dgoodwin's blog

Spent most of the day today trying and failing to get a virtualization project off the ground with my home network. I've been running two machines 24/7 for quite awhile, one older Duron 800 (512M RAM, 80G disk, Debian unstable) as a firewall and webserver, and my AMD Athlon 64 3200+ (2G RAM, 320G disk, Ubuntu Edgy) as my main desktop system. I'd like to get it down to just one machine running all the time, the desktop's got plenty horsepower to do both jobs just fine. Problem is I don't want it sitting directly on the internet, and I have a few friends who make use of the server as well, so it only seems logical to keep it isolated on another system.

I began to wonder if it would be possible to setup a virtual machine that would run as my firewall/webserver and run it on my desktop alongside my normal OS. With three NIC's in the machine, I figure I could have two used by the firewall and one by the host desktop, and just do NAT as I do today inside the guest vm.

I spent several hours today trying to get Xen working in Ubuntu. It's the most promising of the virtualization technology I've heard of, very low performance overhead (something like 4-8%) and open source, what's not to love. Unfortunately I encountered nothing but trouble getting it running. Firstly the AMD64 binary Xen kernel packages panic on boot, it's a known bug that remains unfixed. An older Xen kernel is in the repositories and will boot ok, just lacks the accompanying restricted kernel drivers package with the new one, so you're on your own if you need the nvidia driver or whatnot. After that I spent several hours trying to figure out how to create a guest vm amidst a maze of web posts, most of which are outdated and need modification. Eventually I had vm's that wouldn't come up with a NIC and when configured to not have a NIC, were unable to locate the hard disk. I was discouraged and left it be for now.

I moved on to Vmware Server, now freely available. I'm more familar with Vmware from using Workstation at work for a few years now. It's a much more refined process for creating and configuring vm's, but unfortunately does not perform as well as Xen. (around 20% overheard) In a much shorter time I had an OpenBSD guest installed and ready to go. Actually it worked pretty well, I haven't noticed any severe performance hits. I simply ran out of fuel for configuring Apache for my sites and had to stop for the day.

With both approaches I've yet to attempt the full guest as firewall setup, only got far enough to start getting services up and running.

Exhausting day and very little to show for it thus far sadly. Hopefully I'll find the time and motivation to keep it going this week, but honestly I'm starting to question if the effort is worth it, if the technology's performance hit won't bother me on the desktop, and if the vm's will be reliable enough to trust all day every day.