DOCSLIB.ORG

Fortiweb Manager On

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Fortiweb Manager On FortiWeb Manager-VM on KVM FortiWeb Manager-VM on KVM TABLE OF CONTENTS Preparing for the FortiWeb Manager Installation 4 Prerequisites and Requirements 4 Download the FortiWeb Manager-VM software 5 Deploying FortiWeb Manager-VM on KVM 6 Deploying FortiWeb Manager-VM using VirtManager 6 Deploying FortiWeb Manager-VM using Linux bash 10 Optional: Resizing the virtual disk (vDisk) 11 Configuring access to FortiWeb Manager 12 Uploading the license 13 Downloading a FortiWeb Manager license 13 Uploading license to FortiWeb Manager 14 FortiWeb Manager-VM on KVM 3 Fortinet Technologies Inc. Preparing for the FortiWeb Manager Installation Preparing for the FortiWeb Manager Installation FortiWeb Manager supports the following hypervisor versions: l VMware ESXi (version 5.5 or higher) l VMware Workstation (version 10 or higher) l VMware Fusion (version 8.5 or higher) l KVM KVM is used as a hypervisor; enable the nested visualization to speed up the system. Refer to https://www.linux- kvm.org/page/Nested_Guests for more information. For best performance in hypervisor deployments, install FortiWeb Manager-VM on a "bare metal" (type 1) hypervisor. Hypervisors that are installed as applications on top of a general purpose operating system (Windows, Mac OS X or Linux) host have fewer computing resources available due to the host OS’s own overhead. For hypervisor deployments, hardware-assisted virtualization (Intel VT or AMD-V) must be enabled in the BIOS. You must also have the VM environment client installed on a management computer. (A management computer is a desktop or a laptop that you use to deploy and manage your virtual machines.) Prerequisites and Requirements l 64-bit support required (kernel and runtime) l A currently supported version of Mozilla Firefox or Google Chrome l Other HTML5 compliant web browsers may work but are not fully tested or supported l 2 CPUs minimum l 8 GB RAM minimum (8+ GB RAM recommended ) l For demonstration only: 4GB RAM minimal for VMWare Workstation (8+ GB RAM recommended ) l 70 GB of dedicated hard disk space l The firmware version of the FortiWeb devices managed by FortiWeb Manager should be 5.9.0 or higher l Downgrade is NOT supported (snapshot is recommended before upgrade operations) FortiWeb Manager-VM on KVM 4 Fortinet Technologies Inc. Download the FortiWeb Manager-VM software Download the FortiWeb Manager-VM software 1. Go to the Fortinet support site (https://support.fortinet.com) and log in. 2. Under Download, click Firmware Images. 3. Click the FortiWeb Manager link and navigate to the version that you want to download. 4. Download the appropriate .zip file. l ESXi/ESX image: image.out.ovf.zip l VMware workstation and VMware Fusion image: image.out.vmware.zip l KVM image: image.out.kvm.zip 5. Use this file for virtual appliance (VM) new installations. It contains a deployable virtual machine package. (The .out image files are for upgrading existing installations, and cannot be used for a new installation.) 6. Extract the .zip file to a folder. FortiWeb Manager-VM on KVM 5 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM Deploying FortiWeb Manager-VM on KVM Deploying FortiWeb Manager-VM using VirtManager The following steps introduce how to install FortiWeb Manager-VM using VirtManager, and the server is Ubuntu 16.04 LTS headless server. 1. On your KVM host server, launch Virtual Machine Manager (virt-manager), and then select Create a new virtual machine. 2. Ensure that Connection is localhost (the default value). 3. Select Import existing disk image. FortiWeb Manager-VM on KVM 6 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM 4. Click Forward. 5. Click Browse to navigate to boot.qcow2 and select it. 6. Use the default values for OS Type and Version. 7. Click Forward. FortiWeb Manager-VM on KVM 7 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM 8. To ensure high performance under heavy load, it's recommended to use at lease 8 GB of RAM and 2 CPUs. 9. Click Forward. FortiWeb Manager-VM on KVM 8 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM 10. The installation wizard displays a summary of the configurations you have set. Select Customize configuration before install so that you can add more Network Interface Cards (NICs). 