Diff for /wikisrc/ports/xen/howto.mdwn between versions 1.12 and 1.19

version 1.12, 2014/12/23 23:37:56 version 1.19, 2014/12/24 00:41:04
Line 1 Line 1
 Introduction  Introduction
 ------------  ============
   
 [![[Xen  [![[Xen
 screenshot]](http://www.netbsd.org/gallery/in-Action/hubertf-xens.png)](../../gallery/in-Action/hubertf-xen.png)  screenshot]](http://www.netbsd.org/gallery/in-Action/hubertf-xens.png)](../../gallery/in-Action/hubertf-xen.png)
Line 27  code for Xen and need not be aware that  Line 27  code for Xen and need not be aware that 
 Attempts to access hardware registers are trapped and emulated.  This  Attempts to access hardware registers are trapped and emulated.  This
 style is less efficient but can run unmodified guests.  style is less efficient but can run unmodified guests.
   
   Generally any amd64 machine will work with Xen and PV guests.  For HVM
   guests, the VMX cpu feature (Intel) or VT?? (amd64) is needed.  TODO:
   Explain if i386 (non-amd64) machines can still be used - I think that
   witthe requirement to use PAE kernels is about the hypervisor being
   amd64 only.
   
 At boot, the dom0 kernel is loaded as module with Xen as the kernel.  At boot, the dom0 kernel is loaded as module with Xen as the kernel.
 The dom0 can start one or more domUs.  (Booting is explained in detail  The dom0 can start one or more domUs.  (Booting is explained in detail
 in the dom0 section.)  in the dom0 section.)
Line 37  attempts to address both the case of run Line 43  attempts to address both the case of run
 and running NetBSD as a domU in a VPS.  and running NetBSD as a domU in a VPS.
   
 Prerequisites  Prerequisites
 =============  -------------
   
 Installing NetBSD/Xen is not extremely difficult, but it is more  Installing NetBSD/Xen is not extremely difficult, but it is more
 complex than a normal installation of NetBSD.  complex than a normal installation of NetBSD.
   In general, this HOWTO is occasionally overly restrictive about how
   things must be done, guiding the reader to stay on the established
   path when there are no known good reasons to stray.
   
 This HOWTO presumes a basic familiarity with the Xen system  This HOWTO presumes a basic familiarity with the Xen system
 architecture.  architecture.  This HOWTO presumes familiarity with installing NetBSD
   on i386/amd64 hardware and installing software from pkgsrc.
   See also the [Xen website](http://www.xen.org/).
   
 This HOWTO presumes familiarity with installing NetBSD on i386/amd64  History
 hardware and installing software from pkgsrc.  -------
   
 For more details on Xen, see [](http://www.xen.org/).  NetBSD used to support Xen2; this has been removed.
   
 Installing NetBSD as privileged domain (Dom0)  Before NetBSD's native bootloader could support Xen, the use of
 ---------------------------------------------  grub was recommended.  If necessary, see the
   [old grub information](/xen/howto-grub/).
   
   Versions of Xen and NetBSD
   ==========================
   
   Most of the installation concepts and instructions are independent of
   Xen version.  This section gives advice on which version to choose.
   Versions not in pkgsrc and older unsupported versions of NetBSD are
   inentionally ignored.
   
   Xen
   ---
   
   In NetBSD, xen is provided in pkgsrc, via matching pairs of packages
   xenkernel and xentools.  We will refer only to the kernel versions,
   but note that both packages must be installed together and must have
   matching versions.
   
   xenkernel3 and xenkernel33 provide Xen 3.1 and 3.3.  These no longer
   receive security patches and should not be used.
   
   xenkernel41 provides Xen 4.1.  This is no longer maintained by Xen,
   but as of 2014-12 receives backported security patches.  It is a
   reasonable although trailing-edge choice.
   
   xenkernel42 provides Xen 4.2.  This is maintained by Xen, but old as
   of 2014-12.
   
   Ideally newer versions of Xen will be added to pkgsrc.
   
   Xen command program
   -------------------
   
   Early Xen used a program called "xm" to manipulate the system from the
   dom0.  Starting in 4.1, a replacement program with similar behavior
   called "xl" is provided.  In 4.2, "xm" is no longer available.
   
