Differences between revisions 1 and 45 (spanning 44 versions)
Revision 1 as of 2006-04-19 06:27:46
Size: 50
Editor: PeMac
Comment:
Revision 45 as of 2007-06-22 16:02:34
Size: 9608
Comment: some more typos fixed
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Dom0 =

For installing Dom0 on etch you have to do a regular install, while keeping the following in mind and doing the extra stuff at the end.

== Considerations: diskspace and RAM ==

The only things influencing the installation through d-i of the xen environment are diskspace and RAM. To start with the last: usually 196 MB RAM is needed for domain0. You can do with less: 128MB and I've even seen reports from people running with 64MB or even 32MB, but keep to defaults if this is your first time with Xen. Additional functionality for domain0 like dhcpd, iptables and installation services (eg. apache with apt-proxy) claim more. For a default domain0 you need 512MB diskspace and then you've got to keep an eye on it, so do at least 1GB. I use 2GB to be safe. For simplicities sake I keep it all in 1 filesystem. Local requirements for logging, accounting and/or auditing may claim extra. Swap space is the usual rule of thumb: RAM * attention. General methods for storing your user-domains file data are, in the order of preference: external san/nfs, local lvm2, local partitions, local files.

== Installation ==
Theses installation notes are focusing on installing Xen during Debian installation (i.e under D-I). Some general notes for Installation Xen can be found in the ["Xen"] page.

Do a regular install and select a standard kernel. Use grub for the bootloader (xen is not compatible with lilo) and choose mkinitramfs-tools for the ramdisk creator (which is default). Continue right up to the menu option "Finish the installation" but stop there (don't select it).
Switch to the second console with 'Ctrl-Alt-F2' and hit enter.

If you don't already know, you can check if your cpu has hardware virtualisation [the "vmx" flag for Intel or the "svm" flag for AMD]

   {{{ grep "vmx" /proc/cpuinfo }}}
or
   {{{ grep "svm" /proc/cpuinfo }}}

Chroot into your target install with

   {{{ chroot /target /bin/sh }}}

Optionnaly, you can enable "command line completion" to complete package using "tab" key :

   {{{ . /etc/bash_completion }}}

You need to install a few package that pulls most of the dependencies (xen-ioemu is only needed by CPU with virtualisation hardware) :
   {{{ apt-get install xen-hypervisor-3.0.3-1-i386 libc6-xen linux-image-xen-686 bridge-utils libsysfs2 xen-ioemu-3.0.3-1 }}}


Warning: (as of 2006-10, might be an obsolete warning) : if you are useing a separate filesystem for /boot like I do, your /boot/grub/menu.lst bootloader configuration file doesn't get modified correctly. In this case every path needs to read /<filename>, but for some bug the one for xen.gz doesn't but looks like '/boot/xen.gz', so change it to '/xen.gz'.

Since we have the opportunity, adjust your xen config file /etc/xen/xend-config.sxp (save the original for later study). The following works on a system with a single nic:

   {{{ (xend-relocation-server no) }}} [[BR]]
   {{{ (xend-relocation-hosts-allow '') }}} [[BR]]
   {{{ (network-script 'network-bridge netdev=eth0') }}} [[BR]]
   {{{ (vif-script vif-bridge) }}} [[BR]]
   {{{ (dom0-min-mem 196) }}} [[BR]]
   {{{ (dom0-cpus 0) }}} [[BR]]

Exit your chroot

   {{{ exit }}}

and change back to your installation screen with 'Ctrl-Alt-F1' and select "Finish the installation".

If the system does not boot, try adding a 'noacpi' option to the vmlinux line in menu.lst first.

Ref:

http://lists.xensource.com/archives/html/xen-users/2006-09/msg00966.html (dd. 20070930) en-unstable.

 /!\ Work in progress, your help is appreciated

= DomU =

For ways of installing a Xen guest without D-I (and there are some), please look at http://wiki.debian.org/Xen

This paragraph will be about getting D-I to work inside a Xen guest domain.

== Installing DomU with D-I ==
Running the full D-I inside a domU is for some users and use cases a more appropriate option than the other methods without D-I. This is also the preferred method some other distributions offer their users - fedora/redhat runs anaconda in a domU, suse runs yast inside a domU. If this is fully working, users have (nearly?!) not differences between installing a real hardware system or a virtualized one.

