/[gentoo]/xml/htdocs/doc/en/xen-guide.xml

Diff of /xml/htdocs/doc/en/xen-guide.xml

Parent Directory | Revision Log | View Patch Patch

Revision 1.11		Revision 1.14
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">	2	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
3	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.11 2011/12/26 15:22:40 swift Exp $ -->	3	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.14 2012/10/07 13:32:49 swift Exp $ -->
4		4
5	<guide>	5	<guide disclaimer="draft">
6	<title>Configuring Gentoo with Xen</title>	6	<title>Configuring Gentoo with Xen</title>
7		7
8	<author title="Author">	8	<author title="Author">
9	<mail link="swift@gentoo.org">Sven Vermeulen</mail>	9	<mail link="swift@gentoo.org">Sven Vermeulen</mail>
10	</author>	10	</author>
11	<author title="Editor">	11	<author title="Editor">
12	<mail link="nightmorph"/>	12	<mail link="nightmorph"/>
13	</author>	13	</author>
14		14
15	<abstract>	15	<abstract>
16	This guide describes how to start using Xen on your Gentoo system	16	This guide describes how to start using Xen on your Gentoo system
17	</abstract>	17	</abstract>
18		18
19	<!-- The content of this document is licensed under the CC-BY-SA license -->	19	<!-- The content of this document is licensed under the CC-BY-SA license -->
20	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->	20	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
21	<license/>	21	<license/>
22		22
23	<version>7</version>	23	<version>9</version>
24	<date>2011-12-26</date>	24	<date>2012-10-07</date>
25		25
26	<chapter>	26	<chapter>
27	<title>Introduction</title>	27	<title>Introduction</title>
28	<section>	28	<section>
29	<body>	29	<body>
30		30
31	<p>	31	<p>
32	The <uri link="http://www.xen.org/">Xen</uri> technology allows you to run	32	The <uri link="http://www.xen.org/">Xen</uri> technology allows you to run
33	multiple operating systems on a single physical system, govern resource	33	multiple operating systems on a single physical system, govern resource
34	consumption and even migrate domains (which are the virtual environments in	34	consumption and even migrate domains (which are the virtual environments in
35	which a guest operating system runs) from one Xen-powered system to another. Xen	35	which a guest operating system runs) from one Xen-powered system to another. Xen
36	requires the host operating system to support Xen (which, in this case, will be	36	requires the host operating system to support Xen (which, in this case, will be
37	a Linux kernel) but guest operating systems can run unmodified <e>if</e> your	37	a Linux kernel) but guest operating systems can run unmodified <e>if</e> your
38	hardware supports Intel Virtualization Technology (VT-x) or AMD Virtualization	38	hardware supports Intel Virtualization Technology (VT-x) or AMD Virtualization
39	Technology (SVM). Otherwise your guest operating systems must also support Xen.	39	Technology (SVM). Otherwise your guest operating systems must also support Xen.
…		…
76	installation with a different <c>CFLAGS</c> setting. Guest operating systems	76	installation with a different <c>CFLAGS</c> setting. Guest operating systems
77	running under Xen might otherwise see major performance degradation. If you,	77	running under Xen might otherwise see major performance degradation. If you,
78	however, are planning on checking out Xen rather than installing it for	78	however, are planning on checking out Xen rather than installing it for
79	production use and are not terribly fond of rebuilding all programs, you can	79	production use and are not terribly fond of rebuilding all programs, you can
80	skip this step. In this case you will notice performance degradation but you	80	skip this step. In this case you will notice performance degradation but you
81	will still be able to use Xen.	81	will still be able to use Xen.
82	</p>	82	</p>
83		83
84	<impo>	84	<impo>
85	It is advised that, if you change your <c>CFLAGS</c> and build your system with	85	It is advised that, if you change your <c>CFLAGS</c> and build your system with
86	a gcc lower than version 4, you do not have <c>-Os</c> set as it has been	86	a gcc lower than version 4, you do not have <c>-Os</c> set as it has been
87	reported to produce broken code.	87	reported to produce broken code.
