LOGO_virtualized_vmware_S

You'll need a lot of patience...Since there is no VMWARE Converter for Linux...

My objective is to virtualizes my Internet server running SUSE in a VMWARE to ease the migration to a more powerful and up to date server.

 

I am using RSYNC since:

  • I have no access to the machine, So I can't stop the server and make a binary images of the disk as the server is in a STRATO data center in Germany (Berlin)
  • I don't like operations down time.

I HAVE TO virtualize my server because:

  • The operating system SuSE is too old and is no more security patches available.
  • I want to have a local reference in VMWARE of my Internet server.

This tutorial can be see as an add-on of this one : http://www.linuxjournal.com/article/9942 (very good by the way) I just complete the missing steps or document some issues I've encountered..

On your server, run

# fdisk -l

Disk /dev/sda: 164.6 GB, 164696555520 bytes
255 heads, 63 sectors/track, 20023 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1           7       56196   fd  Linux raid autodetect
/dev/sda2               8         138     1052257+  82  Linux swap / Solaris
/dev/sda3             139       20023   159726262+  fd  Linux raid autodetect

Disk /dev/sdb: 164.6 GB, 164696555520 bytes
255 heads, 63 sectors/track, 20023 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1   *           1           7       56196   fd  Linux raid autodetect
/dev/sdb2               8         138     1052257+  82  Linux swap / Solaris
/dev/sdb3             139       20023   159726262+  fd  Linux raid autodetect

Disk /dev/md0: 57 MB, 57475072 bytes
2 heads, 4 sectors/track, 14032 cylinders
Units = cylinders of 8 * 512 = 4096 bytes

Disk /dev/md0 doesn't contain a valid partition table

Disk /dev/md1: 163.5 GB, 163559571456 bytes
2 heads, 4 sectors/track, 39931536 cylinders
Units = cylinders of 8 * 512 = 4096 bytes

Disk /dev/md1 doesn't contain a valid partition table

This is how partitions look like, sda1 is the root partition, sda2 is a swap partition and sda3 is my home.  The server use a RAID0 with 2 * 160GB disk.

You'll have to recreate them in the virtual machine. Nothing force me to have a RAID0 also in my VMWARE. I will only create a normal disk layout (sda1,sda2, sda3). Save this output in a text file for further references. By reading the fstab, I will  be able to look at the mount point name later. On your server, run:

# cat /etc/fstab
/dev/md1        /       ext3    acl,user_xattr,usrquota 1       1
/dev/md0            /boot                ext2       acl,user_xattr        1 2
/dev/sda2            swap                 swap       pri=42                0 0
/dev/sdb2            swap                 swap       pri=42                0 0

devpts               /dev/pts             devpts     mode=0620,gid=5       0 0
proc                 /proc                proc       defaults              0 0
sysfs                /sys                 sysfs      noauto                0 0

Download VMWARE Server, you'll have to register and will receive a limited in time version.

Create a new Virtual machine matching as close as possible the distribution you are using on your production server. Boot the virtual machine with a Knoppix CD, type knoppix 2 at boot time to jump into console mode of Knoppix. Use cfdisk to create the same partition layout, this tool is very easy to use (use bottom menu). Use the same file system, partitions can be set bigger or smaller depending on your intentions with the virtual machine (backup or replacement of a productive machine). My Old server was using GRUB (and not GRUB2), GRUB do not accept to install a boot loader on partition with 256-byte inodes. Unfortunately this is exactly what cfdisk  create as default!

The quickest and easiest option (when you have control of file system creation) is to format any new Ext3 file systems with 128-byte inodes. This command tells you your e2fsprogs version:

# mke2fs -V
mke2fs 1.40.8 (13-Mar-2008)
Using EXT2FS Library version 1.40.8

This is the usual command for creating new Ext3 file systems with e2fsprogs:

# mkfs.ext3 /dev/sda1

The newer versions that default to 256-byte inodes will emit this warning, and create your new file system anyway:

Warning: 256-byte inodes not usable on older systems

To force the creation of 128-byte inodes partitions:

# mkfs.ext3 -I 128 /dev/sda1

You can check your work with tune2fs, if you read 128 it is OK to continue

# tune2fs -l /dev/sda1 | grep -i ‘inode size
Inode size: 128

Create new file system

According to the # cat /etc/fstab

# sudo mkfs -t ext3 /dev/sda1
# sudo mkswap /dev/sda2
# sudo mkfs -t ext2 /dev/sda3

creating fylsystem

RSYNC your data

The example in article was not using a SSH connection with secure keys. If you use public private key pair (recommended), just copy your public, private key in Knoppix root home

# su
# cd ~/.ssh

I have my RSA key on a USB stick, Knoppix mount it thanks to UDEV automatically

# cp /mnt/usbstick/id_rsa* .

Try to connect to your host

# ssh -l root yourHostOrIP

You'll be prompted for your pass phrase, enter it, if everything work...its time to sync the first partition /mnt/sda1

# rsync -avx --numeric-ids --progress yourHostOrIP:/ /mnt/sda1/

You'll be prompted for your pass phrase, enter it, if everything work just wait, when finished do the same for the second partition /mnt/sda3

# rsync -avx --numeric-ids --progress yourHostOrIP:/home/ /mnt/sda3/ 

That was easy.. the most difficult is to make this virtual machine boot, and that mean play with GRUB...

