/[gentoo]/xml/htdocs/doc/en/xen-guide.xml
Gentoo

Contents of /xml/htdocs/doc/en/xen-guide.xml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (show annotations) (download) (as text)
Thu Sep 13 17:09:06 2007 UTC (6 years, 10 months ago) by swift
Branch: MAIN
Changes since 1.1: +40 -3 lines
File MIME type: application/xml
Fix #190689 - Add resources for Xen

1 <?xml version='1.0' encoding='UTF-8'?>
2 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/xen-guide.xml,v 1.1 2007/08/29 18:46:34 swift Exp $ -->
3
4 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5
6 <guide link="/doc/en/xen-guide.xml">
7
8 <title>Configuring Gentoo with Xen</title>
9
10 <author title="Author">
11 <mail link="swift@gentoo.org">Sven Vermeulen</mail>
12 </author>
13
14 <abstract>
15 This guide describes how to start using Xen on your Gentoo system
16 </abstract>
17
18 <!-- The content of this document is licensed under the CC-BY-SA license -->
19 <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
20 <license/>
21
22 <version>1.1</version>
23 <date>2007-09-13</date>
24
25 <chapter>
26 <title>Introduction</title>
27 <section>
28 <body>
29
30 <p>
31 The <uri link="http://www.xensource.com/">Xen</uri> technology allows you to run
32 multiple operating systems on a single physical system, govern resource
33 consumption and even migrate domains (which are the virtual environments in
34 which a guest operating system runs) from one Xen-powered system to another. Xen
35 requires the host operating system to support Xen (which, in this case, will be
36 a Linux kernel) but guest operating systems can run unmodified <e>if</e> your
37 hardware supports Intel Virtualization Technology (VT-x) or AMD Virtualization
38 Technology (SVM). Otherwise your guest operating systems must also support Xen.
39 </p>
40
41 <p>
42 This guide will talk you through the configuration steps necessary to get Xen up
43 and running on Gentoo Linux. We will not discuss Xen itself (the Xen project has
44 <uri
45 link="http://www.cl.cam.ac.uk/research/srg/netos/xen/readmes/user">decent
46 documentation</uri> available) nor will we talk about specialized setups that
47 might be very interesting for Xen setups but are not Xen-related (like exporting
48 Portage through NFS, booting Linux using PXE, etc.)
49 </p>
50
51 </body>
52 </section>
53 </chapter>
54 <chapter>
55 <title>Preparing Domain0</title>
56 <section>
57 <title>Introduction</title>
58 <body>
59
60 <p>
61 <e>Domain0</e> is the primary domain under Xen, hosting the host operating
62 system which governs all other domains. In this chapter we will prepare an
63 existing Gentoo installation to become the host operating system in this domain
64 and build the Xen-powered kernel so that Gentoo is ready to host other Xen
65 domains.
66 </p>
67
68 </body>
69 </section>
70 <section>
71 <title>Rebuilding the Gentoo Installation ?</title>
72 <body>
73
74 <p>
75 A dramatic change that might be necessary is to rebuild the entire Gentoo
76 installation with a different <c>CFLAGS</c> setting. Guest operating systems
77 running under Xen might otherwise see major performance degradation. If you,
78 however, are planning on checking out Xen rather than installing it for
79 production use and are not terribly fond of rebuilding all programs, you can
80 skip this step. In this case you will notice performance degradation but you
81 will still be able to use Xen.
82 </p>
83
84 <impo>
85 It is advised that, if you change your <c>CFLAGS</c> and build your system with
86 a gcc lower than version 4, you do not have <c>-Os</c> set as it has been
87 reported to produce broken code.
88 </impo>
89
90 <pre caption="Editing the CFLAGS and rebuild the Gentoo installation">
91 ~# <i>nano -w /etc/make.conf</i>
92 <comment>(Add -mno-tls-direct-seg-refs)</comment>
93 CFLAGS="-O2 -march=pentium4 -pipe <i>-mno-tls-direct-seg-refs</i>"
94
95 ~# <i>emerge -e world</i>
96 </pre>
97
98 <p>
99 If you boot your system using an initial ramdisk (initrd) you need to
100 rebuild the initrd as well (which is best done by running all steps you would do
101 when you rebuild your kernel).
