Trending Topics

VMware on AWS - How to restore NSX DFW firewall rules to previous state

Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works  NSX DFW configuration has versioning, and it is stored in the NSX Manager.  Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again.  You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen.  Let’s go through the use case:  1. Original state- default config with no custom rules:  a. There are no saved configurations during last 30 days: In my existing test setup, with the current setting

XEN - Virtualization

Its copy and paste source :

Xen is a software which makes possible for you to use two different operating systems on your laptop without having a need to reboot from one operating system to another. Xen is also the name of technology which makes this possible. Hence it is some times confusing as when some one is talking about Xen or when some one is talking about the technology. For example you when use your computer you can always open up Firefox and browse websites imagine a situation similar to this one where without rebooting into another operating system you can use Windows or any other operating system from within Ubuntu i.e. you do a click select on some application and are able to use the Windows or Solaris or another operating system while still working on the Ubuntu at the same time.
Xen is mostly used on servers but it is possible to use at your home computer also. There is other software available comparable to Xen. Some of them are proprietary such as VMware and Parallels and some are open source like VirtualBox, Qemu and KVM.
To be able to run most of the virtualization software, a new technology in hardware comes it is known as Intel-VT and for AMD machines it AMD-V. It will be good if your hardware has inbuilt support for VT which is known as Virtualization Technology (VT). In absence of that theoretically it is possible to run Xen or any other virtualization software but people have faced a lot of errors without VT. Your life will become simple if the machine is VT enabled.
How to check whether your computer supports VT or not, run following command for Intel based processors:
grep vmx /proc/cpuinfo
For AMD based processors, run the following command:
grep svm /proc/cpuinfo
If you don't see any output from either one of the command then your hardware does not support VT. Virtualization also needs to be supported by and enabled in your BIOS. For BIOS support, you should poke around finding a menu about this subject in your BIOS. Look for an option likeSecure Virtual MachineVirtualization TechnologySVMVT-x, etc. and enable it.
If you are a new comer to Xen then it is advisable to use CentOS (on desktops) or if possible a binary package of Xen available from Ubuntu repositories. By binary package we mean you do not need to compile a kernel of Xen just doing a sudo apt-get (package name) will do the magic for you. But the binary is not available for Ubuntu 10.04 and higher versions. So if you want to check on the latest versions you will have to compile it from scratch and that is what we have attempt to explain, more specifically, para-virtualization, rather than hardware virtualization (which is only possible if your BIOS supports it).
Xen is what has made "cloud computing" possible, including Amazon's EC2.

Ubuntu's Support of Xen

There has been some controversy about Ubuntu's support for Xen, mostly fueled by some sensationalist articles about KVM in places like CNET and The Register. It's true that Intrepid does not include a dom0 linux kernel, but it does still include a Xen 3.3 hypervisor and userland tools. According to Evan Broder, this is likely just a workload issue; Intrepid runs a linux kernel version which Xen doesn't explicitly support, and so the Ubuntu kernel team would have had to forward-port the Xen patches from 2.6.18. This sort of unsync will go away when Xen gets into the mainstream kernel, which may actually happen soon.
That said, it is still pretty straightforward to install Xen on most recent release of Ubuntu - Lucid 10.04.
It's also worth noting that the Xen 3.3 hypervisor is also included in jaunty. However, at the time of this writing, Xen is not officially supported in Lucid; consider using KVM instead (again, only if your BIOS supports it).
In the meantime, a suitable workaround is to go ahead and install the Xen 3.3 hypervisor and userland tools for Intrepid, Jaunty, or whatever later version of Ubuntu you're running, and then go get a dom0 linux kernel from Debian.
See also and, and on freenode, try: ##xen or #ubuntu-virt.


