From owner-svn-doc-head@freebsd.org Mon May 29 14:50:38 2017 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 229C0D4E11D; Mon, 29 May 2017 14:50:38 +0000 (UTC) (envelope-from bcr@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E26A17C84F; Mon, 29 May 2017 14:50:37 +0000 (UTC) (envelope-from bcr@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v4TEobur039356; Mon, 29 May 2017 14:50:37 GMT (envelope-from bcr@FreeBSD.org) Received: (from bcr@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v4TEobit039355; Mon, 29 May 2017 14:50:37 GMT (envelope-from bcr@FreeBSD.org) Message-Id: <201705291450.v4TEobit039355@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bcr set sender to bcr@FreeBSD.org using -f From: Benedict Reuschling Date: Mon, 29 May 2017 14:50:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r50292 - head/en_US.ISO8859-1/books/handbook/virtualization X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 May 2017 14:50:38 -0000 Author: bcr Date: Mon May 29 14:50:37 2017 New Revision: 50292 URL: https://svnweb.freebsd.org/changeset/doc/50292 Log: Add a new section about Xen to the virtualization chapter. It is based on the entries in the FreeBSD Wiki andi Xen's own instructions specific to FreeBSD. In particular, it describes how to configure the host machine, set up the Dom0, and add a DomU VM afterwards. Reviewed by: royger, wblock Differential Revision: https://reviews.freebsd.org/D10774 Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Mon May 29 13:57:38 2017 (r50291) +++ head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Mon May 29 14:50:37 2017 (r50292) @@ -30,6 +30,16 @@ bhyve section by + + + + + Benedict + Reuschling + + Xen section by + + @@ -1354,17 +1364,338 @@ ifconfig_bridge0="addm igb0 - + &xen; can migrate VMs between different &xen; servers. When + the two xen hosts share the same underlying storage, the + migration can be done without having to shut the VM down first. + Instead, the migration is performed live while the DomU is + running and there is no need to restart it or plan a downtime. + This is useful in maintenance scenarios or upgrade windows to + ensure that the services provided by the DomU are still + provided. Many more features of &xen; are listed on the Xen + Wiki Overview page. Note that not all features are + supported on &os; yet. + + + Hardware Requirements for &xen; Dom0 + + To run the &xen; hypervisor on a host, certain hardware + functionality is required. Hardware virtualized domains + require Extended Page Table (EPT) + and Input/Output Memory Management Unit (IOMMU) + support in the host processor. + + + + &xen; Dom0 Control Domain Setup + + The emulators/xen package works with + &os; 11 amd64 binary snapshots and equivalent systems + built from source. This example assumes VNC output for + unprivileged domains which is accessed from a another system + using a tool such as net/tightvnc. + + Install emulators/xen: + + &prompt.root; pkg install xen + + Configuration files must be edited to prepare the host + for the Dom0 integration. An entry to + /etc/sysctl.conf disables the limit on + how many pages of memory are allowed to be wired. Otherwise, + domU VMs with higher memory requirements will not run. + + &prompt.root; sysrc -f /etc/sysctl.conf vm.max_wired=-1 + + Another memory-related setting involves changing + /etc/login.conf, setting the + memorylocked option to + unlimited. Otherwise, creating DomU + domains may fail with Cannot allocate + memory errors. After making the change to + /etc/login.conf, run + cap_mkdb to update the capability database. + See for + details. + + &prompt.root; sed -i '' -e 's/memorylocked=64K/memorylocked=unlimited/' /etc/login.conf +&prompt.root; cap_mkdb /etc/login.conf + + Add an entry for the &xen; console to + /etc/ttys: + + &prompt.root; echo 'xc0 "/usr/libexec/getty Pc" xterm on secure' >> /etc/ttys + + Selecting a &xen; kernel in + /boot/loader.conf activates the Dom0. + &xen; also requires resources like CPU and memory from the + host machine for itself and other DomU domains. How much CPU + and memory depends on the individual requirements and hardware + capabilities. In this example, 8 GB of memory and 4 + virtual CPUs are made available for the Dom0. The serial + console is also activated and logging options are + defined. + + &prompt.root; sysrc -f /boot/loader.conf hw.pci.mcfg=0 +&prompt.root; xen_kernel="/boot/xen" +&prompt.root; xen_cmdline="dom0_mem=8192M dom0_max_vcpus=4 dom0pvh=1 console=com1,vga com1=115200,8n1 guest_loglvl=all loglvl=all" + + Log files that &xen; creates for the Dom0 and DomU VMs + are stored in /var/log/xen. This + directory does not exist by default and must be + created. + + &prompt.root; mkdir -p /var/log/xen +&prompt.root; chmod 644 /var/log/xen + + &xen; provides a boot menu to activate and de-activate + the hypervisor on demand in + /boot/menu.rc.local: + + &prompt.root; echo "try-include /boot/xen.4th" >> /boot/menu.rc.local + + Activate the xencommons service during system + startup: + + &prompt.root; sysrc xencommons_enable=yes + + These settings are enough to start a Dom0-enabled + system. However, it lacks network functionality for the + DomU machines. To fix that, define a bridged interface with + the main NIC of the system which the DomU VMs can use to + connect to the network. Replace + igb0 with the host network + interface name. + + &prompt.root; sysrc autobridge_interfaces=bridge0 +&prompt.root; sysrc autobridge_bridge0=igb0 +&prompt.root; sysrc ifconfig_bridge0=SYNCDHCP + + Restart the host to load the &xen; kernel and