11. During installation process, the system automatically creates a NIC. You need to create three more NICs because FortiWeb Manager supports four network interfaces. The Device model of these four NICs should be virtio. l For the NIC which is created by the system, change its Device model to virtio. l Create three more NICs. Click Add Hardware at the bottom left of the window. In the Network configuration, set the Network source FortiWeb Manager-VM on KVM 9 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM as shown below or choose other options according to your network design, check the MAC address and specify it, and select virtio for Device model. Click Finish. Repeat this step three times to create three NICs. 12. Click Begin Installation at the top left of the window. Deploying FortiWeb Manager-VM using Linux bash The following steps introduce how to install FortiWeb Manager-VM using Linux bash, and the server is Ubuntu 16.04 LTS headless server. 1. Go to the path where you unzip the FortiWeb Manager-VM image file, such as /home/user/image-kvm- 64/boot.qcow2 or /root/image-kvm-64/boot.qcow2. 2. Install Fortiweb Manager-VM. virt-install \ --connect qemu:///system \ --virt-type kvm \ --name <specify a name for FortiWeb Manager VM> \ --memory 8192 \ FortiWeb Manager-VM on KVM 10 Fortinet Technologies Inc. Deploying FortiWeb Manager-VM on KVM --vcpus 2 \ --cpu host \ --os-type=linux \ --os-variant=generic \ --import \ --disk path=/home/user/image-kvm-64/boot.qcow2,format=qcow2 \ --network network=default,model=virtio \ --network network=default,model=virtio \ --network network=default,model=virtio \ --network network=default,model=virtio Optional: Resizing the virtual disk (vDisk) The following steps introduce how to resize the virtual disk, using Ubuntu 16.04 LTS headless server as an example. 1. Check the size of the vDisk. The default size is 70 GB. qemu-img info <the path of the image file> For example: qemu-img info /opt/kvm_013001_zx/boot.qcow2 2. Increase the size of the vDisk. It's recommended to shut down the virtual appliance before performing this step. qemu-img resize <the path of the image file> +<the size you want to adjust> For example: qemu-img resize /opt/kvm_013001_zx/boot.qcow2 +20G 3. Check the size of the vDisk again to make sure the size is changed. qemu-img info <the path of the image file> 4. Power on the virtual appliance. 5. Format the log disk. execute formatlogdisk On KVM, the expanded space will not be recognized by FortiWeb Manager until the vDisk is re-formatted. 6. The appliance will automatically restart. The disk is being formatted after the first restart. It might take several minutes depending on the size of the disk. 7. After the disk is formatted, the appliance restarts again. FortiWeb Manager-VM on KVM 11 Fortinet Technologies Inc. Configuring access to FortiWeb Manager Configuring access to FortiWeb Manager 1. Power on FortiWeb Manager-VM. Wait until FortiWeb Manager initialization is finished. 2. Access the FortiWeb Manager CLI. The default user name is “admin". There is no password by default. For KVM, you need to access the CLI through Telnet. Enter: telnet <LINUX_IP>:10301 3. Set the IP address of the network interface named port1, or whichever network interface maps to the network physically connected to your management computer. Set interface <PORT> (ip|ip6) <IPADDRESS/LENGTH> where <IPADDRESS/LENGTH> is the IPv4 or IPv6 address assigned to the network interface, such as 192.168.1.99. The correct IP will vary by your configuration of the network. 4. Configure a static route with the default gateway. set route <DST/LENGTH> gw <GATEWAY> device <DEVICE> where <GATEWAY> is the IP address of the gateway router. You should now be able to connect via the network from your management computer to port1 of FortiWeb Manager- VM using: l a web browser for the web UI (e.g. If port1 has the IP address 192.168.1.1, go to https://192.168.1.1/) l an SSH client for the CLI (e.g. If port1 has the IP address 192.168.1.1, connect to 192.168.1.1 on port 22.) When connecting to the web UI via HTTPS, if you cannot get a connection, verify that your computer’s time zone matches the appliance’s configured system time. For more information on how to configure the time and time zone, see FortiWeb Manager Administrator's Guide - System Settings. It's recommended to change your password in System Settings > Admin > Administrators after logging in. FortiWeb Manager-VM on KVM 12 Fortinet Technologies Inc. Uploading the license Uploading the license By default, FortiWeb Manager is installed with a 15-day evaluation license that allows you to configure two FortiWeb devices. To continue to use the product after 15 days have passed, or to configure additional FortiWeb devices, one of the following licenses is required. Neither license has an expiry date: l Base – Add up to 10 devices. l Unlimited – No limit to the number of devices you can add. Licenses can be obtained through any Fortinet partner. If you don't have a partner, contact [email protected] for assistance in purchasing a license. Downloading a FortiWeb Manager license 1. Log in to the CLI using admin account credential and enter the following command: get system status 2. Get the computer ID in the printout.