102 </p>
103
104 </body>
105 </section>
106 <section>
107 <title>Installing Xen</title>
108 <body>
109
110 <p>
111 Xen actually contains many components, so you'll need to install a couple of
112 packages. Because it is still <uri
113 link="/doc/en/handbook/handbook-x86.xml?part=3&amp;chap=3#doc_chap2">~arch
114 masked</uri> you first need to unmask it by adding the necessary lines to
115 <path>/etc/portage/package.keywords</path> and then install them.
116 </p>
117
118 <pre caption="Unmasking and Installing Xen">
119 ~# <i>nano -w /etc/portage/package.keywords</i>
120 app-emulation/xen
121 app-emulation/xen-tools
122 sys-kernel/xen-sources
123
124 ~# <i>emerge xen xen-tools xen-sources</i>
125 </pre>
126
127
128
129 </body>
130 </section>
131 <section>
132 <title>Building the Kernel</title>
133 <body>
134
135 <p>
136 Next we'll build the Linux kernel with Xen support. This kernel, whose sources
137 are available at <path>/usr/src/linux-2.6.x.z-xen</path>, will be our main
138 running kernel (i.e. the one running domain 0). In the <c>XEN</c> section you'll
139 find drivers for all kinds of input/output, each driver having a <e>backend</e>
140 and <e>frontend</e> implementation available. For the domain 0 kernel you need
141 to select the <e>backend</e> implementation: these are used by the other
142 domains (who use the <e>frontend</e> drivers) to communicate directly with
143 the hardware.
144 </p>
145
146 <p>
147 Of course, don't forget to select <c>Xen-compatible</c> at <c>Processor type and
148 features</c>. If you're wondering about networking: each interface in a domain
149 has a point-to-point link to an interface on domain 0 (called
150 <path>vifX.Y</path> where X is the domain number and Y the Yth interface of that
151 domain), so you can configure your network the way you want (bridging, NAT,
152 etc.)
153 </p>
154
155 <pre caption="Enabling Xen Support for i386 Kernels">
156 Processor type and features ---&gt;
157 Subarchitecture Type (Xen-compatible)
158 </pre>
159
160 <pre caption="Enabling Xen Support for x86_64 Kernels">
161 Processor type and features ---&gt;
162 Subarchitecture Type (PC-compatible)
163 [*] Enable Xen compatible kernel
164 </pre>
165
166 <pre caption="Domain-0 Kernel Config">
167 Bus options (PCI etc.) ---&gt;
168 [*] PCI support
169 [*] Xen PCI Frontend (NEW)
170 [ ] Xen PCI Frontend Debugging
171
172 Networking ---&gt;
173 Networking options ---&gt;
174 &lt;*&gt; 802.1d Ethernet Bridging
175 <comment>Only required by bridged networking.</comment>
176
177 XEN ---&gt;
178 [*] Privileged Guest (domain 0)
179 &lt;*&gt; Backend driver support
180 &lt;*&gt; Block-device backend driver
181 &lt;*&gt; Network-device backend driver
182 [*] Scrub memory before freeing it to Xen
183 [*] Disable serial port drivers
184 Xen version compatibility (3.0.4 and later)
185 </pre>
186
187 <pre caption="Domain-U Kernel Config">
188 Bus options (PCI etc.) ---&gt;
189 [ ] PCI support
190
191 Device Drivers ---&gt;
192 SCSI device support ---&gt;
193 &lt; &gt; SCSI device support
194 <comment>Disabling SCSI support frees up the /dev/sd* device names
195 for use as Xen virtual block devices.</comment>
196
197 XEN ---&gt;
198 [ ] Privileged Guest (domain 0)
199 &lt;*&gt; Block-device frontend driver
200 &lt;*&gt; Network-device frontend driver
201 [*] Scrub memory before freeing it to Xen
202 [*] Disable serial port drivers
203 Xen version compatibility (3.0.4 and later)
