Category: Guides

This has become a problem for some people that has flexVDI installed on not updated CentOS / Red Hat < 7.8  machines. USERTrust RSA is the CA that signed the certificates in our web servers, including portal.flexvdi.com, which is used by flexvdi-config to download licenses, and updated releases of flexVDI manager.

When sysadmins try to connect to flexVDI portal using flexvdi-config, they will see an message like:

To solve this problem, just run in your flexVDI hosts:

# yum update -y ca-certificates

And flexvdi-config will work right again.

Apparently, the OCFS2 kmod we provide for CentOS 7 kernels of the 957 release is not compatible with revisions 27.2 and later. To solve this problem we have published a second release of this kmod, that is compatible with all current revisions of this kernel release. However, we have detected an error in the PREUN scriptlet of the previous RPM package that makes it impossible to remove it, with the following error message:

Error in PREUN scriptlet in rpm package kmod-ocfs2-flexvdi-k957-1.5.0-1.el7.x86_64

In order to correctly remove it, run the following commands:

# rpm -ql kmod-ocfs2-flexvdi-k957-1.5.0-1.el7.x86_64 | grep ‘\.ko$’ > /tmp/modules.txt
# yum remove –setopt=tsflags=noscripts kmod-ocfs2-flexvdi-k957-1.5.0-1.el7.x86_64
# cat /tmp/modules.txt | /usr/sbin/weak-modules –remove-modules
# rm /tmp/modules.txt

At flexVDI we take your security very seriously. As you will probably know, Google’s Project Zero recently announced the discovery of critical flaws in most modern processors, named Meltdown and Spectre. Most OS vendors, including Red Hat, have already issued software updates that fix these vulnerabilities. In order to apply these updates to your flexVDI platform, follow these steps:

1. Update the QEMU packages to version 2.9.0-16.el7.13: qemu-img-flexvdi, qemu-kvm-flexvdi, qemu-kvm-common-flexvdi and qemu-kvm-tools-flexvdi.
2. Update the kernel, microcode_ctl, linux-firmware and libvirt packages.

Unfortunately, these updates may come with important performance penalties, so apply with care.

Habitualmente, para montar un cluster de flexVDI, es necesario disponer de un almacenamiento compartido con disco directo (una SAN FC o SAS).

Este almacenamiento compartido se emplea para almacenar la imagen de flexVDI Manager (el orquestador de la plataforma), las plantillas de escritorio y los diferenciales de los escritorio no volátiles.

De los tres elementos mencionados, el único que genera una carga de disco significativa es el último, los diferenciales no volátiles (las plantillas de escritorio, generalmente, se encuentran cacheadas en memoria del Host, gracias al sistema de caché de flexVDI). Por tanto, si estamos pensando en montar un sistema de VDI donde la mayor parte de las escritorios van a ser de tipo volátil, podemos plantearnos prescindir del almacenamiento compartido, sustituyéndolo por un sistema de almacenamiento definido por software, como DRBD.

Continue reading “Cómo montar un cluster de flexVDI con DRBD (sin almacenamiento compartido)” →

As I wrote on my previous post, Enabling HYP mode on the Raspberry Pi 2, the newest machine from the Raspberry Pi Foundation features a Cortex-A7 with Virtualization Extensions, but it isn’t possible to make use of such feature out of the box.

In that article I showed that it was possible to start the kernel in HYP mode. Now, I’ll cover the rest of steps needed for enabling KVM virtualization and running your first guest OS.

Continue reading “Enabling KVM virtualization for Raspberry Pi 2” →

The newest iteration of the wonderful machine designed by Raspberry Pi Foundation, the Raspberry Pi 2, sports a Broadcom BCM2836 SoC, with four Cortex-A7 cores. The Cortex-A7, being the little brother Cortex-A15, features the ARM Virtualization Extensions, so both Xen and KVM based virtualization should work on it.

At this point, you probably are wondering why would someone want to use virtualization on a RPi2. In addition to the usual “because you can!” answer, there’s a pretty good reason for it. Imagine you want to use the RPi2 as a media center and, at the same time, you want to run some personal services (like ownCloud or Pydio) on it. Instead of polluting the media center image, you can run an isolate, secure, virtual machine for such purpose. And, using my VEXPRESS_KVM port, you can even provide those services running NetBSD! 😉

The first step towards being able to use virtualization on the Raspberry Pi 2, is finding a way to boot the kernel in HYP mode. Let’s see how can we do that.

Continue reading “Enabling HYP mode on the Raspberry Pi 2” →

Desde la versión 0.12.2 del servidor y la 0.15 del cliente, SPICE soporta un tipo de canal llamado SpicePort. Un puerto permite comunicación de datos arbitrarios entre un proceso en el guest y el cliente de SPICE. De esta manera, se pueden dar servicios añadidos sobre la conexión con el escritorio remoto. Por ejemplo, en flexVM estamos trabajando en servicios de transferencia de ficheros, redirección de puertos TCP/UDP y compartición de impresoras. En esta entrada mostraremos cómo se crea y utiliza un SpicePort.

Continue reading “Usando SpicePorts para comunicar un guest KVM con el cliente SPICE” →

Some time ago, ARM Holdings presented the new virtualization extensions for its processor architecture, which are now present on some models of the Cortex family, like the Cortex-A7 and Cortex-A15. Though it’s a quite recent technology, both KVM and Xen hypervisors already support such extensions, allowing to run virtualized Guests in the same way you can already do on x86.

It’s true that current SoCs (System-on-Chip) and development boards doesn’t provide a number of cores and RAM memory that invite to run a significant number of Guests on them, but these are the first steps towards stabilization of ARM virtualization, paving the way for the future server-oriented ARM processors. On the other hand, this is also an interesting option for running alternative operating systems (like the *BSD family) on ARM hardware, without dealing with the extremely heterogeneous nature of it.

In this guide, where going to see how you can enable KVM virtualization on the Olinuxino-A20-MICRO development board.

Continue reading “Enabling KVM virtualization on ARM (Allwinner A20)” →

Hace algún tiempo, ARM Holdings presentó las extensiones de virtualización para su arquitectura de procesadores, las cuales están presentes en algunos modelos de la familia Cortex, como el Cortex-A7 y Cortex-A15. Aunque se trata de una tecnología reciente, los hipervisores KVM y Xen cuentan ya con soporte para dichas extensiones, y permiten levantar SS.OO. invitados de forma similar a como lo hacen en x86.

Si bien es cierto que los SoCs (System-on-Chip) y las placas de desarrollo no invitan a desplegar un número importante de máquinas virtuales, dado el escaso número de cores y RAM que proveen, este supone un primer paso de cara a la estabilización de estas tecnologías, lo que permitirá que ya esté madura para cuando se popularicen los encapsulados de ARM destinados a servidores. Adicionalmente, es una estrategia interesante para poder correr otros SS.OO. (como la familia *BSD) en hardware ARM, sin tener que lidiar con la naturaleza extremadamente heterogénea del mismo.

En esta guía vamos a ver cómo habilitar la virtualización KVM sobre la placa de desarrollo Olinuxino-A20-Micro.

Continue reading “Cómo habilitar virtualización KVM sobre ARM (Allwinner A20)” →