Reading about VMWares Long Distance VMotion, which they offer in connection with Ciscos Data Center Interconnect, I was wondering if the same thing wouldn’t be possible using Citrix XenServer as well as OpenVPN. My current test setup is running a XenServer instance in Tubingen at my University, as well as an instance at the TU Munich. The distance between both locations is about 220KM, and a ping reveals a latency of about 8ms. Both locations provide a Bandwidth of about 100MBit through the Universities Internet connection, while throughput is limited by OpenVPN further. I got a Server running OpenVPN as well as NFS for shared storage at the TU Munich as well, while the OpenVPN Client in Tubingen is running as a VM inside XenServer itself to provide the VPN Tunnel.
The purpose of the setup is to provide an environment to demonstrate the possibility to migrate a VM between different subnets while maintaining reachability throughout the migration, which is the topic of my thesis. Even though this is not implemented yet the migration over the distance, while just using a pretty standard internet connection and a VPN Tunnel, is. I decided to create a screencast to demonstrate this, in it’s first form, which is working since yesterday.
I plan to have a demo of a working migration with constant reachability when my thesis is done.

http://vimeo.com/moogaloop.swf?clip_id=12429809&server=vimeo.com&show_title=1&show_byline=1&show_portrait=1&color=ffffff&fullscreen=1

Kind of hard to see in the current video quality, the top server is located at Tubingen in a 10.1.1.0/24 Subnet, with a TestVM running, while the other Server is located at the TU Munich with a 10.0.0.0/24 Subnet, both running XenServer 5.5. The TestVM runs a little script printing the current date every second, to demonstrate there is no real downtime during the Live Migration.

Since some of my SVN Repositories did not survive the last Update of the Database, and were really hard to recover, or some even needed to be recovered from older Backup, I decided to switch to Mercurial for all me Repository needs.

Looking around on the Web there a probably 100s of guides explaining the basics and setup, but actually None of them worked as a whole for me, so I decided to write down my experiences maybe they apply to somebody, and if not, at least it will be easier for me next time.

First of all thanks to the following Guides I got everything working:

• Mercurial Wiki
• HgWebDirStepByStep
• HG Web mod-python
• Getting Started with Mercurial

Second I’m running on a Debian Lenny Server with all Updates until 5/5/2009, Mercurial is 1.0.1, Apache is Apache/2.2.9 (Debian).

Now a couple hints, make sure cgi is enabled

sudo a2enmod cgi
sudo a2enmod cgid

Now Setup a new Location for Mercurial like this one

ScriptAliasMatch ^/merc(.*) /MYREPOPATH/hgwebdir.cgi$1
   <Location /merc>
   Allow from all
   Options ExecCGI
   AuthType Digest
   AuthName “REPOSNAME”
   AuthDigestProvider file
   AuthUserFile PATHTOPASSWORDFILE
   Require valid-user
   </Location>

Now copy the file hgwebdir.cgi found in /usr/share/hg to the Repository Path and Setup a hgweb.config file in the same location to point to your repositories

[collections]
MYREPOPATH = MYREPOPATH

Now just the repositories need to be initilized in this Path

mkdir testrepo
cd testrepo && hg init

and the Password file has to be created

mkdir testrepo
htdigest -c PASSWORDFILE ‘REPOSNAME’ USERNAME

If you now add allow_push = USERNAME to the hgrc file for the repository you can push your changes to the newly initilized repository after cloning it.

Hope those hints will help, if not comments are welcome.

I’m a big fan of EMail encryption and Authentification, because I use EMail like Letters, and would like to assure the recipient that it’s really me who’s sending it. Also if it’s Privat or if I might be sending the occasional Password, I would like to encrypt.

Since S/MIME is build into pretty much every EMail Programm on the Planet (Apple Mail, Outlook, Thunderbird, Evolution etc.) I prefer it over PGP/GPG. Well I got my Certificat from www.thawte.com which worked really flawlessly, and they also tell you how to Integrate it in about ever Mail Programm there is, the only Problem I have is:

What do I do If I’m on a Computer without my Mail Programm?

But since I use GMail there is a nice solution, GMail S/MIME I finally no longer have to run Thunderbird on my Netbook but can stick to Firefox, and thats all I need. Simply Import your Certificate, and the Thawte Root CA under Certificates (Preferences -> Advanced -> View Certificates ), and your good to go, no other Configuration needed.

It works great for me, so I guess finally I can tell more People to use S/MIME.