virtualization Xen Virtualization in Red Hat Enterprise Linux 5 By Jose de la Rosa Puneet Dhawan V Related Categories: Red Hat Enterprise Linux The open source Xen virtualization hypervisor included in the Red Hat ® Enterprise Linux ® 5 OS provides key components to help build dynamic, scalable virtualized environments. This article describes the basic features of Xen virtualization in Red Hat Enterprise Linux 5 and how organizations can deploy it on ninth-generation Dell™ PowerEdge™ servers. irtualization enables enterprises to consolidate allows operating systems to run inside a VM without modi- multiple servers without sacrificing application fication, but may require overhead that can reduce isolation, scale their infrastructure as their needs performance. grow, and increase availability through dynamic provisioning Paravirtualization—the approach used by Xen—modifies and relocation of critical systems. Combining the open guest operating systems to run in a virtualized environ- source Xen hypervisor in Red Hat Enterprise Linux 5 with ment. The VMs interface with the Xen hypervisor using ninth-generation Dell PowerEdge servers and Dell storage hypercalls, rather than the system calls used by full virtu- enables enterprises to create a dynamic data center that can alization. As shown in Figure 1, the real device drivers run in a special VM, or domain, called Domain 0 (Dom0). scale easily to meet enterprise requirements. Rather than abstracting standard devices for the VMs, Virtualization Visit DELL.COM/PowerSolutions for the complete category index. 1 Xen architecture Dom0 exposes a set of class devices, such as networks The virtualization layer, often called the hypervisor or vir- and storage blocks, to the VMs. I/O data transfers to and tual machine (VM) monitor, abstracts underlying physical from each VM through Xen use the XenBus memory-mapped hardware to present a uniform set of hardware resources— communication channel. The VMs use paravirtualized such as processors, memory, networks, and storage device drivers and a paravirtualized kernel to interoperate blocks—to VMs. VMs running on a single system share with Dom0 and the Xen hypervisor. available physical resources, with the hypervisor multiplex- Paravirtualization requires modifying guest operating ing key resources and maintaining isolation among differ- systems, which is not possible for all popular OS distribu- ent VMs. Figure 1 shows the architecture of the Xen tions. However, Xen can take advantage of Intel ® hypervisor. Virtualization Technology (Intel VT) and AMD Virtualization™ How the hypervisor abstracts the underlying physical (AMD-V™) technology to run unmodified operating systems resources defines key characteristics of the virtualization as well. The virtualization capabilities of Red Hat Enterprise architecture. Two popular approaches are full virtualization Linux 5 coupled with ninth-generation Dell PowerEdge serv- and paravirtualization. Full virtualization presents emu- ers can create a flexible, powerful virtualized environment lated resources to VMs that mimic a standard PC architec- that accommodates both modified and unmodified guest ture and standard peripheral devices. Using this approach operating systems. DELL POWER SOLUTIONS | November 2007 Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. “ Combining the open source Xen hypervisor in Red Hat Enterprise Linux 5 with ninthgeneration Dell PowerEdge servers and Dell storage enables enterprises to create a dynamic data center that can scale easily to meet enterprise requirements.” space is unique and cannot be shared between VMs. The disk space made available to VMs can be either an image file or a disk partition. • Network interfaces: Virtual network interface cards are configured with a persistent virtual Media Access Control (MAC) address. When a new VM is created, this address is selected at random from a reserved pool of over 16 million addresses, When Red Hat Enterprise Linux 5 is installed Manager can schedule virtual processors making it unlikely that any two VMs will with virtualization capabilities, the integrated according to the physical processor be assigned the same one. Administrators Xen hypervisor takes control of the system workload to help optimize available for complex sites with a large number of hardware and launches the installed Red Hat resources. VMs can allocate MAC addresses manu- Enterprise Linux 5 distribution as Dom0. In • Memory: Each VM is assigned a part of ally to help ensure that they remain addition to serving as the main driver domain the host system’s physical memory. unique on the network. Red Hat virtualiza- for VMs, Dom0 also runs a set of control and Administrators should typically assign the tion supports 10/100/1,000 Mbps Ethernet management services that administrators can same amount of memory to a VM as they and 10 Gigabit Ethernet, Fibre Channel, access through command-line