/[gentoo]/xml/htdocs/doc/en/xen-guide.xml
Gentoo

Diff of /xml/htdocs/doc/en/xen-guide.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.13 Revision 1.14
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 2<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
3<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.13 2012/07/24 12:12:51 swift Exp $ --> 3<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.14 2012/10/07 13:32:49 swift Exp $ -->
4 4
5<guide disclaimer="obsolete"> 5<guide disclaimer="draft">
6<title>Configuring Gentoo with Xen</title> 6<title>Configuring Gentoo with Xen</title>
7 7
8<author title="Author"> 8<author title="Author">
9 <mail link="swift@gentoo.org">Sven Vermeulen</mail> 9 <mail link="swift@gentoo.org">Sven Vermeulen</mail>
10</author> 10</author>
18 18
19<!-- The content of this document is licensed under the CC-BY-SA license --> 19<!-- The content of this document is licensed under the CC-BY-SA license -->
20<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> 20<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
21<license/> 21<license/>
22 22
23<version>8</version> 23<version>9</version>
24<date>2012-07-24</date> 24<date>2012-10-07</date>
25 25
26<chapter> 26<chapter>
27<title>Introduction</title> 27<title>Introduction</title>
28<section> 28<section>
29<body> 29<body>
112Xen actually contains many components, so you'll need to install a few 112Xen actually contains many components, so you'll need to install a few
113packages. 113packages.
114</p> 114</p>
115 115
116<pre caption="Installing Xen"> 116<pre caption="Installing Xen">
117~# <i>emerge xen xen-tools xen-sources</i> 117~# <i>emerge xen xen-tools gentoo-sources</i>
118</pre> 118</pre>
119 119
120</body> 120</body>
121</section> 121</section>
122<section> 122<section>
123<title>Building the Kernel</title> 123<title>Building the Kernel</title>
124<body> 124<body>
125 125
126<p> 126<p>
127Next we'll build the Linux kernel with Xen support. This kernel, whose sources 127Next we'll build the Linux kernel with Xen support. This kernel, whose sources
128are available at <path>/usr/src/linux-2.6.x.z-xen</path>, will be our main 128are available at <path>/usr/src/linux</path>, will be our main
129running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll 129running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll
130find drivers for all kinds of input/output, each driver having a <e>backend</e> 130find drivers for all kinds of input/output, each driver having a <e>backend</e>
131and <e>frontend</e> implementation available. For the domain 0 kernel you need 131and <e>frontend</e> implementation available. For the domain 0 kernel you need
132to select the <e>backend</e> implementation: these are used by the other 132to select the <e>backend</e> implementation: these are used by the other
133domains (who use the <e>frontend</e> drivers) to communicate directly with 133domains (who use the <e>frontend</e> drivers) to communicate directly with
134the hardware. 134the hardware. However, you should be able to configure the kernel to provide
135</p> 135support for both frontend (guest) and backend (host) drivers.
136
137<p> 136</p>
138Of course, don't forget to select <c>Xen-compatible</c> at <c>Processor type and 137
138<p>
139features</c>. If you're wondering about networking: each interface in a domain 139If you're wondering about networking: each interface in a domain
140has a point-to-point link to an interface on domain 0 (called 140has a point-to-point link to an interface on domain 0 (called
141<path>vifX.Y</path> where X is the domain number and Y the Yth interface of that 141<path>vifX.Y</path> where X is the domain number and Y the Yth interface of that
142domain), so you can configure your network the way you want (bridging, NAT, 142domain), so you can configure your network the way you want (bridging, NAT,
143etc.) 143etc.)
