It all started one day out of spite, when reading about the other information security teams and their progress in their virtualized environments ( especially Alfred State's own Adam Smith and vSphere ) (pictures right here)

Our club ( CIST ), is in much need of something of this nature, Since most of us do not possess computers with that type of processing power. What they have here is a completely virtualized network for the specific use of their club activities, and that is the exact type of thing that completely over rides all the extra work I have to go through trying to get VMs in the right place.

We have about 400$ left in our club budget for everything, and I plan to use every single penny in creating this type of environment for classmates beyond my scope to be able to prosper and grow beyond what we do here. This hardware can mean the education of server class hardware and virtualization (which is lacking in CCC), while also giving us a playground for everything we do.

I remember the day I started looking for this environment. It was about two weeks into the new semester and I was anxious to get something right away. I kept seeing deals go on amazon, ebay, and even craigslist. It wasn't until the middle of march when I saw a post for 4 Dell Poweredge 2970's that came with 16 GB DDR2 RAM, and dual dual 3.0ghz AMD cores. They were set at a modest $125 each. I figured going in to buy three would have put us at a decent level where we can begin to try and setup a maxed environment for what we needed. When we acted upon the add, we met a very cool guy from a very cool company. He liked what we were trying to do and he liked our enthusiasm, so he threw in the fourth machine for free. This was a great day for me, it meant that everything was coming to fruition.

We setup the computers and began to show everyone what they are all about. Then we started configuring.

The plan was complex, but easy to understand. We wanted there to be a way where we can have seamless migration of running vm's in between the servers. How we are able to achieve that is simple, we are going to use xen to virtualize and ceph for the distributed file system.

xen is widely used in the LAIR. They run all of their VM's under xen because it is hardcore. A good amount of operating systems we will be emulating with will be self aware of their virtualization due to the way that xen handles it. Each server will be equipped with this horse and configured the same way to allow each one another to read the other vms we dish out.

ceph is free software developed by a bunch of foreigners to distribute data among distributed systems without a single point of failure. The data is replicated, which makes it fault tolerant.

We have so far installed debian on each machine, we have ran updates on all of them and we have installed openssh-server,xen, and ceph.

Pressly has setup the ceph, which was dependent on a number of factors, namely python. The setup is detailed and weird, but it works. link will be here.

Matt has setup the Xen, and had ironed out all the kinks to get me to finish the installs on the other boxes. Having to change the boot order for grub to see the new image first, (and then having to fix the second window to actually timeout (see below)), we also had to setup the network interfaces so that we could have the vm's access out to the internet.

I am currently in charge of making sure everything is running good enough (and learn ceph usability well enough) to create these VM's and have the network work.

The list of how the VNC ports forward for each VM

You would think that apt-get would handle dependencies like actually having python when installing a package that needs it, wrong.

~# apt-get install python

We had to fix that grub thing, this is how we did it:

dpkg-divert --divert /etc/grub.d/08_linux_xen --rename /etc/grub.d/20_linux_xen 
update-grub

Then you edit the /etc/grub.d/08_linux_xen file and append the following line at the new xen submenu entry:

    echo "submenu \"Xen ${xen_version}\" {" 
    echo "set timeout=5"      --------------this
    while [ "x$list" != "x" ] ; do  

in /etc/network/interfaces , set eth0 from auto to manual and add the following entry:

auto xenbr0
iface xenbr0 inet dhcp  
    bridge_ports eth0   

then edit /etc/xen/xend-config.sxp

uncomment the following lines

(vif-script vif-bridge)
(vnc-listen '0.0.0.0')
(vnc-password '')

you should make the following folders and populate it with stuff:

mkdir -p /xen/images
mkdir /xen/conf