88	</impo>	88	</impo>
89		89
90	<pre caption="Editing the CFLAGS and rebuild the Gentoo installation">	90	<pre caption="Editing the CFLAGS and rebuild the Gentoo installation">
91	~# <i>nano -w /etc/make.conf</i>	91	~# <i>nano -w /etc/portage/make.conf</i>
92	<comment>(Add -mno-tls-direct-seg-refs ONLY if you have a 32-bit dom0)</comment>	92	<comment>(Add -mno-tls-direct-seg-refs ONLY if you have a 32-bit dom0)</comment>
93	<comment>(You don't need this flag if you have a 64-bit dom0)</comment>	93	<comment>(You don't need this flag if you have a 64-bit dom0)</comment>
94	CFLAGS="-O2 -march=pentium4 -pipe <i>-mno-tls-direct-seg-refs</i>"	94	CFLAGS="-O2 -march=pentium4 -pipe <i>-mno-tls-direct-seg-refs</i>"
95		95
96	~# <i>emerge -e world</i>	96	~# <i>emerge -e world</i>
97	</pre>	97	</pre>
98		98
99	<p>	99	<p>
100	If you boot your system using an initial ramdisk (initrd) you need to	100	If you boot your system using an initial ramdisk (initrd) you need to
101	rebuild the initrd as well (which is best done by running all steps you would do	101	rebuild the initrd as well (which is best done by running all steps you would do
102	when you rebuild your kernel).	102	when you rebuild your kernel).
103	</p>	103	</p>
104		104
105	</body>	105	</body>
106	</section>	106	</section>
107	<section>	107	<section>
108	<title>Installing Xen</title>	108	<title>Installing Xen</title>
109	<body>	109	<body>
110		110
111	<p>	111	<p>
112	Xen actually contains many components, so you'll need to install a few	112	Xen actually contains many components, so you'll need to install a few
113	packages.	113	packages.
114	</p>	114	</p>
115		115
116	<pre caption="Installing Xen">	116	<pre caption="Installing Xen">
117	~# <i>emerge xen xen-tools xen-sources</i>	117	~# <i>emerge xen xen-tools gentoo-sources</i>
118	</pre>	118	</pre>
119		119
120	</body>	120	</body>
121	</section>	121	</section>
122	<section>	122	<section>
123	<title>Building the Kernel</title>	123	<title>Building the Kernel</title>
124	<body>	124	<body>
125		125
126	<p>	126	<p>
127	Next we'll build the Linux kernel with Xen support. This kernel, whose sources	127	Next we'll build the Linux kernel with Xen support. This kernel, whose sources
128	are available at <path>/usr/src/linux-2.6.x.z-xen</path>, will be our main	128	are available at <path>/usr/src/linux</path>, will be our main
129	running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll	129	running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll
130	find drivers for all kinds of input/output, each driver having a <e>backend</e>	130	find drivers for all kinds of input/output, each driver having a <e>backend</e>
131	and <e>frontend</e> implementation available. For the domain 0 kernel you need	131	and <e>frontend</e> implementation available. For the domain 0 kernel you need
132	to select the <e>backend</e> implementation: these are used by the other	132	to select the <e>backend</e> implementation: these are used by the other
133	domains (who use the <e>frontend</e> drivers) to communicate directly with	133	domains (who use the <e>frontend</e> drivers) to communicate directly with
134	the hardware.	134	the hardware. However, you should be able to configure the kernel to provide
135	</p>	135	support for both frontend (guest) and backend (host) drivers.