  • Host Operating System (Dom0): refers to the operating system on which your guest operating systems will run.What it means is if you want to run Windows inside your Ubuntu as an application with the help of Xen then the Ubuntu will be called as Host Operating System and Windows would be called Guest Operating System and the term Dom0 refers to host Operating System.Technically in terms of Xen the host Operating System is known as Dom0.
  • Guest Operating System(DomU): An operating system which would be running inside your Ubuntu using Xen is known as Guest Operating System and in Xen terms it is known as DomU.
  • PV Guest: PV means para-virtualized. Some times due to hardware issues or even software issues it is the guest operating system which should run inside a host needs to be modified and in this situation the Guest Operating system is made aware that it is running on Xen. This is known as para-virtualization and the Guest OS in this case is called a PV Guest.
  • HVM: means full (hardware) virtualization. In simple terms your guest operating system is not aware that it is running on Xen or inside any other Operating System and the guest OS feels that it is running on an actual hardware.
  • Hypervisor: is the software which is at the back end of all your virtualization effort and makes possible the installation of Guest Operating System inside Host Operating System. This hypervisor is what we are referring to Xen. In case of any other virtualization solution they have their own hypervisor.

Lucid Notes (Xen 4.0.1 with a pv-ops Dom0 kernel on Ubuntu 10.04)

Ubuntu 10.04 does not come with Xen binaries so you will have to manually download and compile Xen along with a kernel that is suitable to work with Xen. In this tutorial we will use Xen-4.0.1.
To be able to use Xen on your Ubuntu you need to
  1. Compile Xen
  2. Compile a Dom0 Kernel which can work with Xen
in case you already have a Dom0 kernel then step 2 is not needed.The kernel which is active when you install Ubuntu from a CD on your laptop is not a Dom0 kernel and to be able to use Xen you necessarily need a Dom0 kernel.So if you are doing it first time you surely need to do step 2.
For compiling the above two you need following packages which are approximately 400Mb and will take 900 Mb of disk spcace in installation. So before we begin with Step1 and Step2 prepare the environment to compile Xen
sudo apt-get install bcc bin86 gawk bridge-utils iproute libcurl3 libcurl4-openssl-dev bzip2 module-init-tools transfig tgif texinfo texlive-latex-base texlive-latex-recommended texlive-fonts-extra texlive-fonts-recommended pciutils-dev mercurial build-essential make gcc libc6-dev zlib1g-dev python python-dev python-twisted libncurses5-dev patch libvncserver-dev libsdl1.2-dev libjpeg62-dev iasl libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev bison flex ocaml-findlib
If you have a 64bit version of Debian/Ubuntu you also need this additional package:
sudo apt-get install gcc-multilib xz-utils
Step 1 (Your Xen work begins from here)
Note: Folder /usr/src (require root access) may be interchanged with a folder of your choice which may not require root access.
Download Xen
Move the downloaded xen-4.0.1 tar ball to /usr/src. Unpack Xen hypervisor to /usr/src directory (NOT as root).
sudo tar -xzvf xen-4.0.1.tar.gz
At this point you should see a directory
xen-4.0.1 in /usr/src
Now go inside the Xen-4.0.1 folder and do following
sudo make xen
sudo make tools
sudo make stubdom
sudo make install-xen
sudo make install-tools PYTHON_PREFIX_ARG=
sudo make install-stubdom
At this point you should have in /boot directory following files
and Xen is installed on your laptop. But it is not usable at this point. Now you need to compile a Dom0 kernel which is Step 2.
Before we begin on some places on internet you will find a step
make world  <- Do not use it.
Since in this tutorial we are going to compile a Dom0 kernel. So you should not use make world. If you do a make world then do not follow this guide because when you do a make world Step 1 and Step 2 are combined in make world but make world takes a lot more time and internet bandwidth since it downloads a Dom0 kernel from Jeremy's Tree which is approximately 875 Mb. Let us stick to this guide.
So here your Xen is compiled but it is not ready to use as you yet do not have a Dom0 kernel with you. The kernel with which your Ubuntu booted will not work with Xen. So you need to compile a Dom0 kernel also.
Step 2
Now be in your /usr/src (<src>) directory and issue following command(s):
cd <src>
#check out the 'xen/master' default branch
#check out the latest xen/stable branch
Author's note: Please, consult XenSource (Downloading the git tree) for how to get the latest stable Xen development branch. You can use xen/stable[-ver] tags.
It will take some time depending upon your bandwidth as the above step will download 875 Mb of code from repositories.You can check this link;a=heads to see full list of branches that can be downloaded via git (just for your information).
To find out which configuration options Xen does have, issue following commands:
cd <src>/linux-2.6-xen
rgrep -i "config xen" .
As per 22. marts 2011 we have the following files
To find out which dependency order the XEN configuration option for your architecture has (look for depends statements), you should look in the Kconfig file of the arch folder or issue
rgrep -ni "^config XEN$" .
To enable Xen (and its options in Kernel config, you should dis-/enable the configuration options in the right dependency order. but remember that the XEN configuration option is your pivot to find the dependency order. For x86/i386/32 bit architecture, we have:
config XEN
        depends on X86_64 || (X86_32 && X86_PAE && !X86_VISWS)
        depends on X86_CMPXCHG && X86_TSC