interface (CLI) would for the same configuration in a non- and InfiniBand networks. tools such as xm and virsh or graphical user virtualized environment. Administrators can interface (GUI) tools such as Virtual Machine define the initial and maximum memory Each VM also has a virtual text console that Manager (virt-manager). size when creating VMs, then increase or connects to the host system. Administrators decrease the memory allocation at runtime can redirect guest logins and console output to without exceeding the specified maximum. the text console, or configure VMs to use a The minimum amount of memory recom- virtual GUI console that corresponds to the mended for a VM is 256 MB. physical host’s standard video console. This Virtualization support and requirements in Red Hat Enterprise Linux 5 Before creating a virtualized environment with the Xen technology in Red Hat Enterprise Linux 5, • Disk space: Each VM is assigned a part of GUI employs standard graphic adapter features administrators should be sure they understand the host system’s disk space. This disk such as boot messaging, graphical booting, the support and system requirements for elements such as virtual resources, host servers and operating systems, processors, storage, Dom0 VM VM VM packages, and the Security-Enhanced Linux Device manager and control software Unmodiﬁed application Unmodiﬁed application Unmodiﬁed application Red Hat Enterprise Linux 5 (XenLinux) Red Hat Enterprise Linux 5 (paravirtualized) Red Hat Enterprise Linux 5 (paravirtualized) Microsoft Windows XP (fully virtualized) (SELinux) security policy. Virtual resources Red Hat virtualization with Xen technology can host multiple guest operating systems, each of which runs in its own domain. Each VM handles its own applications and can only access the resources assigned to it. Assigned resources Accelerated Graphics Port (AGP) Advanced Conﬁguration and Power Interface (ACPI) PCI Symmetric multiprocessing (SMP) Back end Native device drivers Front-end device drivers Front-end device drivers Front-end device drivers Intel VT or AMD-V include the following: • Processors: Administrators can configure Control interface Safe hardware interface Virtual processor Virtual memory management unit (MMU) Xen hypervisor a VM with multiple virtual processors, but the total number of virtual processors Event channel Dell PowerEdge server (SMP, MMU, physical memory, Ethernet, SCSI/IDE) assigned to a VM must be less than or equal to the total number of logical processors in the host system. Virtual Machine Figure 1. Xen hypervisor architecture Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. DELL.COM/PowerSolutions 2 virtualization and multiple virtual terminals, and can launch the X Window System. VMs can be identified in any of three ways: Note: Red Hat virtualization only fully sup- the BIOS. Administrators can verify that the ports matching host/guest architectures—that feature is enabled by running the command is, environments in which both the host and grep hvm /sys/hypervisor/properties/ guest OS are either 32-bit or 64-bit operating capabilities, which should return output systems. Running a 32-bit guest OS on a 64-bit similar to the following: • Domain name: Text string that corresponds host OS is supported only with paravirtualiza- to a VM configuration file, used to launch, tion, and running a 64-bit guest OS on a 32-bit identify, and control VMs host OS is not supported. xen-3.0-x86_32p hvm-3.0-x86_ 32 hvm-3.0-x86_32p • Domain ID: Unique, nonpersistent number assigned to an active domain, used to iden- Processors tify and control VMs Red Hat virtualization requires that the host sys- trators should look for a setting related to virtual- • Universally unique identifier: Identifier con- tem’s processors support Physical Address ization in the system’s BIOS setup utility, enable trolled from the VM configuration file that Extension (PAE) and have either Intel VT or AMD-V that setting, save, and reboot the system. helps ensure that VMs are uniquely identi- enabled. Administrators can determine whether fied by systems management tools a system’s processors support PAE using the Storage command grep pae /proc/cpuinfo. If this For VM storage, Red Hat virtualization supports Host servers and operating systems command returns output similar to the follow- direct access storage devices as well as network The following Dell PowerEdge servers and ing, including the pae entry, then the system attached storage (NAS) and storage area net- workstations are certified by Red Hat to run in supports PAE: works (SANs) based on Internet SCSI (iSCSI), If the command returns no output, adminis- Fibre Channel, and standard network protocols virtualized environments with Red Hat Enterprise Linux 5 as the host OS: flags : fpu vme de pse tsc • Servers: Dell PowerEdge server model num- such as Network File System (NFS) and Cluster msr pae mce cx8 apic mtrr Logical Volume Manager (CLVM). Administrators pge mca cmov pat clflush can manage VM storage in multiple ways. A bers 700, 750, 800, 830, 840, 850, 860, 1650, dts acpi mmx fxsr sse sse2 physical block device (hard disk partition or ISO 2600, 2650, 4600, 6600, 6650, 1750, 1800, ss tm pbe nx up est tm2 image) on the host system can be exported to a guest domain as a virtual block device. 