|
version 1.162, 2019/01/29 01:48:53
|
version 1.176, 2020/11/13 20:40:04
|
|
Line 8 systems which operate in an unprivileged
|
Line 8 systems which operate in an unprivileged
|
| from the domU systems are forwarded by the Xen hypervisor to the dom0 to be |
from the domU systems are forwarded by the Xen hypervisor to the dom0 to be |
| fulfilled. |
fulfilled. |
| |
|
| Xen supports different styles of guest: |
Xen supports different styles of guests; see [PV on HVM](https://wiki.xen.org/wiki/PV_on_HVM) and [PVH(v2)](https://wiki.xenproject.org/wiki/PVH_(v2)_Domu) for upstream documentation. |
| |
|
| [[!table data=""" |
[[!table data=""" |
| Style of guest |Supported by NetBSD |
Style of guest |Supported by NetBSD |
| PV |Yes (dom0, domU) |
PV |Yes (dom0, domU) |
| HVM |Yes (domU) |
HVM |Yes (domU) |
| PVHVM |No |
PVHVM |current-only (domU) |
| PVH |No |
PVHv2 |current-only (domU, dom0 not yet) |
| """]] |
"""]] |
| |
|
| In Para-Virtualized (PV) mode, the guest OS does not attempt to access |
In Para-Virtualized (PV) mode, the guest OS does not attempt to access |
| hardware directly, but instead makes hypercalls to the hypervisor; PV |
hardware directly, but instead makes hypercalls to the hypervisor; PV |
| guests must be specifically coded for Xen. In HVM mode, no guest |
guests must be specifically coded for Xen. |
| modification is required; however, hardware support is required, such |
|
| as VT-x on Intel CPUs and SVM on AMD CPUs. |
In HVM mode, no guest modification is required; however, hardware |
| |
support is required, such as VT-x on Intel CPUs and SVM on AMD CPUs. |
| |
|
| |
In PVHVM mode, the guest runs as HVM, but additionally can use PV |
| |
drivers for efficiency. |
| |
|
| |
In PVHv2H mode, operation is similar to PVHVM, except that qemu is not |
| |
run and thus the PV interfaces for console, disks, networking are the |
| |
only way to access these resources. |
| |
|
| At boot, the dom0 kernel is loaded as a module with Xen as the kernel. |
At boot, the dom0 kernel is loaded as a module with Xen as the kernel. |
| The dom0 can start one or more domUs. (Booting is explained in detail |
The dom0 can start one or more domUs. (Booting is explained in detail |
|
Line 35 website](http://www.xenproject.org/).
|
Line 43 website](http://www.xenproject.org/).
|
| |
|
| [[!toc]] |
[[!toc]] |
| |
|
| #Versions and Support |
# Versions and Support |
| |
|
| In NetBSD, Xen is provided in pkgsrc, via matching pairs of packages |
In NetBSD, Xen is provided in pkgsrc, via matching pairs of packages |
| xenkernel and xentools. We will refer only to the kernel versions, |
xenkernel and xentools. We will refer only to the kernel versions, |
|
Line 45 matching versions.
|
Line 53 matching versions.
