This depends on a variety of factors including:

There is of course a minor performance penalty that comes from running an extra operating system however the OS in each JumpBox is a stripped-down version of Ubuntu and extremely lean. Typically CPU-intensive applications are the ones that have performance degradation issues when running virtualized. JumpBox applications are typically RAM-intensive vs. CPU-intensive and therefore lend themselves well to this style of deployment. And the convenience advantages related to setup, portability, simplified maintenance and management typically far outweigh the performance hit (after all, RAM is cheap while your time is not).

The other factor here is that our engineers incorporate years of IT experience into the tuning of the application and do all the homework of researching best practices for configuration. You reap the benefits of countless years of experience in the form of optimized security and performance. Minor tweaks to the application configuration can trump performance advantages of having it run natively.

If you'd like to benchmark performance in your environment, you can download any of the free JumpBoxes and run them alongside a native install of the application running on comparable hardware. This will give you an apples-to-apples comparison of the performance penalty you can expect.

NTP is the Network Time Protocol. It is a standard way to keep system clocks synced for internet attached computers. You may consider using this if your JumpBox has access to the internet (or your own NTP servers) and the clock is drifting.

First, VMware users must disable host time sync by shutting down their JumpBox and setting tools.syncTime = "0" in the .vmx file (or disabling it in the virtual machine settings UI). Then boot the JumpBox back up and install ntpd as follows:

  sudo apt-get update
  sudo apt-get install ntp

Now save a copy of the ntp config file and edit it:

  sudo mv /etc/ntp.conf /etc/ntp.conf-bak
  sudo nano /etc/ntp.conf 

to match:

# ntpd.conf
tinker panic 0
restrict 127.0.0.1
restrict default kod nomodify notrap
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

You can substitute alternative NTP servers if they are available to you. Now, stop ntp, run ntpdate once and then restart ntp.

  sudo /etc/init.d/ntp stop
  sudo ntpdate pool.ntp.org
  sudo /etc/init.d/ntp start
  ntpq -pn

The last command should show non-zero delays and offsets and jitters below 100.

Additional VMware specific details on regarding timekeeping can be found here: http://www.vmware.com/pdf/vmware_timekeeping.pdf

NOTE: VMware now recommends "Whenever possible, use NTP instead of VMware Tools periodic time synchronization." See "NTP Recommendations" on page 14 of the VMware Linux Guest Install Document.

NOTE 2: You can disable the Host Time Sync from within the jumpbox itself by issuing the following command:

sudo vmware-guestd --cmd "vmx.set_option synctime 1 0"

Since each mail server can be configured differently, I will just try to provide a general example that you can modify to suit your needs. I will use Gmail as an example. This assumes you have a Gmail account and by no means do I encourage you to use Gmail, you would have to review their Terms of Service to see if doing so is acceptable. This post is strictly for illustrative purposes and can be used as an example for configuring for your ISP or company's mail relay.

1. Setup, Register the JumpBox, then enable SSH.
2. Log into the shell and run the following commands:
   

   sudo apt-get update
   sudo apt-get install ca-certificates
   

3. Edit the /etc/postfix/main.cf file with sudo nano /etc/postfix/main.cf, put the following at the end, substituting the appropriate relayhost and smtp_tls_CAfile if necessary
   

   smtp_use_tls = yes
   smtp_tls_CAfile = /etc/ssl/certs/Thawte_Premium_Server_CA.pem
   smtpd_sasl_auth_enable = no
   smtp_sasl_auth_enable = yes
   smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
   smtp_sasl_security_options = noanonymous
   smtpd_sasl_local_domain = $myhostname
   smtpd_sasl_application_name = smtpd
   relayhost = [smtp.gmail.com]
   

4. Now create the file /etc/postfix/sasl_passwd with sudo nano /etc/postfix/sasl_passwd and it should have the following contents:
   

   [smtp.gmail.com]             USER@gmail.com:PASSWORD
   

5. Last, we just have to run the following two commands:
   

   sudo postmap /etc/postfix/sasl_passwd
   sudo postfix reload
   

You can now test to see if email gets delivered on the command line by issuing the following command (substituting your email address of course):

sendmail -t user@example.com < /etc/services

You should get the contents of the /etc/services file in the mail. Now that you know mail is sending from the JumpBox itself, you should go test the application, which by default should be configured to send email through the JumpBox.

Note: It also appears that using Gmail always sets the sender to be the Gmail username which could be confusing under certain circumstances.

Note: If you have other problems with email delivery, please see our General Email FAQ.

If you boot a JumpBox in VMware while connected to a Windows host machine over Terminal Server you may see that the JumpBox splash screen does not display, the JumpBox seems to be stuck, but then eventually boots. This only happens if it is booted when a Terminal Server Client is connected. If you disconnect your terminal server client and boot the JumpBox it will work fine.

The JumpBox Administration Portal and, in earlier releases, the Configuration Page, are protected with SSL encryption. Due to the nature of the JumpBox, or any Virtual Appliance, the certificate used is "Self Signed", which reduces their security but, as far as we are concerned, is better than providing no encryption at all. Some browsers may display a warning or even what appears to be an error page (Internet Explorer 7 and Firefox 3) when it encounters our administration portal. It is safe to accept the certificate and even add it to your "Exception list".

The version of Internet Explorer shipped with Windows 2003 has extremely stringent security controls that make it difficult to use most websites, including the JumpBox administration tool, and the application within the JumpBox. It is possible to avoid this problem altogether if you install Firefox (or another third party browser) on Windows 2003, or if you always use and administer the JumpBox from another machine. However, If neither of those options are available, here is what to do:

• Boot the JumpBox. When an IP address appears on the console, type that IP address into Internet Explorer and press enter.
• You will get a message about the certificate being self signed. Click yes.
• You will then get a message about security zones. Click "Add...".
• Another dialog box will pop up. Click the "Add" button, and then click close.
• Go through the setup process. Once it is done, follow the presented link the application itself.
• Another security zone message box will present itself: deal with it as the previous one.

