but I'm open to other suggestions:
>
> I would like to provide a UNIX CLI sandbox for users to poke around in a
> UNIX course. It would be better if available from the web (preferably
> without having to install anything on the users' PC), and Free (as in
> free speach).
> The problem is that I need to give them root access, or at least a
> simulation.
> It would be even better if we could for instance install RedHat in it,
> but it's not really required.

It's not really answering your question, but qemu is probably OTT for this. If 
I was setting this up I'd use UML and a java web based telnet/ssh client.

Paul

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 12:42 [Qemu-devel] Qemu sandbox for teaching Jerome Warnier
  2005-05-28 13:13 ` Paul Brook
@ 2005-05-28 13:22 ` Tom Sandholm
  2005-05-28 13:31   ` Lennert Buytenhek
  1 sibling, 1 reply; 8+ messages in thread
From: Tom Sandholm @ 2005-05-28 13:22 UTC (permalink / raw)
  To: qemu-devel

[-- Attachment #1: Type: text/plain, Size: 2421 bytes --]

Jerome,

Yes.
Using a fairly large server, (i.e. xeon dual with 4Gb ram & 120GB disk), 
and installing...
1.  Qemu
2.  vde (virtual distributed ethernet)
3.  tun/tap device drivers (usually kernel module).
I've been able to create 8 conncurrent qemu instances with reasonable 
performance.
I recompiled qemu, without sdl, as to get qemu able to run in batch, 
without the need of a console window.
I haven't been able to get qemu to run in batch using any of the 
redirected console options (like pty, or -nographic option).
I created a script that starts the vde (tun/tap), used as a tunnel from 
my home network, to the virtual network that all the qemu instances 
connect to.
Then I run a qemu startup script that starts the qemu instance, with 
assigned disk image, assigned mac address (remember you'll need 
differenct Mac's for each instance), and places it in background.
I then installed Debian "sarge" on a "master qemu instance", and also 
install bootcdwrite tools to "image" the newly installed Unix "base".  
(of course you'll also want to install ssh services).
Then I "imaged" the live system onto a cdrom image.  I can then just 
boot the cdrom image, to start-up a qemu-instance, and use the 
bootcdwrite command to write the cdrom image to virtual hard disk.  Of 
course you could just run the qemu-instance fromthe live-run-cdrom ISO, 
and just nfs mount a home directory for any form of "perm" storage (of 
course you'd NFS mount from the host-os.  You may also use the virtual 
floppy image to hold qemu-instance specifics, such as hostname, 
ipaddress, etc.  See the Debian doc's on bootcdwrite for details.
I expect that you may be able to install apache on the host machine, and 
use java-webstart to invoke some form of ssh-client, that users would 
use to ssh into their assigned qemu-instance engine.

Best of luck
Tom Sandholm


Jerome Warnier wrote:

>Does someone here have an idea on how to do the following using Qemu,
>but I'm open to other suggestions:
>
>I would like to provide a UNIX CLI sandbox for users to poke around in a
>UNIX course. It would be better if available from the web (preferably
>without having to install anything on the users' PC), and Free (as in
>free speach).
>The problem is that I need to give them root access, or at least a
>simulation.
>It would be even better if we could for instance install RedHat in it,
>but it's not really required.
>
>Thanks
>  
>

[-- Attachment #2: sandholm.vcf --]
[-- Type: text/x-vcard, Size: 101 bytes --]

begin:vcard
fn:Tom Sandholm
n:Sandholm;Tom
email;internet:sandholm@gsinet.net
version:2.1
end:vcard


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 13:22 ` Tom Sandholm
@ 2005-05-28 13:31   ` Lennert Buytenhek
  2005-05-28 13:37     ` Paul Brook
  0 siblings, 1 reply; 8+ messages in thread
From: Lennert Buytenhek @ 2005-05-28 13:31 UTC (permalink / raw)
  To: qemu-devel

On Sat, May 28, 2005 at 09:22:23AM -0400, Tom Sandholm wrote:

> Yes.
> Using a fairly large server, (i.e. xeon dual with 4Gb ram & 120GB disk), 
> and installing...

