200 likes | 308 Views
Xen Virtualization. Andrew Hamilton. TJHSST CSL Logo and Powered By Linux by Dan Tran tjhsst.edu/~dtran. Presentation Overview. Theory Methods of Virtualizing Xen Virtualization Conclusion. Theory. Do one thing and do it well (The UNIX philosophy) Containerize Systems
E N D
Xen Virtualization Andrew Hamilton TJHSST CSL Logo and Powered By Linux by Dan Tran tjhsst.edu/~dtran
Presentation Overview • Theory • Methods of Virtualizing • Xen Virtualization • Conclusion
Theory • Do one thing and do it well (The UNIX philosophy) • Containerize Systems • Many little machines contained in one
Methods of Virtualization • Chroots • Minimal Overhead • One kernel, network connection, process system • Root can break out • FreeBSD Jails / Solaris Containers • Separate Networking and process systems, root is trapped • Overhead is still minimal • Still only one kernel
More Methods of Virtualization • Full Virtualization • Multiple OSes, complete segregation of resources • High overhead, oftentimes expensive • Paravirtualization (Xen/LDOMs) • Multiple Oses with less overhead • May require specialized hardware or a modified operating system
What we have • Hypervisor • Runs underneath everything and serves as an interface between the hardware and the VMs • The Xen part of Xen Virtualization • Dom0 • Generally a linux kernel with the xen patches • Is able to control the hypervisor and manage VMs • Needs drivers for the server hardware • DomUs • The VMs we want to run
Installing a Dom0 • First install and configure the linux distribution of your choice • Then install the xen-specific packages • Debian: apt-get install xen-linux-image • Gentoo: emerge xen, xen-tools, xen-sources • Red Hat: yum install xen kernel-xen
Configuring the Dom0 • Grub • Boot using the Xen hypervisor as the kernel • Load the Dom0 Kernel as a Module • Start xend on boot • VM Storage Space • Local vs SAN • Files or LVM (or other devices) • Setup VM Networking • Bridging or NAT
VM Networking: Bridging Switch Network eth0 Physical Adapter xenbr0 Network Bridge Vif0.0 Vif1.0 Vif2.0 VMs
VM Networking: NAT Switch Network eth0 Physical Adapter IPTables NAT/Firewall Vif0.0 Vif1.0 Vif2.0 VMs
Testing Time! • Reboot to the Xen Setup (hopefully it boots) • Stress Test the new setup • Recompiling the kernel repeated works well • For a in `seq 1 20`; do make clean; make; done; • Make sure everything works well now • If it doesn’t fix it now
Creating VMs • Manual or automatic? • Xen-tools • File-based vs Device-based • Create the harddrives • LVM create the logical volumes • Files, create the files • Format the disks
Linux VMs • Mount the hard-drives • Use an appropriate method to install your OS • Debootstrap • Untar and chroot • Copy over an image • Remember VMs only need a small set of packages
Xen Config Files • kernel = ‘/boot/kernel-2.6.29-r1-amd64-xen-domu • Initrd (if required) • Memory = ‘512’ • Disk = [ ‘phy:vgmagellanic/ns1-disk,sda1,w’ file:/home/xen/ns1-swap,sda2,w’ ] • Name = ‘ns1’ • vif = [ 'mac=00:02:C6:26:10:B7‘, ‘mac=00:16:3e:aa:bb:cc,bridge=xenbr1’ ]
Managing VMs • Starting VMs (xm create) • We usually want to be running VMs • Stopping VMs (xm shutdown) • This is the nice safe way to stop VMs • Really Stopping VMs (xm destroy) • The Xen equivalent of a four-second off • Monitoring (xm list, xm top)
Advanced Features • Live Migration (xm migrate) • Enable in xend config • Both servers need to be able to access the VM’s disks • Snapshotting for backups • Using lvm to make consistent backups • Snapshot the domu from the dom0 • Mount the snapshot and rsync or tar it
Conclusion • Xen can provide a separation of services with minimal performance hit • It is NOT a guaranteed security measure, but it’s pretty good • Some programs dislike running in VMs • Allows Virtualization on older x86 hardware
A Few Resources • http://tjhsst.edu/~ahamilto/josti09/ This Presentation • http://tjhsst.edu/admin/livedoc/ • Sysadmin Livedoc, lots of general knowledge about Linux/UNIX • http://www.xen.org • Homepage of the Xen project.