Load more

Recommended publications
  • Effective Virtual CPU Configuration with QEMU and Libvirt
    Effective Virtual CPU Configuration with QEMU and libvirt Kashyap Chamarthy <[email protected]> Open Source Summit Edinburgh, 2018 1 / 38 Timeline of recent CPU flaws, 2018 (a) Jan 03 • Spectre v1: Bounds Check Bypass Jan 03 • Spectre v2: Branch Target Injection Jan 03 • Meltdown: Rogue Data Cache Load May 21 • Spectre-NG: Speculative Store Bypass Jun 21 • TLBleed: Side-channel attack over shared TLBs 2 / 38 Timeline of recent CPU flaws, 2018 (b) Jun 29 • NetSpectre: Side-channel attack over local network Jul 10 • Spectre-NG: Bounds Check Bypass Store Aug 14 • L1TF: "L1 Terminal Fault" ... • ? 3 / 38 Related talks in the ‘References’ section Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications What this talk is not about 4 / 38 Related talks in the ‘References’ section What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications 4 / 38 What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications Related talks in the ‘References’ section 4 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP QEMU QEMU VM1 VM2 Custom Disk1 Disk2 Appliance ioctl() KVM-based virtualization components Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP Custom Appliance KVM-based virtualization components QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) Custom Appliance KVM-based virtualization components libvirtd QMP QMP QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 libguestfs (guestfish) Custom Appliance KVM-based virtualization components OpenStack, et al.
    [Show full text]
  • QEMU Parameter Jungle Slides
    Finding your way through the QEMU parameter jungle 2018-02-04 Thomas Huth <[email protected]> Legal ● Disclaimer: Opinions are my own and not necessarily the views of my employer ● “Jungle Leaves” background license: CC BY 3.0 US : https://creativecommons.org/licenses/by/3.0/us/ Image has been modified from the original at: https://www.freevector.com/jungle-leaves-vector-background 2 Introduction 3 Why a guide through the QEMU parameter jungle? 4 Why a guide through the QEMU parameter jungle? ● QEMU is a big project, supports lots of emulated devices, and lots of host backends ● 15 years of development → a lot of legacy ● $ qemu-system-i386 -h | wc -l 454 ● People regularly ask about CLI problems on mailing lists or in the IRC channels → Use libvirt, virt-manager, etc. if you just want an easier way to run a VM 5 General Know-How ● QEMU does not distinguish single-dash options from double-dash options: -h = --h = -help = --help ● QEMU starts with a set of default devices, e.g. a NIC and a VGA card. If you don't want this: --nodefaults or suppress certain default devices: --vga none --net none 6 Getting help about the options ● Parameter overview: -h or --help (of course) ● Many parameters provide info with “help”: --accel help ● Especially, use this to list available devices: --device help ● To list parameters of a device: --device e1000,help ● To list parameters of a machine: --machine q35,help 7 e1000 example ● $ qemu-system-x86_64 --device e1000,help [...] e1000.addr=int32 (PCI slot and function¼) e1000.x-pcie-extcap-init=bool (on/off) e1000.extra_mac_registers=bool (on/off) e1000.mac=str (Ethernet 6-byte MAC Address¼) e1000.netdev=str (ID of a netdev backend) ● $ qemu-system-x86_64 --device \ e1000,mac=52:54:00:12:34:56,addr=06.0 8 General Know How: Guest and Host There are always two parts of an emulated device: ● Emulated guest hardware, e.g.: --device e1000 ● The backend in the host, e.g.: --netdev tap Make sure to use right set of parameters for configuration! 9 “Classes” of QEMU parameters ● Convenience : Easy to use, but often limited scope.