1850, 1855, 2800, 2850, 6800, 6850, 1900, 1950, 1955, 2900, 2950, 2970, 6950, SC440, If the command returns no output, then the system does not support PAE. SC1420, SC1425, SC1430, and SC1435 Packages • Workstations: Dell Precision workstation Xen uses a generic Hardware VM (HVM) layer To run a virtualized environment, the kernel-xen model numbers 380n, 390n, 470n, 490n, to support both Intel and AMD™ processors. kernel must be installed and running on the 670n, and 690n Administrators can determine whether a sys- host system. Administrators can determine tem’s processors support Intel VT or AMD-V which kernel is running using the command Red Hat Enterprise Linux 3, Red Hat using the command egrep -e 'vmx|svm' uname -r; if this command does not return a Enterprise Linux 4, and Red Hat Enterprise /proc/cpuinfo. If this command returns output kernel with the word “xen” in it, then kernel-xen Linux 5 can run as fully virtualized guest operat- similar to the following, including the vmx entry, is not running. If it is not running, administrators ing systems, but only Red Hat Enterprise Linux then the system supports Intel VT or AMD-V: can determine whether it is installed using the ™ command rpm -qa | grep kernel-xen. If 4 Update 5 and Red Hat Enterprise Linux 5 can run as paravirtualized guest operating systems. flags : fpu tsc msr pae mce this command returns no output, they must Other Linux distributions, as well as Microsoft cx8 apic mtrr mca cmov pat install the kernel from the installation media Windows® operating systems, can run as fully clflush dts acpi mmx fxsr with the command rpm -ivh kernel-xen. virtualized guest operating systems, but are not sse sse2 ss ht tm pbe supported by Red Hat. constant_tsc pni monitor xen the default boot kernel, which they can do vmx est tm2 xtpr by changing the default parameter in /boot/ ® As a host OS, Red Hat Enterprise Linux 5 sup- grub/grub.conf to the correct number (typically ports up to four VMs. Red Hat Enterprise Linux 5 Advanced Platform (for four-socket servers) allows an unlimited number of VMs, enabling administrators to create as many VMs as the underlying physical hardware can support. 3 DELL POWER SOLUTIONS | November 2007 Next, administrators should make kernel- If the command returns no output, then the system does not support Intel VT or AMD-V. 0). They should also verify that the xen, xen-libs, bridge-utils, gnome-python2-gnomekeyring, For systems that support Intel VT or AMD-V, libvirt, libvirt-python, python-virtinst, virt- administrators must also enable that feature in manager, and vnc Red Hat Package Manager Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. (RPM™) files are installed, or install them from If administrators want to create VM image 6. Specify how to assign the VM disk space—a files in other directories, they must add those partition on the host system or an image Because of the interdependencies between directories to the SELinux policy. For example, file—and how much space to allocate, then these RPM packages, administrators should they could use the following command to create click the Forward button (see Figure 3). If typically update them using the yum (Yellowdog an image in the directory /newdir: allocating the entire virtual disk now, be the installation media if necessary. sure to verify that the host system has Updater, Modified) package installer. They must first define the yum repository in semanage fcontext --add /etc/yum.conf, then use the command yum -t xen_image_t '/ install rpm_name to install the necessary newdir(/.*)?' enough disk space to accommodate the specified amount. 7. Allocate the amount of memory and number of virtual processors, then click the Forward packages. For example: They could then give this directory the yum install xen appropriate context using the command yum install virt-manager restorecon -v /newdir. button (see Figure 4). 