136
137	<p>	136	</p>
138	Of course, don't forget to select <c>Xen-compatible</c> at <c>Processor type and	137
		138	<p>
139	features</c>. If you're wondering about networking: each interface in a domain	139	If you're wondering about networking: each interface in a domain
140	has a point-to-point link to an interface on domain 0 (called	140	has a point-to-point link to an interface on domain 0 (called
141	<path>vifX.Y</path> where X is the domain number and Y the Yth interface of that	141	<path>vifX.Y</path> where X is the domain number and Y the Yth interface of that
142	domain), so you can configure your network the way you want (bridging, NAT,	142	domain), so you can configure your network the way you want (bridging, NAT,
143	etc.)	143	etc.)
144	</p>	144	</p>
145		145
146	<pre caption="Enabling Xen Support for i386 Kernels">	146	<pre caption="Enabling Xen Support">
147	Processor type and features --->	147	Processor type and features --->
148	Subarchitecture Type (Xen-compatible)	148	[*] Paravirtualized guest support --->
		149	[*] Xen guest support
149	</pre>	150	</pre>
150		151
151	<pre caption="Enabling Xen Support for x86_64 Kernels">
152	Processor type and features --->
153	Subarchitecture Type (PC-compatible)
154	[*] Enable Xen compatible kernel
155	[*] Support for hot-pluggable CPUs
156	</pre>
157
158	<pre caption="Domain-0 Kernel Config">	152	<pre caption="Kernel Config">
159	Bus options (PCI etc.) --->	153	Bus options (PCI etc.) --->
160	[*] PCI support	154	[*] Xen PCI Frontend
161	[ ] Xen PCI Frontend Debugging
162		155
163	Networking --->	156	[*] Networking support --->
164	Networking options --->	157	Networking options --->
165	<*> 802.1d Ethernet Bridging	158	<*> 802.1d Ethernet Bridging
166	<comment>Only required by bridged networking.</comment>	159	[*] Network packet filtering framework (Netfilter) --->
		160	[*] Advanced netfilter configuration
		161	[*] Bridged IP/ARP packets filtering
167		162
168	XEN --->
169	[*] Privileged Guest (domain 0)
170	<*> Backend driver support
171	<*> Block-device backend driver
172	<*> Network-device backend driver
173	<*> PCI-device backend driver
174	PCI Backend Mode (Virtual PCI) --->
175	[*] Scrub memory before freeing it to Xen
176	[*] Disable serial port drivers
177	Xen version compatibility (3.0.4 and later)
178	</pre>
179
180	<pre caption="Domain-U Kernel Config">
181	Bus options (PCI etc.) --->
182	[ ] PCI support
183
184	Device Drivers --->	163	Device Drivers --->
185	SCSI device support --->	164	[*] Block devices (NEW) --->
186	< > SCSI device support
187	<comment>Disabling SCSI support frees up the /dev/sd* device names
188	for use as Xen virtual block devices.</comment>
189
190	XEN --->
191	[ ] Privileged Guest (domain 0)
192	<*> Block-device frontend driver	165	<*> Xen block-device backend driver
193	<*> Network-device frontend driver	166	[*] Network device support --->
194	[*] Scrub memory before freeing it to Xen	167	<*> Xen backend network device
195	[*] Disable serial port drivers	168	Xen driver support --->
196	Xen version compatibility (3.0.4 and later)	169	[*] Xen memory balloon driver (NEW)
		170	[*] Scrub pages before returning them to system (NEW)
		171	<*> Xen /dev/xen/evtchn device (NEW)
		172	[*] Backend driver support (NEW)
		173	<*> Xen filesystem (NEW)
		174	[*] Create compatibility mount point /proc/xen (NEW)
		175	[*] Create xen entries under /sys/hypervisor (NEW)
		176	<M> userspace grant access device driver (NEW)
		177	<M> user-space grant reference allocator driver (NEW)
		178	<M> xen platform pci device driver (NEW)
197	</pre>	179	</pre>
198		180
199	<p>
200	A nice hint is to have the kernel make process store its intermediate object
201	files elsewhere so that you can reuse the same kernel tree to build different
202	configurations:
203	</p>	181	<p>
204		182	The shown kernel configuration should allow the kernel image to boot both as a
205	<pre caption="Building the Kernel">	183	host as well as a guest. However, if you want to, you can slim down the guest
206	~# <i>mkdir -p ~/build/dom0 ~/build/domU</i>	184	image kernel considerably. Refer to the Xen documentation for more information.