You can start d-i in DomU by creating a DomU config file with the Xen DomU kernel and the initrd from the netboot images (http://ftp.nl.debian.org/debian/dists/etch/main/installer-i386/current/images/netboot/netboot.tar.gz) and granting the DomU (or user-domain) read/write acces to some empty pre-created filesystems you want to use in it since you definitely do not want to give the DomU access to your mbr.
You need to copy the DomU kernel's /lib/modules/<version> to the initrd.

It works, I did this some months ago with the 3.0.1 Xen version from backports.org, but am unable to reproduce due to the current state of the Xen software on etch and backports.org. Waiting for http://lists.alioth.debian.org/pipermail/pkg-xen-devel/2006-September/000739.html, I suppose :-(

=== experience report for D-I in domU ===
by: (mm)

I've tried following this path, as I find myself annoyed at the limitations of xen-tools and the amount of manual setup debootstrap leaves.
It seems to be usable with the released Etch Xen.
There are some rough spots - keyboard config fails (left it unchanged), no kernel modules were found...
Partitioning is a bit of a surprise, though.
The trick seems to be to format all the partitions (I'm using LVM and testing with /dev/sda1 and /dev/sda2 as disk and swap), otherwise the partitioner will insist on creating partition tables for them.
Didn't experiment to see how that would work out as I really didn't want partitioned partitions!
Other problems (some of which I could have avoided):
 * libc6-xen: you need it
 * udev's persistent-net rule will screw you unless you're setting a fixed MAC in the VM config.
 * probably need to read about preseeding and other d-i customizations

=== Another experience report on D-I in DomU ===
By: HenningSprang - tested version etch released netboot.tar.gz from the above loaction on 2007-05-28

As mm described, setting the ramdisk xen domain config parameter to the location of the initrd.gz file gets a D-I session going. Via the Xen console, this doesn't look exactly nice (TODO: add screenshot), but thsi might also have something to do with locale settings on dom0, I am not sure.

Still, one of the first things I have to do is to select a keyboard layout, and right after this step, I get a red screen saying "Installation step failed".
I get around this by selecting the keyboard setup again in the menu, and this time telling "keep the kernel keymap".

The next warning after some steps is "no kernel modules found...continue install without loading kernel modules" - I chose "yes".

The next warning: "Could not get identity of device /dev/hda - Invalid argument"
I chose "ignore". This message repeats some times in the partitioning process.

Just for fun I tried to use the "configure crypted disk option", but that failed somehow(worry, not details about how and why). Actually, chosing a normal partitioning does not help me further here.
While I can make a filesystem on the disk when entering the console from D-I, I am unable to mount it, but fail to see the reason:

{{{
~ # mkfs.ext3 /dev/hda1
mke2fs 1.40-WIP (14-Nov-2006)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
243360 inodes, 485958 blocks
24297 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=499122176
15 block groups
32768 blocks per group, 32768 fragments per group
16224 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 20 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
~ # mount /dev/hda1 /mnt/
mount: Mounting /dev/hda1 on /mnt/ failed: Invalid argument
~ # mount -t ext3 /dev/hda1 /mnt/
mount: Mounting /dev/hda1 on /mnt/ failed: No such device
}}}

I think, that's it for today - I'll try further and report...

/!\ Work in progress, your help is appreciated

= DomU graphical =

I guess it must be possible to do this, maybe in a similar way as the DomU, through the xen native vnc support or in a straight X11 session over a network connection with the ssh console option (does the graphical installer have X11 client support?).

To boot a domU with graphical (VNC) access use the following options :

  {{{ vnc=1 }}}[[BR]]
  {{{ vnclisten=<ipofthedom0> }}}

and then
  {{{ xvncviewer <ipofthedom0> }}}

/!\ Work in progress, your help is appreciated

= Using HVM (VT processors) =

Make sure you have the "xen-ioemu" package installed

Sample config file :
  {{{ kernel = "/usr/lib/xen-3.0.3-1/boot/hvmloader" }}}[[BR]]
  {{{ builder = "hvm" }}}[[BR]]
  {{{ memory = "256" }}}[[BR]]
  {{{ disk = [ 'phy:/dev/dom-u/internal_webservices,ioemu:hda,w' }}}[[BR]]
  {{{ device_model = '/usr/lib/xen-3.0.3-1/bin/qemu-dm' }}}[[BR]]
  {{{ name = "internal_webservices" }}}[[BR]]
  {{{ vif = [ 'type=ioemu, bridge=br-xen' ] }}}[[BR]]
  {{{ vnc=1 }}}[[BR]]
  {{{ vnclisten="192.168.0.1" }}}[[BR]]
  {{{ boot="cda" }}}[[BR]]
  {{{ on_poweroff = 'destroy' }}}[[BR]]
  {{{ on_reboot = 'restart' }}}[[BR]]
  {{{ on_crash = 'restart' }}}[[BR]]

Dom0

For installing Dom0 on etch you have to do a regular install, while keeping the following in mind and doing the extra stuff at the end.