Hmm.. 8 el-cheapo whitebox PCs just might be cheaper than that dual
xeon with 4gb ram and 120G of disk of yours.  ;-)

(They'll likely consume more power, though.)


--L

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 13:31   ` Lennert Buytenhek
@ 2005-05-28 13:37     ` Paul Brook
  0 siblings, 0 replies; 8+ messages in thread
From: Paul Brook @ 2005-05-28 13:37 UTC (permalink / raw)
  To: qemu-devel

On Saturday 28 May 2005 14:31, Lennert Buytenhek wrote:
> On Sat, May 28, 2005 at 09:22:23AM -0400, Tom Sandholm wrote:
> > Yes.
> > Using a fairly large server, (i.e. xeon dual with 4Gb ram & 120GB disk),
> > and installing...
>
> Hmm.. 8 el-cheapo whitebox PCs just might be cheaper than that dual
> xeon with 4gb ram and 120G of disk of yours.  ;-)
>
> (They'll likely consume more power, though.)

Not if you use the via epia mini-itx boards they won't.

Paul

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 13:13 ` Paul Brook
@ 2005-05-28 17:50   ` Jerome Warnier
  2005-05-29 13:49     ` Herbert Poetzl
  2005-05-30  9:06     ` Henrik Nordstrom
  0 siblings, 2 replies; 8+ messages in thread
From: Jerome Warnier @ 2005-05-28 17:50 UTC (permalink / raw)
  To: List qemu-devel

Le samedi 28 mai 2005 à 14:13 +0100, Paul Brook a écrit :
> On Saturday 28 May 2005 13:42, Jerome Warnier wrote:
> > Does someone here have an idea on how to do the following using Qemu,
> > but I'm open to other suggestions:
> >
> > I would like to provide a UNIX CLI sandbox for users to poke around in a
> > UNIX course. It would be better if available from the web (preferably
> > without having to install anything on the users' PC), and Free (as in
> > free speach).
> > The problem is that I need to give them root access, or at least a
> > simulation.
> > It would be even better if we could for instance install RedHat in it,
> > but it's not really required.
> 
> It's not really answering your question, but qemu is probably OTT for this. If 
> I was setting this up I'd use UML and a java web based telnet/ssh client.
Well, I was thinking about what the snapshot feature of qemu could bring
me.

In fact, I thought about the following solutions:
- qemu (or whatever other virtualization system)
- chroot (or specifically dchroot in Debian) and remote telnet or ssh
access
- UML

Advantages of every solution:
- qemu virtualizes a complete machine, which means installation of an OS
is possible and it is pretty safe (security-wise) to setup
- chroot is fast to run and pretty safe
- UML is fast to run and pretty safe

Problems of every solution:
- qemu is slow, and a lot of virtual machines at the same time on the
same machine will slow it down and use too much memory, I think (I'm
talking about 10 people «playing» at the same time). Using only a
text-mode virtual machine may probably help, though
- chroot does not allow much and may take time to setup correctly
- UML is difficult to setup, and needs a kernel patch (even on 2.6?) to
work


> Paul
-- 
Jerome Warnier <jwarnier@beeznest.net>
BeezNest

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 17:50   ` Jerome Warnier
@ 2005-05-29 13:49     ` Herbert Poetzl
  2005-05-30  9:06     ` Henrik Nordstrom
  1 sibling, 0 replies; 8+ messages in thread
From: Herbert Poetzl @ 2005-05-29 13:49 UTC (permalink / raw)
  To: Jerome Warnier; +Cc: List qemu-devel