207	~# <i>make O=~/build/dom0 menuconfig</i>
208	<comment>(Configure the kernel)</comment>
209	~# <i>make O=~/build/dom0 && make O=~/build/dom0 modules_install</i>
210	</pre>	185	</p>
211		186
212	<p>	187	<p>
213	Once the kernel is built you'll find the kernel image immediately in the	188	Once the kernel is built you'll find the kernel image immediately in the
214	build directory (not inside <path>arch/</path> or any other directory) called	189	build directory (not inside <path>arch/</path> or any other directory) called
215	<path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your	190	<path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your
216	bootloader to use the Xen hypervisor (one of the components installed	191	bootloader to use the Xen hypervisor (one of the components installed
217	previously) which is stored as <path>/boot/xen.gz</path>. In the bootloader	192	previously) which is stored as <path>/boot/xen.gz</path>. In the bootloader
218	configuration, add your newly built kernel as the kernel that Xen should	193	configuration, add your newly built kernel as the kernel that Xen should
219	boot. For instance, for GRUB:	194	boot. For instance, for GRUB:
220	</p>	195	</p>
221		196
222	<pre caption="GRUB Configuration for Xen">	197	<pre caption="GRUB Configuration for Xen">
223	title Xen 3.0 / Gentoo Linux 2.6.x.y	198	title Xen Gentoo Linux 3.5
224	root (hd0,0)	199	root (hd0,0)
225	kernel /boot/xen.gz	200	kernel /boot/xen.gz
226	module /boot/kernel-2.6.x.y-xen0 root=/dev/sda3	201	module /boot/kernel-3.5.x.y-xen0 root=/dev/sda3
227	</pre>	202	</pre>
228		203
229	<p>
230	Now reboot your system into Xen. Once you are booted, you need to load the Xen
231	daemon:
232	</p>	204	<p>
233		205	Now reboot your system into Xen and check if you can do whatever you
234	<pre caption="Loading the Xen daemon">	206	normally do on your system. If this is the case, you can edit your
235	~# <i>/etc/init.d/xend start</i>	207	bootloader configuration to always boot into Xen.
236	</pre>
237
238	<p>
239	Now check if you can do whatever you normally do on your system. If this is the
240	case, you can edit your bootloader configuration to always boot into Xen and add
241	the Xen deamon to the default runlevel so that it is started automatically
242	next time you boot.
243	</p>	208	</p>
244		209
245	<note>	210	<note>
246	If you wish to start guest domains automatically on boot add <c>xendomains</c>	211	If you wish to start guest domains automatically on boot add <c>xendomains</c>
247	to the default runlevel as well and create a symlink in	212	to the default runlevel as well and create a symlink in
248	<path>/etc/xen/auto/</path> to the Xen configuration files for the domains	213	<path>/etc/xen/auto/</path> to the Xen configuration files for the domains
249	you wish to start.	214	you wish to start.