config X86_32
        def_bool !64BIT
config 64BIT
        bool "64-bit kernel" if ARCH = "x86"
        default ARCH = "x86_64"
config HIGHMEM4G (Select: High Memory Support (64GB))
        bool "4GB"
        depends on !X86_NUMAQ
config X86_PAE
        bool "PAE (Physical Address Extension) Support"
        depends on X86_32 && !HIGHMEM4G
config X86_NUMAQ (Deselect: Support for extended (non-PC) x86 platforms)
        bool "NUMAQ (IBM/Sequent)"
        depends on X86_32_NON_STANDARD
config X86_VISWS
        bool "SGI 320/540 (Visual Workstation)"
        depends on X86_32 && PCI && X86_MPPARSE && PCI_GODIRECT
        depends on X86_32_NON_STANDARD

config X86_CMPXCHG
        def_bool X86_64 || (X86_32 && !M386)
config M386
        bool "386"
        depends on X86_32 && !UML
config X86_TSC (Select: Pentium-Pro)
        def_bool y
        depends on ((MWINCHIP3D || MCRUSOE || MEFFICEON || MCYRIXIII || MK7 || MK6 || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || M586MMX || M586TSC || MK8 || MVIAC3_2 || MVIAC7 || MGEODEGX1 || GEODE_LX || MCORE2 || MATOM) && !X86_NUMAQ) || X86_64

config UML
        default y
Copy your ubuntu kernel configuration file to .config
cp /boot/config-2.6.32-30-generic .config
Issue following command and load alternate configuration file
make menuconfig
For an ubuntu configuration file, you should do:
--> Processor type and features
        Deselect: Support for extended (non-PC) x86 platforms
        Select either: Pentium-MMX or Pentium-Pro
        Select: High Memory Support (64GB)
  --> Paravirtualized guest support
        Select: Xen guest support
        Select: Enable Xen privileged domain support
        Optional: Enable other features
See, NOTE* on XenSource (Configuring the kernel) for further hints and edit the saved (alternate) configuration file as suggested. Remember that PAE support (!HIGHMEM4G option) is only needed for 32 bit systems.
Please consult, XenSource (Troubleshooting, what to do if the custom built pv_ops dom0 kernel doesn't work/boot?), if the configuration file doesn't produce a stable dom0 kernel.
sudo make
sudo make modules_install install
At this point you should see in /boot directory a file
  • vmlinuz-
cd /boot
sudo update-initramfs -c -k
sudo update-grub
In file /etc/xen/xend-config.sxp, comment out
(xend-unix-server yes)
Boot your new kernel.
If things are working fine, then you have successfully compiled a pv-ops Dom0 kernel. But Xen will not work at this point. To be able to make Xen work, you will have to change grub entries. Above step is used as a primarily test, i.e. you booted without Xen to find out whether the Dom0 kernel is compiled correctly or not. Which grub entries you should insert is explained later in this section.
Set up xend and xendomains to run as services
sudo update-rc.d xend defaults 20 21
sudo update-rc.d xendomains defaults 21 20
Now edit the grub2 file /boot/grub/grub.cfg to suite your needs
menuentry "Xen 4.0.1 / Ubuntu 10.04 kernel" {
insmod ext2
set root='(hd0,9)'
multiboot [(hd0,9)]/boot/xen.gz dummy=dummy
module [(hd0,9)]/boot/vmlinuz- dummy=dummy root=<sd* | GUID> ro [console=tty0 quiet splash]
module [(hd1,5)]/boot/initrd.img-
Reboot and select above entry.
Verify that the Xen environment is running successfully:
$ cat /proc/xen/capabilities
$ sudo xm info 
host                   : ub110317
release                :
version                : #1 SMP Fri Mar 25 21:04:20 CET 2011
machine                : i686
nr_cpus                : 2
nr_nodes               : 1
cores_per_socket       : 2
threads_per_core       : 1
cpu_mhz                : 2194
hw_caps                : bfebfbff:20100000:00000000:00000940:0000e3bd:00000000:00000001:00000000
virt_caps              : 
total_memory           : 2015
free_memory            : 124
node_to_cpu            : node0:0-1
node_to_memory         : node0:124
node_to_dma32_mem      : node0:124
max_node_id            : 0
xen_major              : 4
xen_minor              : 0
xen_extra              : .1
xen_caps               : xen-3.0-x86_32p 
xen_scheduler          : credit
xen_pagesize           : 4096
platform_params        : virt_start=0xf5800000
xen_changeset          : unavailable
xen_commandline        : dummy=dummy
cc_compiler            : gcc version 4.4.3 (Ubuntu 4.4.3-4ubuntu5) 
cc_compile_by          : sad
cc_compile_domain      : 
cc_compile_date        : Fri Mar 18 00:54:16 CET 2011
xend_config_format     : 4
$ sudo xm list
Name                                        ID   Mem VCPUs      State   Time(s)
Domain-0                                     0  2870     2     r-----     36.9
If you see similar outputs as shown above, it means that your Xen and Dom0 compilation has been successful and from here on you should proceed with installing a guest operating system.
Now you need to understand how can you create guest operating system on Xen.