144</p> 144</p>
145 145
146<pre caption="Enabling Xen Support for i386 Kernels"> 146<pre caption="Enabling Xen Support">
147Processor type and features ---&gt; 147Processor type and features ---&gt;
148 Subarchitecture Type (Xen-compatible) 148 [*] Paravirtualized guest support ---&gt;
149 [*] Xen guest support
149</pre> 150</pre>
150 151
151<pre caption="Enabling Xen Support for x86_64 Kernels">
152Processor type and features ---&gt;
153 Subarchitecture Type (PC-compatible)
154 [*] Enable Xen compatible kernel
155 [*] Support for hot-pluggable CPUs
156</pre>
157
158<pre caption="Domain-0 Kernel Config"> 152<pre caption="Kernel Config">
159Bus options (PCI etc.) ---&gt; 153Bus options (PCI etc.) ---&gt;
160 [*] PCI support 154 [*] Xen PCI Frontend
161 [ ] Xen PCI Frontend Debugging
162 155
163Networking ---&gt; 156[*] Networking support ---&gt;
164 Networking options ---&gt; 157 Networking options ---&gt;
165 &lt;*&gt; 802.1d Ethernet Bridging 158 &lt;*&gt; 802.1d Ethernet Bridging
166 <comment>Only required by bridged networking.</comment> 159 [*] Network packet filtering framework (Netfilter) ---&gt;
160 [*] Advanced netfilter configuration
161 [*] Bridged IP/ARP packets filtering
167 162
168XEN ---&gt;
169 [*] Privileged Guest (domain 0)
170 &lt;*&gt; Backend driver support
171 &lt;*&gt; Block-device backend driver
172 &lt;*&gt; Network-device backend driver
173 &lt;*&gt; PCI-device backend driver
174 PCI Backend Mode (Virtual PCI) ---&gt;
175 [*] Scrub memory before freeing it to Xen
176 [*] Disable serial port drivers
177 Xen version compatibility (3.0.4 and later)
178</pre>
179
180<pre caption="Domain-U Kernel Config">
181Bus options (PCI etc.) ---&gt;
182 [ ] PCI support
183
184Device Drivers ---&gt; 163Device Drivers ---&gt;
185 SCSI device support ---&gt; 164 [*] Block devices (NEW) ---&gt;
186 &lt; &gt; SCSI device support
187 <comment>Disabling SCSI support frees up the /dev/sd* device names
188 for use as Xen virtual block devices.</comment>
189
190XEN ---&gt;
191 [ ] Privileged Guest (domain 0)
192 &lt;*&gt; Block-device frontend driver 165 &lt;*&gt; Xen block-device backend driver
193 &lt;*&gt; Network-device frontend driver 166 [*] Network device support ---&gt;
194 [*] Scrub memory before freeing it to Xen 167 &lt;*&gt; Xen backend network device
195 [*] Disable serial port drivers 168 Xen driver support ---&gt;
196 Xen version compatibility (3.0.4 and later) 169 [*] Xen memory balloon driver (NEW)
170 [*] Scrub pages before returning them to system (NEW)
171 &lt;*&gt; Xen /dev/xen/evtchn device (NEW)
172 [*] Backend driver support (NEW)
173 &lt;*&gt; Xen filesystem (NEW)
174 [*] Create compatibility mount point /proc/xen (NEW)
175 [*] Create xen entries under /sys/hypervisor (NEW)
176 &lt;M&gt; userspace grant access device driver (NEW)
177 &lt;M&gt; user-space grant reference allocator driver (NEW)
178 &lt;M&gt; xen platform pci device driver (NEW)
197</pre> 179</pre>
198 180
199<p>
200A nice hint is to have the kernel make process store its intermediate object
201files elsewhere so that you can reuse the same kernel tree to build different
202configurations:
203</p> 181<p>
204 182The shown kernel configuration should allow the kernel image to boot both as a
205<pre caption="Building the Kernel"> 183host as well as a guest. However, if you want to, you can slim down the guest
206~# <i>mkdir -p ~/build/dom0 ~/build/domU</i> 184image kernel considerably. Refer to the Xen documentation for more information.
207~# <i>make O=~/build/dom0 menuconfig</i>
208<comment>(Configure the kernel)</comment>
209~# <i>make O=~/build/dom0 &amp;&amp; make O=~/build/dom0 modules_install</i>
210</pre> 185</p>
211 186
212<p> 187<p>
213Once the kernel is built you'll find the kernel image immediately in the 188Once the kernel is built you'll find the kernel image immediately in the
214build directory (not inside <path>arch/</path> or any other directory) called 189build directory (not inside <path>arch/</path> or any other directory) called
215<path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your 190<path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your
218configuration, add your newly built kernel as the kernel that Xen should 193configuration, add your newly built kernel as the kernel that Xen should
219boot. For instance, for GRUB: 194boot. For instance, for GRUB:
220</p> 195</p>
221 196
222<pre caption="GRUB Configuration for Xen"> 197<pre caption="GRUB Configuration for Xen">
223title Xen 3.0 / Gentoo Linux 2.6.x.y 198title Xen Gentoo Linux 3.5
224root (hd0,0) 199root (hd0,0)
225kernel /boot/xen.gz 200kernel /boot/xen.gz
226module /boot/kernel-2.6.x.y-xen0 root=/dev/sda3 201module /boot/kernel-3.5.x.y-xen0 root=/dev/sda3
227</pre> 202</pre>
228 203
229<p>
230Now reboot your system into Xen. Once you are booted, you need to load the Xen
231daemon:
232</p> 204<p>
233 205Now reboot your system into Xen and check if you can do whatever you
234<pre caption="Loading the Xen daemon"> 206normally do on your system. If this is the case, you can edit your
235~# <i>/etc/init.d/xend start</i> 207bootloader configuration to always boot into Xen.
