LiquidVM is a single-process, single-user VirtualMachine designed to run Java processes efficiently on a virtual environment. Details about LiquidVM are provided in the following topics:
LiquidVM is a virtualization enabled version of the JRockit JVM that can run on a hypervisor without a standard OS, allowing Java applications to run directly on the virtualized hardware.
The LiquidVM Tools component in WLOC provides tools to create LVM-based instances that can run in a VMWare ESX environment, as well as the run-time components necessary to manage such LVM-based instances.
LiquidVM provides the following features:
The LiquidVM file system is very similar to most Unix-like OSes. There is a single root (
/) directory; disks and remote NFS file-shares can be mounted in sub-directories. By default, the virtual disk, if configured, is mounted in the root directory (
The directory structure for WLOC is described in Table 1-1.
The LVM ISO image file to be used is specified in the
The default location for the BEA Home directory on the virtual local disk. You can change the location of the BEA Home directory by specifying the
LiquidVM provides a virtual local disk for each virtual machine. The local disk can be mapped to a SAN disk attached to the ESX server. You specify the size of the disk by passing the
diskSize parameter as a startup option to the LiquidVM launcher. To do so, specify the disk size in the WLOC start script using the
LVM_DISKSIZE option. The default is 1GB (1024). For more information, see Using the LiquidVM Launcher Commands.
If no disk is specified, the local disk is not created.
The first time that you boot LiquidVM, it detects that a virtual hard disk is attached and that it is empty. LiquidVM formats the disk and mounts it in the root directory (
To the VMware ESXserver, the virtual hard disk is a
vmdk file. The
vmdk file is placed in the same directory as the Virtual Machine's configuration file on the ESX server/SAN. You can specify which VMware datastore the VM configuration files and the virtual hard disk should be placed in by specifying the
vmwareVmDatastore option to the launcher. To do so, add a
vmwareVmDatastore= entry to the
You can transfer files to and from the local disk by using the LiquidVM SSH service. For more information, see Using the LiquidVM SSH Service.
To determine the amount of free disk space on your virtual machine while the WLOC instance is running, press F1 in the VMware VM console. Details about the running system, including the amount of free disk space, are displayed in the console.
If your disk is full, you can shut-down WLOC and specify a larger disk by increasing the value of the
LVM_DISKSIZE property in the WLOC start script.
VMware does not provide a way to increase the size of the disk. Instead, when you restart WLOC, the LiquidVM launcher creates a new larger disk and copies the files from the old disk to the new disk. When you increase the size of the disk, the initial restart of WLOC will take longer depending on the size of the disk and the amount of files to be copied.
|Note:||LiquidVM does not provide a mechanism to reduce the size of a disk.|
LiquidVM provides a SSH2-compatible service for transporting files to and from LiquidVM. The SSH service does not provide shell services; that is, LiquidVM does not support scripts or editing files from the SSH shell.
The SSH service in LiquidVM provides an encrypted communication channel between the server and the client. The encryption protocol used is AES-128. Unencrypted communication is not supported.
You can transfer files using the
sftp extensions to SSH. The Linux OS includes
scp clients. On Windows systems, several free SSH2 clients are available for download (e.g.,
|Note:||LiquidVM does not support SSH1 clients.|
You authenticate with the SSH service using either password-based or public/private key authentication. For more information, see Authenticating with the SSH Service.
LiquidVM is a single-process, single-user environment, therefore only the
liquidvm user is supported. Multiple users cannot login into LiquidVM.
The SSH2 server normally listens on the standard SSH port (port 22), but you can change the SSH listen port by setting the Java property
-Dlvm.ssh.port. You may prefer to change the SSH port to something other than the default (port 22), since most SSH attacks try to attack the default port.
When you use the LiquidVM launcher to create a new instance, you can specify the type of authentication to be used. To use public/private key authentication, you need to provide your public key as a startup option to the LiquidVM launcher. To do so, specify the location of the public key in the WLOC start script using the
LVM_SSH_PUBLIC_KEY option. For more information, see Using the LiquidVM Launcher Commands. When you attempt to authenticate with the SSH service, you will be prompted to provide your private key.
In a development environment, you may not want to bother with keys and secure passwords. In that case, LiquidVM provides a simpler, but unsafe method, of specifying an SSH password in clear-text from the launcher. You can specify the password in the WLOC start script using the
|Caution:||The password is stored in clear-text. This option should not be used in a production environment. BEA recommends using public/private key authentication in development environments also. Once you have specified a real password or set up an SSH public-key, the unsafe password is no longer valid.|
If you should happen to lose your private key, it is good idea to have a secure real password as well, so that you can still log in and access the files on the local disk. You can do password-based authentication that is not clear-text, follows:
passwd. You will be asked for the existing password. If you are using a public key, leave it blank and press
This installs a real password; therefore, the unsecure clear-text password will no longer work. The public key authentication will continue to work if you prefer to use that method.
The SSH service will send audit messages to the syslog for the following actions:
You can use remote logging facilities to send these message to a remote log-collector for compliancy verification.
To copy files to or from the LiquidVM instance before starting WLS, you can use LiquidVM in passive mode. In passive mode, only the LiquidVM services, including the SSH service, are started. WLS is not started.
To start LiquidVM in passive mode, add the
startMode=passive option to the launcher start arguments. Once LiquidVM is started in passive mode, you can log in over SSH and transfer your files. When you have finished transferring your files, you can either restart the server or login over SSH and run the start command to resume execution.
If you want the LiquidVM launcher to wait for the SSH service to be started before the launcher exits, you can specify
waitForSSH=true. This can be useful in a scripting environment where you first start the instance and then you want to copy files from or to the server as soon as SSH is running on the newly started server.