/[gentoo]/xml/htdocs/doc/en/xen-guide.xml
Gentoo

Contents of /xml/htdocs/doc/en/xen-guide.xml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.4 - (hide annotations) (download) (as text)
Thu Apr 10 15:01:50 2008 UTC (6 years ago) by cam
Branch: MAIN
Changes since 1.3: +4 -4 lines
File MIME type: application/xml
Fixed domU vmlinuz path

1 swift 1.1 <?xml version='1.0' encoding='UTF-8'?>
2 cam 1.4 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.3 2007/12/10 15:37:10 swift Exp $ -->
3 swift 1.1
4     <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5    
6     <guide link="/doc/en/xen-guide.xml">
7    
8     <title>Configuring Gentoo with Xen</title>
9    
10     <author title="Author">
11     <mail link="swift@gentoo.org">Sven Vermeulen</mail>
12     </author>
13    
14     <abstract>
15     This guide describes how to start using Xen on your Gentoo system
16     </abstract>
17    
18     <!-- The content of this document is licensed under the CC-BY-SA license -->
19     <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
20     <license/>
21    
22 cam 1.4 <version>1.3</version>
23     <date>2008-04-10</date>
24 swift 1.1
25     <chapter>
26     <title>Introduction</title>
27     <section>
28     <body>
29    
30     <p>
31     The <uri link="http://www.xensource.com/">Xen</uri> technology allows you to run
32     multiple operating systems on a single physical system, govern resource
33     consumption and even migrate domains (which are the virtual environments in
34     which a guest operating system runs) from one Xen-powered system to another. Xen
35     requires the host operating system to support Xen (which, in this case, will be
36     a Linux kernel) but guest operating systems can run unmodified <e>if</e> your
37     hardware supports Intel Virtualization Technology (VT-x) or AMD Virtualization
38     Technology (SVM). Otherwise your guest operating systems must also support Xen.
39     </p>
40    
41     <p>
42     This guide will talk you through the configuration steps necessary to get Xen up
43     and running on Gentoo Linux. We will not discuss Xen itself (the Xen project has
44     <uri
45     link="http://www.cl.cam.ac.uk/research/srg/netos/xen/readmes/user">decent
46     documentation</uri> available) nor will we talk about specialized setups that
47     might be very interesting for Xen setups but are not Xen-related (like exporting
48     Portage through NFS, booting Linux using PXE, etc.)
49     </p>
50    
51     </body>
52     </section>
53     </chapter>
54     <chapter>
55     <title>Preparing Domain0</title>
56     <section>
57     <title>Introduction</title>
58     <body>
59    
60     <p>
61     <e>Domain0</e> is the primary domain under Xen, hosting the host operating
62     system which governs all other domains. In this chapter we will prepare an
63     existing Gentoo installation to become the host operating system in this domain
64     and build the Xen-powered kernel so that Gentoo is ready to host other Xen
65     domains.
66     </p>
67    
68     </body>
69     </section>
70     <section>
71     <title>Rebuilding the Gentoo Installation ?</title>
72     <body>
73    
74     <p>
75     A dramatic change that might be necessary is to rebuild the entire Gentoo
76     installation with a different <c>CFLAGS</c> setting. Guest operating systems
77     running under Xen might otherwise see major performance degradation. If you,
78     however, are planning on checking out Xen rather than installing it for
79     production use and are not terribly fond of rebuilding all programs, you can
80     skip this step. In this case you will notice performance degradation but you
81     will still be able to use Xen.
82     </p>
83    
84     <impo>
85     It is advised that, if you change your <c>CFLAGS</c> and build your system with
86     a gcc lower than version 4, you do not have <c>-Os</c> set as it has been
87     reported to produce broken code.
88     </impo>
89    
90     <pre caption="Editing the CFLAGS and rebuild the Gentoo installation">
91     ~# <i>nano -w /etc/make.conf</i>
92     <comment>(Add -mno-tls-direct-seg-refs)</comment>
93     CFLAGS="-O2 -march=pentium4 -pipe <i>-mno-tls-direct-seg-refs</i>"
94    
95     ~# <i>emerge -e world</i>
96     </pre>
97    
98     <p>
99     If you boot your system using an initial ramdisk (initrd) you need to
100     rebuild the initrd as well (which is best done by running all steps you would do
101     when you rebuild your kernel).