Creating Guest Operating Systems to run on Xen

Creation of Guest Operating systems is a separate and vast subject. Before you read this guide we will suggest to check this page How to create four application servers on Xen this page has most detailed instructions.So if you are new comer and trying to create the guest operating systems for the first time do read it. Guest Operating System installations can be of following two types
  1. HVM Guest (Fully Virtualized Guest) (The kernel of Guest needs no modification)
  2. PV Guest (Para Virtualized Guest) (The kernel of Guest *needs* modification)

  • This tutorial will assume that you are using DHCP on your host.
First, edit a few options in /etc/xen-tools/xen-tools.cfg:
initrd=<path to Xen hypervisor initrd>
Then create an empty directory which will contain the new guest OSʼs file systems and run the following command:
sudo xen-create-image --force --dir=<your new directory>
The creation will take some time. In the end the system will ask you to create a root password for the new guest OS. Before booting into the guest OS you will need to make a few changes to its configuration file /etc/xen/
root        = '/dev/sda2 ro'
disk        = [
dhcp        = 'dhcp'
vif         = [ 'bridge=xenbr0,mac=12:34:56:78:9A:BC' ]
Thatʼs it! You can start your VM. It will have networking through DHCP.
xm create -c /etc/xen/

Karmic Notes

The installation guide below is helpful for most generations of Xen with most releases of Ubuntu, but has a couple of details that are out-dated. Here we briefly discuss those notes to help you with your install. If you haven't used Xen before you will want to read at least the guide below, in addition to these brief additions.
  • Karmic (and presumably later releases) requires a kernel that provides the /proc/<pid>/mountinfo extensions. These extensions were first in kernels 2.6.26, so earlier kernels will not work with Karmic, either as dom0 or domU.
  • Recent kernels in Ubuntu are compressed with newer compression techniques lzma and bzip2. Xen 3.2 does not understand how to uncompress these kernels. If you want to use these kernels in your dom0, you need a more recent version of Xen. Xen 3.3 has worked on kernels up to 2.6.31-19-server. (Note: can anyone answer whether domU kernels have the same issue?)
  • Newer Ubuntu kernels include the pv_ops extensions, which means the Ubuntu kernels come all ready to run as domUs. These kernels are included in Ubuntu distributions as the "-server" kernels. You can fetch a complete kernel, include the /lib/modules and other stuff needed to boot it as the linux-virtual package. These kernels are not suitable for dom0 kernels. (pv_ops is a new architecture for virtualizing linux kernels that provides a fake hardware interface for the domU to run against. Many of the linux virtualization packages, including Xen, are switching to support pv_ops, to make it easy for any distribution to provide domU kernels. Work is under way to make these kernels also serve as Xen dom0 kernels, but that's a different and more challenging problem.)
  • If you fetch this package, the kernel will be placed in the /boot directory of your domU. Remember to copy the kernel and initrd to the /boot directory of your dom0, which will have to load them into memory to kick off the domU. Remember to edit the domU configuration file to use the new kernel and initrd. If you install the kernel some other way, remember to copy the appropriate /lib/modules/ subdirectory into your domU. (This setup is somewhat unintuitive, but the idea is that that dom0 needs the domU kernel and initrd to get the kernel started, but does not need the modules, since those will be accessed once the kernel is running. The domU does not need the kernel or initrd, since those will already be in memory, but does need the modules. It's fine to have the extra kernels in your dom0, since your bootloader (e.g., grub) will pick the right one, and it doesn't hurt anyone to have the kernels in the domU /boot, since they will be ignored.)