236</pre>
237
238<p>
239Now check if you can do whatever you normally do on your system. If this is the
240case, you can edit your bootloader configuration to always boot into Xen and add
241the Xen deamon to the default runlevel so that it is started automatically
242next time you boot.
243</p> 208</p>
244 209
245<note> 210<note>
246If you wish to start guest domains automatically on boot add <c>xendomains</c> 211If you wish to start guest domains automatically on boot add <c>xendomains</c>
247to the default runlevel as well and create a symlink in 212to the default runlevel as well and create a symlink in
257<section> 222<section>
258<title>Building the Kernel</title> 223<title>Building the Kernel</title>
259<body> 224<body>
260 225
261<p> 226<p>
262Go to the Xen-powered Linux kernel source and update the configuration. It is 227Go to the Xen-powered Linux kernel source and, if necessary, update the
263wise to keep as many topics as possible similar to the main kernel except the 228configuration. It is wise to keep as many topics as possible similar to
264<c>XEN</c> settings where drivers should now have their <e>frontend</e> 229the main kernel. Then build the kernel
265implementation selected instead of the <e>backend</e>. Then build the kernel
266and place the resulting <path>vmlinuz</path> file where you want (we assume this 230and place the resulting <path>vmlinuz</path> file where you want (we assume this
267is <path>/mnt/data/xen/kernel</path>): 231is <path>/mnt/data/xen/kernel</path>):
268</p> 232</p>
269 233
270<pre caption="Building the guest kernel"> 234<pre caption="Building the guest kernel">
271~# <i>make O=~/build/domU</i> 235~# <i>make O=~/build/domU</i>
272~# <i>cp ~/build/domU/vmlinuz /mnt/data/xen/kernel/kernel-2.6.x.y-xen</i> 236~# <i>cp ~/build/domU/vmlinuz /mnt/data/xen/kernel/kernel-3.5.x.y-xen</i>
273</pre>
274
275<p>
276It is also possible to create a single kernel image for both the administrative
277domain and the unpriviledged domain. More information about this can be found
278in the Xen user manual.
279</p> 237</pre>
280 238
281</body> 239</body>
282</section> 240</section>
283<section> 241<section>
284<title>Creating the Domain Disks</title> 242<title>Creating the Domain Disks</title>
291(especially regarding maintenance). 249(especially regarding maintenance).