8. Review the specified parameters and click the Finish button to begin the VM creation. The OS installation process is the yum install vnc Virtual machine creation in Red Hat Enterprise Linux 5 same as a non-virtual OS installation. If administrators should reboot the system. Administrators can take advantage of two primary shown in Figure 3), then the system Finally, they should verify that the xend and tools when creating VMs: the Virtual Machine xendomains daemons are running using the Manager GUI tool and the virt-install CLI tool. After installing the necessary packages, allocating the entire virtual disk now (as commands service xend status and daemon provides virtualization services, while Creating a virtual machine with Virtual Machine Manager the xendomains daemon allows VMs to start Virtual Machine Manager is a GUI tool provided and stop automatically when the host system in Red Hat Enterprise Linux 5 that administrators boots or shuts down. Both daemons must be can use to create, pause, resume, stop, and running to create VMs. If they are not running, monitor VMs. For example, administrators can administrators should start them using the com- use it to create a paravirtualized 32-bit Red Hat mands service xend start and service Enterprise Linux 5 guest OS on a 32-bit Red Hat xendomains start. Enterprise Linux 5 host OS by performing the service xendomains status. The xend following steps: SELinux security policy The targeted SELinux security policy for Xen 1. Run Virtual Machine Manager using the com- requires that disk images have the xen_image_t mand virt-manager and connect to the context. If a VM file image is not in that context, local Xen host. At this point, the only domain the host system is denied access to that image. By default, only two directories are in the Figure 2. “Locating installation media” step when creating a virtual machine in Red Hat Enterprise Linux 5 Virtual Machine Manager running is Dom0. 2. To create a new VM, select File > New xen_image_t context, as shown by the output Machine, then click the Forward button. of the command semanage fcontext -l | 3. Provide a name for the VM—for example, vm_rhel5_i386—then click the Forward grep xen_image_t: button. /xen(/.*)? all files system_u:object_r:xen_ 4. Select “Paravirtualized” as the virtualization method, then click the Forward button. image_t:s0 5. Provide the location of the extracted /var/lib/xen/ installation media files for the guest OS images(/.*)? all files and, if desired, the location of a kickstart system_u:object_r:xen_ file with the system parameters already image_t:s0 defined, then click the Forward button (see Figure 2). Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. Figure 3. “Assigning storage space” step when creating a virtual machine in Red Hat Enterprise Linux 5 Virtual Machine Manager DELL.COM/PowerSolutions 4 virtualization Figure 5. Red Hat Enterprise Linux 5 Virtual Machine Manager after creating a virtual machine Figure 4. “Allocate memory and CPU” step when creating a virtual machine in Red Hat Enterprise Linux 5 Virtual Machine Manager typically takes several minutes to create the disk space before it begins installation. When the OS installation process ends, the virtual window closes and the VM is ready to start. 9. To start the VM, enter the command xm create vm_name. Virtual Machine Manager should now show both Dom0 and the VM running (see Figure 5). To open a Virtual Network Computing (VNC) display window for this VM, select the VM and click the Open button (see Figure 6). Creating a virtual machine with virt-install Administrators can also use the virt-install CLI tool to create a paravirtualized VM. Specifying parameters in this way enables administrators to automate VM creation using shell scripts. The syntax is as follows: Figure 6. Virtual machine booting in Red Hat Enterprise Linux 5 virt-install --name=vm_name For example, administrators could create --ram=memory --vcpus=no_of_ allocate to the VM, vm_image_file is the vcpus --file=vm_image_file file to use as the disk image, vm_disk_size --file-size=vm_disk_size is the amount of VM disk space to allocate to --vnc --paravirt the VM (in gigabytes), --vnc sets the VM to --location=OS_source_location use VNC for graphics support, --paravirt i386 --ram=1000 --vcpus=2 denotes that the VM should be paravirtual- --file=/var/lib/xen/images/ In this command, vm_name is the name of ized, and OS_source_location is the loca- vm_rhel5_i386 --file- the VM, memory is the amount of memory to tion of the extracted installation media files size=10 --vnc --paravirt allocate to the VM (in megabytes), no_of_ for the guest OS. This command also launches --location=http://webserver/ vcpus is the number of virtual processors to a VNC display window. pub/RHEL5/i386 5 DELL POWER SOLUTIONS | November 2007 the VM from the preceding section as follows: virt-install --name=vm_rhel5_ Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. # Automatically generated xen config file name = "vm_rhel5_i386" memory = "1000" disk = [ 'tap:aio:/var/lib/xen/images/vm_rhel5_i386,xvda,w', ] vif = [ 'mac=00:16:3e:0c:77:c5, bridge=xenbr0', ] vfb = ["type=vnc,vncunused=1"] uuid = "9847a069-51e4-8173-9d1b-2d033cf63d5b" bootloader="/usr/bin/pygrub" vcpus=2 on_reboot = 'restart' on_crash = 'restart' name Specifies the name of the virtual guest. memory Specifies the amount of memory in megabytes. disk Lists the block and physical devices to export to the domain. In this case, it lists the virtual guest image file, the device name and the access permissions (write). vif Lists the