250	</note>	215	</note>
251		216
252	</body>	217	</body>
253	</section>	218	</section>
254	</chapter>	219	</chapter>
255	<chapter>	220	<chapter>
256	<title>Creating an Unpriviledged Domain</title>	221	<title>Creating an Unpriviledged Domain</title>
257	<section>	222	<section>
258	<title>Building the Kernel</title>	223	<title>Building the Kernel</title>
259	<body>	224	<body>
260		225
261	<p>	226	<p>
262	Go to the Xen-powered Linux kernel source and update the configuration. It is	227	Go to the Xen-powered Linux kernel source and, if necessary, update the
263	wise to keep as many topics as possible similar to the main kernel except the	228	configuration. It is wise to keep as many topics as possible similar to
264	<c>XEN</c> settings where drivers should now have their <e>frontend</e>	229	the main kernel. Then build the kernel
265	implementation selected instead of the <e>backend</e>. Then build the kernel
266	and place the resulting <path>vmlinuz</path> file where you want (we assume this	230	and place the resulting <path>vmlinuz</path> file where you want (we assume this
267	is <path>/mnt/data/xen/kernel</path>):	231	is <path>/mnt/data/xen/kernel</path>):
268	</p>	232	</p>
269		233
270	<pre caption="Building the guest kernel">	234	<pre caption="Building the guest kernel">
271	~# <i>make O=~/build/domU</i>	235	~# <i>make O=~/build/domU</i>
272	~# <i>cp ~/build/domU/vmlinuz /mnt/data/xen/kernel/kernel-2.6.x.y-xen</i>	236	~# <i>cp ~/build/domU/vmlinuz /mnt/data/xen/kernel/kernel-3.5.x.y-xen</i>
273	</pre>
274
275	<p>
276	It is also possible to create a single kernel image for both the administrative
277	domain and the unpriviledged domain. More information about this can be found
278	in the Xen user manual.
279	</p>	237	</pre>
280		238
281	</body>	239	</body>
282	</section>	240	</section>
283	<section>	241	<section>
284	<title>Creating the Domain Disks</title>	242	<title>Creating the Domain Disks</title>
285	<body>	243	<body>
286		244
287	<p>	245	<p>
288	For best performance, it is best to dedicate a partition (or logical volume) to	246	For best performance, it is best to dedicate a partition (or logical volume) to
289	a domain rather than a file based filesystem. However, if you are going to use	247	a domain rather than a file based filesystem. However, if you are going to use
290	Xen primarily for tests using a file based filesystem does have its advantages	248	Xen primarily for tests using a file based filesystem does have its advantages
291	(especially regarding maintenance).	249	(especially regarding maintenance).
292	</p>	250	</p>
293		251
294	<p>	252	<p>
295	You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or	253	You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or
296	any other file system creation tool). For instance, to create a 2Gbyte ext3	254	any other file system creation tool). For instance, to create a 4 Gbyte ext4
297	filesystem:	255	filesystem:
298	</p>	256	</p>
299		257
300	<pre caption="Creating a file based filesystem">	258	<pre caption="Creating a file based filesystem">
301	~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext3root.img bs=1M count=2048</i>	259	~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext4root.img bs=1M count=4096</i>
302	~# <i>mke2fs -j /mnt/data/xen/disks/ext3root.img</i>	260	~# <i>mkfs.ext4 /mnt/data/xen/disks/ext4root.img</i>
303	</pre>	261	</pre>
304		262
305	</body>	263	</body>
306	</section>	264	</section>
307	<section>	265	<section>
308	<title>Configuring a Domain</title>	266	<title>Configuring a Domain</title>
309	<body>	267	<body>
310		268
311	<p>	269	<p>
312	Next we create a Xen configuration file for a domain. You can store these	270	Next we create a Xen configuration file for a domain. You can store these
313	configuration files where you want, for instance at	271	configuration files where you want, for instance at
314	<path>/mnt/data/xen/configs</path>. As an example, we create a configuration	272	<path>/mnt/data/xen/configs</path>. As an example, we create a configuration
