Video: Xen Desktop virtualization as shown by Citrix
(No Ratings Yet)
Loading ...Last week Briony Smith had a Q&A with a local Citrix exec, David Wright, about its desktop virtualization strategy. See below for a clip on the product in action.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
The Timing is Virtually Everything
(2 votes, average: 10 out of 10) Loading ...Operating systems in general keep time by counting the “ticks” from the processor (I’m sure that is a vast oversimplification of process). Virtual machines unfortunately don’t have unfettered and unlimited access to the processor and as a result, their “tick count” and internal clock quickly becomes skewed. If a virtual machine needs to interact with other systems – like Active Directory – a wildly incorrect time stamp can cause unwanted results. In the Active Directory example, logging onto a virtual machine that is a member of the domain becomes impossible if the time skew is too much.
Fortunately with VMware ESX servers, there is a mechanism to fix the time skew issue, and it is broken into two parts. The first part requires installing VMware tools on the virtual machines and synching the virtual clock with the ESX host (which over-rides the “tick” count process). The second part is to configure NTP on the ESX service console. This is slightly more complicated, but can be accomplished without too much difficulty.
On the ESX server, there is a service console that looks and acts suspiciously like a Linux OS (well, not on the ESXi platform — but that is a whole different ballgame). And part of that service console is just itching to activate NTP. Unfortunately, you can’t just say “NTP powers, activate,” but rather have to go through a few simple steps:
Configuring NTP
1. Edit the /etc/ntp.conf file
Personally, I just rename the file to ntp.old, and create a new blank ntp.conf file. In the configuration file, I basically tell it that a) only accept commands from itself, b) give the time to people that ask, but not much else, and c) lists the IP addresses of the NTP clocks to synchronize with.
For example:
restrict 127.0.0.1
restrict default kod nomodify notrap
server tick.company.com
server tock.company.com
driftfile /var/lib/ntp/drift
2. Edit the /etc/ntp/step-tickers file and type the names of the NTP devices (one server per line)
tick.company.com
tock.company.com
3. Allow NTP packets through the service console firewall
esxcfg-firewall –enableService ntpClient
4. Configure ntpd to start on boot
chkconfig –level 345 ntpd on
5. Start the ntp service
service ntpd start
6. Finally, you should synchronize the hardware clock with NTP
hwclock –systohc
For fun, you can watch the how well your ESX server is keeping time by typing:
watch “ntpq -p”
I don’t pretend to be an expert on NTP, all I know is that the above configuration settings have worked well for me. If you want to learn more about the secrets of NTP, http://support.ntp.org is a good place to start.
I’m assuming that you have a few functioning NTP services on your network (Linux boxes and various network routers are often configured to run NTP), or that your servers can access the public NTP clocks scattered across the net. One word of caution: don’t point the NTP service at a Windows 2003 server since Windows uses SNTP (and SNTP is just different enough to mess up the synchronization process).
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
Two buildings, one broadband service
(No Ratings Yet) Loading ...Get the skinny on connecting two offices to a single broadband connection from Ron Nutter. There maybe both wired and wireless options.
Got some hands-on advice to share with the community? E-mail us at the link on this page.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
Yes, you can … making a VPN gateway support the iPhone
(No Ratings Yet) Loading ...Everybody wants an iPhone … but what about the security issues? Jamey Heary, a security consulting engineer at Cisco, gets into the geeky details of how to Cisco’s IOS and ASA lines play well with Apple’s smart phone on the Cisco Subnet.
Got some hands-on advice for the community? E-mail us with the link on this page and share your knowledge.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
Building a VPN with Cisco ASA gear
(No Ratings Yet) Loading ...Sometimes, the licences can be just as important as the technical issues. Ron Nutter tells us here how to settle the issues and connect routers in a VPN here.
Got a tip or trick to pass on to the comunity? Use the e-mail link and share your knowledge through our Hands On blog.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
