Tool for detecting if a VPS node is "slabbed" or not
- Thread starter kaniini
- Start date
There's already a thread on LET about BuyVM. I need more popcorn. I ran out already.
In my opinion the only people who feel threatened by this tool are those which feel it would expose something they are not being transparent about. Might be worth noting for any future purchase decisions...
Shados
Professional Snake Miner
Of course it is; it's a neat technical question.
DomainBop
Dormant VPSB Pathogen
My whole point in downloading and running the test was that I wanted to create drama and publicly humiliate my provider, but alas, the server that Oles delivered to me today 1 minute and 53 seconds after ordering is not running under a hypervisor. Just think of the drama that would have ensued if the test had shown that Oles was trying to pass off slabs as E3 dedis.
//end troll post
Yes.
Interesting... I will pick one up and test with it.
For those of you who can read russian, here is an interestic publication worth reading - http://www.xakep.ru/post/58104/
version 0.2 of this tool has been tagged in GIT, downloadable here: https://github.com/kaniini/slabbed-or-not/archive/0.2.zip
This version is basically all about tickling VMware from inside an OpenVZ container. If that doesn't apply to your situation, it's probably pretty boring.
Interesting aspect: This version could be modified to do evil things to VMware from inside the OpenVZ container on some versions of VMware. For example, if you're running under VMware Workstation, some very trivial modifications to this tool would allow you to do things like disconnect the virtual HDD, from inside the OpenVZ container.
Good news: ESXi 5 appears to no longer allow device enumeration. Older versions -- no idea. If it lists devices, you can disconnect them by adding some code. The hypervisor's hypercall port assumes if you can access it that you have permission to do these things to the VM.
Bad news: It is not practical to block access to the VMware hypercall port. Even though ioperm() and iopl()/inl()/outl() syscalls are hidden behind the sys_rawio POSIX capability, you can just simply use some inline asm to make the hypercalls.
tl;dr: I wouldn't do slabbing with VMware if I were a provider.
This version is basically all about tickling VMware from inside an OpenVZ container. If that doesn't apply to your situation, it's probably pretty boring.
Interesting aspect: This version could be modified to do evil things to VMware from inside the OpenVZ container on some versions of VMware. For example, if you're running under VMware Workstation, some very trivial modifications to this tool would allow you to do things like disconnect the virtual HDD, from inside the OpenVZ container.
Good news: ESXi 5 appears to no longer allow device enumeration. Older versions -- no idea. If it lists devices, you can disconnect them by adding some code. The hypervisor's hypercall port assumes if you can access it that you have permission to do these things to the VM.
Bad news: It is not practical to block access to the VMware hypercall port. Even though ioperm() and iopl()/inl()/outl() syscalls are hidden behind the sys_rawio POSIX capability, you can just simply use some inline asm to make the hypercalls.
tl;dr: I wouldn't do slabbing with VMware if I were a provider.
But you are a provider!
I meant in that context a provider that used a scheme that would benefit from slabbing (i.e. OpenVZ).But you are a provider!
wcypierre
New Member
can you teach me how did you get into that instead?
Clearly you haven't been on LET lately.
is it IN the buyvm thread? I stopped reading it on like page 2.
DomainBop
Dormant VPSB Pathogen
Johnston already said they do slab some of their smaller plans and gave the reason for doing it
No-one is saying slabbing is bad..
drmike
100% Tier-1 Gogent
^--- THIS.
Now go look around and see if providers say they run nested virtualization in their marketing, FAQ, support, etc.
The fact that many providers have so much e-penis statistics dripping from their site, but neglect to mention they are even smarter than the average VPS kid offering (i.e. they are advanced in virtualization or at least know a guy who is) is ummm well, odd.
So who did folks find slabbing? Yeah BuyVM, BlueVM.... Who else? Perhaps it is list time with some official input from folks to explain their use as they are discovered.