204 </pre>
205
206 <p>
207 A nice hint is to have the kernel make process store its intermediate object
208 files elsewhere so that you can reuse the same kernel tree to build different
209 configurations:
210 </p>
211
212 <pre caption="Building the Kernel">
213 ~# <i>mkdir -p ~/build/dom0 ~/build/domU</i>
214 ~# <i>make O=~/build/dom0 menuconfig</i>
215 <comment>(Configure the kernel)</comment>
216 ~# <i>make O=~/build/dom0 &amp;&amp; make O=~/build/dom0 modules_install</i>
217 </pre>
218
219 <p>
220 Once the kernel is built you'll find the kernel image immediately in the
221 build directory (not inside <path>arch/</path> or any other directory) called
222 <path>vmlinuz</path>. Copy it to <path>/boot</path> and then configure your
223 bootloader to use the Xen hypervisor (one of the components installed
224 previously) which is stored as <path>/boot/xen.gz</path>. In the bootloader
225 configuration, add your newly built kernel as the kernel that Xen should
226 boot. For instance, for GRUB:
227 </p>
228
229 <pre caption="GRUB Configuration for Xen">
230 title Xen 3.0 / Gentoo Linux 2.6.x.y
231 root (hd0,0)
232 kernel /boot/xen.gz
233 module /boot/kernel-2.6.x.y-xen0 root=/dev/hda3
234 </pre>
235
236 <p>
237 Now reboot your system into Xen. Once you are booted, you need to load the Xen
238 daemon:
239 </p>
240
241 <pre caption="Loading the Xen daemon">
242 ~# <i>/etc/init.d/xend start</i>
243 </pre>
244
245 <p>
246 Now check if you can do whatever you normally do on your system. If this is the
247 case, you can edit your bootloader configuration to always boot into Xen and add
248 the Xen deamon to the default runlevel so that it is started automatically
249 next time you boot.
250 </p>
251
252 <note>
253 If you wish to start guest domains automatically on boot add <c>xendomains</c>
254 to the default runlevel as well and create a symlink in
255 <path>/etc/xen/auto/</path> to the Xen configuration files for the domains
256 you wish to start.
257 </note>
258
259 </body>
260 </section>
261 </chapter>
262 <chapter>
263 <title>Creating an Unpriviledged Domain</title>
264 <section>
265 <title>Building the Kernel</title>
266 <body>
267
268 <p>
269 Go to the Xen-powered Linux kernel source and update the configuration. It is
270 wise to keep as many topics as possible similar to the main kernel except the
271 <c>XEN</c> settings where drivers should now have their <e>frontend</e>
272 implementation selected instead of the <e>backend</e>. Then build the kernel
273 and place the resulting <path>vmlinuz</path> file where you want (we assume this
274 is <path>/mnt/data/xen/kernel</path>):
275 </p>
276
277 <pre caption="Building the guest kernel">
278 ~# <i>make O=~/build/domU</i>
279 ~# <i>cp ~/build/vmlinuz /mnt/data/xen/kernel/kernel-2.6.x.y-xen</i>
280 </pre>
281
282 <p>
283 It is also possible to create a single kernel image for both the administrative
284 domain and the unpriviledged domain. More information about this can be found
285 in the Xen user manual.
286 </p>
287
288 </body>
289 </section>
290 <section>
291 <title>Creating the Domain Disks</title>
292 <body>
293
294 <p>
295 For best performance, it is best to dedicate a partition (or logical volume) to
296 a domain rather than a file based filesystem. However, if you are going to use
297 Xen primarily for tests using a file based filesystem does have its advantages
298 (especially regarding maintenance).