    [Show full text]
  • Many Things Related to Qubesos
    Qubes OS Many things Many things related to QubesOS Author: Neowutran Contents 1 Wiping VM 2 1.1 Low level storage technologies .................. 2 1.1.1 Must read ......................... 2 1.1.2 TL;DR of my understanding of the issue ........ 2 1.1.3 Things that could by implemented by QubesOS .... 2 2 Create a Gaming HVM 2 2.1 References ............................. 2 2.2 Prerequise ............................. 3 2.3 Hardware ............................. 3 2.4 Checklist .............................. 4 2.5 IOMMU Group .......................... 4 2.6 GRUB modification ........................ 4 2.7 Patching stubdom-linux-rootfs.gz ................ 5 2.8 Pass the GPU ........................... 6 2.9 Conclusion ............................. 6 2.10 Bugs ................................ 6 3 Create a Linux Gaming HVM, integrated with QubesOS 7 3.1 Goals ................................ 7 3.2 Hardware used .......................... 7 3.3 Main steps summary ....................... 7 3.3.1 Detailled steps ...................... 8 3.3.2 Using a kernel provided by debian ............ 8 3.4 Xorg ................................ 8 3.4.1 Pulseaudio ......................... 11 3.5 Final notes ............................ 11 3.6 References ............................. 12 4 Nitrokey and QubeOS 12 5 Recovery: Mount disk 12 6 Disposable VM 13 6.1 Introduction ............................ 14 6.1.1 References ......................... 14 6.1.2 What is a disposable VM? ................ 14 6.2 Playing online video ....................... 14 6.3 Web browsing ........................... 15 6.4 Manipulating untrusted files/data ................ 16 1 6.5 Mounting LVM image ...................... 17 6.6 Replace sys-* VM ......................... 18 6.7 Replace some AppVMs ...................... 18 7 Building a new QubesOS package 18 7.1 References ............................. 18 7.2 Goal ................................ 18 7.3 The software ............................ 19 7.4 Packaging ............................. 19 7.5 Building .............................
    [Show full text]
  • Vmware Fusion 12 Vmware Fusion Pro 12 Using Vmware Fusion
    Using VMware Fusion 8 SEP 2020 VMware Fusion 12 VMware Fusion Pro 12 Using VMware Fusion You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents Using VMware Fusion 9 1 Getting Started with Fusion 10 About VMware Fusion 10 About VMware Fusion Pro 11 System Requirements for Fusion 11 Install Fusion 12 Start Fusion 13 How-To Videos 13 Take Advantage of Fusion Online Resources 13 2 Understanding Fusion 15 Virtual Machines and What Fusion Can Do 15 What Is a Virtual Machine? 15 Fusion Capabilities 16 Supported Guest Operating Systems 16 Virtual Hardware Specifications 16 Navigating and Taking Action by Using the Fusion Interface 21 VMware Fusion Toolbar 21 Use the Fusion Toolbar to Access the Virtual-Machine Path 21 Default File Location of a Virtual Machine 22 Change the File Location of a Virtual Machine 22 Perform Actions on Your Virtual Machines from the Virtual Machine Library Window 23 Using the Home Pane to Create a Virtual Machine or Obtain One from Another Source 24 Using the Fusion Applications Menus 25 Using Different Views in the Fusion Interface 29 Resize the Virtual Machine Display to Fit 35 Using Multiple Displays 35 3 Configuring Fusion 37 Setting Fusion Preferences 37 Set General Preferences 37 Select a Keyboard and Mouse Profile 38 Set Key Mappings on the Keyboard and Mouse Preferences Pane 39 Set Mouse Shortcuts on the Keyboard and Mouse Preference Pane 40 Enable or Disable Mac Host Shortcuts on the Keyboard and Mouse Preference Pane 40 Enable Fusion Shortcuts on the Keyboard and Mouse Preference Pane 41 Set Fusion Display Resolution Preferences 41 VMware, Inc.