  • The detailed instructions below for setting up the Xen configuration describe how to fix getty by editing the automatic scripts. On karmic things have changed further. If you want to have a console for your domUs, you'll need to have getty running on /dev/hvc0 inside the domU. getty is run out of /etc/init/hvc0.conf on karmic. (On jaunty it's /etc/event.d/hvc0.conf.) Copy /etc/init/tty1.conf and edit appropriately. Make sure you have:
extras = "console=hvc0"
in the domU configuration file. (The domU console has changed names over the years. See this table at the bottom of theXenDom0Kernels Wiki for details, but basically with the pv_ops kernels since 2.6.26 the correct name is hvc0; before that the correct name was often xvc0; before that the syntax was "xenconsole=tty".)
  • If you also want to upgrade your dom0, remember that you will need at least a 2.6.26 kernel if you're going to karmic. A good source of these kernels is debian. The debian 2.6.26-2-xen-amd64 kernels are known to work with at least jaunty, and should in principle be sufficient for karmic. (Please report definitive experience here if you can.)


Note: This guide is written for Feisty. It is currently not fully compatible with Gutsy, use at your own risk! In general, more recent versions of Ubuntu will require fewer workarounds. Intrepid, for instance, includes everything but the Linux dom0 kernel itself, though you can get a kernel from Debian -- see above.

Install from packages (recommended)

sudo aptitude install ubuntu-xen-server
Note: There is also an ubuntu-xen-desktop, and an ubuntu-xen-desktop-amd64. The purpose of these is a bit ambiguous, but they install firefox and all kinds of gnome libs. They may also not be PAE enabled... compiled for systems with more than 4GB of RAM. Even if you are on a 64 bit system, you should still install ubuntu-xen-server.
The Feisty AMD64 version of ubuntu doesn't have an ubuntu-xen-server metapackage so far. Instead, use this.
For Feisty AMD64:
sudo aptitude install xen-image-2.6.19-4-generic-amd64 bridge-utils libxen3.0 python-xen3.0 xen-docs-3.0 xen-hypervisor-3.0 xen-ioemu-3.0 xen-tools xen-utils-3.0
For Gutsy AMD64:
sudo aptitude install ubuntu-xen-server        # Not in repository at 02/25/2008
sudo aptitude install ubuntu-xen-desktop-amd64 # includes xenman
xen-tools is no more included in Ubuntu since Lucid. You can get it from the following PPA for Lucid, Maverick, etc.:
Maybe install xenman too, but it installs all kinds of gnome stuff.
Next you need to enable networking. [Gutsy: I had to reboot the xen kernel before I could run the xend script]
vim /etc/xen/xend-config.sxp

#(network-script network-dummy)
(network-script network-bridge)

sudo /etc/init.d/xend restart  # for the change to take effect
Its also a good idea to increase the default number of loop mounts allowed. Not really needed if you are going to use LVM, but it also wont break anything if you do it anyway.
vim /etc/modules

loop max_loop=64
This is probably a good point to reboot your machine so that you use the xen kernel.
After reboot is a good chance to check your network and ensure it works. Both Feisty and Gutsy may have network problems with certain hardware. If you are experiencing network problems, check out this potential solution


