I can't give any insight to the relative performance of ESX and Vmware Server, since at this point I am using a somewhat powerful (2ghz dual-core xeon, 16 gb ram) server only to evaluate (and play with) some of the different honeypot solutions, which are started and stopped quite often and not running simultaneously. But I do feel that i am able to get way better performance running about 4 virtual machines on that server, than with just a single virtual machine running in Vmware Server on my relatively new desktop pc. I will be busy handing in a report on my honeypot-fun this week, but I will be able to install and test against ESXi next week.
Lasse ________________________________ > Date: Mon, 11 Aug 2008 07:57:00 -0700 > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; capture-hpc@public.honeynet.org > Subject: Re: [Capture-HPC] clients on ESX server > CC: > > Lasse, very awesome! If you are OK with it, I will add those instructions to > our web site. Has anybody tested these out with ESXi? > > What performance do you see on your ESX server? How powerful is your box and > how many VMs are you running on it? I am just curious to see how it compares > to VMware server... > > Christian > > On Fri, Aug 8, 2008 at 5:47 AM, Lasse Borup wrote: > I'm happy to report success in compiling capture for use against ESX. > For reference I list the issues that have troubled me: > > 1. ESX has to be at least 3.5 update1 and one need to use the VIX 1.5 api, > only available as a download via the vmware server 2 beta download page. And > if the wrapper library is not used, one needs to make sure the VIX_LIB > environment variable is set to the subfolder VIServer-2.0.0 of the topmost > VIX folder. (This is on Windows, i think its done differently on linux, on > which i had no success). I also had some problems with the > compile_revert_win32.bat script, in which were resolved by using "hardcoded" > paths instead of the environment variables. (Don't ask me why, problems with > spaces in windows paths). > > 2. I had to manually copy most of the dll's from the VIServer-2.0.0 folder to > the created capture-release, as revert.exe would complain that they were > missing. > > 3. In the connect call in revert.c, the parameter > VIX_SERVICEPROVIDER_VMWARE_SERVER should be changed to > VIX_SERVICEPROVIDER_VMWARE_VI_SERVER. > > 4. In the config.xml file the following changes are needed: > 1. Instead of writing for example "127.0.0.1" as the address of the > vmware server, one has to write "https://127.0.0.1/sdk";. The following port > number is ignored. > 2. For the path of the virtual machine, the following style is needed: > "[storage1] Client/Client.vmx" where storage1 is the data store containing > the machine. Be aware of the space af the data store name. > > Minor issues, but took me some time to weed out, so i hope this might be > helpful to others. > > Regards, > Lasse > > ________________________________ > Date: Thu, 7 Aug 2008 06:49:46 -0700 > > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; capture-hpc@public.honeynet.org > Subject: Re: [Capture-HPC] clients on ESX server > CC: > > Yes, I think this is why I am also interested in it. I would assume, you can > run many more VMs with ESX than with Vmware Server. > > I see the matrix on the VIX blog (VMwares APIs are sometimes confusing since > they are so many of them). So, if you install VIX 1.5 and try to recompile > the capture-server, it might work...Lasse, would you have time to give this a > try? > > Christian > > On Thu, Aug 7, 2008 at 12:23 AM, Lasse Borup wrote: > The ESX should really support vix according to the diagram on vmwares > VIX-blog. I am still looking in to it, i think i might have made mistakes > during compilation in my first try. > Whether ESXi (which has recently been made available for free) supports VIX > is unspecified, and i don't know the exact difference between these to > versions. But ESXi is definitely interesting as a platform for honeypots now > that its free... > > > > ________________________________ > Date: Wed, 6 Aug 2008 10:01:58 -0700 > > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; capture-hpc@public.honeynet.org > Subject: Re: [Capture-HPC] clients on ESX server > CC: > > I looked at this a bit more. The ESXi doesnt seem to support the VIX API, but > rather a different API is provided. > > So, in order to get this working, you need to do the following: > 1. Ensure the ESXi API allows to revert VMs as well as start a prg within a > VMwareServer for an example. > 2. You would have to extend the capture server to support a new virtual > machine type (this is generic to any virtual machine server...could even be > XEN, Virtual PC, etc) > - implement the interface VirtualMachineServer. You can check the > - add the new type to the VirtualMachineServerFactory (specify a > new type "vmware-esxi") > - modify the config.xml to use this new type "vmware-esxi" instead > of "vmware-server" > > If anybody has gone through this exercise for any other virtual machine > server and wants to donate their code, I am happy to add it.... > > Christian > > On Mon, Aug 4, 2008 at 5:48 AM, Lasse Borup wrote: > Hi Christian > I have now tried compiling against VIX 1.5, which according to > http://blogs.vmware.com/vix/ should work against esx server 3.5 update1. > Whereas the binary distribution formerly made network contact to the server > before generating errors, this recompiled version just gave the following > error: > >> VIX Error on connect in connect: One of the parameters was invalid >> E Disconnected > > No network traffic was generated. > > Unfortunately i don't have any more time to spend on the matter at this time, > perhaps i will look into it later. > > Regards, > Lasse > > > ________________________________ > Date: Sat, 26 Jul 2008 07:24:21 -0700 > > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; capture-hpc@public.honeynet.org > Subject: Re: [Capture-HPC] clients on ESX server > CC: > > Lasse, if the API are identical, no changes are needed. You just need to > recompile. (This is what you do if the VMware Server version changes). > Since I dont have ESX, I am only speculating. Try it and let us know how it > goes. > Christian > > > On Sat, Jul 26, 2008 at 12:07 AM, Lasse Borup wrote: > Hi Christian > > But what changes would I need to make to the source before compiling? Or do i > need to check out a newer version from a repository? > > Regards, > Lasse > > > > ________________________________ > Date: Fri, 25 Jul 2008 06:39:33 -0700 > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; capture-hpc@public.honeynet.org > Subject: Re: [Capture-HPC] clients on ESX server > CC: > > Lasse, this might work, but you need to compile the capture server for sure. > Try that and let us know how it goes. > Christian > > On Fri, Jul 25, 2008 at 5:11 AM, Lasse Borup wrote: > Hi > > In the documentation for Capture-HPC it states that Vmware Server is needed > for the clients. But since Vmware Esx Server also supports the VIX api > shouldn't it be possible to run the clients on ESX? > I'm trying it out but have not been succesfull... > > Best regards, > Lasse Borup > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF _______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
