I previously mentioned Vmware ACE, but not to any great detail.

VMware ACE is a product that you use to wrap virtual machines into, along with various permission. It then bundles this into an installer which you can pass to those that need it. Permissions include network policy, user policy, time outs (after which you can’t use it) and device control. It’s great for creating a setup that you want to pass out, but still keep control.

Imagine a demo of a product that needs access to your database over the internet. Easy. Just set the network policy to only connect to your database server, set the expiry date and add a password protected user. Then post on your web site. Customers can download and install it, then because of the network policy it can only talk to your server, it will time out after a certain time, and only customers can use it. It’s much harder to use the virtual machine to attack you because of the network policy, the general public can’t use it, and custemers can have a real trial of your latest killer application – but not get it for life for free!

I hope you can see the advantages of doing this. But due to the nature and intention of the product it has its limits. The biggest draw back for me is the lack of networking flexibilty. The point of this product though is not to wrap all the great features and as such shouldn’t be seen as a minus point when looking at it, but instead you must look at how you are going to use it.

For this reason I have decided not to use VMware ACE, but to remove it from my list of products that I will be recommending and using in my dissertation. It has great potential for the future use and it’s certainly one that I will be keeping in the back of my mind.

But for now it’s between VMware Workstation and Microsoft Virtual PC.

Having now had a good look that the questionnaire results in more detail I can say that VMware is only just ahead of Microsoft for two reasons.

1. Linux Support
2. Experience and age of product

…why I couldn’t get to one of the web sites I run, how to (hopefully) backup my installed programs list for later reinstalling the lot, and how to forward my desktop generated mail to my normal account.

Firewall Issues

The default install of Ubuntu come with no servers, the only thing that comes close is the print admin web pages and these only listen on the loop back adaptors. Now I don’t quite agree with this thinking, but the developers have decided that because there is nothing to hack why even have a firewall. I can see their reasoning, but what happens if one a default machine a program crashes and ends up opening the machine to the world. Their answer is that none of the default programs would do this, they are all desktop programs etc etc.

Of course this all falls down when you install a server, such as I have with the open-ssh server. I then had a machine with no firewall and a server available. Granted you can only access my desktop if you can get past my server and its firewall, but I’m not the only person in the house who owns a pc. My housemates run that other OS, and as happened in the past they can get in infected (not that it did much harm on my network other than to nuke the installation). So I personally do need to run a firewall.

A quick search on the web and Ubuntu forums came up with the suggestion of Firestarter, available in the repositories for download and install. I’m no expert at the firewall setup under any os, never mind linux. The GUI wizard quickly helped me to setup a secure(ish) firewall with ports availble for the services run my desktop in no time at all. Time passed and all seemed to working.

Until last week when I couldn’t get to one of the web sites I run. I couldn’t ping, ssh or use a web browser to get any where near the server. The ping issue turned out to be a preferences option, I had to enable ping echo. But I still couldn’t get to the server. I knew the server was up and working because I was able to ssh to another host and then ping/ssh from there. The error I was getting in the firewall logs indicated it was a sun-rpc portmapping issue. Enabling the sun-rpc port didn’t work, neither did allowing all connections the servers ip address. Nothing I did would work. Yet I knew it had to be a firewall problem, if I turned the firewall off then it all worked.

In the end Google helped me by pointing me in the direction of this post and this reply. One file edit, a firewall restart and bingo, it worked!

Turns out their is a bug with the version of firestarter in the repository that sets an incorrect range of ips as none routable. And the server was in the range.

Backups

Again google helped by providing a site and the following code:

dpkg --get-selections | sed -e 's/hold$/install/' >  yourpkgs.list
dpkg --set-selections < yourpkgs.list

The first line backups the list of installed programs to a file. The second line then uses that file to set the status of programs to be installed. This combined with the correct repositories and the following command

apt-get dselect-upgrade

should then install all the programs you had previously installed. All you need to do then in configure them, which shouldn’t be to hard as some of them will get their configs from my backed up home directory. And the hard part is often working which programs you had installed, not configuring them.

Mail forward

My desktop does some tasks in the background such as checking certain files and configurations. If it finds a problem then it e-mails these to me, unfortunatly it sends it to my local user and not to my e-mail address on the server, so I don’t see them unless I remember to look.

Google once again helped to let me know that if put any address into a file called .forward in my home directory then it would forward any mail for my account to that address.

One mail forwarding sorted – thanks again to google. What would I do with out it.

The meeting with the testers about the questionnaire went ahead on Tuesday. It lasted about 20 mins and I think both sides got some thing from it.

I started with a quick run down of what I’m doing to make sure that we were saying the same thing, then I moved onto looking at the questionnaire with them. This was a very good exercise as I was able to get a better understanding of what they actually do and how they actually test. My first surprise was that they don’t really test in as many operating systems as I thought, generally only XP with a splattering of 2000.

