freeVSD - README
================

This document provides a brief description of freeVSD and suggests some of the
applications for which it can be used. For a basic installation guide and more 
detailed information consult the following supplied documents:
	  
  user-guide.txt     - freeVSD user's guide including installation and administration
						details.
  NEWS            - latest changes to freeVSD
  README	  - essential information on freeVSD
  INSTALL         - generic installation instructions
  security.txt    - discussion of security consideratations
  protocol.txt    - detailed information on the freeVSD protocol
  faq.txt	  - frequently asked questions


Contents
========

1.1.   System Requirements
1.2.   Obtaining freeVSD
1.2.1. Source Distribution
1.2.2. RPM Distribution
1.2.3. SRPM Distribution 
1.2.4. Web Administration Scripts
1.2.5. VSD Control
1.3.   freeVSD
1.3.1. Skel
1.4    Advantages of freeVSD
1.5.   Applications of freeVSD 


1.1. System Requirements
========================

freeVSD is intended to be installed on a clean system running a Red Hat Linux 
6.1/6.2 server installation. A clean system is produced by carrying out a clean
install on a clean server. A 'clean server' means that you are not already 
using the server on which you are attempting to install freeVSD for anything 
else. A 'clean install' means that you have installed the operating system 
(Red Hat Linux 6.1/6.2), and that your server can communicate with other 
computers via its local area network (LAN).

If your Red Hat Linux server is running Red Hat 7.0, you can also run freeVSD with the 
following RPM:

freevsd-1.4.6rh7.i386.rpm

Each virtual server's functionality will be limited to those services 
available on the hosting server. For instance, a typical Red Hat Linux 
workstation installation may not include Apache. This would preclude any of 
the hosting server's virtual servers from providing web hosting.  


1.2. Obtaining freeVSD
======================

freeVSD is available for download from ftp://ftp.freevsd.org/ in the following
formats:


1.2.1. Source Distribution
==========================

Source code for freeVSD-1.4.6 can be downloaded from the following location:

  ftp://ftp.freevsd.org/freevsd/SOURCES/freevsd-1.4.6-1.tar.gz

When the source code has been downloaded, extract it using the following
command:

  $ tar -zxf freevsd-1.4.6-1.tar.gz

For installation instructions consult the following file:

  freevsd-1.4.6-1/doc/install.txt


1.2.2. RPM Distribution
=======================

This is the recommended format for obtaining and installing freeVSD. Two
 RPMs are required and can be download from the following locations:

  ftp://ftp.freevsd.org/freevsd/RPMS/freevsd-1.4.6-1.i386.rpm  
  ftp://ftp.freevsd.org/freevsd/RPMS/freevsd-pkgs-1.4.6-1.i386.rpm

Once downloaded, the RPM packages are installed using the following commands:

  $ rpm -ivh freevsd-1.4.6-1.i386.rpm
  $ rpm -ivh freevsd-pkgs-1.4.6-1.i386.rpm

For further installation instructions consult the following file:

  /usr/doc/freevsd-1.4.6/doc/install.txt


1.2.3. SRPM Distribution
========================

The SRPM distribution is available at the following location:

  ftp://ftp.freevsd.org/freevsd/SRPMS/freevsd-1.4.6-1.src.rpm


1.2.4. Web Administration Scripts
=================================

The web administration scripts for use with freeVSD can be downloaded from a
secure ftp site. To receive a login to this site, submit you email address
via the freeVSD site (http://www.freevsd.org/download/). You will receive an 
email containing the required login information, together with an expiry date 
for the login.


1.2.5. Windows Client - VSD Control 
===================================

The beta release of VSD Control, for use with freeVSD,  can be downloaded from 
a secure ftp site. To receive a login to this site, submit you email address
via the freeVSD site (http://www.freevsd.org/download/). You will receive 
an email containing the required login information, together with an expiry 
date for the login


1.3. freeVSD
============

freeVSD is a collection of scripts and binaries that enable a Linux server 
environment to be abstracted into many virtual servers running on the same 
physical server (referred to as the host server).  

Each virtual server may run a suite of services (HTTP, DBMS, DNS, SSH, POP3, 
SMTP etc), has it's own IP address, users, rights and quotas and gives the 
appearance of a complete Linux server to local users. To ensure the tightest 
security all virtual servers are isolated and protected using 'chroot', which 
renders the file systems of adjacent virtual servers invisible and inaccessible
to each others' users.

Each virtual server has a pseudo-superuser called 'admin'. The admin user has 
full access to all the configuration files necessary to manage vital services 
on its virtual server (httpd.conf, aliases, virtusertable etc) via Telnet/SSH,
plus a full compliment of standard command line tools such as ps, grep and gcc.

freeVSD's unique 'admin' user provides an advanced method of virtual server 
administration via Telnet/SSH, whilst reserving true 'root' access for the host
server administrator.

Certain common binaries (such as mv, cp, rm and ls) have been modified to allow
the admin user enough privilege to manipulate files owned by users within the 
UID/GID range allocated to the corresponding virtual server, but nothing 
outside of it. This prevents the admin user from corrupting critical system 
files.