292</p> 250</p>
293 251
294<p> 252<p>
295You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or 253You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or
296any other file system creation tool). For instance, to create a 2Gbyte ext3 254any other file system creation tool). For instance, to create a 4 Gbyte ext4
297filesystem: 255filesystem:
298</p> 256</p>
299 257
300<pre caption="Creating a file based filesystem"> 258<pre caption="Creating a file based filesystem">
301~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext3root.img bs=1M count=2048</i> 259~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext4root.img bs=1M count=4096</i>
302~# <i>mke2fs -j /mnt/data/xen/disks/ext3root.img</i> 260~# <i>mkfs.ext4 /mnt/data/xen/disks/ext4root.img</i>
303</pre> 261</pre>
304 262
305</body> 263</body>
306</section> 264</section>
307<section> 265<section>
317</p> 275</p>
318 276
319<pre caption="Creating a domain configuration file"> 277<pre caption="Creating a domain configuration file">
320~# <i>nano -w /mnt/data/xen/configs/gentoo</i> 278~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
321 279
322kernel = "/mnt/data/xen/kernel/kernel-2.6.x.y-xen" 280kernel = "/mnt/data/xen/kernel/kernel-3.5.x.y-xen"
323memory = 512 281memory = 512
324name = "gentoo" 282name = "gentoo"
325<comment>(Map the disk image to the virtual /dev/sda1)</comment> 283<comment>(Map the disk image to the virtual /dev/sda1)</comment>
326disk = ['file:/mnt/data/xen/disks/ext3root.img,sda1,w'] 284disk = ['file:/mnt/data/xen/disks/ext4root.img,sda1,w']
327root = "/dev/sda1 ro" 285root = "/dev/sda1 ro"
328</pre> 286</pre>
329 287
330<p> 288<p>
331If you are using a block device (such as an lvm volume or partition) for 289If you are using a block device (such as an lvm volume or partition) for
351<body> 309<body>
352 310
353<p> 311<p>
354Now we're all set and we can launch the new domain. If the disk image contained 312Now we're all set and we can launch the new domain. If the disk image contained
355an operating system, we could just create and attach the domain using the 313an operating system, we could just create and attach the domain using the
356<c>xm</c> command (Xen manager): 314<c>xl</c> command:
357</p> 315</p>
358 316
359<pre caption="Creating and starting a new domain"> 317<pre caption="Creating and starting a new domain">
360~# <i>xm create /mnt/data/xen/configs/gentoo -c</i> 318~# <i>xl create /mnt/data/xen/configs/gentoo -c</i>
361</pre> 319</pre>
362 320
363<p> 321<p>
364The domain would be booted inside the terminal in which you executed the 322The domain would be booted inside the terminal in which you executed the
365command. However, in our case, the disk image is empty so the domain won't boot 323command. However, in our case, the disk image is empty so the domain won't boot
367Gentoo as you're used to. 325Gentoo as you're used to.
368</p> 326</p>
369 327
370<p> 328<p>
371If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can 329If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can
372always reconnect to the domains' console using <c>xm console gentoo</c>. 330always reconnect to the domains' console using <c>xl console gentoo</c>.
373However, there is only one console per domain, so only use it when you can't 331However, there is only one console per domain, so only use it when you can't
374access the domain otherwise (for instance, through SSH). 332access the domain otherwise (for instance, through SSH).
375</p> 333</p>
376 334
377</body> 335</body>
382<section> 340<section>
383<title>Introduction</title> 341<title>Introduction</title>
384<body> 342<body>
385 343
386<p> 344<p>
387Xen supports at least two ways of configuring your (virtual) network: 345Xen works best when using a bridged mode network configuration.
388<e>routed</e> and <e>bridged</e>. 346This means that your default network interface on
389</p>
390
391<p>
392When selecting the <e>routed</e> approach, the interface inside your
393unpriviledged domain is connected to the virtual interface on your
394administrative domain. On your administrative domain (domain 0), the virtual
395interface is linked together with <path>eth0</path>. The
396interface inside your unpriviledged domain should have an IP address on the same
397network as the interface on the administrative domain. Any communication to
398that IP address can only occur from the administrative domain, unless you set
399up specific routing rules.
400</p>
401
402<p>
403When selecting the <e>bridged</e> approach, your default network interface on
404the administrative domain becomes a bridge which accepts connections to the 347the administrative domain becomes a bridge which accepts connections to the
405virtual domains as well as to the IP address your administrative domain has. 348virtual domains as well as to the IP address your administrative domain has.
406</p> 349</p>
407 350
408</body> 351</body>
409</section> 352</section>
410<section> 353<section>
411<title>Regular Routed Interfaces</title>
412<body>
413
414<p>
415Before you set up the interface on your unpriviledged domain, make sure that
416Xen's <path>netloop</path> and <path>netbk</path> drivers are loaded. A quick
417hint: if you have <path>netloop</path> as a module, load it with
418<c>nloopbacks=0</c> so that it doesn't create pointless interfaces to the
419loopback device. Then, edit your domain configuration file and add a <c>vif</c>
420instruction to it.
421</p>
422
423<pre caption="Configuring a virtual interface">
424~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
425
426<comment>(Add the vif instruction)</comment>
427vif = [ 'ip=192.168.1.101, vifname=veth1' ]
428</pre>
429
430<p>
431In the above example, the interface will be created for the unpriviledged domain
432(in which it will be called <path>eth0</path>) and Xen will ensure that address
433192.168.1.101 will be reachable from the administrative domain through interface
434<path>veth1</path>.
