3103 Manual Sec10

Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

393Version 1

Manage Virtualization with Xen

Novell Training S

ervices (en) 15 April 2009

S E C T I O N 1 0 Manage Virtualization with Xen

SUSE Linux Enterprise Server 11 comes with built-in virtualization support through the Xen virtual machine monitor. In this section, you learn about the Xen virtualization technology in SUSE Linux Enterprise Server 11.

Objectives

1. Understand How Virtualization with Xen Works on page 394

2. Install Xen on page 398

3. Manage Xen Domains with Virt-Manager on page 409

4. Manage Xen Domains from the Command Line on page 415

5. Understand Xen Networking on page 422

Novell, Inc. Copyright 2009-ON-DEMAND-NO PRINTING, COPYING, OR DISTRIBUTION ALLOWED.

SUSE Linux Enterprise Server 11 Administration / Manual


Version 1394

Novell Training S


Objective 1 Understand How Virtualization with Xen Works

Virtualization technology separates a running instance of an operating system from the physical hardware. Instead of running on a physical machine, the operating system runs in a so-called virtual machine. Multiple virtual machines share the resources of the underlying hardware.

Virtualization allows you to run multiple virtual systems on one physical machine.

Figure 10-1 Physical Machine and Virtual Machines

In comparison with non-virtualized physical hardware, virtualization provides the following advantages:

Efficient hardware utilization: Often systems are not using the full potential of their hardware. When multiple virtual machines are run on the same hardware, the resources are used more efficiently.

Reduced downtime: Virtual machines can be migrated to a new physical host system. This reduces downtime in case of a hardware failure.

Flexible resource allocation: Hardware resources can be allocated on demand. When the resource requirements of a virtual machine change, resource allocation can be adjusted or the virtual machine can be migrated to a different physical host.

SLES11comes with a virtualization technology called Xen. Xen allows you to run multiple virtual machines on a single piece of Intel x86-based hardware.

To understand how Xen works, you need to do the following:

Understand Virtualization Methods on page 395

Understand the Xen Architecture on page 396



395Version 1


Novell Training S


Understand Virtualization Methods

You should understand the following virtualization methods:

Para-Virtualization: Instead of emulating a full virtual machine, para-virtualization software provides an Application Programming Interface (API) which is used by the guest OS to access hardware resources. The guest OS must be aware that it runs in a virtual machine and must know how to access the API.

Figure 10-2 Para-Virtualization

Para-virtualization provides better performance because it does not emulate all hardware details. However, the guest OS needs to be modified to run with para-virtualization; therefore, only open source operating systems like Linux or BSD can be installed. One exception is NetWare, which has been adjusted by Novell to run in a Xen virtual machine.

Another advantage of para-virtualization is the flexible resource allocation. Because the guest OS is aware of the virtual environment, Xen can, for example, change the memory allocation of a virtual machine on the fly without requiring a reboot of the virtual machine.

Full Virtualization. In this case, the virtualization software emulates a full virtual machine, including all hardware resources. The operating system running in the virtual machine (guest OS) communicates with these resources as if they were physical hardware. VMware Workstation is a popular full virtualization software.




Version 1396

Novell Training S


Figure 10-3 Full Virtualization

Xen supports full virtualization on specialized x86 hardware developed by Intel and AMD. Intel and AMD extended the x86 Standard to support virtualization.

Full virtualization works with unmodified guest operating systems, including Microsoft Windows, but generates more overhead, resulting in a weaker performance.

Understand the Xen Architecture

Xen consists of the following three major components:

Virtual Machine Monitor: The virtual machine monitor forms a layer between physical hardware and virtual machines. In general, this kind of software is called a hypervisor.

Xen kernel: The modified Linux kernel for Xen para-virtualization. It can be used for Domain 0 as well as for Domain U (see below).

Xen tools: The Xen tools are a set of command line and graphical applications that are used to administer virtual machines.

The virtual machine monitor must be loaded before any of the virtual machines are started. When working with Xen, virtual machines are called domains.

The Xen virtual machine monitor includes neither any drivers to access the physical hardware of the host machine nor an interface to communicate directly with an administrator. These tasks are performed by an operating system running in the privileged Domain 0 (Dom0).



397Version 1


Novell Training S


The following is an illustration of a Xen system with three domains:

Figure 10-4 Xen Domains

Xen plus the privileged Domain 0 can also be referred to as a Virtual Machine Server.