102     </p>
103    
104     </body>
105     </section>
106     <section>
107     <title>Installing Xen</title>
108     <body>
109    
110     <p>
111     Xen actually contains many components, so you'll need to install a couple of
112     packages. Because it is still <uri
113     link="/doc/en/handbook/handbook-x86.xml?part=3&amp;chap=3#doc_chap2">~arch
114     masked</uri> you first need to unmask it by adding the necessary lines to
115     <path>/etc/portage/package.keywords</path> and then install them.
116     </p>
117    
118     <pre caption="Unmasking and Installing Xen">
119     ~# <i>nano -w /etc/portage/package.keywords</i>
120     app-emulation/xen
121     app-emulation/xen-tools
122     sys-kernel/xen-sources
123    
124     ~# <i>emerge xen xen-tools xen-sources</i>
125     </pre>
126    
127    
128    
129     </body>
130     </section>
131     <section>
132     <title>Building the Kernel</title>
133     <body>
134    
135     <p>
136     Next we'll build the Linux kernel with Xen support. This kernel, whose sources
137     are available at <path>/usr/src/linux-2.6.x.z-xen</path>, will be our main
138     running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll
139     find drivers for all kinds of input/output, each driver having a <e>backend</e>
140     and <e>frontend</e> implementation available. For the domain 0 kernel you need
141     to select the <e>backend</e> implementation: these are used by the other
142     domains (who use the <e>frontend</e> drivers) to communicate directly with
143     the hardware.
144     </p>
145    
146     <p>
147     Of course, don't forget to select <c>Xen-compatible</c> at <c>Processor type and
148     features</c>. If you're wondering about networking: each interface in a domain
149     has a point-to-point link to an interface on domain 0 (called
150     <path>vifX.Y</path> where X is the domain number and Y the Yth interface of that
151     domain), so you can configure your network the way you want (bridging, NAT,
152     etc.)
153     </p>
154    
155     <pre caption="Enabling Xen Support for i386 Kernels">
156     Processor type and features ---&gt;
157     Subarchitecture Type (Xen-compatible)
158     </pre>
159    
160     <pre caption="Enabling Xen Support for x86_64 Kernels">
161     Processor type and features ---&gt;
162     Subarchitecture Type (PC-compatible)
163     [*] Enable Xen compatible kernel
164     </pre>
165    
166     <pre caption="Domain-0 Kernel Config">
167     Bus options (PCI etc.) ---&gt;
168     [*] PCI support
169 swift 1.3 [ ] Xen PCI Frontend Debugging
170 swift 1.1
171     Networking ---&gt;
172     Networking options ---&gt;
173     &lt;*&gt; 802.1d Ethernet Bridging
174     <comment>Only required by bridged networking.</comment>
175    
176     XEN ---&gt;
177     [*] Privileged Guest (domain 0)
178     &lt;*&gt; Backend driver support
179     &lt;*&gt; Block-device backend driver
180     &lt;*&gt; Network-device backend driver
181 swift 1.3 &lt;*&gt; PCI-device backend driver
182     PCI Backend Mode (Virtual PCI) ---&gt;
183 swift 1.1 [*] Scrub memory before freeing it to Xen
184     [*] Disable serial port drivers
185     Xen version compatibility (3.0.4 and later)
186     </pre>
187    
188     <pre caption="Domain-U Kernel Config">
189     Bus options (PCI etc.) ---&gt;
190     [ ] PCI support
191    
192     Device Drivers ---&gt;
193     SCSI device support ---&gt;
194     &lt; &gt; SCSI device support
195     <comment>Disabling SCSI support frees up the /dev/sd* device names
196     for use as Xen virtual block devices.</comment>
197    
198     XEN ---&gt;
199     [ ] Privileged Guest (domain 0)
200     &lt;*&gt; Block-device frontend driver
201     &lt;*&gt; Network-device frontend driver
202     [*] Scrub memory before freeing it to Xen
203     [*] Disable serial port drivers
