www.nostarch.com THE FINEST IN GEEK ENTERTAINMENT ™ SHELVE IN: LINUX/VIRTUALIZATION $49.95 ($62.95 CDN) THE COMPLETE GUIDE TO VIRTUALIZATION WITH XEN THE COMPLETE GUIDE TO VIRTUALIZATION WITH XEN “I LAY FLAT.” This book uses RepKover—a durable binding that won’t snap shut. Xen, the open source virtualization tool, is a system administrator’s dream. Xen is a free, high-performance virtual machine monitor that lets you consolidate your hardware and finally put those unused cycles to use— without sacrificing reliability, performance, or scalability. The Book of ™ Xen explains everything you need to know in order to use Xen effectively, including installation, networking, memory management, and virtualized storage. You’ll also learn how to use Xen and standard Linux tools to take snapshot backups, perform QoS operations on network traffic, and limit over-aggressive disk users. Authors Chris Takemura and Luke S. Crawford show you how to: • Provide virtual hosting for dozens of users, each with their own individual needs • Install and manage multiple guests, including various flavors of Linux, NetBSD, Solaris, and Windows • Choose the right virtual storage option for your needs • Migrate your systems seamlessly and create new images • Tune and benchmark your systems to make them as fast as possible • Troubleshoot Xen’s most common problems like network and memory management Expert advice is priceless when it comes to running a complicated open source virtualization technology like Xen. You’ll get the advice you need in The Book of Xen. ABOUT THE AUTHORS Chris Takemura is a longtime *NIX sysadmin, Perl hacker, and technological hobbyist. He’s been using Xen from its early days, and helped to build prgmr.com’s reputation as “hosting for the technically adept.” Luke Crawford has used virtualization in production since before it was cool, virtualizing hundreds of servers for large and small corporations. He launched the prgmr.com VPS service in 2005, selling virtual servers based on FreeBSD jails before switching to Xen in an effort to more fairly allocate resources. THE BOOK OF XEN THE BOOK OF XEN A PRACTICAL GUIDE FOR THE SYSTEM ADMINISTR ATOR CHRIS TAKEMUR A AND LUKE S. CRAWFORD ™ TAKEMURA AND CRAWFORD THE BOOK OF ™ XEN THE BOOK OF ™ XEN www.it-ebooks.info www.it-ebooks.info THE BOOK OF ™ XEN www.it-ebooks.info www.it-ebooks.info THE BOOK OF ™ XEN A Practical Guide for the System Administrator by Chris Takemura and Luke S. Crawford San Francisco www.it-ebooks.info THE BOOK OF XEN. Copyright © 2010 by Chris Takemura and Luke S. Crawford. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. 13 12 11 10 09 1 2 3 4 5 6 7 8 9 ISBN-10: 1-59327-186-7 ISBN-13: 978-1-59327-186-2 Publisher: William Pollock Production Editors: Magnolia Molcan and Philip Dangler Cover and Interior Design: Octopod Studios Developmental Editor: Tyler Ortman Technical Reviewer: Rami Rosen Copyeditor: Jeanne Hansen Compositor: Riley Hoffman Proofreader: Rachel Kai Indexer: Valerie Haynes Perry For information on book distributors or translations, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 555 De Haro Street, Suite 250, San Francisco, CA 94107 phone: 415.863.9900; fax: 415.863.9950; info@nostarch.com; www.nostarch.com Library of Congress Cataloging-in-Publication Data Takemura, Chris, 1981- The book of Xen : a practical guide for the system administrator / Chris Takemura and Luke S. Crawford. p. cm. Includes index. ISBN-13: 978-1-59327-186-2 ISBN-10: 1-59327-186-7 1. Xen (Electronic resource) 2. Virtual computer systems. 3. Computer organization. 4. Parallel processing (Electronic computers) I. Crawford, Luke S. (Luke Seidel), 1980- II. Title. QA76.9.V5C83 2009 004'.35 dc22 2009029566 No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. “The Book of” is a trademark of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this work, neither the authors nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it. www.it-ebooks.info This one’s for my dad, who first introduced me to text-based adventure games on a Z80-based Heathkit computer, and whose fault, therefore, all of this is. —Chris Takemura To Sarah. I got what I wanted. —Luke S. Crawford www.it-ebooks.info www.it-ebooks.info BRIEF CONTENTS Foreword by Paul Vixie xv Acknowledgments xvii Introduction xix Chapter 1: Xen: A High-Level Overview 1 Chapter 2: Getting Started 13 Chapter 3: Provisioning DomUs 23 Chapter 4: Storage with Xen 43 Chapter 5: Networking 59 Chapter 6: DomU Management: Tools and Frontends 75 Chapter 7: Hosting Untrusted Users Under Xen: Lessons from the Trenches 89 Chapter 8: Beyond Linux: Using Xen with Other Unix-like OSs 109 Chapter 9: Xen Migration 125 Chapter 10: Profiling and Benchmarking Under Xen 141 Chapter 11: Citrix XenServer: Xen for the Enterprise 159 Chapter 12: HVM: Beyond Paravirtualization 175 Chapter 13: Xen and Windows 187 www.it-ebooks.info viii Brief Contents Chapter 14: Tips 199 Chapter 15: Troubleshooting 219 Appendix A: xm Reference 243 Appendix B: The Structure of the Xen Config File 251 Index 263 www.it-ebooks.info [...]