TO BE CONTINUED... next part this week

comments powered by Disqus

You might like also

The Appthority® App Report
The Appthority® App Report for February 2013 provides an overview of the security risks behind 100 free iOS and Android apps. Appthority examined the differences between the Android and iOS app ecosystems; compared app behaviors across five popular app categories (business, education, entertainment, finance, games); and looked at the developers behind these apps. Report Highlights The vast majority of free apps send and receive data to outside parties without encryption. 96% of total apps share data with advertising networks and/or …
2237 Days ago
CryptoParty Handbook v1.1 has been released
CryptoParty is a grassroots global endeavor to introduce the basics of practical cryptography such as the Tor anonymity network, key signing parties, True Crypt, and virtual private networks to the general public. The first draft of the 442-page CryptoParty&160;Handbook (the hard copy of which is available at cost), was pulled together in three days using the book sprint approach, and was released 2012-10-04 under a CC-BY-SA license; it remains under constant revision. The CryptoParty&160;Handbook v1.1 has been released and you …
2281 Days ago
How to Secure Your Windows Computer and Protect Your Privacy
Anybody using internet should really read this article. While targeted at windows users, most of the rules also apply to users of Linux and mac. "Security consultant Howard Fosdick has contributed the latest entry in the 2008 OSNews Article Contest: a highly detailed examination of security and privacy on the Windows platform, and how to use free software tools and a little knowledge to protect your privacy online. Do you know that -- Windows secretly records all the web sites …
4037 Days ago
No Thumbnail was found
I know that Secure, Safe, Fast Linux Hosting sound silly as nothing can be fast and secure at the same time, but I've compiled a list of things that are worth doing if you are maintaining your own server. This list is clearly targeted for people running an open source stack made of Apache, MySQL, PHP and Linux. This list is an ongoing work, thta is why it has also a version number in it (v1.0). As soon as I …
4098 Days ago
Security made easy, automatic scan and update of your installed applications
If you are on the paranoia side, and you better should, if you're using ebanking on an internet connected pc. Secunia is a well known internet site, Secunia is a Danish computer security service provider best known for tracking vulnerabilities in more than 12,400 pieces of software and operating systems. Numbers of "unpatched" vulnerabilities in popular applications are frequently quoted in software comparisons.Secunia also tracks currently active computer viruses. Secunia has gained publicity and a notable reputation with the discovery …
4223 Days ago
No Thumbnail was found
FaF (File Anomaly Finder) is a wrapper for the *nix 'find' utility. It generates audit reports for data matching specific characteristics; such data as setgid/setuid, unowned, and more. The objectives are simply to create a simple anomaly finder that identifies common flawed permissions or otherwise suspicious file system characteristics. The main features of FaF are: simplistic and to the point audit reports easy setup and configuration audits emailed to customizable address or user ideal for web servers or general purpose …
4322 Days ago
No Thumbnail was found
SIM is a system and services monitor for ‘SysVinit’ systems. It is designed to be intuitive and modular in nature, and to provide a clean and informative status system. It does this by consistently verifying that services are online, load averages are in check, and log files are at reasonable sizes. Many other SIM modules sport different and in-depth features to bring a well rounded tool to your disposal to stop otherwise common issues daunting internet hosts. Features: - Service …
4322 Days ago
No Thumbnail was found
Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: MD5 hash compare Look for default files used by rootkits Wrong file permissions for binaries Look for suspected strings in LKM and KLD modules Look for hidden files Optional scan within plaintext and binary filesRootkit Hunter is released as GPL licensed project and free for everyone to use. …
4323 Days ago
No Thumbnail was found
chkrootkit is a tool to locally check for signs of a rootkit. chkrootkit is a common unix-based program intended to help system administrators check their system for known rootkits. It works by using several mechanisms, including comparison of file signatures to known rootkits, checking for suspicious activity (processes listed in the proc filesystem but not in the output of the 'ps' command. …
4323 Days ago
No Thumbnail was found
CSF : A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers. It easily replace APF and (Advanced policy firewall) and BFD (Brute Force Detection). It is also runing 28 basics but non obvious checks... …
4325 Days ago