If - after reboot - you see a kernel oops in dmesg or suggestion to boot with irqpoll, then try disabling ACPI and Plug 'n Play OS options in your BIOS. If you have no access to these options from the BIOS, then you may need to boot your kernel with acpi=off option. The reason is that there is no ACPI in the Xen kernel. Edit /boot/grub/menu.list and find a module line:
title           Xen 3.1 / Ubuntu 7.10, kernel 2.6.22-14-xen
root            (hd0,0)
kernel          /boot/xen-3.1.gz
module          /boot/vmlinuz-2.6.22-14-xen root=UUID=your-uuid-here ro console=tty0
module          /boot/initrd.img-2.6.22-14-xen
change the one module line with options above to:
module          /boot/vmlinuz-2.6.22-14-xen root=UUID=your-uuid-here ro console=tty0 acpi=off


Most people can skip this section. This is just in case you get a kernel panic at reboot, then you probably have SCSI or SATA modules that need to be included in an initrd. Do this to create an initrd:
sudo depmod -a xen-3.0-i386.gz
sudo mkinitramfs -o /boot/xen-3.0-i386.initrd.img 2.6.19-4-generic
And then add this as a second module line in the Xen section of your menu.lst file.
module      /boot/xen-3.0-i386.initrd.img
This recommendation might be wrong. Please correct it if so. See here and and here for more details.

AACRaid Bugfix

Currently on some server configurations running 2.6.24-18-xen, AACRaid will cause a kernel panic. (The error is 'out of SW-IOMMU space'). This happened to me either on boot-up, or immediately after I tried to access the disk (ie, using apt-get). If this happens to you, try adding "swiotlb=128" into your /boot/grub/menu.lst file like so:
module   /boot/vmlinuz-2.6.24-18-xen root=<your UUID> ro console=tty0 swiotlb=128
You will also have to add this switch into any DomU config files you create. This flag fixed the kernel panics on IBM X-Server 3550's with attached SAN arrays. This bug originally referenced at: everyone who's working on it. Paul Mc.)

Prebuilt Binaries install

This section has not yet been written.

Guest Templates

For a full list of possible xen domU config options, type
sudo xm create --help_config

LVM partitioning

xen-tools can create lvm volumes for you, so you can skip this section. If you need to make lvm volumes yourself you can use these commands. I just used the ubuntu installer to setup my LVM volume group initially. If you are using local .img files for your xen guests, then you dont need lvm.
sudo lvdisplay                         # To see existing lvm volumes.
lvcreate -n myguest-disk -L +100G my_volume_group    # To create a volume 
lvcreate -n myguest-swap -L +4G   my_volume_group    # To create another volume

How to extend an LVM partition

# e2fsck -f /dev/vg0/<DomU_name>
# lvextend -L +1G /dev/vg0/<DomU_name>
# resize2fs /dev/vg0/<DomU_name>

Using loopback-mounted-file

Create sparse file for disk, and non-sparse file for swap.
dd if=/dev/zero of=/mnt/domains/myslice/disk.img bs=1 count=0 seek=25G
dd if=/dev/zero of=/mnt/domains/myslice/swap.img bs=1G count=1

mkfs.ext3 ./disk.img  (then say Y)
mkswap ./swap.img

Network for DomU

If you use the bridged network setup, it may be necessary to enable dhcp for eth0. Make sure that your /etc/network/interfaces looks like something like this.
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
If you are using static IP configuration, then your /etc/network/interfaces will be something like this, do not copy and paste this. Change the IP addresses accordingly.
 auto lo
 iface lo inet loopback

 auto eth0
 iface eth0 inet static
Make sure hostname of DomU is correct in /etc/hostname. That file should have a single line, and in that line, your hostname should be present.
Make sure /etc/hosts file is correct.       localhost       yourhostname 