    [Show full text]
  • Performance Best Practices for Vmware Workstation Vmware Workstation 7.0
    Performance Best Practices for VMware Workstation VMware Workstation 7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs. EN-000294-00 Performance Best Practices for VMware Workstation You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: [email protected] Copyright © 2007–2009 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc. Contents About This Book 5 Terminology 5 Intended Audience 5 Document Feedback 5 Technical Support and Education Resources 5 Online and Telephone Support 5 Support Offerings 5 VMware Professional Services 6 1 Hardware for VMware Workstation 7 CPUs for VMware Workstation 7 Hyperthreading 7 Hardware-Assisted Virtualization 7 Hardware-Assisted CPU Virtualization (Intel VT-x and AMD AMD-V)
    [Show full text]
  • QEMU for Xen Secure by Default
    QEMU for Xen secure by default Deprivileging the PC system emulator Ian Jackson <[email protected]> FOSDEM 2016 with assistance from Stefano Stabellini guest guest Xen PV driver IDE driver Xen PV protocol mmio, dma, etc. qemu Emulated IDE controller Xen PV backend (usually), syscalls (usually) dom0 (usu.dom0) kernel Device driver kernel Device driver PV HVM ... ... ... ... ... from Xen Security Team advisories page, http://xenbits.xen.org/xsa/ Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc. Defence in depth not as root Xen 4.7 Maybe dom0 DoS Hopefully, will be default Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc.
    [Show full text]
  • Hyperlink: Virtual Machine Introspection and Memory Forensic Analysis Without Kernel Source Code Jidong Xiao Boise State University
    Boise State University ScholarWorks Computer Science Faculty Publications and Department of Computer Science Presentations 1-1-2016 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao Boise State University Lei Lu VMware Inc. Haining Wang University of Delaware Xiaoyun Zhu Futurewei Technologies © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. doi: 10.1109/ICAC.2016.46 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao∗, Lei Luy, Haining Wangz, Xiaoyun Zhux ∗Boise State University, Boise, Idaho, USA yVMware Inc., Palo Alto, California, USA zUniversity of Delaware, Newark, Delaware, USA xFuturewei Technologies, Santa Clara, California, USA Abstract— Virtual Machine Introspection (VMI) is an ap- nel rootkit detection [8], [9], kernel integrity protection [10], proach to inspecting and analyzing the software running inside a and detection of covertly executing binaries [11]. Being the virtual machine from the hypervisor. Similarly, memory forensics main enabling technology for cloud computing, virtualiza- analyzes the memory snapshots or dumps to understand the tion allows us allocating finite hardware resources among runtime state of a physical or virtual machine. The existing VMI a large number of software systems and programs. As the and memory forensic tools rely on up-to-date kernel information key component of virtualization, a hypervisor runs directly of the target operating system (OS) to work properly, which often requires the availability of the kernel source code.