204     Xen version compatibility (3.0.4 and later)
205     </pre>
206    
207     <p>
208     A nice hint is to have the kernel make process store its intermediate object
209     files elsewhere so that you can reuse the same kernel tree to build different
210     configurations:
211     </p>
212    
213     <pre caption="Building the Kernel">
214     ~# <i>mkdir -p ~/build/dom0 ~/build/domU</i>
215     ~# <i>make O=~/build/dom0 menuconfig</i>
216     <comment>(Configure the kernel)</comment>
217     ~# <i>make O=~/build/dom0 &amp;&amp; make O=~/build/dom0 modules_install</i>
218     </pre>
219    
220     <p>
221     Once the kernel is built you'll find the kernel image immediately in the
222     build directory (not inside <path>arch/</path> or any other directory) called
223     <path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your
224     bootloader to use the Xen hypervisor (one of the components installed
225     previously) which is stored as <path>/boot/xen.gz</path>. In the bootloader
226     configuration, add your newly built kernel as the kernel that Xen should
227     boot. For instance, for GRUB:
228     </p>
229    
230     <pre caption="GRUB Configuration for Xen">
231     title Xen 3.0 / Gentoo Linux 2.6.x.y
232     root (hd0,0)
233     kernel /boot/xen.gz
234     module /boot/kernel-2.6.x.y-xen0 root=/dev/hda3
235     </pre>
236    
237     <p>
238     Now reboot your system into Xen. Once you are booted, you need to load the Xen
239     daemon:
240     </p>
241    
242     <pre caption="Loading the Xen daemon">
243     ~# <i>/etc/init.d/xend start</i>
244     </pre>
245    
246     <p>
247     Now check if you can do whatever you normally do on your system. If this is the
248     case, you can edit your bootloader configuration to always boot into Xen and add
249     the Xen deamon to the default runlevel so that it is started automatically
250     next time you boot.
251     </p>
252    
253     <note>
254     If you wish to start guest domains automatically on boot add <c>xendomains</c>
255     to the default runlevel as well and create a symlink in
256     <path>/etc/xen/auto/</path> to the Xen configuration files for the domains
257     you wish to start.
258     </note>
259    
260     </body>
261     </section>
262     </chapter>
263     <chapter>
264     <title>Creating an Unpriviledged Domain</title>
265     <section>
266     <title>Building the Kernel</title>
267     <body>
268    
269     <p>
270     Go to the Xen-powered Linux kernel source and update the configuration. It is
271     wise to keep as many topics as possible similar to the main kernel except the
272     <c>XEN</c> settings where drivers should now have their <e>frontend</e>
273     implementation selected instead of the <e>backend</e>. Then build the kernel
274     and place the resulting <path>vmlinuz</path> file where you want (we assume this
275     is <path>/mnt/data/xen/kernel</path>):
276     </p>
277    
278     <pre caption="Building the guest kernel">
279     ~# <i>make O=~/build/domU</i>
280 cam 1.4 ~# <i>cp ~/build/domU/vmlinuz /mnt/data/xen/kernel/kernel-2.6.x.y-xen</i>
281 swift 1.1 </pre>
282    
283     <p>
284     It is also possible to create a single kernel image for both the administrative
285     domain and the unpriviledged domain. More information about this can be found
286     in the Xen user manual.
287     </p>
288    
289     </body>
290     </section>
291     <section>
292     <title>Creating the Domain Disks</title>
293     <body>
294    
295     <p>
296     For best performance, it is best to dedicate a partition (or logical volume) to
297     a domain rather than a file based filesystem. However, if you are going to use
298     Xen primarily for tests using a file based filesystem does have its advantages
299     (especially regarding maintenance).
