search
Categories
Sponsors
VirtualMetric Hyper-V Monitoring, Hyper-V Reporting
Archive
Blogroll

Badges
MCSE
Community

Cozumpark Bilisim Portali
Posted in Virtual Machine Manager | No Comment | 6,748 views | 23/01/2011 12:19

I did a deep research on “Install Virtual Guest Services” feature in SCVMM.

You can reach Part 1 from this link:

I made a few more tests with Install Virtual Guest Services feature. I took a few snapshots during the installation.
After installation, i go back with snapshots and checked VMMGuestAgent service.

VMMGuestAgent.exe has no command line help options but as you see, it works with some parameters.

VMMGuestAgent.exe VIRIDIAN HVIC3

VIRIDIAN is the codename of Microsoft Virtualization. It seems, VMMGuestAgent.exe is like really old command line tool from SCVMM RC release. HVIC3 is like Hardware Integration Components 3.. Actually I don’t know what it means, I just guess.

Looks like, SCVMM uses BITS technology to put an exe file into VHD file of Virtual Machine.

Let’s see its dependencies:

I removed all security permissions from VMMGuestAgent.exe for test.

I clicked “Install Virtual Guest Services” again and result:

As you see, it gived permission error. Then I gave Administrator permissions to VMMGuestAgent.exe for another test.

After same operations, result is same:

So it’s clear that SCVMM does not act like Administrator. It does not have any Administrator privilege in VM. It simply uses Local System Account. So I removed VMMGuestAgent.exe and stopped RPC service.

After I disable service, SCVMM gaved another error.

So It seems somehow SCVMM uses RPC. But there was no ethernet card on VM.

I have so many question about that. I hope someone from Microsoft can reply my questions.


Posted in Hayattan | 1 Comment | 6,241 views | 14/01/2011 21:12

2 years ago, I started blogging. Now I’m really happy to go in 3rd years.

Two years past with (*Google Analytics):

457 Posts
165 Comments
59,911 Absolute Unique Visitors
75,866 Visits
128,801 Pageviews

My first post was about 24 (TV Series) and posted 14.01.2009.

You can see that post from this link (in Turkish):

I hope everything goes well in this year and I can share with you..


Posted in Virtual Machine Manager | 4 Comments | 174,172 views | 14/01/2011 13:42

I research a feature called “Install Virtual Guest Services” in SCVMM. We know, Hyper-V virtual machines are completely isolated from Parent partition. But a few days ago, Benjamin posted an article about data exchange between Parent Node and Virtual Machines. You can reach that post from this link:

What Physical Computer am I on?

After this post, I tried to figure out how really works this process. So I figured out, Hyper-V Data Exchange service is responsible about Registry changes. That means, you can send information or fetch information directly from virtual machine without any authentication. Because Data Exchange services runs as Local Service and has rights to write on specific area of registry as Taylor’s post. Please check this link too:

Hyper-V Data Exchange Service

I asked a question on Benjamin’s blog about this situation and he answered:

We do not see this as a security risk. We have always designed our system with the assumption that the bad guy in a VM would be able to figure out that they were in a VM – and then ensure that there is nothing that they could do with that information. In this case – the only real risk is that a bad guy could try to launch a network based attack against the host (in which case – being in a VM gives them no advantage when compared to being a seperate physical computer)
If this is a concern to you – there are two options you could take:
1) Configure the virtual machines so that they cannot attempt to connect to the host over the network. To do this configure an “external only” network that connects to a different physical network than the one the host is connected to.
2) Disable the data-exchange integration services under the virtual machine settings (which will stop this information from being sent in the first place).

and yes, this is the same “Microsoft” who requires certificate authentication between SCOM servers and clients because of security concerns. So getting information from internal clients via SCOM is not secure and that’s why you have to use certificate between servers, but getting or sending information between Hyper-V Parent Node and Virtual machines is not a security risk? Strange..

So I know a feature in SCVMM called “Install Virtual Guest Services”. If you click “Install Virtual Guest Services” for a virtual machine, process goes with these steps:

1. step: it attachs vmguest.iso to virtual machine.
2. step: reboot virtual machine with that iso.
3. step: after starting Windows, it executes vmguest.iso and installs it automatically. (without any authentication)

Yes, without authentication. Is that means you can execute a script or maybe exe, without any authentication, inside a virtual machine? If it is true, how? I made a test to figure out situation. Results are really unexpected.

You can install virtual guest services with clicking “Install Virtual Guest Services” feature in SCVMM. To do that, just create a new virtual machine with blank disk template and install a Windows Server. Then turn off the virtual machine and click the “Install Virtual Guest Services”.

So let’s see what happens really when you click “Install Virtual Guest Services”.

As a first step, it starts virtual machine:

Then installs Virtual Guest Services and shut downs virtual machine:

Now process is completed:

Now I’ll show you what really happens inside the virtual machine.