Considerations: diskspace and RAM

The only things influencing the installation through d-i of the xen environment are diskspace and RAM. To start with the last: usually 196 MB RAM is needed for domain0. You can do with less: 128MB and I've even seen reports from people running with 64MB or even 32MB, but keep to defaults if this is your first time with Xen. Additional functionality for domain0 like dhcpd, iptables and installation services (eg. apache with apt-proxy) claim more. For a default domain0 you need 512MB diskspace and then you've got to keep an eye on it, so do at least 1GB. I use 2GB to be safe. For simplicities sake I keep it all in 1 filesystem. Local requirements for logging, accounting and/or auditing may claim extra. Swap space is the usual rule of thumb: RAM * attention. General methods for storing your user-domains file data are, in the order of preference: external san/nfs, local lvm2, local partitions, local files.

Installation

Theses installation notes are focusing on installing Xen during Debian installation (i.e under D-I). Some general notes for Installation Xen can be found in the ["Xen"] page.

Do a regular install and select a standard kernel. Use grub for the bootloader (xen is not compatible with lilo) and choose mkinitramfs-tools for the ramdisk creator (which is default). Continue right up to the menu option "Finish the installation" but stop there (don't select it). Switch to the second console with 'Ctrl-Alt-F2' and hit enter.

If you don't already know, you can check if your cpu has hardware virtualisation [the "vmx" flag for Intel or the "svm" flag for AMD]

  •  grep "vmx" /proc/cpuinfo 

or

  •  grep "svm" /proc/cpuinfo 

Chroot into your target install with

  •  chroot /target /bin/sh 

Optionnaly, you can enable "command line completion" to complete package using "tab" key :

  •  . /etc/bash_completion 

You need to install a few package that pulls most of the dependencies (xen-ioemu is only needed by CPU with virtualisation hardware) :

  •  apt-get install xen-hypervisor-3.0.3-1-i386 libc6-xen linux-image-xen-686 bridge-utils libsysfs2  xen-ioemu-3.0.3-1 

Warning: (as of 2006-10, might be an obsolete warning) : if you are useing a separate filesystem for /boot like I do, your /boot/grub/menu.lst bootloader configuration file doesn't get modified correctly. In this case every path needs to read /<filename>, but for some bug the one for xen.gz doesn't but looks like '/boot/xen.gz', so change it to '/xen.gz'.

Since we have the opportunity, adjust your xen config file /etc/xen/xend-config.sxp (save the original for later study). The following works on a system with a single nic:

  •  (xend-relocation-server no)  ?BR  (xend-relocation-hosts-allow '')  ?BR  (network-script 'network-bridge netdev=eth0')  ?BR  (vif-script vif-bridge)  ?BR  (dom0-min-mem 196)  ?BR  (dom0-cpus 0)  ?BR

Exit your chroot

  •  exit 

and change back to your installation screen with 'Ctrl-Alt-F1' and select "Finish the installation".

If the system does not boot, try adding a 'noacpi' option to the vmlinux line in menu.lst first.

Ref:

http://lists.xensource.com/archives/html/xen-users/2006-09/msg00966.html (dd. 20070930) en-unstable.

  • /!\ Work in progress, your help is appreciated

DomU

For ways of installing a Xen guest without D-I (and there are some), please look at http://wiki.debian.org/Xen

This paragraph will be about getting D-I to work inside a Xen guest domain.

Installing DomU with D-I

Running the full D-I inside a domU is for some users and use cases a more appropriate option than the other methods without D-I. This is also the preferred method some other distributions offer their users - fedora/redhat runs anaconda in a domU, suse runs yast inside a domU. If this is fully working, users have (nearly?!) not differences between installing a real hardware system or a virtualized one.

