Difference between pages "Res ldap.conf" and "Creating VMs"

From Wikislax
(Difference between pages)
Jump to: navigation, search
(Created page with "{{RightTOC}} == LDAP configuration == The [http://studioware.com/wikislax/index.php?title=OpenLDAP OpenLDAP] directory built earlier must be modified to include the asterisk...")
 
(Creating a PV VM)
 
Line 1: Line 1:
 
{{RightTOC}}
 
{{RightTOC}}
  
== LDAP configuration ==
+
== the xl tool ==
  
The [http://studioware.com/wikislax/index.php?title=OpenLDAP OpenLDAP] directory built earlier must be modified to include the asterisk schema, that can be copied from '''/usr/local/asterisk-x.y.z.t/contrib/scripts/asterisk.ldap-schema''' into '''/usr/local/etc/openldap/schema'''. The schema must then be included from '''/usr/local/etc/openldap/slapd.conf''':
+
There is a variety of tools and commands to handle virtual machines. Here we will use the Xen '''xl''' command.
  
#
+
* '''xl create ''file''''' affords creating a virtual machine based on the configuration in file ''file''. A one-starting sequential domain id is created.
# See slapd.conf(5) for details on configuration options.
 
# This file should NOT be world readable.
 
#
 
include        /usr/local/etc/openldap/schema/core.schema
 
include        /usr/local/etc/openldap/schema/cosine.schema
 
include        /usr/local/etc/openldap/schema/inetorgperson.schema
 
'''include        /usr/local/etc/openldap/schema/asterisk.schema'''
 
. . .
 
  
A restart is required:
+
* '''xl destroy ''domid''''' affords destroying a virtual machine with domain id ''domid''. Of course using the system in the VM will be a preferred method to terminate.
  
# /etc/rc.d/rc.slapd restart
+
* '''xl help''' affords getting more information on other xm commands.
  
We need to define a structure in the OpenLDAP directory where to store the asterisk information. For example we can put our '''users''' and '''extentions''' under entries by the same name just below the root of the directory. This can be done with the following LDIF file that we add to the directory using the '''ldapadd''' command:
+
Xen supports paravirtualisation and hardware virtualization. Both can be used at the same time on a single Xen system.
  
#OU users
+
== Creating a PV VM ==
dn: ou=users,dc=studioware,dc=com
 
objectClass: top
 
objectClass: organizationalUnit
 
ou: users
 
# OU extensions
 
dn: ou=extensions,dc=studioware,dc=com
 
objectClass: top
 
objectClass: organizationalUnit
 
ou: extensions
 
 
# '''ldapadd -x -D "cn=Manager,dc=studioware,dc=com" -W -f yourLDIFpath'''
 
  
* '''-x''' : affords using a simple authentication (as opposed to SASL tricky schemes)
+
* in paravirtualization (PV) guest operating systems are modified so they are able to interlock with Xen without emulation or virtual emulated hardware. Xen PV guest kernels exist for Linux, NetBSD, FreeBSD, OpenSolaris and Novell Netware. Upstream kernel.org Linux kernels since Linux 2.6.24 include Xen PV guest (domU) support based on the Linux pvops framework, so every upstream Linux kernel can be automatically used as Xen PV guest kernel without any additional patches or modifications.
* '''-D''' : affords defining the user (here cn=Manager,dc=studioware,dc=com)
 
* '''-W''' : affords being prompted to enter the password
 
* '''-f''' : affords specifying the LDIF file name
 
  
== res_ldap.conf ==
+
Paravirtualization requires storing the kernel to boot in the dom0 filesystem, and populating the system in a virtual partition. The kernel generated must be able to manage [http://wiki.qemu.org/download/qemu-doc.html#QEMU-PC-System-emulator the QEMU devices] and include the .config file [http://wiki.xen.org/wiki/Mainline_Linux_Kernel_Configs#Configuring_the_kernel domU options]. Here is a minimal example of such a [{{SERVER}}/wikislax/download/config-domU .config domU] file. The swap partition and VM filesystem can be created as below. Don't forget to update the root device in fstab :
  