I installed a Windows Server 2008 SP2. After installation, mouse integration is not available.

So I did shut down the virtual machine. Clicked “Install Virtual Guest Services” from SCVMM. I went to Hyper-V console to watch what really happens and I saw this:

SCVMM calls a service inside VM and you only see “Interactive Services Dialog..” I don’t know what really it is, but it’s something to execute scripts. I tried to find out what services really do that.

Update 1: I captured detailed screens of “Interactive Services Dialog Detection”.

If you click “Show me the message”, you see installation of integration components:

So I disabled all Hyper-V services inside the Virtual Machine.

Also I disabled Hyper-V offers.

I checked SCVMM and it sees “no service offering” too.

Then I did same thing and clicked “Install Virtual Guest Services” via SCVMM. But nothing changed. Without any integration services and without any Hyper-V offers, SCVMM successfully updated my Virtual Machine!

Also strange thing is SCVMM can watch all steps. If somehow process does not go well, SCVMM can see that and gives you warning. After finish of process, SCVMM shows you a process report.

For example, I installed Windows Server 2003 R2 and clicked “Install Virtual Guest Services”.

SURPRISE!

SCVMM gave error because you can’t install integration services on Windows Server 2003 R2. You need at least Windows Server 2003 R2 SP2 to install Hyper-V integration services. So what happened? SCVMM tried to install integration services but Windows gave “You need newer version of Windows to install” and SCVMM got that error and finished the update process.

That means SCVMM can really detects failed process inside the virtual machine without any authentication. But how?
How really SCVMM can contact with Virtual Machine, execute an exe and see process situation without authentication?
I installed VM via Hyper-V and never used SCVMM before.

Update 2: I found some traces of process.

What is the C:\VMMGuestAgent.exe and where did it come from? I checked after installation but there is no file called “VMMGuestAgent” in C drive.

Also a message to SCVMM team. There is a typo error in message. “The server must be rebooted by SCVMM to intall virtualization components.” You should change that as “install” :)

By the way, there is no information about “VMMGuestAgent.exe” on Technet, or even Google! :)

So far I have two questions:

1) How really “Install Virtual Guest Services” works?
2) All Virtual Machines on Hyper-V is really isolated from Parent Node?

I hope someone can answer my questions. I think that’s really strange situation.


Posted in Linux Server, Virtual Machine Manager | No Comment | 7,083 views | 11/01/2011 13:59

You can use CentOS on Hyper-V with 4 vCPU.

!!! PS: EXPERIMENTAL – Just Use This Kernel Source for Test Purposes !!!

1) Install a clean CentOS 5.5 x64 without logical volume

2) Use commands below to update your virtual machine:

1
2
3
4
5
6
7
cd /usr/src/redhat/RPMS/x86_64/
wget http://www.yusufozturk.info/kernel-2.6.37-hyperv.centos.x86_64.rpm
rpm -ivh kernel-2.6.37-hyperv.centos.x86_64.rpm
mkdir /boot/temp
cd /boot/temp
zcat ../initrd-2.6.37-hyperv.img | cpio -i
nano init

Check the content below. Remove the bold duplicate lines and save it.

echo “Loading dm-log.ko module”
insmod /lib/dm-log.ko
echo “Loading dm-region-hash.ko module”
insmod /lib/dm-region-hash.ko
echo “Loading dm-region-hash.ko module”
insmod /lib/dm-region-hash.ko

echo Waiting for driver initialization.
stabilized –hash –interval 1000 /proc/scsi/scsi

Continue with commands below.

1
2
3
4
find . | cpio -c -o > ../initrd
cd ..
gzip -2 < initrd > initrd-2.6.37-hyperv.img
halt

After turned off your virtual machine, go to settings and remove Legacy Network Ethernet.
Power on virtual machine. Continue with commands below.

1
2
3
4
5
cd /etc/sysconfig/network-scripts/
rm -f ifcfg-eth0.bak
cd /etc/sysconfig/networking/devices/
rm -f ifcfg-eth0.bak
halt

Now add Synthetic Network Ethernet and 4 CPU. Power on virtual machine.
(Somehow I got kernel panic on a Centos VM – Please use this kernel as test purposes)


Posted in Linux Server, Virtual Machine Manager | 1 Comment | 10,658 views | 10/01/2011 11:48

Actually you can use Centos with Hyper-V Linux Integration Components. But if you upgrade your kernel, you should re-apply LIC again. So you can try applying new kernel with pre-compiled Hyper-V drivers. But as you know, if you apply custom kernels on Centos, your Centos will be no longer supported. So apply this with your own risk.

