The technique allows you to run multiple sandboxed virtual instances of Linux from one machine under a master Linux operating system. This is always good for server consolidation, security and development. In this book, a potentially complex subject area has been tamed and discussed with well grounded commonsense and practical examples by the original creator and current maintainer of the software. Virtualization is a hot topic.

Author:Tebar Douramar
Country:Czech Republic
Language:English (Spanish)
Published (Last):16 August 2010
PDF File Size:16.81 Mb
ePub File Size:20.6 Mb
Price:Free* [*Free Regsitration Required]

They may be directed to the host or the host may just act as a router to provide access to other physical or virtual machines. The pcap transport is a synthetic read-only interface, using the libpcap binary to collect packets from interfaces on the host and filter them. This is useful for building preconfigured traffic monitors or sniffers. The daemon and multicast transports provide a completely virtual network to other virtual machines.

This network is completely disconnected from the physical network unless one of the virtual machines on it is acting as a gateway. With so many host transports, which one should you use? If are running a prebuilt kernel from this site, everything is already enabled. The next step is to provide a network device to the virtual machine.

This is done by describing it on the kernel command line. Note that the IP address you assign to the host end of the tap device must be different than the IP you assign to the eth device inside UML.

Also note that when you configure the host side of an interface, it is only acting as a gateway. You are not talking to the UML when you ping that interface and get a response. You can also add devices to a UML and remove them at runtime. See the The Management Console page for details. The sections below describe this in more detail.

At that point, you will be able to talk to any other machines, physical or virtual, on the net. If ifconfig inside UML fails and the network refuses to come up, run tell you what went wrong. If not, then you need to check them out of CVS, build them, and install them. This is generally not necessary. If one is not specified on the command line, the driver will assign one based on the device IP address. It will provide the address fe:fd:nn:nn:nn:nn where nn.

This is nearly always sufficient to guarantee a unique hardware address for the device. The first thing to do is bring the interface up: UML ifconfig ethn ip-address up You should be able to ping the host at this point. To reach the rest of the world, you should set a default route to the host: UML route add default gw host ip Again, with host ip of This is wrong, because it will cause UML to try to figure out hardware addresses of the local machines by arping on the interface to the host.

So, what you want is for UML to just blindly throw all packets at the host and let it figure out what to do with them, which is what leaving out the network route and adding the default route does. Your system must have multicast enabled in the kernel and there must be a multicast-capable network device on the host. Normally, this is eth0, but if there is no ethernet card on the host, then you will likely get strange error messages when you bring the device up inside UML.

Log in, configure the ethernet device in each machine with different IP addresses: UML1 ifconfig eth0 This is useful when your network does not support multicast, and all network connections are simple point to point links.

This involves insmod-ing the tun. If you are new to UML networking, do this first. This is a feature. Upgrade the host kernel or use the ethertap transport. Setting up the device is done as follows: Create the device with tunctl available from the UML utilities tarball : host tunctl -u uid where uid is the user id or username that UML will be run as.

This will tell you what device was created. Configure the device IP change IP addresses and device name to suit : host ifconfig tap0 An even better idea would be a little utility which reads the information from a config file and sets up devices at boot time.

To use this transport, you need to describe the virtual network device on the UML command line. The tap device is mandatory, but the others are optional. If the ethernet address is omitted, one will be assigned to it. The presence of the tap IP address will cause the helper to run and do whatever host setup is needed to allow the virtual machine to communicate with the outside world.

If it is absent, then you must configure the tap device and whatever arping and routing you will need on the host. So, the helper is used as a convenient asynchronous IO thread.

You just need to make sure you have ethertap available, either built in to the host kernel or available as a module.

If ethertap is enabled as a module, you apparently need to insmod ethertap once for each ethertap device you want to enable.

So,: host insmod ethertap will give you the tap0 interface. By default, it provides no connection to the host network but see -tap, below. The first thing you need to do is run the daemon. Running it with no arguments will make it listen on a default pair of unix domain sockets. When it sees that, it exits. The rest of the arguments describe how to communicate with the daemon. You should only specify them if you told the daemon to use different sockets than the default.

In contrast to the ethertap interface, which exchanges ethernet frames with the host and can be used to transport any higher-level protocol, it can only be used to transport IP.

If it is specified, the helper will run and will set up the host so that the virtual machine can reach it and the rest of the network. There are some oddities with this interface that you should be aware of.

These problems will be fixed at some point. This is similar to IP masquerading with a firewall, although the translation is performed in user-space, rather than by the kernel. As slirp does not set up any interfaces on the host, or changes routing, slirp does not require root access or setuid binaries on the host. More information on all of the slirp options can be found in its man pages. Even with a baudrate setting higher than , the slirp connection is limited to The interface is whatever network device on the host you want to sniff.

The expression is a pcap filter expression, which is also what tcpdump uses, so if you know how to specify tcpdump filters, you will use the same expressions here. So this is what is needed to get things working the examples use a host-side IP of Tap devices are also configured with an mtu of Slip devices are configured with a point-to-point address pointing at the UML ip address: host ifconfig tap0 arp mtu It will result in filesystem corruption. As of 2. Using this scheme, the majority of data which is unchanged is shared between an arbitrary number of virtual machines, each of which has a much smaller file containing the changes that it has made.

With a large number of UMLs booting from a large root filesystem, this leads to a huge disk space saving. The COW file need not exist. The COW file is sparse, so the length will be very different from the disk usage.

Doing so will invalidate any COW files that are using it. The mtime and size of the backing file are stored in the COW file header at its creation, and they must continue to match. If you attempt to evade this restriction by changing either the backing file or the COW header by hand, you will get a corrupted filesystem. Among other things, this means that upgrading the distribution in a backing file and expecting that all of the COW files using it will see the upgrade will not work.

It also has a destructive merge option which will merge the COW file directly into its current backing file. This is really only usable when the backing file only has one COW file associated with it. If there are multiple COWs associated with a backing file, a -d merge of one of them will invalidate all of the others.

This was written on the occasion of reiserfs being included in the 2. This information is generic, and the examples should be easy to translate to the filesystem of your choice. All you need to do is tell dd to create an empty file of the appropriate size. Creating and mounting the filesystem Make sure that the filesystem is available, either by being built into the kernel, or available as a module, then boot up UML and log in.

However, since UML is running on the host, it can access those files just like any other process and make them available inside the virtual machine without needing to use the network. This is now possible with the hostfs virtual filesystem. With it, you can mount a host directory into the UML filesystem and access the files contained in it just as you would on the host.

To start, you need that hierarchy. This worked for me: host find. Since there is a full-blown operating system under UML, there is much greater flexibility possible than with the SysRq mechanism.


Interview with Jeff Dike of User Mode Linux



User-mode Linux



User Mode Linux by Jeff Dike



试玩UML(User Mode Linux)


Related Articles