VirtualNET @ CSE - to do
Debug:
- Consider using kernel command-line parameters (in
startvnet.sh) to pass parameters into the VM for use by umlsetup, such as for mapping in configuration files. E.g. MYARG=thing. These arguments probably need to be used before systemd starts.
- Add command-line parameter to
startvnet to allow changing the default memory amount from 512MB with maybe a range limit, e.g., 128MB to 4GB.
- Look at using overlay file system to allow users to preserve changes to
/etc in their VMs and to allow VMs to boot up ready-to-go in user configurations.
- Create example showing use of
pacman to update software installed on VM.
- Try to work out (and fix) why
timedatectl doesn't work.
- Show how to use
pacman to install new packages.
- Write worked example showing how to configure and use routing with three VMs, one as the router, the other two on separate subnetworks. Discuss turning on forwarding using
sysctl and directly via /proc.
- Write example exercise showing how to configure the Apache web server to deliver content from user's home directory.
- Create example showing operation of
iptables to block traffic, and how to specify exactly what traffic (rules), and how to use iptables counters to see traffic being blocked.
- Create example to demonstrate the use of NAT in
iptables (with SNAT action).
- Track down and resolve connection/socket problem when using
shutdown -h (without now).
- Check the multicast address ranges used are kosher in regards to uses specified here.
- Read through startup messages from kernel and systemd and do any useful cleanups.
- Modify
sshd startup so that it writes to the systemd log instead of its own log file.
- Delete
/umlsetup directory and contents once VM has started (uncomment line in script). Decided to leave this for educational purposes.
- Fix “Read-only file system” messages from systemd on startup:
systemd[1]: Failed to create symlink /sys/fs/cgroup/cpuacct: Read-only file system
systemd[1]: Failed to create symlink /sys/fs/cgroup/cpu: Read-only file system
- Modify
systemd shutdown scripts/configuration to kill all sshd instances, wait a second or two, and then complete the shutdown. This will allow user SSH sessions to exit cleanly rather than hang and require “~.” to close.
- Diagrams with transparent backgrounds don't show up well on Chrome (e.g., “vnet.png”).
- Make web site mobile-friendly (viewport, CSS + @media, etc.). Check <body> and <div> margins/borders and scaling as window size changes.
- Modify VLAB login screen to mentioned VLAB sharing and VNET.
- Add start/stop logging to
startvnet.sh which writes to /home/virtualnet/logs/YYYY-MM-DD.log before, and then after, each VM runs.
- Fix log in instructions to include logging in as self, and not just as root.
- Fix operation of
ping for non-root users. Seeing as the binary doesn't have the setuid bit set, the cause might be a Linux capability which doesn't get copied over by rsync from the master VM. In this case, the fix might be applied in the VM setup script. Built new kernel for VNET with “Ext4 POSIX Access Control Lists” and “Ext4 Security Labels” enabled for “The Extended 4 (ext4) filesystem”, determined capabilities for /usr/bin/ping on master Arch Linux were “cap_net_raw+ep”, modified umlsetup to set these capabilities. Fixed.
- Fix boot hang after configuring LDAP on the ArchLinux master machine. Something, not sure what, was looking up something non-existent early in the startup, before networking, via
nsswitch.conf. This caused things to break rather badly due to LDAP lookups not working. Removed “ldap” from nsswitch.conf and will put it back using umlsetup on the VNET clones.