|
| Versions available in pkgsrc: |
Versions available in pkgsrc: |
| |
|
| [[!table data=""" |
[[!table data=""" |
| Xen Version |Package Name |Xen CPU Support |EOL'ed By Upstream |
Xen Version |Package Name |Xen CPU Support |xm? |EOL'ed By Upstream |
| 4.2 |xenkernel42 |32bit, 64bit |Yes |
4.11 |xenkernel411 |x86_64 | |No |
| 4.5 |xenkernel45 |64bit |Yes |
4.13 |xenkernel413 |x86_64 | |No |
| 4.6 |xenkernel46 |64bit |Partially |
|
| 4.8 |xenkernel48 |64bit |No |
|
| 4.11 |xenkernel411 |64bit |No |
|
| """]] |
"""]] |
| |
|
| See also the [Xen Security Advisory page](http://xenbits.xen.org/xsa/). |
See also the [Xen Security Advisory page](http://xenbits.xen.org/xsa/). |
|
Line 63 dom0 |No
|
Line 68 dom0 |No
|
| domU |Yes |
domU |Yes |
| """]] |
"""]] |
| |
|
| Note: NetBSD support is called XEN3. However, it does support Xen 4, |
Note: NetBSD support is called XEN3. However, it does support Xen 4, |
| because the hypercall interface has remained identical. |
because the hypercall interface has remained identical. |
| |
|
| |
Older Xen had a python-based management tool called xm, now replaced |
| |
by xl. |
| |
|
| Architecture |
Architecture |
| ------------ |
------------ |
| |
|
| Xen itself runs on x86_64 hardware. |
Xen 4.5 and later runs on x86_64 hardware (the NetBSD amd64 port). |
| |
There is a concept of Xen running on ARM, but there are no reports of this working with NetBSD. |
| The dom0 system, plus each domU, can be either i386PAE or amd64. |
|
| i386 without PAE is not supported. |
|
| |
|
| The standard approach is to use NetBSD/amd64 for the dom0. |
|
| |
|
| To use an i386PAE dom0, one must build or obtain a 64bit Xen kernel and |
The dom0 system should be amd64. (Instructions for i386PAE dom0 have been removed from the HOWTO.) |
| install it on the system. |
|
| |
|
| For domUs, i386PAE is considered as |
The domU can be i386PAE or amd64. |
| [faster](https://lists.xen.org/archives/html/xen-devel/2012-07/msg00085.html) |
i386PAE at one point was considered as [faster](https://lists.xen.org/archives/html/xen-devel/2012-07/msg00085.html) than amd64. |
| than amd64. |
|
| |
|
| #Creating a dom0 |
# Creating a dom0 |
| |
|
| In order to install a NetBSD as a dom0, one must first install a normal |
In order to install a NetBSD as a dom0, one must first install a normal |
| NetBSD system, and then pivot the install to a dom0 install by changing |
NetBSD system, and then pivot the install to a dom0 install by changing |
|
Line 283 the dom0. NetBSD's /dev/random system w
|
Line 285 the dom0. NetBSD's /dev/random system w
|
| Config files |
Config files |
| ------------ |
------------ |
| |
|
| See /usr/pkg/share/examples/xen/xlexample*, |
See /usr/pkg/share/examples/xen/xlexample* |
| for a large number of well-commented examples, mostly for running |
for a small number of well-commented examples, mostly for running |
| GNU/Linux. |
GNU/Linux. |
| |
|
| The following is an example minimal domain configuration file. The domU |
The following is an example minimal domain configuration file. The domU |
|
Line 308 are stored in files and Xen attaches the
|
Line 310 are stored in files and Xen attaches the
|
| dom0 on domain creation. The system treats xbd0 as the boot device |
dom0 on domain creation. The system treats xbd0 as the boot device |
| without needing explicit configuration. |
without needing explicit configuration. |
| |
|
| By default, `xl` looks for domain config files in `/usr/pkg/etc/xen`. Note |
By convention, domain config files are kept in `/usr/pkg/etc/xen`. Note |
| that "xl create" takes the name of a config file, while other commands |
that "xl create" takes the name of a config file, while other commands |
| take the name of a domain. |
take the name of a domain. |
| |
|
| Examples of commands: |
Examples of commands: |
| |
|
| [[!template id=programlisting text=""" |
[[!template id=programlisting text=""" |
| xl create foo |