Besides getting some information from them about what they do and what I was going to do for them, I also had to get somebody to test the new environment. One member of the team volunteered which makes life much easier all round.

The results have been put into a spreadsheet but I now need to make sense of them, not sure how I’ll do that just yet but I’ll look at past analysis that I’ve done on questionnaires and see if I can get any ideas from that.

VMware produce a product that they call VMware ACE, you can visit their web site for more details but the main point of this product is to package environments into an installer. Apart from the time helping to install a few servers the rest of the afternoon was spent downloading, installing and using it. Not sure if I’ll suggest it in this context as you loose quite a bit of flexibility, but it’s still a good product.

So I sent the questionnaire out yesterday, along with the request to meet those that recieved it and chat with them. Some people would rather the whole group just talked to me, the others just didn’t seem to care. So in a group it is.

I then spent the rest of the day trying to get e-mail addresses for different companies to send the questionnaire to. You wouldn’t believe how many companies don’t want you to contact them, or at least make it very hard for you to do. What happens if you want to become a new customer but can’t contact them?

Today was spent reading some stuff for about an hour, then meetings until lunch. The afternoon was spent typing stuff up and adding more detail as I went though them. And finally having my laptop stolen off me Apparently there are more needy people then me

One of the meetings was a follow on with my first project plan. Having filled in the sheets from the first meeting I needed some feedback on the finer points and details on filling them in. I think I had the main points, and the rest I could have only known about with experience and from looking at things from a different perspective.

The last 15 minutes was a quick demo of how I could fit the plan I had so far into MS Project. (Yes I know it’s a MS product, but where I work is turning into a MS shop) The hard part for me is working out which bits of Project to use and which not to use. First I have to find them or at least know they exist. Just hope I can produce some thing that is of some use.

Tomorrow I’ll try and send some of those questionnairs to the different companies, but it depends of how much I can be bothered (so no changes there!)

So the questionaire is still in the creation. Another member of the team that I’m in at work has looked over it and come up good suggestions which I included, and then passed back for another review. And recieved more suggestion.

I’ve had a look over the changes and they mostly make sense, I’ll certainly be including them where I can. Once that’s done I’ve a list of people that I would like to send it to so I’ll crack on with that.

I also had a meeting with the same guy to find out what sort of things they want to run inside the virtual machines. I have to admit that I’m a little disapointed that they only want to run a few simple things inside the virtual machines. I think they are missing out on a huge part of what it’s all about. But on the up side it makes it much easier for me to create the environment.

The other good think to come from that meeting was the that they liked the idea of creating containers that VMware’s ACE product can create. The idea is that you create a virtual machine using one of the other virtual machines products developed by VMware, then you attach these to a project and after setting up some rules, permissions and network settings you package the lot. The user then installs the package and that it, no faffing with the creation virtual machine technologies on each persons pc. Just give it to them, install and away you go.

Powerfull stuff.

After the meeting at the end of last week, the first task yesterday was fill in the project description sheet.

I found this to be quite a good exercise. It focused my mind on what the different parts of the project I have to do and how far along I am. The upside to this is I am now more aware of what the milestones are and what are just tasks to getting to the milestones, even if they are big tasks in their own right.

It all helps me to plan this project so that I can do it in the right way.

Having found quite a few virtual machine technologies last week this week I went through the process of removing the unsuitable solutions. Most of the solutions are totally unsuitable for one main reason, they don’t have any support. They are all community projects with just some help files. One other reason is that the majority of them are for a specific purpose, ie. emulating a 486dx to run that old MS DOS game.

Only three were really suitable and of these I discounted one. It’s a new player to the vitual machines market, has no proven background that I know of or have heard of and there is no API. The initial project that I’m putting together doesn’t look to have much use for an API to start with, but later expansion would benifit a great deal from it.

This left 2 players, VMware and their workstation and server products, and Microsoft with Virtual PC/Server. Having read and watched a few documents/webcasts about each of the products, what could be produced and the end result could be quite specular. This presents a problem – it could also be quite complex. For this reason I have a meeting on Wednesday to sort out what we actually want to run inside the virtual machines. I hope this will provide some idea of what is actually wanted so that now that I know what each of the products can do I can start to match a serious of solutions.

I know it’s a bit backwards but on Friday I met with the project planning guy. The origianl intension for me was to learn how to use MS Project properly. But instead the end result was I learnt that before using project I have some other things that need sorting and some points to look at.

So the new plan is to use the available documents and fill in a project plan. I already have some of the main points that were discussed in the meeting and this will help, but there are some other points that need clarifying first.

Loads to do, and I still have to write up my research on a testing environment.