1
2
3
4
5
6
7
8
9
10
11
yum update
yum upgrade kernel
yum install rpm-build redhat-rpm-config ncurses-devel unifdef
cd /home
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.37.tar.bz2
tar xjf linux-2.6.37.tar.bz2
ln -s linux-2.6.37 linux
cd /home/linux
make clean && make mrproper
cp /boot/config-`uname -r` ./.config
make menuconfig

In the menuconfig, you should be careful about 3 things. If not, your new kernel may give kernel panic.

1) First, always enable this feature to eliminate boot failures.

General Setup -> Enable deprecated sysfs features to support old userspace too

2) Disable paravirtualized guest support to build rpm.

Processor type and features -> Paravirtualized guest support

3) Disable Virtualization feature.

Virtualization

Also you can append a version for Hyper-V.

General setup -> Local Version – append to kernel release

You can exit from menuconfig by saving the config. After that do:

nano /home/linux/scripts/package/mkspec

And append the following lines:

1
2
3
4
5
6
7
8
9
10
11
12
echo "%post"
echo "if [ \`uname -i\` == \"x86_64\" -o \`uname -i\` == \"i386\" ]; then"
echo "  if [ -f /etc/sysconfig/kernel ]; then"
echo "    /bin/sed -i -e 's/^DEFAULTKERNEL=kernel-smp$/DEFAULTKERNEL=kernel/' /etc/sysconfig/kernel || exit \$?"
echo "  fi"
echo "fi"
echo "/sbin/new-kernel-pkg --package kernel --mkinitrd --depmod --install "$KERNELRELEASE" || exit \$?"
echo ""
 
echo "%preun"
echo "/sbin/new-kernel-pkg --rminitrd --rmmoddep --remove "$KERNELRELEASE" || exit \$?"
echo ""

After the changes, you can go with making RPM:

1
2
cd /home/linux
make CONFIG_DEBUG_SECTION_MISMATCH=y binrpm-pkg 2> make-err.log | tee make-out.log

You can find your RPMs in /usr/src/redhat directory.


Posted in Linux Server, Virtual Machine Manager | 13 Comments | 27,145 views | 07/01/2011 23:29

I created a new kernel image for Debian x86 (32 bit). If you have to use 32bit OS for your application needs, you can use this deb packages to upgrade your kernel. Also you will have integrated shutdown feature.

1) Install a clean Debian 5.0.6

2) Do following:

apt-get update
aptitude update
wget -c http://www.yusufozturk.info/linux/linux-image-2.6.36-hyperv-debian.i386.deb
wget -c http://www.yusufozturk.info/linux/linux-headers-2.6.36-hyperv-debian.i386.deb
apt-get install build-essential
dpkg -i linux-image-2.6.36-hyperv-debian.i386.deb linux-headers-2.6.36-hyperv-debian.i386.deb
echo -e "hv_vmbus\nhv_storvsc\nhv_blkvsc\nhv_netvsc" >> /etc/initramfs-tools/modules 
update-initramfs –u –k 2.6.36-hyperv

That’s it. Reboot your server with new kernel.


Posted in Linux Server, Virtual Machine Manager | 24 Comments | 45,804 views | 07/01/2011 16:51

If you have a kernel image for your Linux virtual machine, it’s easy to upgrade your kernel for Hyper-V support.

1) Install a clean Debian virtual machine (Use emulated Ethernet card and 1 vCpu)

2) Use commands below to update your virtual machine:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
nano /etc/apt/sources.list (edit your source list if it needs)
apt-get update
aptitude update
apt-get install openssh-server (for ssh support)
apt-get install build-essential 
apt-get install ncurses-dev kernel-package fakeroot
apt-get install linux-headers-`uname -r`
apt-get install linux-source-`uname -r | awk -F"-" '{print $1}'`
cd /usr/src
wget -c http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.36.tar.bz2
bzip2 -d linux-2.6.36.tar.bz2
tar xf linux-2.6.36.tar
cd linux-2.6.36
cp /boot/config* ./.config
make menuconfig

At menuconfig, go to:

Device Drivers -> Stagging Drivers

Now choose Microsoft Hyper-V Client Drivers

After that you can enter to exit with saving changes.

Use commands below to continue:

1
2
make-kpkg clean
fakeroot make-kpkg --initrd --append-to-version=-hyperv kernel_image kernel_headers

After this process, you will find your two .deb files in /usr/src directory.

Possible problems:

1) You may get this error when you try to compile kernel.

1
2
3
4
5
6
This is kernel package version 11.015.
The UTS Release version in include/linux/version.h
"" 
does not match current version:
"2.6.26-hyperv" 
Please correct this.

Please check this page to fix this issue:

2) You may get this error when you try to compile kernel.

1
2
3
4
lguest.c:21:25: error: sys/eventfd.h: No such file or directory
lguest.c: In function ‘create_thread’:
lguest.c:1021: warning: implicit declaration of function ‘eventfd’
make: *** [lguest] Error 1

Please check this page to fix this issue:

If you get different problems, please report to me.