An unprivileged domain is called Domain U (DomU) in the Xen terminology, and is also known as a Virtual Machine.

A process called xend runs in the Dom0 Linux installation. This process is used to manage all Xen domains running on a system and to provide access to their consoles.

SUSE Linux Enterprise Server 11 can be used for privileged (Dom0) and unprivileged (DomU) Xen domains.




Version 1398

Novell Training S


Objective 2 Install Xen

A complete Xen installation includes the following tasks:

Install a Xen Server on page 398

Install a Xen Virtual Machine on page 400

Install a Xen Server

To set up a Xen server, which is a system capable of hosting Xen virtual machines, you need to install the Xen kernel and additional Xen packages on top of a SUSE Linux Enterprise Server 11 installation.

You have two choices:

Install Xen during Installation of SUSE Linux Enterprise 11 on page 398

Install Xen on an Installed SUSE Linux Enterprise Server 11 on page 400

Install Xen during Installation of SUSE Linux Enterprise 11

To install Xen as part of the SUSE Linux Enterprise Server 11 installation, in the dialog presented in the first stage of the installation, select the Xen Virtual Machine Host Server pattern. This installation on the physical hardware will be your future Domain 0 (Dom0).

The other Xen domains (DomUs) are installed later in physical partitions or file system images. If you plan to use physical partitions, make sure that the initial SUSE Linux Enterprise Server 11 installation is not using all of the available disc space.

For maximum flexibility, use the logical volume manager (LVM) for a Xen system.

As a general rule, you should run services (such as a Web server, a database, or Novell services like iFolder) in a DomU, not in Dom0. Therefore, it is not necessary to select the respective patterns during the installation of Dom0.

The following packages have to be installed in the initial SUSE Linux Enterprise Server 11 installation:

xen: Contains the Xen virtual machine monitor (Hypervisor).

xen-libs: Contains the libraries used to interact with the Xen virtual machine monitor.

xen-tools: Contains xend and a collection of command line tools to administer a Xen system.

vm-install: Contains Python scripts used to define a Xen virtual machine, and to cause an operating system to begin installing within that virtual machine.

xen-doc-*: (Optional) Contains Xen documentation in various formats.

virt-manager: Provides a graphical interface to manage virtual machines.



399Version 1


Novell Training S


virt-viewer: Provides a graphical console client for connecting to virtual machines.

bridge-utils: Contains utilities to configure Linux ethernet bridges, which are used to connect the domains to each other and to the physical network interface.

kernel-xen: Contains a modified Linux kernel that runs in a Xen domain, both Dom0 and DomU.

Except for the last package, kernel-xen, these are all part of the Xen pattern.

The installation of the kernel-xen package automatically adds an entry like the following into the /boot/grub/menu.lst bootloader configuration file.

###Don't change this comment - YaST2 identifier: Original name: xen###title Xen -- SUSE Linux Enterprise Server 11 - 2.6.27.19-5 root (hd0,1) kernel /boot/xen.gz module /boot/vmlinuz-2.6.27.19-5-xen root=/dev/disk/by-id/ata-ST380815AS_6QZ2FW3T-part2 insmod=e100 resume=/dev/disk/by-id/ata-ST380815AS_6QZ2FW3T-part1 splash=silent crashkernel= showopts vga=0x317 module /boot/initrd-2.6.27.19-5-xen

The entry in menu.lst adds a new option to the boot menu of your system. When you select this entry, the Xen virtual machine monitor is loaded (kernel /boot/xen.gz) which starts SUSE Linux Enterprise Server 11 in Dom0 (see the lines starting with module).

Before rebooting your system with the Xen option, you should check if the automatically generated entry is correct. Make sure that

The line root (hd0,1) points to the partition which contains the Xen virtual machine monitor and the Kernel of the Linux installation for Dom0. For example, hd0,1 designates the second partition on the first hard drive in the system. Also check if the parameter root= in the first module line points to the root partition of the Dom0 installation.

The Xen version of the Linux kernel and the initrd are loaded in the module lines. The names of the image files should end in -xen.

After checking the bootloader configuration file, you can reboot your system and select the Xen option from the bootloader menu. In the early stages of the boot process, you will see some messages of the Xen virtual machine monitor on the screen. Then the Dom0 Linux operating system is started.