The '''res_ldap.conf''' file affords detailing how to access the LDAP database and which schema variables to use. Let's start with the LDAP connection information, located in the '''[_general]''' context:
+
# dd if=/dev/zero of=sl12.swp bs=1024k count=1024
 +
# mkswap sl12.swp
 +
# dd if=/dev/zero of=sl12.img bs=1024k count=8192
 +
# mkfs -t ext3 sl12.img
 +
# mkdir loop
 +
# mount -o loop sl12.img loop
 +
# cp -ax /mnt/sl12/{0,bin,boot,etc,home,initrd*,lib,lib32,lib64,media,mnt,opt,root,run,sbin,srv,sys,usr,var,vmlinuz*} loop
 +
# mkdir loop/{dev,proc,tmp}
 +
# chmod 777 loop/tmp
 +
# vi loop/etc/fstab
 +
# umount loop
 +
# dd if=/dev/zero bs=1G count=8 >> sl12.img
 +
# fsck -f sl12.img
 +
# resize2fs sl12.img
  
[_general]
+
Then a PV config file needs to be created. Samples are available from the /etc/xen directory. Here is an [{{SERVER}}/wikislax/download/sl12 example] running in a X window for slackware 12.1 (32 bits). The main config options to modify are :
;
 
; Specify one of either host and port OR url. URL is preferred, as you can
 
; use more options.
 
host=localhost                      ; LDAP host
 
port=389
 
url=ldap://localhost
 
protocol=3                          ; Version of the LDAP protocol to use; default is 3.
 
basedn=dc=studioware,dc=com          ; Base DN
 
user=cn=Manager,dc=studioware,dc=com ; Bind DN
 
pass=mysecret                        ; Bind password
 
  
The other contexts, '''[extensions]''', '''[sip]''', and '''[IAX]''', afford defining the correspondance between the variable names in Asterisk (on the left) and the variable names in the LDAP schema (on the right). Here is an example for the '''[extensions]''' context:
+
# Kernel image file in dom0 filesystem
 +
kernel = "/boot/vmlinuz-3.4.2-domU"
 +
# Not using any optional ramdisk
 +
#ramdisk = "/boot/initrd.gz"
 +
# Initial memory allocation (in megabytes) for the new domain.
 +
memory = 2048
 +
# A name for the new domain. All domains have to have different names,
 +
name = "sl12"
 +
# Number of virtual CPUs
 +
vcpus = 2
 +
# Define network interfaces
 +
vif = [ ' ' ]
 +
# Define disk devices. Note the device names xvda and xvdb
 +
disk = [ 'file:/mnt/xen/sl12.img,xvda1,w', 'file:/mnt/xen/sl12.swap,xvdb,w' ]
 +
# Define frame buffer device. Use sdl to view virtual machine in a window
 +
vfb = [ 'sdl=1' ]
 +
# Set root device.
 +
root = "/dev/xvda1 ro"
 +
# Window resolution additional parameters
 +
extra = "xen-fbfront.video=16,1680,1024"
  
;
+
The VM can then be launched with '''xl create ''file''''' :
; Extensions Table
 
;
 
[extensions]
 
;context  =  AstExtensionContext
 
;exten  =  AstExtensionExten
 
;priority = AstExtensionPriority
 
;app = AstExtensionApplication
 
;appdata = AstExtensionApplicationData
 
;additionalFilter=(objectClass=AstExtension)
 
context  =  AstContext
 
exten  =  AstExtension
 
priority = AstPriority
 
app = AstApplication
 
appdata = AstApplicationData
 
additionalFilter=(objectClass=AsteriskExtension)
 
  
For a full content example of the res_ldap.conf file please click [{{SERVER}}/slax/download/res_ldap.conf here]. But please note that some names in your particular situation might differ from the names listed in this file and you could have to fix it.
+
root@inner:/etc/xen# xl create sl12
 +
Parsing config from sl12
 +
root@inner:/etc/xen#
  