On Sat, May 28, 2005 at 07:50:53PM +0200, Jerome Warnier wrote:
> Le samedi 28 mai 2005 à 14:13 +0100, Paul Brook a écrit :
> > On Saturday 28 May 2005 13:42, Jerome Warnier wrote:
> > > Does someone here have an idea on how to do the following using Qemu,
> > > but I'm open to other suggestions:
> > >
> > > I would like to provide a UNIX CLI sandbox for users to poke around in a
> > > UNIX course. It would be better if available from the web (preferably
> > > without having to install anything on the users' PC), and Free (as in
> > > free speach).
> > > The problem is that I need to give them root access, or at least a
> > > simulation.
> > > It would be even better if we could for instance install RedHat in it,
> > > but it's not really required.
> > 
> > It's not really answering your question, but qemu is probably OTT for this. If 
> > I was setting this up I'd use UML and a java web based telnet/ssh client.
> Well, I was thinking about what the snapshot feature of qemu could bring
> me.
> 
> In fact, I thought about the following solutions:
> - qemu (or whatever other virtualization system)
> - chroot (or specifically dchroot in Debian) and remote telnet or ssh
> access
> - UML
> 
> Advantages of every solution:
> - qemu virtualizes a complete machine, which means installation of an OS
> is possible and it is pretty safe (security-wise) to setup
> - chroot is fast to run and pretty safe
> - UML is fast to run and pretty safe
> 
> Problems of every solution:
> - qemu is slow, and a lot of virtual machines at the same time on the
> same machine will slow it down and use too much memory, I think (I'm
> talking about 10 people «playing» at the same time). Using only a
> text-mode virtual machine may probably help, though
> - chroot does not allow much and may take time to setup correctly
> - UML is difficult to setup, and needs a kernel patch (even on 2.6?) to

you might want to have a look at linux-vserver

	http://linux-vserver.org/

it allows you to have VPS with certain root rights
on a shared host, in a secure manner (no overhead)

HTH,
Herbert

> work
> 
> 
> > Paul
> -- 
> Jerome Warnier <jwarnier@beeznest.net>
> BeezNest
> 
> 
> 
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] Qemu sandbox for teaching
  2005-05-28 17:50   ` Jerome Warnier
  2005-05-29 13:49     ` Herbert Poetzl
@ 2005-05-30  9:06     ` Henrik Nordstrom
  1 sibling, 0 replies; 8+ messages in thread
From: Henrik Nordstrom @ 2005-05-30  9:06 UTC (permalink / raw)
  To: List qemu-devel

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed, Size: 1184 bytes --]

On Sat, 28 May 2005, Jerome Warnier wrote:

> Advantages of every solution:
> - UML is fast to run and pretty safe

If you give out root rights UML is only as safe as the account the UML 
kernel runs as.

> Problems of every solution:
> - qemu is slow, and a lot of virtual machines at the same time on the
> same machine will slow it down and use too much memory, I think (I'm
> talking about 10 people «playing» at the same time). Using only a
> text-mode virtual machine may probably help, though

Only text-mode helps a lot.

> - chroot does not allow much and may take time to setup correctly

chroot and allowing root rights is a no-no. The root user within a chroot 
is still root.

> - UML is difficult to setup, and needs a kernel patch (even on 2.6?) to
> work

UML doesn't require a kernel patch but it performs significantly better 
if you do.

Similar for qemu with it's kqemu kernel module, but here only a custom 
module is required no patching of the main kernel.

I would go for qemu (with kqemu), tun/tap networking with proxy-arp or 
explicit routing and a java applet SSH (or perhaps telnet) client to 
connect.

Regards
Henrik

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2005-05-30  9:24 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-05-28 12:42 [Qemu-devel] Qemu sandbox for teaching Jerome Warnier
2005-05-28 13:13 ` Paul Brook
2005-05-28 17:50   ` Jerome Warnier
2005-05-29 13:49     ` Herbert Poetzl
2005-05-30  9:06     ` Henrik Nordstrom
2005-05-28 13:22 ` Tom Sandholm
2005-05-28 13:31   ` Lennert Buytenhek
2005-05-28 13:37     ` Paul Brook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).