300     </p>
301    
302     <p>
303     You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or
304     any other file system creation tool). For instance, to create a 2Gbyte ext3
305     filesystem:
306     </p>
307    
308     <pre caption="Creating a file based filesystem">
309     ~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext3root.img bs=1M count=2048</i>
310     ~# <i>mke2fs -j /mnt/data/xen/disks/ext3root.img</i>
311     </pre>
312    
313     </body>
314     </section>
315     <section>
316     <title>Configuring a Domain</title>
317     <body>
318    
319     <p>
320     Next we create a Xen configuration file for a domain. You can store these
321     configuration files where you want, for instance at
322     <path>/mnt/data/xen/configs</path>. As an example, we create a configuration
323     file for a small Gentoo environment which uses the disk image we created
324     previously:
325     </p>
326    
327     <pre caption="Creating a domain configuration file">
328     ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
329    
330     kernel = "/mnt/data/xen/kernel/kernel-2.6.x.y-xen"
331     memory = 512
332     name = "gentoo"
333     <comment>(Map the disk image to the virtual /dev/sda1)</comment>
334     disk = ['file:/mnt/data/xen/disks/ext3root.img,sda1,w']
335     root = "/dev/sda1 ro"
336     </pre>
337    
338     <p>
339     If you are using a block device (such as an lvm volume or partition) for
340     the disk use 'phy:' instead of 'file:' and leave off /dev. For example:
341     </p>
342    
343     <pre caption="Using a block device">
344     <comment>(LVM Volume)</comment>
345     disk = [ 'phy:lvm/xen-guest-root,sda1,w' ]
346    
347     <comment>(Physical Partition)</comment>
348     disk = [ 'phy:sdb6,sda1,w' ]
349     </pre>
350    
351     <p>
352     You can find example configuration files in <path>/etc/xen</path>.
353     </p>
354    
355     </body>
356     </section>
357     <section>
358     <title>Launching the New Domain</title>
359     <body>
360    
361     <p>
362     Now we're all set and we can launch the new domain. If the disk image contained
363     an operating system, we could just create and attach the domain using the
364     <c>xm</c> command (Xen manager):
365     </p>
366    
367     <pre caption="Creating and starting a new domain">
368     ~# <i>xm create /mnt/data/xen/configs/gentoo -c</i>
369     </pre>
370    
371     <p>
372     The domain would be booted inside the terminal in which you executed the
373     command. However, in our case, the disk image is empty so the domain won't boot
374     up in anything useful. To fix this, you can loop-mount the image and install
375     Gentoo as you're used to.
376     </p>
377    
378     <p>
379     If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can
380     always reconnect to the domains' console using <c>xm console gentoo</c>.
381     However, there is only one console per domain, so only use it when you can't
382     access the domain otherwise (for instance, through SSH).
383     </p>
384    
385     </body>
386     </section>
387     </chapter>
388     <chapter>
389     <title>Networking on Unpriviledged Domains</title>
390     <section>
391     <title>Introduction</title>
392     <body>
393    
394     <p>
395     Xen supports at least two ways of configuring your (virtual) network:
396     <e>routed</e> and <e>bridged</e>.
397     </p>
398    
399     <p>
400     When selecting the <e>routed</e> approach, the interface inside your
401     unpriviledged domain is connected to the virtual interface on your
402     administrative domain. On your administrative domain (domain 0), the virtual
403     interface is linked together with <path>eth0</path>. The
404     interface inside your unpriviledged domain should have an IP address on the same
405     network as the interface on the administrative domain. Any communication to
406     that IP address can only occur from the administrative domain, unless you set
407     up specific routing rules.
408     </p>
409    
410     <p>
411     When selecting the <e>bridged</e> approach, your default network interface on
412     the administrative domain becomes a bridge which accepts connections to the
413     virtual domains as well as to the IP address your administrative domain has.
414     </p>
415    
416     </body>
417     </section>
418     <section>
419     <title>Regular Routed Interfaces</title>
420     <body>
421    
422     <p>
423     Before you set up the interface on your unpriviledged domain, make sure that
424     Xen's <path>netloop</path> and <path>netbk</path> drivers are loaded. A quick
425     hint: if you have <path>netloop</path> as a module, load it with
426     <c>nloopbacks=0</c> so that it doesn't create pointless interfaces to the
427     loopback device. Then, edit your domain configuration file and add a <c>vif</c>
428     instruction to it.
429     </p>
430    
431     <pre caption="Configuring a virtual interface">
432     ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
433    
434     <comment>(Add the vif instruction)</comment>
435     vif = [ 'ip=192.168.1.101, vifname=veth1' ]
436     </pre>
437    
438     <p>
439     In the above example, the interface will be created for the unpriviledged domain
440     (in which it will be called <path>eth0</path>) and Xen will ensure that address
441     192.168.1.101 will be reachable from the administrative domain through interface
442     <path>veth1</path>.