DomU using xen-tools (recommended)

xen-tools is no more included in Ubuntu since Lucid. You can get it from the following PPA for Lucid, Maverick, etc.:
First you need to edit some of the default values in xen-tools.conf . Go through the file and set them to what you want. I've mentioned the more important ones below. Make sure you set a gateway and netmask or networking won't work.
# vim /etc/xen-tools/xen-tools.conf

gateway   =
netmask   =
passwd = 1
kernel = /boot/vmlinuz-2.6.19-4-server
initrd = /boot/initrd.img-2.6.19-4-server
mirror =
Create a new image.
sudo xen-create-image --ip= --ide --force
Tail the log file under /var/log/xen to see progress. There is no real indication on the command-line that anything is happening, though you will see some network traffic, possibly.
Someone said that if you don't use --ide, it wont work. So I took their advice. man xen-create-image says " --ide Use IDE names for virtual devices (hda not sda)"
When the command finishes, it will leave a config file in /etc/xen named based on the host name your specified. This config file can be used in the command below that creates the virtual instance.
Start a xen host.
sudo xm create /etc/xen/

Other DomU Setups

Stuff goes here.

Other DomU Guest Configurations

Stuff to check when converting a disk image to a Dom U

/etc/conf.d/net or /etc/network/interfaces
/lib/modules/kernel-modules ( copy them to the guest if needed )
on gentoo fix the /sbin/rc bug that causes /sys and /proc errors.
Make sure you setup an empty /sys, /proc, and setup a skeleton /dev.
set root passwd
Look out for /etc/udev/rules.d/70-persistent-net.rules which can change your eth device id.

Using debootstrap

Mount the guest partition(loopback-file, raw partition or LVM) under /mnt/myguest
Bootstrap Ubuntu. In the commands below change the "export" lines with your configuration, also select a mirror in your country/continent
sudo apt-get install debootstrap
export ARCH=amd64
export DISTRIBUTION=hardy
export MIRROR=
debootstrap --arch $ARCH $DISTRIBUTION /mnt/myguest/ $MIRROR
Copy the modules of current running kernel
sudo cp -a  /lib/modules/`uname -r`/   /mnt/myguest/lib/modules/
Fix networking as stated above in "Network for DomU" section
Edit /mnt/myguest/etc/fstab. Use hda instead of sda if you use ide. Include the swap line if you prepared a swap partition.
/dev/sda1     /     ext3     errors=remount-ro   0     1
proc          /proc proc     rw,nodev,nosuid,noexec              0     0
/dev/sda2     none  swap     sw                    0     0
Now create a config file following the instructions in "Creating a DomU config file by hand" section below.
You can run your guest with
sudo xm create /etc/xen/YOURCONF.cfg
Debootstrap does not create locales. When you run the virtual machine, if you get errors like the following, run the command below.
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = “en_US.UTF-8″
are supported and installed on your system.
perl: warning: Falling back to the standard locale (”C”).
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
To fix this, run this, replace en_US.UTF-8 with your own locale.
sudo locale-gen en_US.UTF-8
Remember, locale settings are in /etc/environment

Creating a DomU config file by hand

Here is a skeleton DomU config file. Put this file under "/etc/xen" directory.
Edit the file changing the settings matching your setup.
  • Learn your kernel version with "uname -r" command. Replace the versions in "kernel" and "ramdisk" lines with correct version.
  • As you can guess, "memory" sets DomU memory
  • "name" will be the name used to refer to this guest, keeping it the same as your DomU hostname will keep things simpler.
  • "disk" line depends heavily on how you created the disks for DomU. If there is no swap, remove the second entry. If you use ide, change "sda" into "hda".
 kernel = "/boot/vmlinuz-2.6.19-4-generic"
 ramdisk = "/boot/initrd.img-2.6.19-4-generic"
 memory = 128
 name = "yourhostname"
 vcpus = 1
 vif = [ 'bridge=xenbr0' ]
 disk = [ 'file:/var/vm/myvm/disk.img,sda1,w' ,  'file:/var/vm/myvm/swap.img,sda2,w' ]
 root = "/dev/hda1 ro"
on_poweroff = 'destroy'
on_reboot   = 'restart'
on_crash    = 'restart'
If you want to give static mac addresses and static IPs, "vif" line should be like the one below. Mac addresses beginning with "00:16:3e" are reserved for guest machines, fill the remaining part randomly.
vif  = [ 'mac=00:16:3e:XX:XX:XX, ip="YYY.YYY.YYY.YYY"' ]
If you use a physical partition, the disks line should be something like;
 disk = [ 'phy:/dev/hda6,ioemu:hda1,w' ]