    [Show full text]
  • Hortonworks Sandbox with Vmware Fusion
    Hortonworks Sandbox with VMware Fusion Virtual Machine Overview The Hortonworks Sandbox is delivered as a virtual appliance. The virtual appliance (indicated by an .ovf or .ova extension in the filename) runs in the context of a virtual machine (VM), a piece of software that appears to be an application to the underlying (host) operating system (OS), but that looks like a bare machine, including CPU, storage, network adapters, and so forth, to the operating system and applications that run on it. To use the Hortonworks Sandbox, one of the supported virtual machine applications needs to installed on your host machine: • VirtualBox • VMware Fusion • Hyper-V This document describes importing the Hortonworks Sandbox virtual appliance into VMware Fusion. Prerequisites To use the Hortonworks Sandbox with VMware Fusion the following requirements need to be met: • VMware Fusion installed Version 5 or later (Version 7 recommended) You can download VMware Fusion here: https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computi ng/vmware_fusion/7_0#product_downloads • Host Operating Systems: Host operating system refers to the operating system of your computer. The following link gives list of operating systems supported to run VMware Fusion https://www.vmware.com/support/fusion/faq/requirements • Hardware (The newer the hardware the better): • A 64-bit machine with a multi-core CPU that supports virtualization. Please look into your operating system’s documentation to verify if you are running a 64 bit OS. Mac OS X: https://support.apple.com/en-us/HT3696 Installation instructions – VMware on Mac OS 1 • BIOS that has been enabled for virtualization support. Please contact your specific computer vendor to determine how to enable/verify this feature in your machine’s BIOS.
    [Show full text]
  • Hardware Virtualization
    Hardware Virtualization E-516 Cloud Computing 1 / 33 Virtualization Virtualization is a vital technique employed throughout the OS Given a physical resource, expose a virtual resource through layering and enforced modularity Users of the virtual resource (usually) cannot tell the difference Different forms: Multiplexing: Expose many virtual resources Aggregation: Combine many physical resources [RAID, Memory] Emulation: Provide a different virtual resource 2 / 33 Virtualization in Operating Systems Virtualizing CPU enables us to run multiple concurrent processes Mechanism: Time-division multiplexing and context switching Provides multiplexing and isolation Similarly, virtualizing memory provides each process the illusion/abstraction of a large, contiguous, and isolated “virtual” memory Virtualizing a resource enables safe multiplexing 3 / 33 Virtual Machines: Virtualizing the hardware Software abstraction Behaves like hardware Encapsulates all OS and application state Virtualization layer (aka Hypervisor) Extra level of indirection Decouples hardware and the OS Enforces isolation Multiplexes physical hardware across VMs 4 / 33 Hardware Virtualization History 1967: IBM System 360/ VM/370 fully virtualizable 1980s–1990s: “Forgotten”. x86 had no support 1999: VMWare. First x86 virtualization. 2003: Xen. Paravirtualization for Linux. Used by Amazon EC2 2006: Intel and AMD develop CPU extensions 2007: Linux Kernel Virtual Machines (KVM). Used by Google Cloud (and others). 5 / 33 Guest Operating Systems VMs run their own operating system (called “guest OS”) Full Virtualization: run unmodified guest OS. But, operating systems assume they have full control of actual hardware. With virtualization, they only have control over “virtual” hardware. Para Virtualization: Run virtualization-aware guest OS that participates and helps in the virtualization. Full machine hardware virtualization is challenging What happens when an instruction is executed? Memory accesses? Control I/O devices? Handle interrupts? File read/write? 6 / 33 Full Virtualization Requirements Isolation.
    [Show full text]
  • Virtualization
    Virtualization ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania April 6, 2009 (CIS 399 Unix) Virtualization April 6, 2009 1 / 22 What is virtualization? Without virtualization: (CIS 399 Unix) Virtualization April 6, 2009 2 / 22 What is virtualization? With virtualization: (CIS 399 Unix) Virtualization April 6, 2009 3 / 22 Why virtualize? (CIS 399 Unix) Virtualization April 6, 2009 4 / 22 Why virtualize? Operating system independence Hardware independence Resource utilization Security Flexibility (CIS 399 Unix) Virtualization April 6, 2009 5 / 22 Virtualization for Users Parallels Desktop and VMware Fusion have brought virtualization to normal computer users. Mostly used for running Windows programs side-by-side with OS X programs. Desktop use has pushed support for: I USB devices I Better graphics performance (3d acceleration) I Integration between the guest and host operating system and applications. (CIS 399 Unix) Virtualization April 6, 2009 6 / 22 Virtualization for Developers Build and test on multiple operating systems with a single computer. Use VM snapshots to provide a consistent testing environment. Run the debugger from outside the virtual machine. I Isolates the debugger and program from each other. I Allows easy kernel debugging. I Snapshotting and record/replay allow you to capture and analyze rare bugs. (CIS 399 Unix) Virtualization April 6, 2009 7 / 22 Virtualization for Business Hardware independence - upgrade hardware without reinstalling software. Resource utilization - turn 10 hosts with 10% utilization into 1 host with 100% utilization. Big power and cooling savings! Migration - move a server to a different machine without shutting it down.