== extconfig.conf ==
+
== Creating a HVM ==
  
The '''[settings]''' context of '''extconfig.conf''' affords defining in which subtrees Asterisk should get the '''users''' and '''extension''' entries:
+
* in full hardware virtualization (HVM) guests require CPU virtualization extensions from the host CPU (Intel VT-x, AMD-V). Xen uses a modified version of Qemu to emulate full PC hardware, including BIOS, IDE disk controller, VGA graphic adapter, USB controller, network adapter etc for HVM guests. CPU virtualization extensions are used to boost performance of the emulation. Fully virtualized guests do not require kernel support, so for example Windows operating systems can be used as Xen HVM guest. Fully virtualized guests are usually slower than paravirtualized guests, because of the required emulation.
  
;
+
Full hardware virtualization requires only a disk image to execute in. Then a HV config file needs to be created. Samples are available from the /etc/xen directory. Here is an [{{SERVER}}/wikislax/download/win7 example] running in a X window for Windows 7. The main config options to modify are :
; Static and realtime external configuration
 
; engine configuration
 
;
 
; See https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
 
; for basic table formatting information.
 
;
 
[settings]
 
 
'''sipusers => ldap,"ou=users,dc=studioware,dc=com",sip'''
 
'''sippeers => ldap,"ou=users,dc=studioware,dc=com",sip'''
 
'''extensions => ldap,"ou=extensions,dc=studioware,dc=com",extensions'''
 
. . .
 
  
== sip.conf ==
+
# Initial memory allocation (in megabytes) for the new domain.
 +
memory = 2048
 +
# A name for the new domain. All domains have to have different names,
 +
name = "win7"
 +
# Number of virtual CPUs
 +
vcpus = 4
 +
# Define network interfaces
 +
vif = [ 'type=ioemu, bridge=br0' ]
 +
# Define disk devices. Note the device names xvda and xvdb
 +
disk = [ 'file:/mnt/xen/win7.img,hda,w', 'file:/mnt/xen/win7.iso,hdc:cdrom,r' ]
 +
# enable SDL library for graphics, default = 0
 +
sdl=1
 +
# enable VNC library for graphics, default = 1
 +
vnc=0
 +
# set VNC display number, default = domid
 +
vncdisplay=7
  
For OpenLDAP to properly work these options must be added to the '''[general]''' context of the '''sip.conf''' file:
+
The VM can then be launched with '''xl create ''file''''' :
  
  [general]
+
  root@inner:/etc/xen# xl create win7
  rtcachefriends=yes
+
  Parsing config from win7
  callevents=yes
+
  root@inner:/etc/xen#
realm=studioware.com
 
. . .
 
  
* rtcachefriends=yes // affords putting in cache the user info (mandatory at it affords keeping in memory the IP address with which the user connected).
+
== A little screen shot ==
* callevents=yes // affords raising information about a call
 
* realm=studioware.com // LDAP domain name
 
  
== extensions.conf ==
+
The 3 VMs displayed on this slackware 13.37 dom0 are slackware 12.1, windows 7 and windows 8.  
  
The switch statement can be declared in one or more contexts to include the users or extensions LDAP records that have an '''AstAccountContext''' field matching the context name, for example:
+
[[file:Screenshot.png]]
 
 
[internal]
 
'''switch => Realtime/@'''
 
. . .
 
 
[freephonie]
 
. . .
 
'''switch => Realtime/@'''
 
. . .
 
 
 
<u>Note</u> : including the extensions LDAP records in several contexts is possible thanks to the fact the the '''AstAccountContext''' field is multivalued.
 
 
 
== Making sure ==
 
 
 
At this point Asterisk should be able to take the new configuration into account (with no user defined). Connect to the asterisk console, reload the modules and the configuration files and display the ldap status:
 
 
 
# '''asterisk -r'''
 
Asterisk 15.0.0, Copyright (C) 1999 - 2016, Digium, Inc. and others.
 
Created by Mark Spencer <markster@digium.com>
 
Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
 
This is free software, with components licensed under the GNU General Public
 
License version 2 and other licenses; you are welcome to redistribute it under
 
certain conditions. Type 'core show license' for details.
 