NOTE: freeVSD is neither an implementation of Virtual Machines nor a variation
      of Apache VirtualHosting.  All processes run on the host server kernel -
      only the file system architecture and certain binaries have been
      modified. Unlike Virtual Machines, freeVSD invokes no additional CPU or
      RAM overhead - a Pentium-class host server with plenty of RAM will 
      happily run up to 250 virtual ververs in a production web-hosting 
      environment.


1.3.1. Skel
===========

freeVSD provides each virtual server with the complete directory structure of 
a Linux file system. This would normally produce an overhead of 300-500MB per 
virtual server. With freeVSD a skel is created which contains a copy of the 
working file system of the host server. When virtual servers are created, each 
required file is individually hard linked to its equivalent in the skel, 
reducing the diskspace overhead to around 20Mb per account.

The following diagram is an outline of the directory structure you would
expect to see on a host server with virtual servers.

     /
     |
     +-------+---+---+----+---+----+----+----+---+---+---+
     virtual bin dev etc home lib proc root sbin tmp usr var
     |
     |            
     +---------+----------+------ ... -+
     disk0     disk1      disk2   ...  diskn
     |         |          |
     +---+     +---+     +---+
     vs  skel  vs  skel  vs  skel
     |   |         |
     |   |         |
     |   |         +---+---+---+----+---+----+----+---+----+---+  
     |   |         bin dev etc home lib proc root sbin tmp usr var
     |   |
     |   +---+---+---+----+---+----+----+---+----+---+  
     |   bin dev etc home lib proc root sbin tmp usr var
     |                                                             
     +----+----+--- ... -+
     vs0  vs1  vs2  ...   vsn   
     |    |    | 
     |    |    |
     |    |    +--+---+---+---+----+---+----+----+----+---+---+      
     |    |       bin dev etc home lib proc root sbin tmp usr var
     |    |     
     |    +--+---+---+---+----+---+----+----+----+---+---+      
     |       bin dev etc home lib proc root sbin tmp usr var
     |                                                            
     +--+---+---+---+----+---+----+----+----+---+---+      
       bin dev etc home lib proc root sbin tmp usr var
                                                                             

`disk0', `disk1' and `disk2' are mount points for hard disks. The `skel'
directories are essentially copies of the host servers system disk. The virtual
server directories stored under `vs0', `vs1', `vs2' are hard linked copies of 
their corresponding skel directory.


1.4. Advantages of freeVSD
==========================

One of the effect of the hard linking employed within freeVSD is that files
updated in a skel directory will be reflected immediately across all the
corresponding virtual servers, making global virtual server updates very 
efficient. 

In order to avoid damage to critical system files which are 
essentially shared between multiple virtual servers file permissions are set to
restrict the admin user to the following directories: /usr/local, /home, /root
and /tmp. This has the added advantage of simplifying backup procedures 
dramaticlly. 

If multiple hosting servers are built from a standard disk image it becomes 
possible to migrate virtual servers between into host machines as required, to 
achieve improved load balancing for example. This migration can be as simple 
as tarring a virtual server on one hosting server and extracting it on another.

freeVSD's use of chroot means that several machines can be combined one 
physical machine  consisting of  many virtual servers. The file systems on 
each of the resulting virtual servers are completely isolated from one another
so if one virtual server is hacked or fails in some way the other virtual 
servers remain unaffected. This does put a requirement for greater security on
the hosting server which would, if it were compromised, allow access to all its
hosted virtual servers.


1.5 Applications of freeVSD
===========================

Possible applications of freeVSD include:

  Demonstration Machines
	
    A killer srever application could be made available for customers to 
    perform a hands-on trial. If the application is installed into a skel, 
    virtual servers can be established and customers could sign-up to use and 
    experiment with the package. Depending on the complexity of the software 
    it would be possible to run up to 253 trial servers with each behaving and
    appearing to the customer as a dedicated system.

  Internet Hosting Solutions

    With the high cost of co-locating servers masive savings can be made by 
    offering customers virtual servers. The drastic reductions in rack-space 
    and maintenance requirements can make for an extremely efficient hosting 
    solution. freeVSD's ability to migrate virtual servers between hosting 
    servers means load balancing becomes a possiblity and customers can be 
    efficiently upgraded as their resource requirements change.

  Training Systems

    virtual servers are an ideal way to provide hands-on tuition for software 
    packages. Students can each have their own server and are free to 
    experiment without any risk of damaging the hosting server itself. In the 
    event a student is able to completely hose his server it can be quickly 
    deleted and another made available for them to completely wreck. Practice 
    makes perfect...

  Sandboxing

    virtual servers provide a secure environment for testing code without 
    risking damage to the underlying host server or inconveniencing others 
    using the service. For example, on a company intranet each department could
    have their own web hosting on a virtual server. They can implement as 
    ambitious a scheme as they wish without any danger of taking down other web
    servers and inconveniencing other departments through their a period.

  Simplifying Administration

    freeVSD has involved much work in order to develop a modular application 
    that provides hooks though a simple line oriented protocol. This enables 
    remote administration of a virtual server through a GUI or Web pages. The 
    modules provided as standard let the user:

      manipulate VirtualHost declarations in Apache 
      add/delete/modify users and user groups
      set disk quotas on a per-user basis 
      add/revoke user privileges for executing particular binaries
      create/delete/enable/disable virtual servers

With this framework in place work is continuing to extend the functionality of
the VSD module collection.
