    [Show full text]
  • Virtualization of Linux Based Computers: the Linux-Vserver Project
    VirtualizationVirtualization ofof LinuxLinux basedbased computers:computers: thethe LinuxLinux--VServerVServer projectproject BenoBenoîîtt desdes Ligneris,Ligneris, Ph.Ph. D.D. [email protected] Objectives:Objectives: Objectives:Objectives: 1)1) PresentPresent thethe availableavailable programsprograms thatthat cancan provideprovide aa virtualizationvirtualization ofof LinuxLinux computerscomputers withwith differentdifferent technologies.technologies. Objectives:Objectives: 1)1) PresentPresent thethe availableavailable programsprograms thatthat cancan provideprovide aa virtualizationvirtualization ofof LinuxLinux computerscomputers withwith differentdifferent technologies.technologies. 2)2) FocusFocus onon LinuxLinux--VServers:VServers: aa veryvery lightweightlightweight andand effectiveeffective technologytechnology forfor thethe regularregular LinuxLinux useruser notnot interstedintersted inin KernelKernel hacking.hacking. PlanPlan PlanPlan ● IntroductionIntroduction PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology ● ClassificationClassification ofof thethe problems:problems: usageusage criteriacriteria PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology ● ClassificationClassification ofof thethe problems:problems: usageusage criteriacriteria ● ComparativeComparative studystudy ofof thethe existingexisting
    [Show full text]
  • Vmware Workstation Pro 16.0 Using Vmware Workstation Pro
    Using VMware Workstation Pro VMware Workstation Pro 16.0 Using VMware Workstation Pro You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents Using VMware Workstation Pro 14 1 Introduction and System Requirements 15 Host System Requirements for Workstation Pro 15 Processor Requirements for Host Systems 15 Supported Host Operating Systems 16 Memory Requirements for Host Systems 16 Display Requirements for Host Systems 16 Disk Drive Requirements for Host Systems 17 Local Area Networking Requirements for Host Systems 18 ALSA Requirements 18 Virtual Machine Features and Specifications 18 Supported Guest Operating Systems 18 Virtual Machine Processor Support 18 Virtual Machine Chipset and BIOS Support 19 Virtual Machine Memory Allocation 19 Virtual Machine Graphics and Keyboard Support 19 Virtual Machine IDE Drive Support 19 Virtual Machine SCSI Device Support 20 Virtual Machine Floppy Drive Support 20 Virtual Machine Serial and Parallel Port Support 20 Virtual Machine USB Port Support 20 Virtual Machine Mouse and Drawing Tablet Support 21 Virtual Machine Ethernet Card Support 21 Virtual Machine Networking Support 21 Virtual Machine Sound Support 21 2 Installing and Using Workstation Pro 23 Obtaining the Workstation Pro Software and License Key 23 Trial Version Expiration Date Warnings 24 Installing Workstation Pro with Other VMware Products 24 Reinstalling Workstation Pro When Upgrading a Windows Host Operating System 24 Installing the Integrated Virtual Debuggers for Eclipse 25 Installing Workstation Pro 25 Install Workstation Pro on a Windows Host 26 Run an Unattended Workstation Pro Installation on a Windows Host 26 Install Workstation Pro on a Linux Host 28 Upgrading Workstation Pro 31 VMware, Inc.
    [Show full text]