315	file for a small Gentoo environment which uses the disk image we created	273	file for a small Gentoo environment which uses the disk image we created
316	previously:	274	previously:
317	</p>	275	</p>
318		276
319	<pre caption="Creating a domain configuration file">	277	<pre caption="Creating a domain configuration file">
320	~# <i>nano -w /mnt/data/xen/configs/gentoo</i>	278	~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
321		279
322	kernel = "/mnt/data/xen/kernel/kernel-2.6.x.y-xen"	280	kernel = "/mnt/data/xen/kernel/kernel-3.5.x.y-xen"
323	memory = 512	281	memory = 512
324	name = "gentoo"	282	name = "gentoo"
325	<comment>(Map the disk image to the virtual /dev/sda1)</comment>	283	<comment>(Map the disk image to the virtual /dev/sda1)</comment>
326	disk = ['file:/mnt/data/xen/disks/ext3root.img,sda1,w']	284	disk = ['file:/mnt/data/xen/disks/ext4root.img,sda1,w']
327	root = "/dev/sda1 ro"	285	root = "/dev/sda1 ro"
328	</pre>	286	</pre>
329		287
330	<p>	288	<p>
331	If you are using a block device (such as an lvm volume or partition) for	289	If you are using a block device (such as an lvm volume or partition) for
332	the disk use 'phy:' instead of 'file:' and leave off /dev. For example:	290	the disk use 'phy:' instead of 'file:' and leave off /dev. For example:
333	</p>	291	</p>
334		292
335	<pre caption="Using a block device">	293	<pre caption="Using a block device">
336	<comment>(LVM Volume)</comment>	294	<comment>(LVM Volume)</comment>
337	disk = [ 'phy:lvm/xen-guest-root,sda1,w' ]	295	disk = [ 'phy:lvm/xen-guest-root,sda1,w' ]
338		296
339	<comment>(Physical Partition)</comment>	297	<comment>(Physical Partition)</comment>
340	disk = [ 'phy:sdb6,sda1,w' ]	298	disk = [ 'phy:sdb6,sda1,w' ]
341	</pre>	299	</pre>
342		300
343	<p>	301	<p>
344	You can find example configuration files in <path>/etc/xen</path>.	302	You can find example configuration files in <path>/etc/xen</path>.
345	</p>	303	</p>
346		304
347	</body>	305	</body>
348	</section>	306	</section>
349	<section>	307	<section>
350	<title>Launching the New Domain</title>	308	<title>Launching the New Domain</title>
351	<body>	309	<body>
352		310
353	<p>	311	<p>
354	Now we're all set and we can launch the new domain. If the disk image contained	312	Now we're all set and we can launch the new domain. If the disk image contained
355	an operating system, we could just create and attach the domain using the	313	an operating system, we could just create and attach the domain using the
356	<c>xm</c> command (Xen manager):	314	<c>xl</c> command:
357	</p>	315	</p>
358		316
359	<pre caption="Creating and starting a new domain">	317	<pre caption="Creating and starting a new domain">
360	~# <i>xm create /mnt/data/xen/configs/gentoo -c</i>	318	~# <i>xl create /mnt/data/xen/configs/gentoo -c</i>
361	</pre>	319	</pre>
362		320
363	<p>	321	<p>
364	The domain would be booted inside the terminal in which you executed the	322	The domain would be booted inside the terminal in which you executed the
365	command. However, in our case, the disk image is empty so the domain won't boot	323	command. However, in our case, the disk image is empty so the domain won't boot
366	up in anything useful. To fix this, you can loop-mount the image and install	324	up in anything useful. To fix this, you can loop-mount the image and install
367	Gentoo as you're used to.	325	Gentoo as you're used to.
368	</p>	326	</p>
369		327
370	<p>	328	<p>
371	If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can	329	If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can
372	always reconnect to the domains' console using <c>xm console gentoo</c>.	330	always reconnect to the domains' console using <c>xl console gentoo</c>.
373	However, there is only one console per domain, so only use it when you can't	331	However, there is only one console per domain, so only use it when you can't
374	access the domain otherwise (for instance, through SSH).	332	access the domain otherwise (for instance, through SSH).
