Tag Archives: server

Using GNU screen as virtmanager for KVM

Leave a reply

After my last post about KVM, somebody emailed me, asking how I use KVM’s serial console in combination with screen. It’s a rather simple, but really usefull solution if you think tools like virtmanager are too much for you and you don’t like to use VNC. So this post will try to explain it to you.
For starters, you have to add the -nographic option to you KVM parameters. Next, make sure your virtual machine outputs it’s console to serial device 0. For example, start the Linux kernel with console=ttyS0 and make sure there is a getty process running on that same device. Now, whenever you start KVM in a GNU screen (with that -nographic parameter) you will see the dmesg scroll by and will end up with a login prompt. You can just keep this KVM running while detaching the GNU screen session (ctrl+a d) and you can re-attach by starting screen -x.
I use this on my server to start my two virtual machines. I made a screenrc like this:
# display a nice status bar on the bottom of the screen
hardstatus alwayslastline "%-Lw%50>%n%f* %t%{-}%+Lw%< %=[%c]"
vbell off
deflogin off
# use virtio for disks also!
screen -t production kvm -m 2048m -nographic -drive file=production.raw,if=virtio,boot=on -net nic,model=virtio -net tap,ifname=tap0,script=no,downscript=no -smp 2
screen -t development kvm -m 1024m -nographic -drive file=development.raw,if=virtio,boot=on -net nic,model=virtio -net tap,ifname=tap1,script=no,downscript=no

Whenever the server boots it runs the following command in my rc.local:

# start KVM
cd /srv/
su frank - -c 'screen -c screenrc -dm'

So the server starts the GNU screen and the GNU screen start my virtual machines. If I can’t login via ssh in one of my virtual machines, I just connect to the host and attach to the screen to debug the problem.

Boot Ubuntu livecds in KVM without VNC

Leave a reply

This post is just for the sake of documenting this.

A while ago I came across a blog post written by an Ubuntu developer (I believe) which gave a nice tip on how to boot a livecd in KVM without VNC. Yesterday I needed this feature again, but was unable to find it.

I needed to boot a hardy-jeos livecd on my server, but didn’t want to go through the hassle of punching a hole in my firewall and installing a vnc client on my desktop computer. Luckily this is not needed, because you can get kvm to output it’s serial console to your console (in combination with GNU Screen this is very usefull) and the livecd support serial console also. To do all this you just need to append this to your kvm startup command:
-nographic -kernel /mnt/install/vmlinuz -append console=ttyS0,9600 -initrd /mnt/install/initrd.gz -cdrom /home/frank/hardy-jeos-i386.iso
Of course, the relevant files should be changed according to your system. Note that the kernel and initrd files are on the cd, so you should mount the cd on the host sytem also.

Any questions? Just leave them in the comments!

My first Cherokee patch

Leave a reply

I’ve been playing with Cherokee (the light-weight web server) for a while now. I really like the way their configuration file can be managed with cherokee-admin. This is basically a secured web page that provides a convenient interface to all of Cherokees settings.
Although Cherokee is looks so great, I can’t switch the Ivaldi web server to it, because of a few problems:

  • No support for authentication against SHA1 hashed passwords from a MySQL database
  • No support for webdav/svn, we currently use Apaches mod_subversion with authentication against a MySQL database.

The first point didn’t seem so hard to fix, so I submitted a patch to the Cherokee project. The maintainer got in contact with me and let me sign a contributors agreement. I think this means that the code can be committed to their subversion repositories now.
This still leaves one problem before I can switch: webdav/svn. I don’t think I have enough knowledge to fix that. I might try to switch all our current sites to Cherokee though and keep a light-weight, trimmed down, Apache for webdav/svn.

Monitor Postfix with Cacti and SNMP

Leave a reply

Today I configured Cacti and SNMP after I saw the graphs of a friend. He had graphs for Postfix, which showed statics like sent/received/rejected.
After a little search on the internet, I found a post on the Cacti forum. At first I couldn’t get it to work, but after running the script manually (instead of via SNMPd) I found out /var/log/mail.log was not readable by the SNMP user.
Cacti has been polling snmp for the past few hours now and apparently I receive around 25 spam emails that get rejected every 5 minutes. That’s 6000 mails per day, more than 2.000.000 every year. I’m glad I configured postfix to reject those mails (have a look at the reject_rbl_client config directive of postfix).

Using imapproxy to speedup webmail

Leave a reply

Yesterday, I discovered a great way to improve the speed of your webmail client. Two friends of mine were talking about something called imapproxy.
Apparently this is a simply brilliant tool. It was invented because the web is stateless, but imap is not. Your webmail client (for example Roundcube) will reconnect to the imap server everytime you click a link or refresh. This introduces a great deal of lag. The solution to this problem is imapproxy. Your webmail client connects to the proxy and imapproxy opens a connection to the imap server. When the webmail client disconnects, the proxy keeps the connection open for another 5 minutes, so when you refresh or change directory, this can be done very fast!
I installed imapproxy on the webserver of my company. At first I couldn’t get it to work, because I wanted it to connect to imap over ssl, but after enabling “plain text” imap for localhost, I let imapproxy connect to it and everything worked. The roundcube installation now reacts almost instantly!
So remember, don’t try to let imapproxy use ssl, because the only error you will notice is that imapproxy is not listening on any port. The developers just forgot to add error reporting I guess.