--- wikisrc/ports/xen/howto.mdwn 2014/12/27 00:15:40 1.55 +++ wikisrc/ports/xen/howto.mdwn 2014/12/31 00:33:48 1.69 @@ -2,17 +2,17 @@ Introduction ============ [![[Xen -screenshot]](http://www.netbsd.org/gallery/in-Action/hubertf-xens.png)](../../gallery/in-Action/hubertf-xen.png) +screenshot]](http://www.netbsd.org/gallery/in-Action/hubertf-xens.png)](http://www.netbsd.org/gallery/in-Action/hubertf-xen.png) -Xen is a virtual machine monitor or hypervisor for x86 hardware +Xen is a hypervisor (or virtual machine monitor) for x86 hardware (i686-class or higher), which supports running multiple guest -operating systems on a single physical machine. With Xen, one uses -the Xen kernel to control the CPU, memory and console, a dom0 -operating system which mediates access to other hardware (e.g., disks, -network, USB), and one or more domU operating systems which operate in -an unprivileged virtualized environment. IO requests from the domU -systems are forwarded by the hypervisor (Xen) to the dom0 to be -fulfilled. +operating systems on a single physical machine. Xen is a Type 1 or +bare-metal hypervisor; one uses the Xen kernel to control the CPU, +memory and console, a dom0 operating system which mediates access to +other hardware (e.g., disks, network, USB), and one or more domU +operating systems which operate in an unprivileged virtualized +environment. IO requests from the domU systems are forwarded by the +hypervisor (Xen) to the dom0 to be fulfilled. Xen supports two styles of guests. The original is Para-Virtualized (PV) which means that the guest OS does not attempt to access hardware @@ -151,17 +151,36 @@ Build problems Ideally, all versions of Xen in pkgsrc would build on all versions of NetBSD on both i386 and amd64. However, that isn't the case. Besides aging code and aging compilers, qemu (included in xentools for HVM -support) is difficult to build. The following are known to fail: - - xenkernel3 netbsd-6 i386 - xentools42 netbsd-6 i386 - -The following are known to work: +support) is difficult to build. The following are known to work or FAIL: + xenkernel3 netbsd-5 amd64 + xentools3 netbsd-5 amd64 + xentools3=hvm netbsd-5 amd64 ???? + xenkernel33 netbsd-5 amd64 + xentools33 netbsd-5 amd64 xenkernel41 netbsd-5 amd64 xentools41 netbsd-5 amd64 + xenkernel42 netbsd-5 amd64 + xentools42 netbsd-5 amd64 + + xenkernel3 netbsd-6 i386 FAIL + xentools3 netbsd-6 i386 + xentools3-hvm netbsd-6 i386 FAIL (dependencies fail) + xenkernel33 netbsd-6 i386 + xentools33 netbsd-6 i386 xenkernel41 netbsd-6 i386 xentools41 netbsd-6 i386 + xenkernel42 netbsd-6 i386 + xentools42 netbsd-6 i386 *MIXED + + (all 3 and 33 seem to FAIL) + xenkernel41 netbsd-7 i386 + xentools41 netbsd-7 i386 + xenkernel42 netbsd-7 i386 + xentools42 netbsd-7 i386 ??FAIL + +(*On netbsd-6 i386, there is a xentools42 in the 2014Q3 official builds, +but it does not build for gdt.) NetBSD as a dom0 ================ @@ -339,8 +358,8 @@ For 4.1 (and thus xm; xl is believed not xencommons=YES xend=YES -TODO: Explain why if xm is preferred on 4.1, rc.d/xendomains has xl. -Or fix the package. +(If you are using xentools41 from before 2014-12-26, change +rc.d/xendomains to use xm rather than xl.) For 4.2 with xm, add to rc.conf @@ -457,7 +476,7 @@ Unprivileged domains (domU) This section describes general concepts about domUs. It does not address specific domU operating systems or how to install them. The config files for domUs are typically in /usr/pkg/etc/xen, and are -typically named so that the file anme, domU name and the domU's host +typically named so that the file name, domU name and the domU's host name match. The domU is provided with cpu and memory by Xen, configured by the @@ -531,6 +550,8 @@ anyplace, reasonable places to store dom (so they are near the dom0 kernel), in /usr/pkg/etc/xen (near the config files), or in /u0/xen (where the vdisks are). +Note that loading the domU kernel from the dom0 implies that boot +blocks, /boot, /boot.cfg, and so on are all ignored in the domU. See the VPS section near the end for discussion of alternate ways to obtain domU kernels. @@ -866,19 +887,40 @@ npf, run IPsec, or any other reason why their kernel. One approach is to have an adminstrative interface to upload a kernel, -or to select from a prepopulated list. +or to select from a prepopulated list. Other approaches are pygrub +(deprecated) and pvgrub, which are ways to have a bootloader obtain a +kernel from the domU filesystem. This is closer to a regular physical +computer, where someone who controls a machine can replace the kernel. + +pygrub +------- + +pygrub runs in the dom0 and looks into the domU filesystem. This +implies that the domU must have a kernel in a filesystem in a format +known to pygrub. As of 2014, pygrub seems to be of mostly historical +interest. -Otehr approaches are pvgrub and py-grub, which are ways to start a -bootloader from the dom0 instead of the actual domU kernel, and for -that loader to then load a kernel from the domU filesystem. This is -closer to a regular physical computer, where someone who controls a -machine can replace the kernel. +pvgrub +------ + +pvgrub is a version of grub that uses PV operations instead of BIOS +calls. It is booted from the dom0 as the domU kernel, and then reads +/grub/menu.lst and loads a kernel from the domU filesystem. + +[prgmr.com](http://prgmr.com/) uses this approach to let users choose +their own operating system and kernel. See then [prgmr.com NetBSD +HOWTO](http://wiki.prgmr.com/mediawiki/index.php/NetBSD_as_a_DomU). + +Because [grub's FFS code](http://xenbits.xensource.com/hg/xen-unstable.hg/file/bca284f67702/tools/libfsimage/ufs/fsys_ufs.c) +appears not to support all aspects of modern FFS, +typically one has an ext2 or FAT partition for the kernel, so that +grub can understand it, which leads to /netbsd not being the actual +kernel. One must remember to update the special boot partiion. -prmgr and pvgrub ----------------- +Amazon +------ -TODO: Perhaps reference panix, prmgr, amazon as interesting examples. -Explain what prmgr does. +TODO: add link to NetBSD amazon howto. Using npf --------- @@ -886,5 +928,22 @@ Using npf In standard kernels, npf is a module, and thus cannot be loadeed in a DOMU kernel. -TODO: explain how to compile npf into a custom kernel, answering: +TODO: explain how to compile npf into a custom kernel, answering (but +note that the problem was caused by not booting the right kernel): http://mail-index.netbsd.org/netbsd-users/2014/12/26/msg015576.html + +TODO items for improving NetBSD/xen +=================================== + +* Package Xen 4.4. +* Get PCI passthrough working on Xen 4.2 (or 4.4). +* Get pvgrub into pkgsrc, either via xentools or separately. +* grub + * Add support to pkgsrc grub2 for UFS2 and arbitrary + fragsize/blocksize (UFS2 support may be present; the point is to + make it so that with any UFS1/UFS2 filesystem setup that works + with NetBSD grub will also work). + * Push patches upstream. + * Get UFS2 patches into pvgrub. +* Add support for PV ops to a version of /boot, and make it usable as + a kernel in Xen, similar to pvgrub.