If the system is not booting properly, you can switch back to a non-virtualized system by selecting the regular SUSE Linux Enterprise Server 11 boot option.




Version 1400

Novell Training S


Install Xen on an Installed SUSE Linux Enterprise Server 11

You can easily add Xen to an existing installation of SUSE Linux Enterprise Server 11 using the YaST module created for this purpose.

In YaST, select Virtualization > Install Hypervisor and Tools. The required Xen packages are installed.

The necessary changes are made to /boot/grub/menu.lst as described in Install Xen during Installation of SUSE Linux Enterprise 11 on page 398 and a default network bridge is configured.

Reboot the machine and select the Xen kernel from the boot menu.

To boot the Xen kernel by default, edit the default entry in /boot/grub/menu.lst:

# Modified by YaST2. Last modification on Thu Apr 2 17:27:29 CEST 2009default 0timeout 8gfxmenu (hd0,1)/boot/message##YaST - activate

###Don't change this comment - YaST2 identifier: Original name: xen###title Xen -- SUSE Linux Enterprise Server 11 - 2.6.27.19-5...

default 0 boots the first entry by default, default 1 the second, and so on.

If you want to find out which kernel is currently in use, enter uname -a in a terminal window:

Install a Xen Virtual Machine

After you have installed Xen and the Xen tools, you can use vm-install to create unprivileged Xen domains. vm-install can be started directly from the command line or by starting YaST and selecting Virtualization > Create Virtual Machines.

This tool guides you step by step through the creation of a Xen domain on your system.

da10:~ # uname -aLinux da10 2.6.27.19-5-xen #1 SMP 2009-02-28 04:40:21 +0100 i686 i686 i386 GNU/Linux



401Version 1


Novell Training S


The first dialog looks like the following:

Figure 10-5 Virtual Machine Installation

This first page gives some information on the creation of a virtual machine. Selecting Forward opens a dialog where you have a choice between a new installation of an operating system and the use of an existing image.




Version 1402

Novell Training S


If you decide to install an operating system, the following dialog appears:

Figure 10-6 Virtual Machine Installation: OS Type



403Version 1


Novell Training S


Your choice of the type of operating system determines the suggested values in the next dialog:

Figure 10-7 Virtual Machine Installation: Summary

It is necessary to specify the installation medium. Other values, such as the size of the virtual hard disk, can be changed as needed.

To change a setting, select the blue headline.

We recommend switching to a fixed MAC address for Linux virtual machines.




Version 1404

Novell Training S


Select Network Adapter on the Summary page to edit the suggested values or to add another virtual network adapter. Select Edit on the Network Adapters page to open the following dialog:

Figure 10-8 Virtual Machine Installation: Network Adapter

Selecting Randomly generated MAC address causes a new MAC address to be created each time the virtual machine is started. With this setting and SLES11 as the operating system within the virtual machine, the interface name within the virtual machine changes each time the virtual machine is started.

To avoid this, select Specified MAC address. The vendor string for Xensource is 00:16:3e. Enter hex values in the spaces provided, making sure they are unique within your network. Click Apply to return to the previous dialog.



405Version 1


Novell Training S


In the Summary dialog, select Disks to change hard disk parameters or to add a hard disk or a CDROM drive. The following dialog appears:

Figure 10-9 Virtual Machine Installation: Disks




Version 1406

Novell Training S


Select Edit to change the highlighted entry. The following dialog appears:

Figure 10-10 Virtual Machine Installation: Virtual Disk

Here you can specify a different image file and change its size. When you select Create Sparse Image File, the image file does not immediately use the specified amount of disk space on the storage medium, but grows as space is actually used within the virtual machine. It is also possible to specify a block device like /dev/sda5 instead of a file.

Select OK to return to the Disks dialog. Select Apply in the Disks dialog to return to the Summary page.

The dialog for the CDROM drive is almost identical.



407Version 1


Novell Training S


To specify an installation medium, in the Summary dialog select Operating System Installation. The following dialog appears:

Figure 10-11 Virtual Machine Installation: OS Installation

In the Network URL text box, you can specify an installation source located in the network, such as nfs://172.17.8.101/data/install/SLES11.

Select Apply to return to the Summary dialog.

To start the installation, select OK in the Summary dialog. A VNC window appears that allows you to control and configure the operating system installation.