You can start d-i in DomU by creating a DomU config file with the Xen DomU kernel and the initrd from the netboot images (http://ftp.nl.debian.org/debian/dists/etch/main/installer-i386/current/images/netboot/netboot.tar.gz) and granting the DomU (or user-domain) read/write acces to some empty pre-created filesystems you want to use in it since you definitely do not want to give the DomU access to your mbr. You need to copy the DomU kernel's /lib/modules/<version> to the initrd.

It works, I did this some months ago with the 3.0.1 Xen version from backports.org, but am unable to reproduce due to the current state of the Xen software on etch and backports.org. Waiting for http://lists.alioth.debian.org/pipermail/pkg-xen-devel/2006-September/000739.html, I suppose :-(

experience report for D-I in domU

by: (mm)

I've tried following this path, as I find myself annoyed at the limitations of xen-tools and the amount of manual setup debootstrap leaves. It seems to be usable with the released Etch Xen. There are some rough spots - keyboard config fails (left it unchanged), no kernel modules were found... Partitioning is a bit of a surprise, though. The trick seems to be to format all the partitions (I'm using LVM and testing with /dev/sda1 and /dev/sda2 as disk and swap), otherwise the partitioner will insist on creating partition tables for them. Didn't experiment to see how that would work out as I really didn't want partitioned partitions! Other problems (some of which I could have avoided):

  • libc6-xen: you need it
  • udev's persistent-net rule will screw you unless you're setting a fixed MAC in the VM config.
  • probably need to read about preseeding and other d-i customizations

Another experience report on D-I in DomU

By: HenningSprang - tested version etch released netboot.tar.gz from the above loaction on 2007-05-28

As mm described, setting the ramdisk xen domain config parameter to the location of the initrd.gz file gets a D-I session going. Via the Xen console, this doesn't look exactly nice (TODO: add screenshot), but thsi might also have something to do with locale settings on dom0, I am not sure.

Still, one of the first things I have to do is to select a keyboard layout, and right after this step, I get a red screen saying "Installation step failed". I get around this by selecting the keyboard setup again in the menu, and this time telling "keep the kernel keymap".

The next warning after some steps is "no kernel modules found...continue install without loading kernel modules" - I chose "yes".

The next warning: "Could not get identity of device /dev/hda - Invalid argument" I chose "ignore". This message repeats some times in the partitioning process.

Just for fun I tried to use the "configure crypted disk option", but that failed somehow(worry, not details about how and why). Actually, chosing a normal partitioning does not help me further here. While I can make a filesystem on the disk when entering the console from D-I, I am unable to mount it, but fail to see the reason:

~ # mkfs.ext3 /dev/hda1
mke2fs 1.40-WIP (14-Nov-2006)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
243360 inodes, 485958 blocks
24297 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=499122176
15 block groups
32768 blocks per group, 32768 fragments per group
16224 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 20 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
~ # mount /dev/hda1 /mnt/
mount: Mounting /dev/hda1 on /mnt/ failed: Invalid argument
~ # mount -t ext3 /dev/hda1 /mnt/
mount: Mounting /dev/hda1 on /mnt/ failed: No such device

I think, that's it for today - I'll try further and report...

/!\ Work in progress, your help is appreciated

DomU graphical

I guess it must be possible to do this, maybe in a similar way as the DomU, through the xen native vnc support or in a straight X11 session over a network connection with the ssh console option (does the graphical installer have X11 client support?).

To boot a domU with graphical (VNC) access use the following options :

  •  vnc=1 ?BR  vnclisten=<ipofthedom0> 

and then

  •  xvncviewer <ipofthedom0> 

/!\ Work in progress, your help is appreciated

Using HVM (VT processors)

Make sure you have the "xen-ioemu" package installed

Sample config file :

  •  kernel = "/usr/lib/xen-3.0.3-1/boot/hvmloader" ?BR  builder = "hvm" ?BR  memory = "256" ?BR  disk = [ 'phy:/dev/dom-u/internal_webservices,ioemu:hda,w' ?BR  device_model = '/usr/lib/xen-3.0.3-1/bin/qemu-dm' ?BR  name = "internal_webservices" ?BR  vif = [ 'type=ioemu, bridge=br-xen' ] ?BR  vnc=1 ?BR  vnclisten="192.168.0.1" ?BR  boot="cda" ?BR  on_poweroff = 'destroy' ?BR  on_reboot = 'restart' ?BR  on_crash = 'restart' ?BR

Resources