435</p>
436
437<p>
438This doesn't mean that the virtual <path>eth0</path> interface will
439automatically have IP 192.168.1.101 assigned to it, but rather that, if you
440don't give it that IP, it will not be connected with the administrative domain
441and thus cannot be reached.
442</p>
443
444<p>
445Now edit <path>/etc/xen/xend-config.sxp</path> as follows to select routed
446network configuration:
447</p>
448
449<pre caption="Editing xend-config.sxp">
450~# <i>nano -w /etc/xen/xend-config.sxp</i>
451
452<comment>(Comment out the following lines)</comment>
453<i>#</i>(network-script network-bridge)
454<i>#</i>(vif-script vif-bridge)
455
456<comment>(Enable the following lines)</comment>
457(network-script network-route)
458(vif-script vif-route)
459</pre>
460
461</body>
462</section>
463<section>
464<title>Bridged Interfaces</title> 354<title>Bridged Interfaces</title>
465<body> 355<body>
466 356
467<p> 357<p>
468Unlike the routed interfaces you now need to load the <path>netloop</path> 358Create a bridge interface by creating a new link to the networking init script
469driver with <c>nloopbacks=1</c> (or higher) as the additional loopback devices 359as provided by Gentoo:
470are used to create the bridge. For the other modules you still need the
471<path>netbk</path> module as well as briding functionality (<path>bridge</path>
472module if build as such).
473</p>
474
475<p> 360</p>
476Now edit your virtual domain and add the <c>vif</c> construct: 361
362<pre caption="Creating a bridge interface">
363# <i>cd /etc/init.d</i>
364# <i>ln -s net.lo net.br0</i>
365</pre>
366
477</p> 367<p>
478 368Next, edit <path>/etc/conf.d/net</path> and setup the bridge:
479<pre caption="Configuring a virtual interface">
480~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
481
482<comment>(Add the vif instruction)</comment>
483vif = [ 'ip=192.168.1.101, vifname=veth0' ]
484</pre>
485
486<p> 369</p>
487Next edit <path>/etc/xen/xend-config.sxp</path> as follows to select bridged 370
488network configuration: 371<pre caption="Enabling the bridge br0 interface">
372# <i>nano -w /etc/conf.d/net</i>
373
374bridge_br0="eth0"
375config_br0="192.168.1.200 netmask 255.255.255.0 brd 192.168.1.255"
376routes_br0="default via 192.168.1.1"
377</pre>
378
489</p> 379<p>
490 380Finally, install the <e>net-misc/bridge-utils</e> package, and make sure the
491<pre caption="Editing xend-config.sxp"> 381<path>net.br0</path> init script is loaded at boot.
492~# <i>nano -w /etc/xen/xend-config.sxp</i>
493
494<comment>(Enable the following lines)</comment>
495(network-script network-bridge)
496(vif-script vif-bridge)
497
498<comment>(Comment out the following lines if not done already)</comment>
499<i>#</i> (network-script network-route)
500<i>#</i> (vif-script vif-route)
501</pre>
502
503<p> 382</p>
504By default, the bridge will contain whatever interface is configured to be the
505default interface (the device that is listed under the default route through
506<c>ip route list</c>). If you want to alter this behavior, edit the
507<path>xend-config.sxp</path> as follows:
508</p>
509 383
510<pre caption="Editing xend-config.sxp to change bridge configuration"> 384<pre caption="Finishing the bridge setup">
511~# <i>nano -w /etc/xen/xend-config.sxp</i> 385# <i>emerge net-misc/bridge-utils</i>
512 386# <i>rc-update add net.br0 default</i>
513<comment>(Edit the network-script line)</comment>
514(network-script <i>'</i>network-bridge <i>netdev=eth0 bridge=xenbr0 vifnum=0'</i>)
515</pre>
516
517<p>
518Once the configuration is done, restart the <c>xend</c> init script to have Xen
519build the bridge:
520</p>
521
522<pre caption="Restarting the xend daemon">
523~# <i>/etc/init.d/xend restart</i>
524</pre> 387</pre>
525 388
526</body> 389</body>
527</section> 390</section>
528</chapter> 391</chapter>

Legend:
Removed from v.1.13  
changed lines
  Added in v.1.14

  ViewVC Help
Powered by ViewVC 1.1.20