When you install SUSE Linux Enterprise Server 11 in a virtual machine, the device name for the first hard disk within the virtual machine is /dev/xvda, the device name for the second disk is /dev/xvdb, and so on. Apart from this detail, a virtual installation is almost identical to an installation on real hardware.




Version 1408

Novell Training S


Exercise 10-1 Install a Xen Server and an Unprivileged Domain

In this exercise, you learn how to install Xen and configure Dom0, and how to install SUSE Linux Enterprise Server 11 in a Xen guest domain using vm-install.

You will find this exercise in the workbook.

(End of Exercise)



409Version 1


Novell Training S


Objective 3 Manage Xen Domains with Virt-Manager

Virt-Manager is a graphical tool used to manage virtual domains. It can be started by entering the virt-manager command or by selecting Virtualization > Virtual Machine Manager in YaST.

Figure 10-12 Virt-Manager




Version 1410

Novell Training S


Double-click a virtual machine entry to open a VNC window:

Figure 10-13 DomU

In the screenshot above, the virtual machine is running. You could pause the machine or shut it down using the respective buttons. Closing the VNC window as such does not affect the state of the machine. It continues to run and you can attach to the VNC session again by double-clicking the respective entry in Virt-Manager.

If you double-click an entry of a virtual machine that is not currently running, the window appears empty and you can start the machine by clicking the Run button.

To release the mouse cursor from the VNC window, press Ctrl+Alt.



411Version 1


Novell Training S


When you select an entry in the Virtual Machine Manager window with the right mouse button and then select Details, another dialog appears:

Figure 10-14 DomU: Utilization

The Overview tab shows a graph of CPU and memory usage.




Version 1412

Novell Training S


The Hardware tab allows you to view and change certain hardware parameters:

Figure 10-15 DomU: Hardware Details

You can add or remove virtual processors, change the memory currently used, or add and remove hard disks and CDROM/DVD drives.

Removing and adding the CDROM drive is necessary when changing a CDROM in the drive. Currently, CDROM drives appear as hard disks within the virtual machines and media changes are not detected automatically.

Due to a bug at the time of this writing, adding and removing CDROM drives in Virt-Manager is not possible. You have to use the xm command to access the content of a CDROM/DVD or to change it. (The xm command will be covered in more detail in Use the xm Tool on page 416.)

To change a DVD or CDROM in a virtual machine, do the following:

1. Put the CDROM or DVD in the DVD drive.

It will be mounted automatically in Dom0.

2. Open a terminal window, su - to root, then add the drive with the command

xm block-attach domainID dev_in_Dom0 dev_in_DomU r

for instance

xm block-attach sles11 phy:/dev/sr0 /dev/xvdb r



413Version 1


Novell Training S


3. Within DomU, mount the device (/dev/xvdb in the example above).

When you want to change the CDROM/DVD, unmount the device in DomU.

4. In Dom0, find out the ID for the CDROM entry and then remove this entry from the virtual machine with the xm commands as shown below:

5. Change the CDROM/DVD in the drive and attach the device again as explained in Step 2.

da10:~ # xm block-list sles11Vdev BE handle state evt-ch ring-ref BE-path51712 0 0 4 16 8 /local/domain/0/backend/vbd/1/5171251728 0 0 4 18 897 /local/domain/0/backend/vbd/1/51728da10:~ # xm block-detach sles11 51728da10:~ #




Version 1414

Novell Training S


Exercise 10-2 Change Memory Allocation of a Guest Domain

In this exercise, you learn how to change the memory allocation of a guest domain using the Virtual Machine Manager.


(End of Exercise)



415Version 1


Novell Training S


Objective 4 Manage Xen Domains from the Command Line

In this objective, you learn how to manage Xen domains at the command line. To do this, you need to

Understand Managed and Unmanaged Domains on page 415

Understand a Domain Configuration File on page 415

Use the xm Tool on page 416

Use the virsh Tool on page 418

Automate Domain Startup and Shutdown on page 420

Understand Managed and Unmanaged Domains

In Xen version 2, all DomUs were configured by a configuration file. You can still use configuration files with Xen version 3. Virtual domains that are configured by configuration files only are referred to as unmanaged domains.

Unmanaged domains appear in Virt-Manager or in the output of the xm list command (covered later in this objective) only when they are running.