xl create /usr/pkg/etc/xen/foo |
| xl console foo |
xl console domU-id |
| xl create -c foo |
xl create -c /usr/pkg/etc/xen/foo |
| xl shutdown foo |
xl shutdown domU-id |
| xl list |
xl list |
| """]] |
"""]] |
| |
|
|
Line 330 will trigger controlled shutdowns of all
|
Line 332 will trigger controlled shutdowns of all
|
| CPU and memory |
CPU and memory |
| -------------- |
-------------- |
| |
|
| A domain is provided with some number of vcpus, less than the number |
A domain is provided with some number of vcpus, up to the number |
| of CPUs seen by the hypervisor. For a domU, it is controlled |
of CPUs seen by the hypervisor. For a domU, it is controlled |
| from the config file by the "vcpus = N" directive. |
from the config file by the "vcpus = N" directive. |
| |
|
|
Line 457 kernel to / and change the kernel line i
|
Line 459 kernel to / and change the kernel line i
|
| |
|
| kernel = "/home/bouyer/netbsd-INSTALL_XEN3_DOMU" |
kernel = "/home/bouyer/netbsd-INSTALL_XEN3_DOMU" |
| |
|
| Then, start the domain as "xl create -c configname". |
Then, start the domain as "xl create -c configfile". |
| |
|
| Alternatively, if you want to install NetBSD/Xen with a CDROM image, the following |
Alternatively, if you want to install NetBSD/Xen with a CDROM image, the following |
| line should be used in the config file. |
line should be used in the config file. |
|
Line 623 note that only the "xpci" lines are unus
|
Line 625 note that only the "xpci" lines are unus
|
| cd* at scsibus? target ? lun ? # SCSI CD-ROM drives |
cd* at scsibus? target ? lun ? # SCSI CD-ROM drives |
| |
|
| |
|
| #NetBSD as a domU in a VPS |
# Specific Issues |
| |
|
| |
## domU |
| |
|
| |
[NetBSD 5 is known to panic.](http://mail-index.netbsd.org/port-xen/2018/04/17/msg009181.html) |
| |
(However, NetBSD 5 systems should be updated to a supported version.) |
| |
|
| |
# NetBSD as a domU in a VPS |
| |
|
| The bulk of the HOWTO is about using NetBSD as a dom0 on your own |
The bulk of the HOWTO is about using NetBSD as a dom0 on your own |
| hardware. This section explains how to deal with Xen in a domU as a |
hardware. This section explains how to deal with Xen in a domU as a |
|
Line 650 A second issue is multiple CPUs. With N
|
Line 659 A second issue is multiple CPUs. With N
|
| multiple vcpus, and it is typical for VPS providers to enable multiple |
multiple vcpus, and it is typical for VPS providers to enable multiple |
| CPUs for NetBSD domUs. |
CPUs for NetBSD domUs. |
| |
|
| pygrub |
|
| ------- |
|
| |
|
| pygrub runs in the dom0 and looks into the domU file system. This |
|
| implies that the domU must have a kernel in a file system in a format |
|
| known to pygrub. As of 2014, pygrub seems to be of mostly historical |
|
| interest. |
|
| |
|
| pvgrub |
pvgrub |
| ------ |
------ |
| |
|
|
Line 684 partition for the kernel with the intent
|
Line 685 partition for the kernel with the intent
|
| which leads to /netbsd not being the actual kernel. One must remember |
which leads to /netbsd not being the actual kernel. One must remember |
| to update the special boot partition. |
to update the special boot partition. |
| |
|
| |
pygrub |
| |
------- |
| |
|
| |
pygrub runs in the dom0 and looks into the domU file system. This |
| |
implies that the domU must have a kernel in a file system in a format |
| |
known to pygrub. |
| |
|
| |
pygrub doesn't seem to work to load Linux images under NetBSD dom0, |
| |
and is inherently less secure than pvgrub due to running inside dom0. For both these |
| |
reasons, pygrub should not be used, and is only still present so that |
| |
historical DomU images using it still work. |
| |
|
| |
As of 2014, pygrub seems to be of mostly historical |
| |
interest. New DomUs should use pvgrub. |
| |
|
| Amazon |
Amazon |
| ------ |
------ |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to howto.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / ports / xen