=========================================================================
 
Connected to Asterisk 15.0.0 currently running on inner (pid = 2563)
 
inner*CLI> '''module reload'''
 
[Nov 28 21:29:09] NOTICE[2827]: sorcery.c:1407 sorcery_object_load: Type 'system' is not reloadable, maintaining previous values
 
[Nov 28 21:29:09] WARNING[2818]: res_phoneprov.c:1230 get_defaults: Unable to find a valid server address or name.
 
[Nov 28 21:29:09] NOTICE[2818]: chan_skinny.c:8445 config_load: Configuring skinny from skinny.conf
 
[Nov 28 21:29:09] NOTICE[2818]: cel_custom.c:95 load_config: No mappings found in cel_custom.conf. Not logging CEL to custom CSVs.
 
[Nov 28 21:29:09] NOTICE[2818]: app_queue.c:8999 reload_queue_rules: queuerules.conf has not changed since it was last loaded. Not taking any action.
 
inner*CLI> '''sip reload'''
 
inner*CLI> '''dialplan reload'''
 
Dialplan reloaded.
 
inner*CLI> '''realtime show ldap status'''
 
Connected to 'ldap://localhost', baseDN dc=studioware,dc=com with username cn=Manager,dc=studioware,dc=com for 40 seconds
 
inner*CLI> quit
 
Asterisk cleanly ending (0).
 
Executing last minute cleanups
 
root@inner:/usr/local/etc/asterisk#
 
 
 
== Adding Asterisk users ==
 
 
 
A small [{{SERVER}}/slax/download/cu.sh script] will afford adding users to the '''users''' and '''extensions''' subtrees of the directory. In this script we create users in context '''[internal]''' and extensions in contexts '''[internal]''' and '''[freephonie]''', creating two values in multivalued field '''AstAccountContext'''. Once the user created in LDAP,  SIP registration can be checked on the display of the phone and on the Asterisk console:
 
 
 
root@inner:/usr/local/etc/asterisk# '''asterisk -r'''
 
Asterisk 15.0.0, Copyright (C) 1999 - 2016, Digium, Inc. and others.
 
Created by Mark Spencer <markster@digium.com>
 
Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
 
This is free software, with components licensed under the GNU General Public
 
License version 2 and other licenses; you are welcome to redistribute it under
 
certain conditions. Type 'core show license' for details.
 
=========================================================================
 
Connected to Asterisk 15.0.0 currently running on inner (pid = 2563)
 
[Nov 28 21:39:46] NOTICE[2678]: chan_sip.c:24648 handle_response_peerpoke: Peer 'jp' is now Reachable. (9ms / 2000ms)
 
inner*CLI> '''quit'''
 
Asterisk cleanly ending (0).
 
Executing last minute cleanups
 
root@inner:/usr/local/etc/asterisk#
 
  
 
<br/>
 
<br/>
  
{{pFoot|[[Sip.conf]]|[[Main Page]]|[[Confbridge.conf]]}}
+
{{pFoot|[[Using Grub2]]|[[Main Page]]|[[OpenSSL]]}}

Revision as of 20:40, 30 July 2018

the xl tool

There is a variety of tools and commands to handle virtual machines. Here we will use the Xen xl command.

  • xl create file affords creating a virtual machine based on the configuration in file file. A one-starting sequential domain id is created.
  • xl destroy domid affords destroying a virtual machine with domain id domid. Of course using the system in the VM will be a preferred method to terminate.
  • xl help affords getting more information on other xm commands.

Xen supports paravirtualisation and hardware virtualization. Both can be used at the same time on a single Xen system.

Creating a PV VM

  • in paravirtualization (PV) guest operating systems are modified so they are able to interlock with Xen without emulation or virtual emulated hardware. Xen PV guest kernels exist for Linux, NetBSD, FreeBSD, OpenSolaris and Novell Netware. Upstream kernel.org Linux kernels since Linux 2.6.24 include Xen PV guest (domU) support based on the Linux pvops framework, so every upstream Linux kernel can be automatically used as Xen PV guest kernel without any additional patches or modifications.