With Xen version 3, configuration details can be stored in the Xenstore database located in /var/lib/xenstored/tdb. One advantage is that the virtual machines always appear in virt-manager, even when not running, and can be started as described in the previous objective. Virtual machines that have their configuration in the Xenstore database are referred to as managed domains.

You can use the xm new configfile command to move configuration information from a configuration file into the Xenstore database.

Currently it is not possible to export a configuration from the Xenstore database to a configuration file. To remove configuration information from the Xenstore database, use the xm delete vm_name command. This command removes only the configuration information from the database; the disk image files remain unchanged.

When a virtual machine is created with vm-install, the configuration is written to /etc/xen/vm/vm_name and to the Xenstore database simultaneously. Later changes to the configuration file have no effect on the information in the Xenstore database.

To change the configuration in the Xenstore database, delete the configuration from the database with xm delete vm_name, edit the configuration file in /etc/xen/vm/, and integrate the new configuration in the database with xm new configfile.

Understand a Domain Configuration File

The configuration files for domains created with vm-install are located in /etc/xen/vm/.




Version 1416

Novell Training S


A configuration file contains several keywords which configure different aspects of a Xen domain. A configuration file created by vm-install during the installation of a virtual machine could look like the following:

Under /etc/xen/examples/, you find example files which can be used to create a configuration from scratch. The comments in these files (lines starting with a # sign) give more information on the available options and the required syntax.

NOTE: A good source for detailed documentation and HOWTOs about Xen and the domain configuration files is the Xen wiki at: http://wiki.xensource.com/ (http://wiki.xensource.com/).

Use the xm Tool

The xm command line uses the following format:

xm subcommand [options] [arguments] [variables]

xm is the administration command line tool for Xen domains. xm communicates with the xend management process running on the Dom0 Linux installation.

You can get a complete list of the xm subcommands by entering xm help. The xm manual page contains information on the available options for each of the subcommands. This manual covers only the more frequently used subcommands.

You can use the create subcommand to start an unmanaged virtual machine:

xm create -c -f /data/xen/SLES11-WebServer.conf

The -c option lets xm connect to the terminal of the started domain, so that you can interact with the system. To disconnect from the terminal and return to the original command line, enter the key combination Ctrl-].

The -f option specifies the configuration file of the domain that should be started.

name="sles11"uuid="3eb65cbd-ae8e-2a79-cf1e-89189489d085"memory=512maxmem=512vcpus=2on_poweroff="destroy"on_reboot="restart"on_crash="destroy"localtime=0keymap="en-us"builder="linux"bootloader="/usr/bin/pygrub"bootargs=""extra=" "disk=[ 'file:/var/lib/xen/images/sles11/disk0,xvda,w', 'phy:/dev/sr0,xvdb:cdrom,r', ]vif=[ 'mac=00:16:3e:31:24:13,bridge=br0', ]vfb=['type=vnc,vncunused=1']



417Version 1


Novell Training S


The list command displays information about all managed Xen domains and the currently running unmanaged Xen domains:

The output of the list command contains the following fields:

name: Name of the domain as specified in the configuration file.

ID: Numeric, consecutive domain ID, which is automatically assigned when the domain starts.

Mem: Amount of memory assigned to the domain.

VCPUs: Number of virtual CPUs utilized by this domain.

State: Current state of the domain. This could be:

r: Domain is running. b: Domain has been created but is currently blocked. This can happen when

a domain is waiting for I/O or when there is nothing to do for a domain.

p: Domain is paused. The state of the domain is saved and can be restored.

s: Domain is in the process of being shut down.

c: Domain has crashed due to an error or misconfiguration.

Time: Total run time of the domain as accounted for by Xen.

An alternative to list is the command top, which displays domain information updated in realtime.

To start a managed domain, use the following command:

xm start vm_name

The console command connects you with the terminal of a running domain:

xm console domain_id

The command takes the domain id as a parameter, which can be determined with the list command (field: ID). The name (field: Name) works as well. As mentioned before, use the key combination Ctrl-] to disconnect from a terminal.

With the pause command, you can interrupt the execution of a domain temporarily:

xm pause domain_id

A paused domain is not completely shut down. The current state is saved and the execution of the domain can be continued with the unpause command:

xm unpause domain_id

da10:~ # xm listName ID Mem VCPUs State Time(s)Domain-0 0 1481 2 r----- 298.3sles11 1 512 2 -b---- 23.0




Version 1418

Novell Training S


To shut down a domain, use the shutdown command:

xm shutdown domain_id

This is equivalent to using the appropriate command within the virtual machine (shutdown -h now in Linux).