375	</p>	333	</p>
376		334
377	</body>	335	</body>
378	</section>	336	</section>
379	</chapter>	337	</chapter>
380	<chapter>	338	<chapter>
381	<title>Networking on Unpriviledged Domains</title>	339	<title>Networking on Unpriviledged Domains</title>
382	<section>	340	<section>
383	<title>Introduction</title>	341	<title>Introduction</title>
384	<body>	342	<body>
385		343
386	<p>	344	<p>
387	Xen supports at least two ways of configuring your (virtual) network:	345	Xen works best when using a bridged mode network configuration.
388	<e>routed</e> and <e>bridged</e>.	346	This means that your default network interface on
389	</p>
390
391	<p>
392	When selecting the <e>routed</e> approach, the interface inside your
393	unpriviledged domain is connected to the virtual interface on your
394	administrative domain. On your administrative domain (domain 0), the virtual
395	interface is linked together with <path>eth0</path>. The
396	interface inside your unpriviledged domain should have an IP address on the same
397	network as the interface on the administrative domain. Any communication to
398	that IP address can only occur from the administrative domain, unless you set
399	up specific routing rules.
400	</p>
401
402	<p>
403	When selecting the <e>bridged</e> approach, your default network interface on
404	the administrative domain becomes a bridge which accepts connections to the	347	the administrative domain becomes a bridge which accepts connections to the
405	virtual domains as well as to the IP address your administrative domain has.	348	virtual domains as well as to the IP address your administrative domain has.
406	</p>	349	</p>
407		350
408	</body>	351	</body>
409	</section>	352	</section>
410	<section>	353	<section>
411	<title>Regular Routed Interfaces</title>
412	<body>
413
414	<p>
415	Before you set up the interface on your unpriviledged domain, make sure that
416	Xen's <path>netloop</path> and <path>netbk</path> drivers are loaded. A quick
417	hint: if you have <path>netloop</path> as a module, load it with
418	<c>nloopbacks=0</c> so that it doesn't create pointless interfaces to the
419	loopback device. Then, edit your domain configuration file and add a <c>vif</c>
420	instruction to it.
421	</p>
422
423	<pre caption="Configuring a virtual interface">
424	~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
425
426	<comment>(Add the vif instruction)</comment>
427	vif = [ 'ip=192.168.1.101, vifname=veth1' ]
428	</pre>
429
430	<p>
431	In the above example, the interface will be created for the unpriviledged domain
432	(in which it will be called <path>eth0</path>) and Xen will ensure that address
433	192.168.1.101 will be reachable from the administrative domain through interface
434	<path>veth1</path>.
435	</p>
436
437	<p>
438	This doesn't mean that the virtual <path>eth0</path> interface will
439	automatically have IP 192.168.1.101 assigned to it, but rather that, if you
440	don't give it that IP, it will not be connected with the administrative domain
441	and thus cannot be reached.
442	</p>
443
444	<p>
445	Now edit <path>/etc/xen/xend-config.sxp</path> as follows to select routed
446	network configuration:
447	</p>
448
449	<pre caption="Editing xend-config.sxp">
450	~# <i>nano -w /etc/xen/xend-config.sxp</i>
451
452	<comment>(Comment out the following lines)</comment>
453	<i>#</i>(network-script network-bridge)
454	<i>#</i>(vif-script vif-bridge)
455
456	<comment>(Enable the following lines)</comment>
457	(network-script network-route)
458	(vif-script vif-route)
459	</pre>
460
461	</body>
462	</section>
463	<section>
464	<title>Bridged Interfaces</title>	354	<title>Bridged Interfaces</title>
465	<body>	355	<body>
466		356
467	<p>	357	<p>
468	Unlike the routed interfaces you now need to load the <path>netloop</path>	358	Create a bridge interface by creating a new link to the networking init script
469	driver with <c>nloopbacks=1</c> (or higher) as the additional loopback devices	359	as provided by Gentoo:
470	are used to create the bridge. For the other modules you still need the
471	<path>netbk</path> module as well as briding functionality (<path>bridge</path>
472	module if build as such).