299 </p>
300
301 <p>
302 You can create a file based filesystem using <c>dd</c> and <c>mke2fs</c> (or
303 any other file system creation tool). For instance, to create a 2Gbyte ext3
304 filesystem:
305 </p>
306
307 <pre caption="Creating a file based filesystem">
308 ~# <i>dd if=/dev/zero of=/mnt/data/xen/disks/ext3root.img bs=1M count=2048</i>
309 ~# <i>mke2fs -j /mnt/data/xen/disks/ext3root.img</i>
310 </pre>
311
312 </body>
313 </section>
314 <section>
315 <title>Configuring a Domain</title>
316 <body>
317
318 <p>
319 Next we create a Xen configuration file for a domain. You can store these
320 configuration files where you want, for instance at
321 <path>/mnt/data/xen/configs</path>. As an example, we create a configuration
322 file for a small Gentoo environment which uses the disk image we created
323 previously:
324 </p>
325
326 <pre caption="Creating a domain configuration file">
327 ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
328
329 kernel = "/mnt/data/xen/kernel/kernel-2.6.x.y-xen"
330 memory = 512
331 name = "gentoo"
332 <comment>(Map the disk image to the virtual /dev/sda1)</comment>
333 disk = ['file:/mnt/data/xen/disks/ext3root.img,sda1,w']
334 root = "/dev/sda1 ro"
335 </pre>
336
337 <p>
338 If you are using a block device (such as an lvm volume or partition) for
339 the disk use 'phy:' instead of 'file:' and leave off /dev. For example:
340 </p>
341
342 <pre caption="Using a block device">
343 <comment>(LVM Volume)</comment>
344 disk = [ 'phy:lvm/xen-guest-root,sda1,w' ]
345
346 <comment>(Physical Partition)</comment>
347 disk = [ 'phy:sdb6,sda1,w' ]
348 </pre>
349
350 <p>
351 You can find example configuration files in <path>/etc/xen</path>.
352 </p>
353
354 </body>
355 </section>
356 <section>
357 <title>Launching the New Domain</title>
358 <body>
359
360 <p>
361 Now we're all set and we can launch the new domain. If the disk image contained
362 an operating system, we could just create and attach the domain using the
363 <c>xm</c> command (Xen manager):
364 </p>
365
366 <pre caption="Creating and starting a new domain">
367 ~# <i>xm create /mnt/data/xen/configs/gentoo -c</i>
368 </pre>
369
370 <p>
371 The domain would be booted inside the terminal in which you executed the
372 command. However, in our case, the disk image is empty so the domain won't boot
373 up in anything useful. To fix this, you can loop-mount the image and install
374 Gentoo as you're used to.
375 </p>
376
377 <p>
378 If you want to disconnect from the domain, press <path>Ctrl+]</path>. You can
379 always reconnect to the domains' console using <c>xm console gentoo</c>.
380 However, there is only one console per domain, so only use it when you can't
381 access the domain otherwise (for instance, through SSH).
382 </p>
383
384 </body>
385 </section>
386 </chapter>
387 <chapter>
388 <title>Networking on Unpriviledged Domains</title>
389 <section>
390 <title>Introduction</title>
391 <body>
392
393 <p>
394 Xen supports at least two ways of configuring your (virtual) network:
395 <e>routed</e> and <e>bridged</e>.
396 </p>
397
398 <p>
399 When selecting the <e>routed</e> approach, the interface inside your
400 unpriviledged domain is connected to the virtual interface on your
401 administrative domain. On your administrative domain (domain 0), the virtual
402 interface is linked together with <path>eth0</path>. The
403 interface inside your unpriviledged domain should have an IP address on the same
404 network as the interface on the administrative domain. Any communication to
405 that IP address can only occur from the administrative domain, unless you set
406 up specific routing rules.
407 </p>
408
409 <p>
410 When selecting the <e>bridged</e> approach, your default network interface on
411 the administrative domain becomes a bridge which accepts connections to the
412 virtual domains as well as to the IP address your administrative domain has.
413 </p>
414
415 </body>
416 </section>
417 <section>
418 <title>Regular Routed Interfaces</title>
419 <body>
420
421 <p>
422 Before you set up the interface on your unpriviledged domain, make sure that
423 Xen's <path>netloop</path> and <path>netbk</path> drivers are loaded. A quick
424 hint: if you have <path>netloop</path> as a module, load it with
425 <c>nloopbacks=0</c> so that it doesn't create pointless interfaces to the
426 loopback device. Then, edit your domain configuration file and add a <c>vif</c>
427 instruction to it.
428 </p>
429
430 <pre caption="Configuring a virtual interface">
431 ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
432
433 <comment>(Add the vif instruction)</comment>
434 vif = [ 'ip=192.168.1.101, vifname=veth1' ]
435 </pre>
436
437 <p>
438 In the above example, the interface will be created for the unpriviledged domain
439 (in which it will be called <path>eth0</path>) and Xen will ensure that address
440 192.168.1.101 will be reachable from the administrative domain through interface
441 <path>veth1</path>.
