On Wednesday, 20 March 2013 14:31:39 UTC-4, Andrew Sorensen wrote: > On 03/20/2013 11:03 AM, Joanna Rutkowska wrote: > > On 03/20/13 18:59, Andrew Sorensen wrote: > >> On 03/20/2013 10:39 AM, Joanna Rutkowska wrote: > >>> On 03/20/13 18:30, Andrew Sorensen wrote: > >>>> I'm currently in the process of migrating my existing workflow in Fedora > >>>> 18 > >>>> (KDE) to Qubes R2 Beta 2. Most of my programs and data are easy to > >>>> transfer > >>>> (though I'm setting up it from scratch). For example, I have a number of > >>>> separate firefox profiles that correspond almost directly to the AppVMs > >>>> I'm > >>>> creating. There's a few areas where my workflow wasn't already what I > >>>> should have in Qubes, but those are pretty easy to fix. > >>>> > >>>> But there's a kicker: my virtual machine library. I have about 100 > >>>> virtual > >>>> machines on my machine and external drives that I need to be able to > >>>> use. > >>>> All of these machines are currently in VMWare Workstation, and range > >>>> from > >>>> Windows installations to test things on (with snapshots at different > >>>> service packs and update sets), vulnerable Linux distributions to > >>>> demonstrate security issues, and virtual machines to test things like > >>>> Qubes > >>>> itself (yes - VMWare provides nested VT-x), and other virtual appliances > >>>> in > >>>> VMDK format. I need to be able to use these virtual machines after > >>>> migrating to Qubes. > >>>> > >>>> It seems like I have 2 options to continue forward, none of which seems > >>>> "easy": > >>>> > >>>> 1) Convert all my virtual machines to Xen, removing the need for VMWare. > >>>> This sounds like a great option, but I have lots of snapshots, and a few > >>>> of > >>>> my windows programs work poorly without accelerated graphics. > >>>> > >>>> 2) Install VMWare in Qubes. > >>>> I tried this by creating a HVM domain with Ubuntu, and installing VMWare > >>>> Player. VMWare Player stated that I needed to uninstall Hyper-V to run > >>>> VMWare products (huh?) I also tried this on Dom0, but I could not load > >>>> the > >>>> vmmon kernel module (I did quite a bit of research on this, and it's a > >>>> conflict between Xen and VMWare). > >>>> > >>>> I'd like to be able to do #1, but I know I'm sure I'd run into > >>>> issues/inconveniences along the way - for example, pressing > >>>> ctrl+alt+delete > >>>> in Windows. I'm willing to contribute to the Qubes project (eg: > >>>> improvements to the qubes-manager, integration of spice [1], etc), to > >>>> make > >>>> this work. > >>>> > >>>> If I can do #2, I'd want to convert most of my virtual machines to Xen, > >>>> and > >>>> leave a few in VMWare Workstation. > >>>> > >>>> I've also tried VirtualBox, in case I could convert all my virtual > >>>> machines > >>>> to it, but it just freezes on starting a virtual machine (at least in a > >>>> HVM). > >>>> > >>>> I understand running software on Dom0 is a security risk. I don't want > >>>> to > >>>> do it - but not being able to migrate because I can't move my virtual > >>>> machines over will prevent me from being able to gain any benefits from > >>>> Qubes. > >>>> > >>>> [1] http://spice-space.org/ > >>>> > >>> The #1 is the way to go. > >>> > >>> The #2 will not work. Even if we enabled nested VT-x support in future > >>> Qubes (IIRC it's an optional feature in Xen 4.2), which would however be > >>> quite stupid from a security perspective, as it increases the attack > >>> surface on the hypervisor, chances are slim any real VMM would run with > >>> any acceptable speed using nested root mode. > >> I don't think it needs VT-x (AFAIK, VirtualBox only needs it for 64 bit > >> VMs), I think it's something else that's causing the issue (but I > >> couldn't say what without a lot more research). > >> > > If it doesn't use VT-x and only uses binary translaiton that it might > > work in an HVM, but not in a PV domain (so not in AppVM or Dom0). > > > >> I'm not sure what to say about the speed. I'm currently using Qubes > >> inside of VMWare Workstation, and I'm happy with it. > > Right, but that's because you use only PV domains, correct? And those do > > not require neither VT-x nor binary translation. Or were you also able > > to use an HVM domain on Qubes under VMWare? > Looks like you are right. I tried to start Ubuntu 12.10 HVM domain > inside of VMWare, and the performance is awful (I didn't get it to a > desktop, just trying to get the system to boot). > > > > joanna. > >
I am trying to convert a bunch of VMWare VMs to something that Qubes 4 can run. But it is very hit or miss. I have been using qemu-img convert to combine multiple vmdk files into one raw image. I usually would try "root-copy-from" during qvm-create, but usually the raw disk file is larger than the default root storage of 10GB. So I wind up creating the vm first, increasing the storage of root.. then dd copying to the root. But most of the time, it fails to boot for a various set of reasons. I don't know if these VMWare files need more to be converted, they don't seem to have snapshots. They always seem to have grub, initramfs, dracut issues. Is there anything I am missing? How do you normally convert from VMWare files? Thanks. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/5d69dbb6-b211-49d1-98b1-bb7cb3132a25%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