This is a very common question and unfortunately it is not an easy one for us to answer because eash user's network is different. This requires that you be able to configure your firewall or home router to direct web traffic to the JumpBox. It may be further complicated by your ISP blocking inbound ports and you may not have a static IP address.

Assuming you can make changes to your firewall, your ISP does not block this type of traffic and you have a static IP address or a way to deal with the dynamic IP address the general process you need to follow is as follows:

1. Set up your JumpBox to have a static internal IP address. You can either do this by following the JumpBox Static IP Tutorial or your DHCP server may be able to dynamically assign a static IP address.
2. Configure your router to forward all port 80 TCP (and optionally ports 22 and 3000 TCP) traffic to the internal IP address assigned to the JumpBox.
3. Configure the JumpBox to know that it is behind a firewall with the Public Address Setting

Once you have configured this, the application on your JumpBox may not behave correctly for users on the internal network. This will depend on the application and your network configuration.

Please feel free to ask in the forums for details since many users have already solved some of the issues that come up.

Compatibility of third party application plugins, extensions or themes cannot be guaranteed. Many times, these plugins are of questionable quality, dubious origin, out of date, and poorly documented; so there is no way for our team to ensure compatibility of a plugin with your JumpBox based application.

While it may be possible for you to add a plugin to a registered JumpBox, doing so may prevent the application from correctly functioning, break the JumpBox Administration portal or render your JumpBox completely useless. Depending on your support agreement, if you have one, JumpBox Support Engineers may be able to help you. So please, proceed down this path with extreme caution.

If you decide to try and make a modification of this sort, it will help to know that most JumpBox applications are installed in the /var/data/APPLICATIONNAME directory.

Locally from the JumpBox

You can access MySQL locally by registering, then SSHing into your JumpBox as the admin user and running the command:

sudo mysql --defaults-file=/etc/mysql/debian.cnf 

This will connect you as the 'debian-sys-maint' user, which is ALMOST as good as root. If you truly need to connect as the root MySQL user, get the root password:

# For 1.0 JumpBoxes
sudo grep password /etc/mysql/debian.cnf
# For 1.1+ JumpBoxes
sudo grep root /jumpbox/lib/appdata.yml

and use that password when connecting as follows:

 mysql -u root -p

Over the Network

For security reasons, the MySQL server installed on the JumpBox is not accessible from remote machines. These instructions show you how to change this yourself. Please understand that this may be a bad idea if your JumpBox is not on a secure network, so proceed with caution.

Register then SSH into your JumpBox and run the following command to edit the MySQL configuration file:

sudo nano /etc/mysql/my.cnf

Find the "bind-address" line and replace 127.0.0.1 with 0.0.0.0

#bind-address           = 127.0.0.1
bind-address            = 0.0.0.0

Now restart MySQL, sudo /etc/init.d/mysql restart, and it should be accessible remotely, but before that is useful, we need to grant access to modify a database to a remote user.
In order to do this connect to MySQL locally using the following command in the shell:

sudo mysql --defaults-file=/etc/mysql/debian.cnf 

Once you are in MySQL execute the following command:

GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'desiredpassword';

This will enable a user called 'root' on any remote host (that is what the @'%' means) who uses the password 'desired' to do anything (except GRANT privileges) to any database. For details see the MySQL 5.0 documentation on the GRANT command.

Now you can access MySQL remotely, either using a GUI admin tool or a command line too like mysql:

mysql -h JumpBoxIP -u root -p

Interacting with MySQL

With MySQL configured to listen on the network interface there are now at least three ways to interact with the MySQL server on the JumpBox.

• Command Line Tools - This way is always available to those with registered JumpBoxes and shell access to the JumpBox, using the MySQL command line tools.
• Web Admin Tool - It is possible to install the web based administration tool, phpmyadmin, on your JumpBox, instructions are shown in the Installing PHPMyAdmin FAQ
• GUI Tools - There are a number of GUI tools for administering MySQL. They will typically require that you have made MySQL accessible remotely as shown above. MySQL has GUI tools available for free download and SQL Pro is a great open source client for Mac.

Time synchronization in virtual environments is a somewhat complex subject. Trying to support it across various virtual environments further complicates matters. The following is a summary of the situation as it affects JumpBox users.

VMWare Users

For users of a VMWare product the first thing to do is ensure that the tools.syncTime parameter is set to TRUE in your JumpBox.vmx file. If it is set to FALSE, then shutdown your JumpBox and change the setting to TRUE then start the JumpBox. The JumpBox time should now be kept in sync with the host system. tools.syncTime = TRUE is the intended default setting, some past JumpBox release did not have this set.

Other Virtualization Users

There are other options for non VMWare users. One can install the NTP daemon which will automatically and continuously try to sync the JumpBox time with remote network machines. This has disadvantages and limitations in virtual environments. A similar option would be to periodically run the ntpdate command which synchronizes the JumpBox time with a remote system. This may be slightly better than running the actual ntp daemon.

Why is this so hard?

The standard way that time sync should work in virtual environments is that the guest OS (the JumpBox in this case) should be synced with the host OS. This, however, requires that the virtualization platform specific guest tools be installed. At this point, this is not possible on all platforms due either to licensing or technical limitations in the guest tools provided by various virtualization platform vendors. We expect this situation to improve over time.