... actually runs all software directly on the processor at full speed, with only a very small overhead for some resource management tasks This leads to the first, and probably the most important, advantage of Xen: Xen runs fast in comparison with traditional emulators Preliminary results in “Xen and the Art of Virtualization”—one of the seminal Xen papers— indicated performance degradation of less than... simple as “paravirtualization makes a computer fast”—I/O, for example, can lead to expensive context switches—but it is generally faster than other approaches We generally assume that a Xen guest will run at about 95 percent of its native speed on physical hardware, assuming that other guests on the machine are idle However, paravirtualization isn’t the only way to run a virtual machine There are two competing... interface to enhance isolation between virtual machines Although this is incredibly useful, it’s neither as useful or as versatile as a full-fledged virtual machine would be Because the jails share a kernel, for example, a kernel panic will bring down all the VMs on the hardware However, because they bypass the overhead of virtualizing hardware, virtualized machines can be about as fast as native execution—in... virus Xen therefore makes a virtual TPM available to the domUs With full virtualization, an unmodified3 OS “hosts” a userspace program that emulates a machine on which the “guest” OS runs This is a popular approach because it doesn’t require the guest OS to be changed in any way It also has the advantage that the virtualized architecture can be completely different from the host architecture for example,... example, QEMU can simulate a MIPS processor on an IA-32 host and a startling array of other chips However, this level of hardware independence comes at the cost of an enormous speed penalty Unaccelerated QEMU is an order of magnitude slower than native execution, and accelerated QEMU or VMware ESX server can only accelerate the emulated machine if it’s the same architecture as the underlying hardware In this... perfect compatibility with the applications inside the virtual machine This layer of indirection makes the virtual machine very slow Xen bypasses this slowdown using an approach called paravirtualization— para as a prefix means similar to or alongside As the name suggests, it’s not “real” virtualization in the traditional sense because it doesn’t try to provide a seamless illusion of a machine Xen presents... to hardware The domain 0 kernel has the usual hardware drivers and uses them to export abstractions of hardware devices to the hypervisor and thence to virtual machines Think of the machine as a car, with the dom0 as driver He’s also a passenger but has privileges and responsibilities that the other passengers don’t 5 See http://www.cl.cam.ac.uk/research/srg/netos/papers/2004-oasis-ngio.pdf Xe n: A Hig... take the example of translating an address given by an application First, at the left, we have the address as given This consists of a segment selector and offset The MMU looks up the segment selector in the GDT (Global Descriptor Table) to find that segment’s location in the linear address space, which is the complete address space accessible to the process (usually 4GB) The offset then acts as an... hypervisor then takes appropriate action (sending packets, replying with data, etc.) For performance reasons, the rings generally contain I/O descriptors rather than actual data The data is kept in separate buffers accessed through DMA, which Xen maintains control of using principles similar to those for memory allocation The hypervisor also locks the pages in question, ensuring that the application doesn’t... competing approaches: full virtualization and OS-level virtualization Virtualization Techniques: Full Virtualization Not all virtualization methods use Xen’s approach Virtualization software come in three flavors At one extreme you have full virtualization, or emulation, in which the virtual machine is a software simulation of hardware, real or fictional—as long as there’s a driver, it doesn’t matter much . in an effort to more fairly allocate resources. THE BOOK OF XEN THE BOOK OF XEN A PRACTICAL GUIDE FOR THE SYSTEM ADMINISTR ATOR CHRIS TAKEMUR A AND LUKE S. CRAWFORD ™ TAKEMURA AND CRAWFORD THE. CRAWFORD ™ TAKEMURA AND CRAWFORD THE BOOK OF ™ XEN THE BOOK OF ™ XEN www.it-ebooks.info www.it-ebooks.info THE BOOK OF ™ XEN www.it-ebooks.info www.it-ebooks.info THE BOOK OF ™ XEN A Practical Guide for the System Administrator by. may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the