randomly-assigned MAC addresses and bridges. vfb Specifies the virtual frame buffer. In this case, we use VNC. uuid Used to uniquely identify the virtual guest. bootloader Specifies to use the Xen bootloader. vcpus Specifies the numbers of virtual CPUs. on_reboot Specifies what action to take when the guest reboots. on_crash Specifies what action to take when the guest crashes. Figure 7. /etc/xen/vm_rhel5_i386 configuration file Red Hat Enterprise Linux 5 Xen configuration and log files xend daemon and qemu-dm process, for exam- hot-plug events, including events when a ple, write to multiple log files: device or network script does not come online The Red Hat Enterprise Linux 5 Xen configuration files are located in the /etc/xen directory. Each • xend-debug.log: Contains logs of event • qemu-dm.pid.log: Created by the qemu-dm VM has a corresponding configuration file in errors from xend and the virtualization sub- process for each fully virtualized guest /etc/xen, which is created automatically when systems (such as the frame buffer and (where pid is the process identifier) the VMs are created and has the same name Python scripts) as its corresponding VM. Figure 7 shows the • xend.log: Contains data collected by the /etc/xen/vm_rhel5_i386 configuration file for the xend daemon, including system events, Virtual machine management commands VM created in the “Virtual machine creation in administrator actions, and VM operations Administrators can use the xm and virsh Red Hat Enterprise Linux 5” section in this article. such as create, shutdown, and destroy; command-line interface tools to create, For more information on available configuration this log is typically the first place adminis- manage, and troubleshoot VMs (see Figure 8). items, see the xmdomain.cfg man page. trators should look when troubleshooting Some event- or performance-related problems arguments; for more information, see the xm The Red Hat Enterprise Linux 5 Xen log files are located in the /var/log/xen directory. The • xen-hotplug.log: Contains data from Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved. commands require additional and virsh man pages. DELL.COM/PowerSolutions 6 virtualization Dynamic, scalable virtualized environments Starting and stopping VMs Status monitoring Troubleshooting Performance tuning Other Command Description Red Hat Enterprise Linux 5 incorporates Xen xm create Creates a domain based on a configuration file virtualization technology to help create a robust, xm destroy Terminates a domain xm pause Pauses execution of a domain Combined with ninth-generation Dell PowerEdge xm reboot Reboots a domain servers, Red Hat virtualization can provide xm shutdown Shuts down a domain xm save Saves a domain state to restore later xm restore Restores a domain from a saved state xm uptime Displays uptime for a domain xm top Monitors a host and its domains in real time xm list Displays domain information xm info Displays host information xm vcpu-list Lists domain virtual processors xm network-list Lists domain virtual network interfaces Puneet has a bachelor’s degree in Electrical virsh nodeinfo Displays node information Engineering from Punjab Engineering College virsh vcpuinfo Displays domain virtual processor information xm console Attaches to a domain console xm dump-core Displays a core dump for a specific domain xm dmesg Reads and/or clears the xend daemon’s message buffer xm log Displays the xend log virsh dominfo Displays domain information xm mem-max Sets the maximum amount of memory for a domain xm mem-set Sets the current memory usage for a domain xm vcpu-set Sets the number of active processors for a domain virsh dumpxml Displays domain information in XML virsh dump Saves a core dump for a specific domain to a file xm rename Renames a domain xm sysrq Sends a system request to a domain xm block-attach Creates a new virtual block device xm block-detach Destroys a domain’s virtual block device xm block-list Lists virtual block devices for a domain xm network-attach Creates a new network device xm network-detach Destroys a network device secure, easy-to-manage virtualization platform that can scale flexibly to meet enterprise needs. high-performance virtualized environments for enterprises of all sizes. Jose De la Rosa is a member of the Dell Linux Engineering Group. He has a bachelor’s degree in Electrical Engineering and a master’s degree in Computer Engineering from the University of Texas at El Paso. Puneet Dhawan is a systems engineer in the Dell Virtualization Solutions Engineering Group. (PEC) and a master’s degree in Computer Engineering from Texas A&M University. Figure 8. Commands for the xm and virsh tools for creating, managing, and troubleshooting virtual machines 7 DELL POWER SOLUTIONS | November 2007 Reprinted from Dell Power Solutions, November 2007. Copyright © 2007 Dell Inc. All rights reserved.
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project