If the domain is not responding anymore, you can force the shutdown of the domain with the destroy command:

xm destroy domain_id

This is equivalent to pulling the plug on a physical machine.

To save the state of a domain for a longer time (for example, over a reboot of Dom0) you can use the save command:

xm save domain_id filename

The domain can be restored from the resulting file with the restore command:

xm restore filename

Another commonly used command is mem-set, which allows you to change the memory allocation of a domain:

xm mem_set domain_id amount_of_memory

The amount of memory is specified in megabytes.

Block devices can be added to DomUs with the xm block-attach command:.

xm block-attach domainID dev_in_Dom0 dev_in_DomU r/w

To remove the device again, first use xm block-list to find out what DeviceID to use in the xm block-detach command:

xm block-list domainID

xm block-detach domainID DeviceID

Use the virsh Tool

The virsh command is similar to the xm command. The basic structure of the virsh command is as follows:

virsh subcommand [options]

virsh can be used to administer Xen domains. The options are similar to those of the xm command, however there are also some options that are different.

You can get a complete list of the virsh subcommands by entering virsh help. The virsh manual page contains information on the available options for each of the subcommands. This manual covers only the more frequently used subcommands.



419Version 1


Novell Training S


You can use the create subcommand to start an unmanaged virtual machine, using a configuration file in xml format:

virsh create /data/xen/da-xen.xml

The console subcommand connects you with the terminal of a running domain:

virsh console domain_id

The command takes the domain id as a parameter, which can be determined with the xm list command (field: ID). The name (field: Name) works as well. Use the key combination Ctrl-] to disconnect from a terminal.

The virsh list command displays information about running Xen domains, however the xm list command gives you more information, as it also lists managed domain that are not currently running.

To start a managed domain, use the following command:

virsh start vm_name

With the suspend subcommand, you can interrupt the execution of a domain temporarily:

virsh suspend domain_id

A suspended domain is not completely shut down. The current state is saved and the execution of the domain can be continued with the resume subcommand:

virsh resume domain_id

To shut down a domain, use the shutdown subcommand:

virsh shutdown domain_id

This is equivalent to using the appropriate command within the virtual machine (shutdown -h now in Linux).

If the domain is not responding anymore, you can force the shutdown of the domain with the destroy command:

virsh destroy domain_id

This is equivalent to pulling the plug on a physical machine.

To save the state of a domain for a longer time (for example, over a reboot of Dom0) you can use the save subcommand:

virsh save domain_id filename

The domain can be restored from the resulting file with the restore subcommand:

virsh restore filename

Another commonly used subcommand is setmem, which allows you to change the memory allocation of a domain:

virsh setmem domain_id amount_of_memory




Version 1420

Novell Training S


The amount of memory is specified in kilobytes.

Block devices can be added to DomUs with the disk-attach subcommand:.

virsh attach-disk domainID dev_in_Dom0 dev_in_DomU

To remove the device again, use in the detach-disk subcommand:

virsh detach-disk domainID dev_in_DomU

Automate Domain Startup and Shutdown

When you start, shut down, or reboot the Dom0 of a Xen system, other running Xen domains are also affected. The other Xen domains cannot operate without a running Dom0.

SUSE Linux Enterprise Server 11 comes with a start script called xendomains which is included in the xen-tools package.

The script, which should be installed on Dom0, does the following:

When Dom0 is booted, all domains with configuration files located under /etc/xen/auto/ are started. It is recommended to create a symbolic link in this directory pointing to the actual configuration file in /etc/xen/vm/.

When Dom0 is shut down or rebooted, running Xen domains are shut down automatically.

NOTE: If you have a configuration file for a domain that is also in the Xenstore database, the automatic start uses the information in the configuration file and ignores the information in Xenstore, which may be different from that in the configuration file.

To start and stop managed domains automatically you can create a start script based on the /etc/init.d/skeleton file, using the applicable xm commands, such as xm start vm_name and xm shutdown vm_name.

The xendomains script has configuration options that can be adjusted in the file /etc/sysconfig/xendomains. The configuration variables in this file are explained in accompanying comments.