Gentoo Guest

Ubuntu Guest is Gutsy 7.10 or newer

The xen-tools hook scripts included for gutsy target are merely a link to edgy, which is problematic. The init system has changed since Edgy. Also, there is a bug with accessing hwclock. The result is a newly created gutsy domU appears to crash or hang after mounting the rootfs.
The xen-tools patch/workaround:
1) Remove the symbolic link /usr/lib/xen-tools/gutsy.d and make a copy of /usr/lib/xen-tools/edgy.d to /usr/lib/xen-tools/gutsy.d
rm /usr/lib/xen-tools/gutsy.d
cp -a /usr/lib/xen-tools/edgy.d /usr/lib/xen-tools/gutsy.d
mv /usr/lib/xen-tools/gutsy.d/15-disable-hwclock /usr/lib/xen-tools/gutsy.d/21-disable-hwclock

2) Edit /usr/lib/xen-tools/gutsy.d/21-disable-hwclock and be sure to have the lines below:
chroot ${prefix} /usr/sbin/update-rc.d -f remove
chroot ${prefix} /usr/sbin/update-rc.d -f remove
chroot ${prefix} rm -f /etc/udev/rules.d/85-hwclock.rules
chroot ${prefix} ln -sf /bin/true /sbin/hwclock

3) Create a hook to enable the gettys

cp /usr/lib/xen-tools/gutsy.d/30-disable-gettys /usr/lib/xen-tools/gutsy.d/32-enable-gettys
now edit the above file to execute the following:

#  Change first console setting to xvc0 upstart
echo "xvc0" >> ${prefix}/etc/securetty
sed -i "s/tty1/xvc0/" ${prefix}/etc/event.d/tty1
(Note that in karmic the getty line must be put in /etc/init/hvc0.conf, instead of in /etc/event.d/tty1. Can someone change the above appropriately?)
(Also note that in recent kernels, including all of those that will actually boot with karmic, the correct console device is /dev/hvc0. This change must be made both above, and in the extras line, below.)
Set runlevel and console devices: echo "extra = '2 console=xvc0'" >> /etc/xen/guestname.cfg
Edit guestname.cfg and assign mac addr to the vif: vif = [ 'mac=xx:xx:xx:xx:xx:xx, ip=a.b.c.d' ]

Windows HVM Guests

Make sure you have HVM support turning on in the BIOS.
sudo xm dmesg | grep VMX
For the initial install you can mount a iso as a cdrom. A vnc server will be started on localhost. To get the server to run on the machines public facing ips, make this change.
vim /etc/xen/xend-config.sxp

#(vnc-listen '')
(vnc-listen '')

and dont forget  sudo /etc/init.d/xend restart
Your xen guest config file should look like this:
#Kernel and memory size
kernel = '/usr/lib/xen-ioemu-3.0/boot/hvmloader'
device_model = "/usr/lib/xen-ioemu-3.0/bin/qemu-dm"
builder = 'hvm'
memory  = '512'
disk    = [ 'phy:barracudas/winxp01-disk,ioemu:hda,w', 'file:/home/steven/winxp.iso,ioemu:hdc:cdrom,r' ]

#  Hostname and Networking
name    = 'winxp01'
vif  = [ 'type=ioemu, bridge=xenbr0' ]

#  Behaviour
boot='d'  #d is cdrom boot, c is disk boot.
This works for booting a Windows 2003 HVM guest:
#  -*- mode: python; -*-

import os, re
arch = os.uname()[4]
if'64', arch):
    arch_libdir = 'lib64'
    arch_libdir = 'lib'

kernel = "/usr/lib/xen/boot/hvmloader"
memory = 756
shadow_memory = 8
name = "Windoze"
vif = [ 'type=ioemu, bridge=xenbr0' ]
disk = [ 'phy:/dev/vm-disks/win2k3,ioemu:hda,w', 'file:/root/en_win_srv_2003_r2_standard_cd1.iso,hdc:cdrom,r' ]
boot = "d"

device_model = '/usr/' + arch_libdir + '/xen/bin/qemu-dm'

Popular posts from this blog


DNS Scavenging.

AD LDS – Syncronizing AD LDS with Active Directory