--- wikisrc/ports/xen/howto.mdwn 2017/12/15 16:40:59 1.141 +++ wikisrc/ports/xen/howto.mdwn 2018/05/29 01:09:16 1.142 @@ -51,7 +51,7 @@ attempts to address both the case of run and running domUs under it (NetBSD and other), and also running NetBSD as a domU in a VPS. -Xen 3.1 in pkgsrc supports "PCI passthrough", which means that +Xen 3.1 in pkgsrc used to support "PCI passthrough", which means that specific PCI devices can be made available to a specific domU instead of the dom0. This can be useful to let a domU run X11, or access some network interface or other peripheral. @@ -121,20 +121,26 @@ supports i386 but not amd64. (This migh an i386 dom0, if it turns out that an amd64 Xen kernel and an i386 dom0 is problematic.) -xenkernel45 provides Xen 4.5. As of 2016-12, security patches were -released by Xen and applied to pkgsrc. Xen 4.5 runs on amd64 hardware -only. While slightly old, 4.5 has been tested and run by others, so -it is the conservative choice. - -xenkernel46 provides Xen 4.6. It is new to pkgsrc as of 2016-05. As -of 2016-12, security patches were released by Xen and applied to -pkgsrc. Xen 4.6 runs on amd64 hardware only For new installations, -4.6 is probably the appropriate choice and it will likely soon be the -standard approach. (If using Ubuntu guests, be sure to have the -xentools46 from December, 2016). +xenkernel45 provides Xen 4.5. Security advisories released in 2018-05 +did not include support for 4.5. Xen 4.5 and newer runs on amd64 +hardware only. While slightly old, 4.5 has been tested and run by +others, so it is a very conservative choice. + +xenkernel46 provides Xen 4.6, and was added to pkgsrc as of 2016-05. +As of 2018-05, security patches were released by Xen and are expected +to be applied to pkgsrc. Xen 4.6 runs on amd64 hardware only. (If +using Ubuntu guests, be sure to have the xentools46 from December, +2016). 4.6 is perhaps an old choice, or perhaps the standard +approach. + +Xen 4.7 was released in 2016-06 and is not in pkgsrc. + +xenkernel48 provides Xen 4.8, and was added to pkgsrc in 2017-03. As +of 2018-05, security patches were released by Xen and are expected to +be applied to pkgsrc. 4.8 is perhaps the standard choice, or perhaps +slightly new. -Xen 4.7 (released 2016-06) and 4.8 (released 2016-12) are not yet in -pkgsrc. +Xen 4.9 and 4.10 are not in pkgsrc. See also the [Xen Security Advisory page](http://xenbits.xen.org/xsa/). @@ -168,18 +174,16 @@ of interfaces. NetBSD ------ -The netbsd-6, netbsd-7, and -current branches are all reasonable +The netbsd-7, netbsd-8, and -current branches are all reasonable choices, with more or less the same considerations for non-Xen use. Therefore, netbsd-7 is recommended as the stable version of the most -recent release for production use. In addition, netbsd-7 and -current -have a important scheduler fix (in November of 2015) affecting -contention between dom0 and domUs; see +recent release for production use. (Note that netbsd-7 (and therefore +8/current) have a important scheduler fix (in November of 2015) +affecting contention between dom0 and domUs; see https://releng.netbsd.org/cgi-bin/req-7.cgi?show=1040 for a -description. For those wanting to learn Xen or without production -stability concerns, netbsd-7 is still likely most appropriate, but --current is also a reasonable choice. (Xen runs ok on netbsd-5, but -the xentools packages are likely difficult to build, and netbsd-5 is -not supported.) +description.) For production, netbsd-7 is appropriate. For learning, +netbsd-8 is appropriate. For developing Xen, netbsd-current may be +appropriate. As of NetBSD 6, a NetBSD domU will support multiple vcpus. There is no SMP support for NetBSD as dom0. (The dom0 itself doesn't really @@ -242,10 +246,12 @@ instances in support of virtual disks in Recommendation -------------- -Therefore, this HOWTO recommends running xenkernel45 or xenkernel46, -xl, the NetBSD 7 stable branch, and to use an amd64 kernel as the -dom0. Either the i386PAE or amd64 version of NetBSD may be used as -domUs. +Therefore, this HOWTO recommends running xenkernel46, xl, the NetBSD 7 +stable branch, and therefore to use an amd64 kernel as the dom0. +Either the i386PAE or amd64 version of NetBSD may be used as domUs. + +A tentative replacement recommendation is xenkernel48, xl, and NetBSD +8. Because bugs are fixed quite often, and because of Xen security advisories, it is good to stay up to date with NetBSD (tracking a @@ -332,6 +338,10 @@ half-dozen domUs of 512M and 32G each. have to be bigger than the sum of the RAM/disk needs of the dom0 and all the domUs. +In 2018-05, trouble booting a dom0 was reported with 256M of RAM: with +512M it worked reliably. This does not make sense, but if you see +"not ELF" after Xen boots, try increasing dom0 RAM. + Styles of dom0 operation ------------------------ @@ -429,12 +439,12 @@ beginning of your root file system, have Add a line to to /boot.cfg to boot Xen. See boot.cfg(5) for an example. The basic line is - menu=Xen:load /netbsd-XEN3_DOM0.gz console=pc;multiboot /xen.gz dom0_mem=256M + menu=Xen:load /netbsd-XEN3_DOM0.gz console=pc;multiboot /xen.gz dom0_mem=512M -which specifies that the dom0 should have 256M, leaving the rest to be +which specifies that the dom0 should have 512M, leaving the rest to be allocated for domUs. To use a serial console, use - menu=Xen:load /netbsd-XEN3_DOM0.gz;multiboot /xen.gz dom0_mem=256M console=com1 com1=9600,8n1 + menu=Xen:load /netbsd-XEN3_DOM0.gz;multiboot /xen.gz dom0_mem=512M console=com1 com1=9600,8n1 which will use the first serial port for Xen (which counts starting from 1, unlike NetBSD which counts starting from 0), forcing @@ -602,8 +612,8 @@ section. # Install secondary boot loader cp -p /usr/mdec/boot / # Create boot.cfg following earlier guidance: - menu=Xen:load /netbsd-XEN3PAE_DOM0.gz console=pc;multiboot /xen.gz dom0_mem=256M - menu=Xen.ok:load /netbsd-XEN3PAE_DOM0.ok.gz console=pc;multiboot /xen.ok.gz dom0_mem=256M + menu=Xen:load /netbsd-XEN3PAE_DOM0.gz console=pc;multiboot /xen.gz dom0_mem=512M + menu=Xen.ok:load /netbsd-XEN3PAE_DOM0.ok.gz console=pc;multiboot /xen.ok.gz dom0_mem=512M menu=GENERIC:boot menu=GENERIC single-user:boot -s menu=GENERIC.ok:boot netbsd.ok @@ -872,7 +882,7 @@ Sizing domains Modern x86 hardware has vast amounts of resources. However, many virtual servers can function just fine on far less. A system with -256M of RAM and a 4G disk can be a reasonable choice. Note that it is +512M of RAM and a 4G disk can be a reasonable choice. Note that it is far easier to adjust virtual resources than physical ones. For memory, it's just a config file edit and a reboot. For disk, one can create a new file and vnconfig it (or lvm), and then dump/restore,