start the + Dom0. + + &prompt.root; reboot + + After successfully booting the &xen; kernel and logging + into the system again, the &xen; management tool + xl is used to show information about the + domains. + + &prompt.root; xl list +Name ID Mem VCPUs State Time(s) +Domain-0 0 8192 4 r----- 962.0 + + The output confirms that the Dom0 (called + Domain-0) has the ID 0 + and is running. It also has the memory and virtual CPUs + that were defined in /boot/loader.conf + earlier. More information can be found in the &xen; + Documentation. NDomU guest VMs can now be + created. + + + + &xen; DomU Guest VM Configuration + + Unprivileged domains consist of a configuration file and + virtual or physical hard disks. Virtual disk storage for + the DomU can be files created by &man.truncate.1; or ZFS + volumes as described in . + In this example, a 20 GB volume is used. A VM is + created with the ZFS volume, a &os; ISO image, 1 GB of + RAM and two virtual CPUs. The ISO installation file is + retrieved with &man.fetch.1; and saved locally in a file + called freebsd.iso. + + &prompt.root; fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.3/FreeBSD-10.3-RELEASE-amd64-bootonly.iso -o freebsd.iso + + A ZFS volume of 20 GB called + xendisk0 is created to serve as the disk + space for the VM. + + &prompt.root; zfs create -V20G -o volmode=dev zroot/xendisk0 + + The new DomU guest VM is defined in a file. Some specific + definitions like name, keymap, and VNC connection details are + also defined. The following freebsd.cfg + contains a minimum DomU configuration for this example: + + &prompt.root; cat freebsd.cfg +builder = "hvm" +name = "freebsd" +memory = 1024 +vcpus = 2 +vif = [ 'mac=00:16:3E:74:34:32,bridge=bridge0' ] +disk = [ +'/dev/zvol/tank/xendisk0,raw,hda,rw', +'/root/freebsd.iso,raw,hdc:cdrom,r' + ] +vnc = 1 +vnclisten = "0.0.0.0" +serial="pty" +usbdevice="tablet" + + These lines are explained in more detail: + + + + This defines what kind of virtualization to use. + hvm refers to hardware-assisted + virtualization or hardware virtual machine. Guest + operating systems can run unmodified on CPUs with + virtualization extensions, providing nearly the same + performance as running on physical hardware. + generic is the default value and + creates a PV domain. + + + + Name of this virtual machine to distinguish it from + others running on the same Dom0. Required. + + + + Quantity of RAM in megabytes to make available to the + VM. This amount is subtracted from the hypervisor's total + available memory, not the memory of the Dom0. + + + + Number of virtual CPUs available to the guest VM. For + best performance, do not create guests with more virtual + CPUs than the number of physical CPUs on the host. + + + + Virtual network adapter. This is the bridge connected + to the network interface of the host. The + mac parameter is the MAC address set on + the virtual network interface. This parameter is + optional, if no MAC is provided &xen; will generate a + random one. + + + + Full path to the disk, file, or ZFS volume of the disk + storage for this VM. Options and multiple disk + definitions are separated by commas. + + + + Defines the Boot medium from which the initial + operating system is installed. In this example, it is the + ISO imaged downloaded earlier. Consult the &xen; + documentation for other kinds of devices and options to + set. + + + + Options controlling VNC connectivity to the serial + console of the DomU. In order, these are: active VNC + support, define IP address on which to listen, device node + for the serial console, and the input method for precise + positioning of the mouse and other input methods. + keymap defines which keymap to use, and + is english by default. + + + + After the file has been created with all the necessary + options, the DomU is created by passing it to xl + create as a parameter. + + &prompt.root; xl create freebsd.cfg + + + Each time the Dom0 is restarted, the configuration file + must be passed to xl create again to + re-create the DomU. By default, only the Dom0 is created + after a reboot, not the individual VMs. The VMs can + continue where they left off as they stored the operating + system on the virtual disk. The virtual machine + configuration can change over time (for example, when adding + more memory). The virtual machine configuration files must + be properly backed up and kept available to be able to + re-create the guest VM when needed. + + + The output of xl list confirms that the + DomU has been created. + + &prompt.root; xl list +Name ID Mem VCPUs State Time(s) +Domain-0 0 8192 4 r----- 1653.4 +freebsd 1 1024 1 -b---- 663.9 + + To begin the installation of the base operating system, + start the VNC client, directing it to the main network address + of the host or to the IP address defined on the + vnclisten line of + freebsd.cfg. After the operating system + has been installed, shut down the DomU and disconnect the VNC + viewer. Edit freebsd.cfg, removing the + line with the cdrom definition or + commenting it out by inserting a # + character at the beginning of the line. To load this new + configuration, it is necessary to remove the old DomU with + xl destroy, passing either the name or the + id as the parameter. Afterwards, recreate it using the + modified freebsd.cfg. + + &prompt.root; xl destroy freebsd +&prompt.root; xl create freebsd.cfg + + The machine can then be accessed again using the VNC + viewer. This time, it will boot from the virtual disk where + the operating system has been installed and can be used as a + virtual machine. +