473	</p>
474
475	<p>	360	</p>
476	Now edit your virtual domain and add the <c>vif</c> construct:	361
		362	<pre caption="Creating a bridge interface">
		363	# <i>cd /etc/init.d</i>
		364	# <i>ln -s net.lo net.br0</i>
		365	</pre>
		366
477	</p>	367	<p>
478		368	Next, edit <path>/etc/conf.d/net</path> and setup the bridge:
479	<pre caption="Configuring a virtual interface">
480	~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
481
482	<comment>(Add the vif instruction)</comment>
483	vif = [ 'ip=192.168.1.101, vifname=veth0' ]
484	</pre>
485
486	<p>	369	</p>
487	Next edit <path>/etc/xen/xend-config.sxp</path> as follows to select bridged	370
488	network configuration:	371	<pre caption="Enabling the bridge br0 interface">
		372	# <i>nano -w /etc/conf.d/net</i>
		373
		374	bridge_br0="eth0"
		375	config_br0="192.168.1.200 netmask 255.255.255.0 brd 192.168.1.255"
		376	routes_br0="default via 192.168.1.1"
		377	</pre>
		378
489	</p>	379	<p>
490		380	Finally, install the <e>net-misc/bridge-utils</e> package, and make sure the
491	<pre caption="Editing xend-config.sxp">	381	<path>net.br0</path> init script is loaded at boot.
492	~# <i>nano -w /etc/xen/xend-config.sxp</i>
493
494	<comment>(Enable the following lines)</comment>
495	(network-script network-bridge)
496	(vif-script vif-bridge)
497
498	<comment>(Comment out the following lines if not done already)</comment>
499	<i>#</i> (network-script network-route)
500	<i>#</i> (vif-script vif-route)
501	</pre>
502
503	<p>	382	</p>
504	By default, the bridge will contain whatever interface is configured to be the
505	default interface (the device that is listed under the default route through
506	<c>ip route list</c>). If you want to alter this behavior, edit the
507	<path>xend-config.sxp</path> as follows:
508	</p>
509		383
510	<pre caption="Editing xend-config.sxp to change bridge configuration">	384	<pre caption="Finishing the bridge setup">
511	~# <i>nano -w /etc/xen/xend-config.sxp</i>	385	# <i>emerge net-misc/bridge-utils</i>
512		386	# <i>rc-update add net.br0 default</i>
513	<comment>(Edit the network-script line)</comment>
514	(network-script <i>'</i>network-bridge <i>netdev=eth0 bridge=xenbr0 vifnum=0'</i>)
515	</pre>
516
517	<p>
518	Once the configuration is done, restart the <c>xend</c> init script to have Xen
519	build the bridge:
520	</p>
521
522	<pre caption="Restarting the xend daemon">
523	~# <i>/etc/init.d/xend restart</i>
524	</pre>	387	</pre>
525		388
526	</body>	389	</body>
527	</section>	390	</section>
528	</chapter>	391	</chapter>
529	<chapter>	392	<chapter>
530	<title>Further Resources</title>	393	<title>Further Resources</title>
531	<section>	394	<section>
532	<title>Xen Documentation</title>	395	<title>Xen Documentation</title>
533	<body>	396	<body>
534		397
535	<ul>	398	<ul>
536	<li>	399	<li>
537	<uri link="http://www.xen.org/support/documentation.html">Official Xen	400	<uri link="http://www.xen.org/support/documentation.html">Official Xen
538	documentation</uri>	401	documentation</uri>

 Legend:



Removed from v.1.11
 


changed lines


 
Added in v.1.14
 Legend:



Removed from v.1.11
 


changed lines


 
Added in v.1.14
-Removed from v.1.11
+Added in v.1.14

	ViewVC Help
Powered by ViewVC 1.1.13