One interesting option is to migrate domains automatically to a different host when a Dom0 is shut down. This can be configured in the variable XENDOMAINS_MIGRATE. The variable has to be set to the IP address of the target machine. When the variable is empty, no migration is performed. Migration of virtual machines is not covered in this course, though.



421Version 1


Novell Training S


Exercise 10-3 Automate Domain Startup

In this exercise, you learn how to start up domains automatically when the system is booted.


(End of Exercise)




Version 1422

Novell Training S


Objective 5 Understand Xen Networking

Usually the network connection of Xen domains works out of the box. However, if you would like to change the configuration, networking with Xen can be a bit tricky.

The following should give you an overview of how Xen domains are connected to the physical network. You need to

Understand Bridging on page 422

Understand the Xen Networking Concept on page 423

Understand Bridging

When you install Xen using the YaST Install Hypervisor and Tools module, the network configuration is changed by YaST to include a network bridge.

Bridging basically means that multiple network interfaces are combined to one. Traditionally, this technique is used to connect two network segments.

In the context of Xen, it is the default mechanism to connect virtual and physical interfaces in Dom0. You can consider the bridge as a kind of virtual switch which virtual and physical interfaces are connected to. The physical interface connects to the physical network and the DomUs connect to the virtual interfaces, thus allowing DomUs to access the physical network.

In a setup without a bridge, the configuration for the eth0 interface is contained in the /etc/sysconfig/network/ifcfg-eth0 file. With the change to a bridge, this file is deleted and a /etc/sysconfig/network/ifcfg-br0 file created. Its content looks similar to the following:

The IP address is no longer assigned to the interface eth0 as before, but to the bridge (in this case using dhcp). The interface that actually connects to the physical network is attached to the bridge (BRIDGE_PORTS=eth0) but does not have an IP address of its own.

da10:~ # cat /etc/sysconfig/network/ifcfg-br0BOOTPROTO='dhcp'BRIDGE='yes'BRIDGE_FORWARDDELAY='0'BRIDGE_PORTS='eth0'BRIDGE_STP='off'STARTMODE='onboot'USERCONTROL='no'



423Version 1


Novell Training S


This is reflected in the output of the ip command:

The command to configure network bridges is brctl. It can be used to list the current setup, as in the following example:

Other brctl commands include the following:

brctl addbr name: Creates a new bridge named name.

brctl delbr name: Deletes the bridge named name. The network interface corresponding to the bridge must be down before it can be deleted.

brctl addif brname ifname: Adds the interface ifname to the bridge brname.

brctl delif brname ifname: Deletes the interface ifname from the bridge brname.

Understand the Xen Networking Concept

In a Xen setup, the xend management process in Dom0 controls the physical network interfaces of a host system. When a DomU starts up, the /etc/xen/scripts/network-bridge script takes care of the virtual interface needed to connect the new DomU to the physical network via the bridge.

When a new Domain U is created, the following changes to the network configuration are made (simplified):

1. Xen provides a virtual network device to the new domain. Within that domain, that device will appear as ethx.

2. xend creates a new virtual interface in Dom0.

da10:~ # ip address show1: lo: mtu 16436 qdisc noqueue state UNKNOWN...2: eth1: mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:80:c8:f6:88:9f brd ff:ff:ff:ff:ff:ff inet6 fe80::280:c8ff:fef6:889f/64 scope link valid_lft forever preferred_lft forever3: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 100 link/ether 00:19:d1:9f:17:87 brd ff:ff:ff:ff:ff:ff inet6 fe80::219:d1ff:fe9f:1787/64 scope link valid_lft forever preferred_lft forever4: br0: mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:19:d1:9f:17:87 brd ff:ff:ff:ff:ff:ff inet 172.17.8.1/16 brd 172.17.255.255 scope global br0 inet6 fe80::219:d1ff:fe9f:1787/64 scope link valid_lft forever preferred_lft forever

da10:~ # brctl showbridge name bridge id STP enabled interfacesbr0 8000.0019d19f1787 no eth0




Version 1424

Novell Training S


3. The virtual interface in Dom0 and the virtual network device in the unprivileged domain are connected through a virtual point-to-point connection.

4. The virtual interface in Dom0 is added to the bridge with the physical interface.

These steps affect only the general network connectivity. The IP configuration inside the unprivileged domain is done separately with DHCP or a static network configuration.