 First do a NetBSD/i386 or NetBSD/amd64  NetBSD
 [installation](../../docs/guide/en/chap-inst.html) of the 5.1 release  ------
 (or newer) as you usually do on x86 hardware. The binary releases are  
 available from [](ftp://ftp.NetBSD.org/pub/NetBSD/). Binary snapshots  The netbsd-5, netbsd-6, netbsd-7, and -current branches are all
 for current and the stable branches are available on daily autobuilds.  reasonable choices, with more or less the same considerations for
 If you plan to use the `grub` boot loader, when partitioning the disk  non-Xen use.  Therefore, netbsd-6 is recommended as the stable version
 you have to make the root partition smaller than 512Mb, and formatted as  of the most recent release.
 FFSv1 with 8k block/1k fragments. If the partition is larger than this,  
 uses FFSv2 or has different block/fragment sizes, grub may fail to load  As of NetBSD 6, a NetBSD domU will support multiple vcpus.  There is
 some files. Also keep in mind that you'll probably want to provide  no SMP support for NetBSD as dom0.  (The dom0 itself doesn't really
 virtual disks to other domains, so reserve some partitions for these  need SMP; the lack of support is really a problem when using a dom0 as
 virtual disks. Alternatively, you can create large files in the file  a normal computer.)
 system, map them to vnd(4) devices and export theses vnd devices to  
 other domains.  Architecture
   ------------
   
   Xen is basically amd64 only at this point.  One can either run i386
   domains or amd64 domains.  If running i386, PAE versions are required,
   for both dom0 and domU.  These versions are built by default in NetBSD
   releases.  While i386 dom0 works fine, amd64 is recommended as more
   normal.  (Note that emacs (at least) fails if run on i386 with PAE when
   built without, and vice versa, presumably due to bugs in the undump
   code.)
   
   Recommendation
   --------------
   
   Therefore, this HOWTO recommends running xenkernel42 (and xentools42),
   xl, the NetBSD 6 stable branch, and to use amd64 as the dom0.  Either
   the i386 or amd64 of NetBSD may be used as domUs.
   
   NetBSD as a dom0
   ================
   
   NetBSD can be used as a dom0 and works very well.  The following
   sections address installation, updating NetBSD, and updating Xen.
   Note that it doesn't make sense to talk about installing a dom0 OS
   without also installing Xen itself.  We first address installing
   NetBSD, which is not yet a dom0, and then adding Xen, pivoting the
   NetBSD install to a dom0 install by just changing the kernel and boot
   configuration.
   
   Styles of dom0 operation
   ------------------------
   
   There are two basic ways to use Xen.  The traditional method is for
   the dom0 to do absolutely nothing other than providing support to some
   number of domUs.  Such a system was probably installed for the sole
   purpose of hosting domUs, and sits in a server room on a UPS.
   
   The other way is to put Xen under a normal-usage computer, so that the
   dom0 is what the computer would have been without Xen, perhaps a
   desktop or laptop.  Then, one can run domUs at will.  Purists will
   deride this as less secure than the previous approach, and for a
   computer whose purpose is to run domUs, they are right.  But Xen and a
   dom0 (without domUs) is not meaingfully less secure than the same
   things running without Xen.  One can boot Xen or boot regular NetBSD
   alternately with little problems, simply refraining from starting the
   Xen daemons when not running Xen.
   
   Note that NetBSD as dom0 does not support multiple CPUs.  This will
   limit the performance of the Xen/dom0 workstation approach.
   
   Installation of NetBSD
   ----------------------
   
   First,
   [install NetBSD/amd64](../../docs/guide/en/chap-inst.html)
   just as you would if you were not using Xen.
   However, the partitioning approach is very important.
   
   If you want to use RAIDframe for the dom0, there are no special issues
   for Xen.  Typically one provides RAID storage for the dom0, and the
   domU systems are unaware of RAID.
   