Paravirtualization requires storing the kernel to boot in the dom0 filesystem, and populating the system in a virtual partition. The kernel generated must be able to manage the QEMU devices and include the .config file domU options. Here is a minimal example of such a .config domU file. The swap partition and VM filesystem can be created as below. Don't forget to update the root device in fstab : 

# dd if=/dev/zero of=sl12.swp bs=1024k count=1024
# mkswap sl12.swp
# dd if=/dev/zero of=sl12.img bs=1024k count=8192
# mkfs -t ext3 sl12.img
# mkdir loop
# mount -o loop sl12.img loop
# cp -ax /mnt/sl12/{0,bin,boot,etc,home,initrd*,lib,lib32,lib64,media,mnt,opt,root,run,sbin,srv,sys,usr,var,vmlinuz*} loop
# mkdir loop/{dev,proc,tmp}
# chmod 777 loop/tmp
# vi loop/etc/fstab
# umount loop
# dd if=/dev/zero bs=1G count=8 >> sl12.img
# fsck -f sl12.img
# resize2fs sl12.img

Then a PV config file needs to be created. Samples are available from the /etc/xen directory. Here is an example running in a X window for slackware 12.1 (32 bits). The main config options to modify are : 

# Kernel image file in dom0 filesystem
kernel = "/boot/vmlinuz-3.4.2-domU"
# Not using any optional ramdisk
#ramdisk = "/boot/initrd.gz"
# Initial memory allocation (in megabytes) for the new domain.
memory = 2048
# A name for the new domain. All domains have to have different names,
name = "sl12"
# Number of virtual CPUs
vcpus = 2
# Define network interfaces
vif = [ ' ' ]
# Define disk devices. Note the device names xvda and xvdb
disk = [ 'file:/mnt/xen/sl12.img,xvda1,w', 'file:/mnt/xen/sl12.swap,xvdb,w' ]
# Define frame buffer device. Use sdl to view virtual machine in a window
vfb = [ 'sdl=1' ]
# Set root device.
root = "/dev/xvda1 ro"
# Window resolution additional parameters
extra = "xen-fbfront.video=16,1680,1024"

The VM can then be launched with xl create file : 

root@inner:/etc/xen# xl create sl12
Parsing config from sl12
root@inner:/etc/xen#

Creating a HVM

  • in full hardware virtualization (HVM) guests require CPU virtualization extensions from the host CPU (Intel VT-x, AMD-V). Xen uses a modified version of Qemu to emulate full PC hardware, including BIOS, IDE disk controller, VGA graphic adapter, USB controller, network adapter etc for HVM guests. CPU virtualization extensions are used to boost performance of the emulation. Fully virtualized guests do not require kernel support, so for example Windows operating systems can be used as Xen HVM guest. Fully virtualized guests are usually slower than paravirtualized guests, because of the required emulation.

Full hardware virtualization requires only a disk image to execute in. Then a HV config file needs to be created. Samples are available from the /etc/xen directory. Here is an example running in a X window for Windows 7. The main config options to modify are : 

# Initial memory allocation (in megabytes) for the new domain.
memory = 2048
# A name for the new domain. All domains have to have different names,
name = "win7"
# Number of virtual CPUs
vcpus = 4
# Define network interfaces
vif = [ 'type=ioemu, bridge=br0' ]
# Define disk devices. Note the device names xvda and xvdb
disk = [ 'file:/mnt/xen/win7.img,hda,w', 'file:/mnt/xen/win7.iso,hdc:cdrom,r' ]
# enable SDL library for graphics, default = 0
sdl=1
# enable VNC library for graphics, default = 1
vnc=0
# set VNC display number, default = domid
vncdisplay=7

The VM can then be launched with xl create file : 

root@inner:/etc/xen# xl create win7
Parsing config from win7
root@inner:/etc/xen#

A little screen shot

The 3 VMs displayed on this slackware 13.37 dom0 are slackware 12.1, windows 7 and windows 8.

Screenshot.png


Using Grub2 Main Page OpenSSL
Retrieved from "http://studioware.com/wikislax/index.php?title=Res_ldap.conf&oldid=65"