The following graphic illustrates the relationship of the various interfaces involved:

Figure 10-16 Xen Networking

The output of ip a s shows the new interface:

The new interface is added to the existing bridge, as shown in the output of brctl:

da10:~ # ip address show1: lo: mtu 16436 qdisc noqueue state UNKNOWN...2: eth1: mtu 1500 qdisc pfifo_fast state DOWN qlen 1000...3: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 100...4: br0: mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:19:d1:9f:17:87 brd ff:ff:ff:ff:ff:ff inet 172.17.8.1/16 brd 172.17.255.255 scope global br0 inet6 fe80::219:d1ff:fe9f:1787/64 scope link valid_lft forever preferred_lft forever5: vif1.0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 32 link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::fcff:ffff:feff:ffff/64 scope link valid_lft forever preferred_lft forever

da10:~ # brctl showbridge name bridge id STP enabled interfacesbr0 8000.0019d19f1787 no eth0 vif1.0



425Version 1


Novell Training S


The naming scheme is

vifdomain_number.interface_number

For example, the counterpart for eth0 in domain number 2 is vif2.0.

The /etc/xen/scripts directory contains additional scripts that can be used to set up NAT or routing instead of the default bridge setup. In the /etc/xen/xend-config.sxp file you can configure which network scripts are used by xend.

NOTE: Because of the complexity of the Xen network setup, the default firewall (SuSEFirewall2) is not working correctly in Dom0. We recommend that you disable SuSEFirewall2 and then set up a customized firewall script if needed.




Version 1426

Novell Training S


Exercise 10-4 Check the Network Configuration

In this exercise, you learn how to use the brctl show command to view the bridge setup and changes to it.


(End of Exercise)



427Version 1


Novell Training S


Summary

Objective Summary

Understand How Virtualization with Xen Works

Virtualization technology separates a running instance of an operating system from the physical hardware. Instead of running on a physical machine, the operating system runs in a so-called virtual machine. Multiple virtual machines share the resources of the underlying hardware.

There are two different kinds of virtualization:

Full virtualization

Para-virtualization

Para-virtualization requires modifications to the operating system running in the virtual machine.

Install Xen To use Xen, you have to install the Xen hypervisor, a kernel that is aware of Xen, and the Xen management tools in the SLES 11 installation running on the physical hardware (the virtual machine server).

After booting the Xen kernel, you can install virtual machines using the vm-install tool.

Manage Xen Domains with Virt-Manager

Virt-Manager can be used to manage Xen domains.

Virt-Manager allows you to start virtual domains, open a VNC window to view the graphical interface, and change virtual hardware parameters such as available RAM or hard disk space.

Virt-Manager displays all managed domains (running or not) and running unmanaged domains.

Manage Xen Domains from the Command Line

xm is the command line administration tool for xen domains.

To start a virtual machine, the create subcommand is used for unmanaged machines, while start is used for managed machines:

xm create -c -f /etc/xen/vm/SLES11.conf

xm start sled11

Other frequently used xm subcommands are shutdown, stop, new, and delete. Use xm help for a complete list of available commands.




Version 1428

Novell Training S


Understand Xen Networking Domain 0 (Dom0) is the central point to configure the network connections on a Xen system. The configuration in Dom0 determines what virtual network hardware is available within a domain U (DomU).

All unprivileged domains are connected with the physical network through Dom0.

A network bridge in Dom0 is used as a virtual switch. This bridge is controlled by xend.

The IP configuration of virtual network cards is done from within the unprivileged domains.

Objective Summary


SECTION 10 Manage Virtualization with XenObjective 1 Understand How Virtualization with Xen WorksUnderstand Virtualization MethodsUnderstand the Xen Architecture

Objective 2 Install XenInstall a Xen ServerInstall a Xen Virtual MachineExercise 10-1 Install a Xen Server and an Unprivileged Domain

Objective 3 Manage Xen Domains with Virt-ManagerExercise 10-2 Change Memory Allocation of a Guest Domain

Objective 4 Manage Xen Domains from the Command LineUnderstand Managed and Unmanaged DomainsUnderstand a Domain Configuration FileUse the xm ToolUse the virsh ToolAutomate Domain Startup and ShutdownExercise 10-3 Automate Domain Startup

Objective 5 Understand Xen NetworkingUnderstand BridgingUnderstand the Xen Networking ConceptExercise 10-4 Check the Network Configuration

Summary

3103 Manual Sec10

Documents

Transcript of 3103 Manual Sec10