443     </p>
444    
445     <p>
446     This doesn't mean that the virtual <path>eth0</path> interface will
447     automatically have IP 192.168.1.101 assigned to it, but rather that, if you
448     don't give it that IP, it will not be connected with the administrative domain
449     and thus cannot be reached.
450     </p>
451    
452     <p>
453     Now edit <path>/etc/xen/xend-config.xsp</path> as follows to select routed
454     network configuration:
455     </p>
456    
457     <pre caption="Editing xend-config.xsp">
458     ~# <i>nano -w /etc/xen/xend-config.xsp</i>
459    
460     <comment>(Comment out the following lines)</comment>
461     <i>#</i>(network-script network-bridge)
462     <i>#</i>(vif-script vif-bridge)
463    
464     <comment>(Enable the following lines)</comment>
465     (network-script network-route)
466     (vif-script vif-route)
467     </pre>
468    
469     </body>
470     </section>
471     <section>
472     <title>Bridged Interfaces</title>
473     <body>
474    
475     <p>
476     Unlike the routed interfaces you now need to load the <path>netloop</path>
477     driver with <c>nloopbacks=1</c> (or higher) as the additional loopback devices
478     are used to create the bridge. For the other modules you still need the
479     <path>netbk</path> module as well as briding functionality (<path>bridge</path>
480     module if build as such).
481     </p>
482    
483     <p>
484     Now edit your virtual domain and add the <c>vif</c> construct:
485     </p>
486    
487     <pre caption="Configuring a virtual interface">
488     ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
489    
490     <comment>(Add the vif instruction)</comment>
491     vif = [ 'ip=192.168.1.101, vifname=veth0' ]
492     </pre>
493    
494     <p>
495     Next edit <path>/etc/xen/xend-config.xsp</path> as follows to select bridged
496     network configuration:
497     </p>
498    
499     <pre caption="Editing xend-config.xsp">
500     ~# <i>nano -w /etc/xen/xend-config.xsp</i>
501    
502     <comment>(Enable the following lines)</comment>
503     (network-script network-bridge)
504     (vif-script vif-bridge)
505    
506     <comment>(Comment out the following lines if not done already)</comment>
507     <i>#</i> (network-script network-route)
508     <i>#</i> (vif-script vif-route)
509     </pre>
510    
511     <p>
512     By default, the bridge will contain whatever interface is configured to be the
513     default interface (the device that is listed under the default route through
514     <c>ip route list</c>). If you want to alter this behavior, edit the
515     <path>xend-config.xsp</path> as follows:
516     </p>
517    
518     <pre caption="Editing xend-config.xsp to change bridge configuration">
519     ~# <i>nano -w /etc/xen/xend-config.xsp</i>
520    
521     <comment>(Edit the network-script line)</comment>
522     (network-script <i>'</i>network-bridge <i>netdev=eth0 bridge=xenbr0 vifnum=0'</i>)
523     </pre>
524    
525     <p>
526     Once the configuration is done, restart the <c>xend</c> init script to have Xen
527     build the bridge:
528     </p>
529    
530     <pre caption="Restarting the xend daemon">
531     ~# <i>/etc/init.d/xend restart</i>
532     </pre>
533    
534     </body>
535     </section>
536     </chapter>
537 swift 1.2 <chapter>
538     <title>Further Resources</title>
539     <section>
540     <title>Xen Documentation</title>
541     <body>
542    
543     <ul>
544     <li>
545     <uri link="http://tx.downloads.xensource.com/downloads/docs/user/">Xen
546     Users' Manual</uri>
547     </li>
548     <li>
549     <uri link="http://xen.xensource.com/documentation.html">Xen Community
550     Documentation</uri>
551     </li>
552     <li>
553     <uri link="http://wiki.xensource.com/xenwiki/">Xen Wiki</uri>
554     </li>
555     </ul>
556    
557     </body>
558     </section>
559     <section>
560     <title>Xen Tools</title>
561     <body>
562    
563     <ul>
564     <li>
565     <uri
566     link="http://virt-manager.et.redhat.com/">app-emulation/virt-manager</uri>
567     is a graphical tool for administering virtual machines
568     </li>
569     </ul>
570    
571     </body>
572     </section>
573     </chapter>
574 swift 1.1 </guide>

  ViewVC Help
Powered by ViewVC 1.1.20