442 </p>
443
444 <p>
445 This doesn't mean that the virtual <path>eth0</path> interface will
446 automatically have IP 192.168.1.101 assigned to it, but rather that, if you
447 don't give it that IP, it will not be connected with the administrative domain
448 and thus cannot be reached.
449 </p>
450
451 <p>
452 Now edit <path>/etc/xen/xend-config.xsp</path> as follows to select routed
453 network configuration:
454 </p>
455
456 <pre caption="Editing xend-config.xsp">
457 ~# <i>nano -w /etc/xen/xend-config.xsp</i>
458
459 <comment>(Comment out the following lines)</comment>
460 <i>#</i>(network-script network-bridge)
461 <i>#</i>(vif-script vif-bridge)
462
463 <comment>(Enable the following lines)</comment>
464 (network-script network-route)
465 (vif-script vif-route)
466 </pre>
467
468 </body>
469 </section>
470 <section>
471 <title>Bridged Interfaces</title>
472 <body>
473
474 <p>
475 Unlike the routed interfaces you now need to load the <path>netloop</path>
476 driver with <c>nloopbacks=1</c> (or higher) as the additional loopback devices
477 are used to create the bridge. For the other modules you still need the
478 <path>netbk</path> module as well as briding functionality (<path>bridge</path>
479 module if build as such).
480 </p>
481
482 <p>
483 Now edit your virtual domain and add the <c>vif</c> construct:
484 </p>
485
486 <pre caption="Configuring a virtual interface">
487 ~# <i>nano -w /mnt/data/xen/configs/gentoo</i>
488
489 <comment>(Add the vif instruction)</comment>
490 vif = [ 'ip=192.168.1.101, vifname=veth0' ]
491 </pre>
492
493 <p>
494 Next edit <path>/etc/xen/xend-config.xsp</path> as follows to select bridged
495 network configuration:
496 </p>
497
498 <pre caption="Editing xend-config.xsp">
499 ~# <i>nano -w /etc/xen/xend-config.xsp</i>
500
501 <comment>(Enable the following lines)</comment>
502 (network-script network-bridge)
503 (vif-script vif-bridge)
504
505 <comment>(Comment out the following lines if not done already)</comment>
506 <i>#</i> (network-script network-route)
507 <i>#</i> (vif-script vif-route)
508 </pre>
509
510 <p>
511 By default, the bridge will contain whatever interface is configured to be the
512 default interface (the device that is listed under the default route through
513 <c>ip route list</c>). If you want to alter this behavior, edit the
514 <path>xend-config.xsp</path> as follows:
515 </p>
516
517 <pre caption="Editing xend-config.xsp to change bridge configuration">
518 ~# <i>nano -w /etc/xen/xend-config.xsp</i>
519
520 <comment>(Edit the network-script line)</comment>
521 (network-script <i>'</i>network-bridge <i>netdev=eth0 bridge=xenbr0 vifnum=0'</i>)
522 </pre>
523
524 <p>
525 Once the configuration is done, restart the <c>xend</c> init script to have Xen
526 build the bridge:
527 </p>
528
529 <pre caption="Restarting the xend daemon">
530 ~# <i>/etc/init.d/xend restart</i>
531 </pre>
532
533 </body>
534 </section>
535 </chapter>
536 <chapter>
537 <title>Further Resources</title>
538 <section>
539 <title>Xen Documentation</title>
540 <body>
541
542 <ul>
543 <li>
544 <uri link="http://tx.downloads.xensource.com/downloads/docs/user/">Xen
545 Users' Manual</uri>
546 </li>
547 <li>
548 <uri link="http://xen.xensource.com/documentation.html">Xen Community
549 Documentation</uri>
550 </li>
551 <li>
552 <uri link="http://wiki.xensource.com/xenwiki/">Xen Wiki</uri>
553 </li>
554 </ul>
555
556 </body>
557 </section>
558 <section>
559 <title>Xen Tools</title>
560 <body>
561
562 <ul>
563 <li>
564 <uri
565 link="http://virt-manager.et.redhat.com/">app-emulation/virt-manager</uri>
566 is a graphical tool for administering virtual machines
567 </li>
568 </ul>
569
570 </body>
571 </section>
572 </chapter>
573 </guide>

  ViewVC Help
Powered by ViewVC 1.1.20