   There are 4 styles of providing backing storage for the virtual disks
   used by domUs: raw partitions, LVM, file-backed vnd(4), and SAN,
   
   With raw partitions, one has a disklabel (or gpt) partition sized for
   each virtual disk to be used by the domU.  (If you are able to predict
   how domU usage will evolve, please add an explanation to the HOWTO.
   Seriously, needs tend to change over time.)
   
   One can use lvm(8) to create logical devices to use for domU disks.
   This is almost as efficient sa raw disk partitions and more flexible.
   Hence raw disk partitions should typically not be used.
   
   One can use files in the dom0 filesystem, typically created by dd'ing
   /dev/zero to create a specific size.  This is somewhat less efficient,
   but very convenient, as one can cp the files for backup, or move them
   between dom0 hosts.
   
   Finally, in theory one can place the files backing the domU disks in a
   SAN.  (This is an invitation for someone who has done this to add a
   HOWTO page.)
   
   Installation of Xen
   -------------------
   
 Next step is to install the Xen packages via pkgsrc or from binary  Next step is to install the Xen packages via pkgsrc or from binary
 packages. See [the pkgsrc  packages. See [the pkgsrc
Line 207  Install grub with the following command: Line 338  Install grub with the following command:
     Done.      Done.
                       
   
 Creating an unprivileged NetBSD domain (DomU)  Updating NetBSD in a dom0
   -------------------------
   
   This is just like updating NetBSD on bare hardware, assuming the new
   version supports the version of Xen you are running.  Generally, one
   replaces the kernel and reboots, and then overlays userland binaries
   and adjusts /etc.
   
   Note that one must update both the non-Xen kernel typically used for
   rescue purposes and the DOM0 kernel used with Xen.
   
   Updating Xen versions
   ---------------------
   
   TODO: write
   
   Creating unprivileged domains (domU)
   ====================================
   
   Creating domUs is almost entirely independent of operating system.  We
   first explain NetBSD, and then differences for Linux and Solaris.
   
   Creating an unprivileged NetBSD domain (domU)
 ---------------------------------------------  ---------------------------------------------
   
 Once you have *domain0* running, you need to start the xen tool daemon  Once you have *domain0* running, you need to start the xen tool daemon
Line 350  working vif-bridge is also provided with Line 503  working vif-bridge is also provided with
   
     #!/bin/sh      #!/bin/sh
     #============================================================================      #============================================================================
     # $NetBSD: howto.mdwn,v 1.11 2014/12/23 23:25:57 gdt Exp $      # $NetBSD: howto.mdwn,v 1.18 2014/12/24 00:11:15 gdt Exp $
     #      #
     # /usr/pkg/etc/xen/vif-bridge      # /usr/pkg/etc/xen/vif-bridge
     #      #
Line 474  in rc.conf. This way, the domain will be Line 627  in rc.conf. This way, the domain will be
   
 Your domain should be now ready to work, enjoy.  Your domain should be now ready to work, enjoy.
   
 Creating an unprivileged Linux domain (DomU)  Creating an unprivileged Linux domain (domU)
 --------------------------------------------  --------------------------------------------
   
 Creating unprivileged Linux domains isn't much different from  Creating unprivileged Linux domains isn't much different from
Line 518  To get the linux console right, you need Line 671  To get the linux console right, you need
 to your configuration since not all linux distributions auto-attach a  to your configuration since not all linux distributions auto-attach a
 tty to the xen console.  tty to the xen console.
   
 Creating an unprivileged Solaris domain (DomU)  Creating an unprivileged Solaris domain (domU)
 ----------------------------------------------  ----------------------------------------------
   
 Download an Opensolaris [release](http://opensolaris.org/os/downloads/)  Download an Opensolaris [release](http://opensolaris.org/os/downloads/)
Line 655  Restart the guest to verify it works cor Line 808  Restart the guest to verify it works cor
                         
   
 Using PCI devices in guest domains  Using PCI devices in guest domains
 ==================================  ----------------------------------
   
 The domain0 can give other domains access to selected PCI devices. This  The domain0 can give other domains access to selected PCI devices. This
 can allow, for example, a non-privileged domain to have access to a  can allow, for example, a non-privileged domain to have access to a

Removed from v.1.12  
changed lines
  Added in v.1.19


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb