aboutsummaryrefslogtreecommitdiffstats
path: root/docs/src/user.tex
diff options
context:
space:
mode:
Diffstat (limited to 'docs/src/user.tex')
-rw-r--r--docs/src/user.tex1832
1 files changed, 1765 insertions, 67 deletions
diff --git a/docs/src/user.tex b/docs/src/user.tex
index 2f6bbfbbc6..ed5d9d4339 100644
--- a/docs/src/user.tex
+++ b/docs/src/user.tex
@@ -1,13 +1,13 @@
-\batchmode
\documentclass[11pt,twoside,final,openright]{report}
-\usepackage{a4,graphicx,html,parskip,setspace,times,xspace}
+\usepackage{a4,graphicx,html,parskip,setspace,times,xspace,url}
\setstretch{1.15}
+\renewcommand{\ttdefault}{pcr}
\def\Xend{{Xend}\xspace}
\def\xend{{xend}\xspace}
-\latexhtml{\newcommand{\path}[1]{{\small {\tt #1}}}}{\newcommand{\path}[1]{{\tt #1}}}
+\latexhtml{\renewcommand{\path}[1]{{\small {\tt #1}}}}{\renewcommand{\path}[1]{{\tt #1}}}
\begin{document}
@@ -23,17 +23,17 @@
\begin{tabular}{l}
{\Huge \bf Users' Manual} \\[4mm]
{\huge Xen v3.0} \\[80mm]
-
{\Large Xen is Copyright (c) 2002-2005, The Xen Team} \\[3mm]
{\Large University of Cambridge, UK} \\[20mm]
\end{tabular}
\end{center}
-{\bf DISCLAIMER: This documentation is currently under active
- development and as such there may be mistakes and omissions --- watch
- out for these and please report any you find to the developers'
- mailing list. Contributions of material, suggestions and corrections
- are welcome.}
+{\bf DISCLAIMER: This documentation is always under active development
+and as such there may be mistakes and omissions --- watch out for
+these and please report any you find to the developers' mailing list,
+xen-devel@lists.xensource.com. The latest version is always available
+on-line. Contributions of material, suggestions and corrections are
+welcome.}
\vfill
\cleardoublepage
@@ -62,112 +62,1745 @@
%% Chapter Introduction moved to introduction.tex
-\include{src/user/introduction}
+\chapter{Introduction}
+
+
+Xen is an open-source \emph{para-virtualizing} virtual machine monitor
+(VMM), or ``hypervisor'', for the x86 processor architecture. Xen can
+securely execute multiple virtual machines on a single physical system
+with close-to-native performance. Xen facilitates enterprise-grade
+functionality, including:
+
+\begin{itemize}
+\item Virtual machines with performance close to native hardware.
+\item Live migration of running virtual machines between physical hosts.
+\item Up to 32 virtual CPUs per guest virtual machine, with VCPU hotplug.
+\item x86/32, x86/32 with PAE, and x86/64 platform support.
+\item Intel Virtualization Technology (VT-x) for unmodified guest operating systems (including Microsoft Windows).
+\item Excellent hardware support (supports almost all Linux device
+ drivers).
+\end{itemize}
+
+Xen is licensed under the GNU General Public License (GPL2).
+
+
+\section{Usage Scenarios}
+
+Usage scenarios for Xen include:
+
+\begin{description}
+\item [Server Consolidation.] Move multiple servers onto a single
+ physical host with performance and fault isolation provided at the
+ virtual machine boundaries.
+\item [Hardware Independence.] Allow legacy applications and operating
+ systems to exploit new hardware.
+\item [Multiple OS configurations.] Run multiple operating systems
+ simultaneously, for development or testing purposes.
+\item [Kernel Development.] Test and debug kernel modifications in a
+ sand-boxed virtual machine --- no need for a separate test machine.
+\item [Cluster Computing.] Management at VM granularity provides more
+ flexibility than separately managing each physical host, but better
+ control and isolation than single-system image solutions,
+ particularly by using live migration for load balancing.
+\item [Hardware support for custom OSes.] Allow development of new
+ OSes while benefiting from the wide-ranging hardware support of
+ existing OSes such as Linux.
+\end{description}
+
+
+\section{Operating System Support}
+
+Para-virtualization permits very high performance virtualization, even
+on architectures like x86 that are traditionally very hard to
+virtualize.
+
+This approach requires operating systems to be \emph{ported} to run on
+Xen. Porting an OS to run on Xen is similar to supporting a new
+hardware platform, however the process is simplified because the
+para-virtual machine architecture is very similar to the underlying
+native hardware. Even though operating system kernels must explicitly
+support Xen, a key feature is that user space applications and
+libraries \emph{do not} require modification.
+
+With hardware CPU virtualization as provided by Intel VT and AMD
+Pacifica technology, the ability to run an unmodified guest OS kernel
+is available. No porting of the OS is required, although some
+additional driver support is necessary within Xen itself. Unlike
+traditional full virtualization hypervisors, which suffer a tremendous
+performance overhead, the combination of Xen and VT or Xen and
+Pacifica technology complement one another to offer superb performance
+for para-virtualized guest operating systems and full support for
+unmodified guests running natively on the processor. Full support for
+VT and Pacifica chipsets will appear in early 2006.
+
+Paravirtualized Xen support is available for increasingly many
+operating systems: currently, mature Linux support is available and
+included in the standard distribution. Other OS ports---including
+NetBSD, FreeBSD and Solaris x86 v10---are nearing completion.
+
+
+\section{Hardware Support}
+
+Xen currently runs on the x86 architecture, requiring a ``P6'' or
+newer processor (e.g.\ Pentium Pro, Celeron, Pentium~II, Pentium~III,
+Pentium~IV, Xeon, AMD~Athlon, AMD~Duron). Multiprocessor machines are
+supported, and there is support for HyperThreading (SMT). In
+addition, ports to IA64 and Power architectures are in progress.
+
+The default 32-bit Xen supports up to 4GB of memory. However Xen 3.0
+adds support for Intel's Physical Addressing Extensions (PAE), which
+enable x86/32 machines to address up to 64 GB of physical memory. Xen
+3.0 also supports x86/64 platforms such as Intel EM64T and AMD Opteron
+which can currently address up to 1TB of physical memory.
+
+Xen offloads most of the hardware support issues to the guest OS
+running in the \emph{Domain~0} management virtual machine. Xen itself
+contains only the code required to detect and start secondary
+processors, set up interrupt routing, and perform PCI bus
+enumeration. Device drivers run within a privileged guest OS rather
+than within Xen itself. This approach provides compatibility with the
+majority of device hardware supported by Linux. The default XenLinux
+build contains support for most server-class network and disk
+hardware, but you can add support for other hardware by configuring
+your XenLinux kernel in the normal way.
+
+
+\section{Structure of a Xen-Based System}
+
+A Xen system has multiple layers, the lowest and most privileged of
+which is Xen itself.
+
+Xen may host multiple \emph{guest} operating systems, each of which is
+executed within a secure virtual machine. In Xen terminology, a
+\emph{domain}. Domains are scheduled by Xen to make effective use of the
+available physical CPUs. Each guest OS manages its own applications.
+This management includes the responsibility of scheduling each
+application within the time allotted to the VM by Xen.
+
+The first domain, \emph{domain~0}, is created automatically when the
+system boots and has special management privileges. Domain~0 builds
+other domains and manages their virtual devices. It also performs
+administrative tasks such as suspending, resuming and migrating other
+virtual machines.
+
+Within domain~0, a process called \emph{xend} runs to manage the system.
+\Xend\ is responsible for managing virtual machines and providing access
+to their consoles. Commands are issued to \xend\ over an HTTP interface,
+via a command-line tool.
+
+
+\section{History}
+
+Xen was originally developed by the Systems Research Group at the
+University of Cambridge Computer Laboratory as part of the XenoServers
+project, funded by the UK-EPSRC\@.
+
+XenoServers aim to provide a ``public infrastructure for global
+distributed computing''. Xen plays a key part in that, allowing one to
+efficiently partition a single machine to enable multiple independent
+clients to run their operating systems and applications in an
+environment. This environment provides protection, resource isolation
+and accounting. The project web page contains further information along
+with pointers to papers and technical reports:
+\path{http://www.cl.cam.ac.uk/xeno}
+
+Xen has grown into a fully-fledged project in its own right, enabling us
+to investigate interesting research issues regarding the best techniques
+for virtualizing resources such as the CPU, memory, disk and network.
+Project contributors now include XenSource, Intel, IBM, HP, AMD, Novell,
+RedHat.
+
+Xen was first described in a paper presented at SOSP in
+2003\footnote{\tt
+ http://www.cl.cam.ac.uk/netos/papers/2003-xensosp.pdf}, and the first
+public release (1.0) was made that October. Since then, Xen has
+significantly matured and is now used in production scenarios on many
+sites.
+
+\section{What's New}
+
+Xen 3.0.0 offers:
+
+\begin{itemize}
+\item Support for up to 32-way SMP guest operating systems
+\item Intel (Physical Addressing Extensions) PAE to support 32-bit
+ servers with more than 4GB physical memory
+\item x86/64 support (Intel EM64T, AMD Opteron)
+\item Intel VT-x support to enable the running of unmodified guest
+operating systems (Windows XP/2003, Legacy Linux)
+\item Enhanced control tools
+\item Improved ACPI support
+\item AGP/DRM graphics
+\end{itemize}
+
+
+Xen 3.0 features greatly enhanced hardware support, configuration
+flexibility, usability and a larger complement of supported operating
+systems. This latest release takes Xen a step closer to being the
+definitive open source solution for virtualization.
+
\part{Installation}
%% Chapter Basic Installation
-\include{src/user/installation}
+\chapter{Basic Installation}
+
+The Xen distribution includes three main components: Xen itself, ports
+of Linux and NetBSD to run on Xen, and the userspace tools required to
+manage a Xen-based system. This chapter describes how to install the
+Xen~3.0 distribution from source. Alternatively, there may be pre-built
+packages available as part of your operating system distribution.
+
+
+\section{Prerequisites}
+\label{sec:prerequisites}
+
+The following is a full list of prerequisites. Items marked `$\dag$' are
+required by the \xend\ control tools, and hence required if you want to
+run more than one virtual machine; items marked `$*$' are only required
+if you wish to build from source.
+\begin{itemize}
+\item A working Linux distribution using the GRUB bootloader and running
+ on a P6-class or newer CPU\@.
+\item [$\dag$] The \path{iproute2} package.
+\item [$\dag$] The Linux bridge-utils\footnote{Available from {\tt
+ http://bridge.sourceforge.net}} (e.g., \path{/sbin/brctl})
+\item [$\dag$] The Linux hotplug system\footnote{Available from {\tt
+ http://linux-hotplug.sourceforge.net/}} (e.g.,
+ \path{/sbin/hotplug} and related scripts)
+\item [$*$] Build tools (gcc v3.2.x or v3.3.x, binutils, GNU make).
+\item [$*$] Development installation of zlib (e.g.,\ zlib-dev).
+\item [$*$] Development installation of Python v2.2 or later (e.g.,\
+ python-dev).
+\item [$*$] \LaTeX\ and transfig are required to build the
+ documentation.
+\end{itemize}
+
+Once you have satisfied these prerequisites, you can now install either
+a binary or source distribution of Xen.
+
+\section{Installing from Binary Tarball}
+
+Pre-built tarballs are available for download from the XenSource downloads
+page:
+\begin{quote} {\tt http://www.xensource.com/downloads/}
+\end{quote}
+
+Once you've downloaded the tarball, simply unpack and install:
+\begin{verbatim}
+# tar zxvf xen-3.0-install.tgz
+# cd xen-3.0-install
+# sh ./install.sh
+\end{verbatim}
+
+Once you've installed the binaries you need to configure your system as
+described in Section~\ref{s:configure}.
+
+\section{Installing from RPMs}
+Pre-built RPMs are available for download from the XenSource downloads
+page:
+\begin{quote} {\tt http://www.xensource.com/downloads/}
+\end{quote}
+
+Once you've downloaded the RPMs, you typically install them via the
+RPM commands:
+
+\verb|# rpm -iv rpmname|
+
+See the instructions and the Release Notes for each RPM set referenced at:
+ \begin{quote}
+ {\tt http://www.xensource.com/downloads/}.
+ \end{quote}
+
+\section{Installing from Source}
+
+This section describes how to obtain, build and install Xen from source.
+
+\subsection{Obtaining the Source}
+
+The Xen source tree is available as either a compressed source tarball
+or as a clone of our master Mercurial repository.
+
+\begin{description}
+\item[Obtaining the Source Tarball]\mbox{} \\
+ Stable versions and daily snapshots of the Xen source tree are
+ available from the Xen download page:
+ \begin{quote} {\tt \tt http://www.xensource.com/downloads/}
+ \end{quote}
+\item[Obtaining the source via Mercurial]\mbox{} \\
+ The source tree may also be obtained via the public Mercurial
+ repository at:
+ \begin{quote}{\tt http://xenbits.xensource.com}
+ \end{quote} See the instructions and the Getting Started Guide
+ referenced at:
+ \begin{quote}
+ {\tt http://www.xensource.com/downloads/}
+ \end{quote}
+\end{description}
+
+% \section{The distribution}
+%
+% The Xen source code repository is structured as follows:
+%
+% \begin{description}
+% \item[\path{tools/}] Xen node controller daemon (Xend), command line
+% tools, control libraries
+% \item[\path{xen/}] The Xen VMM.
+% \item[\path{buildconfigs/}] Build configuration files
+% \item[\path{linux-*-xen-sparse/}] Xen support for Linux.
+% \item[\path{patches/}] Experimental patches for Linux.
+% \item[\path{docs/}] Various documentation files for users and
+% developers.
+% \item[\path{extras/}] Bonus extras.
+% \end{description}
+
+\subsection{Building from Source}
+
+The top-level Xen Makefile includes a target ``world'' that will do the
+following:
+
+\begin{itemize}
+\item Build Xen.
+\item Build the control tools, including \xend.
+\item Download (if necessary) and unpack the Linux 2.6 source code, and
+ patch it for use with Xen.
+\item Build a Linux kernel to use in domain~0 and a smaller unprivileged
+ kernel, which can be used for unprivileged virtual machines.
+\end{itemize}
+
+After the build has completed you should have a top-level directory
+called \path{dist/} in which all resulting targets will be placed. Of
+particular interest are the two XenLinux kernel images, one with a
+``-xen0'' extension which contains hardware device drivers and drivers
+for Xen's virtual devices, and one with a ``-xenU'' extension that
+just contains the virtual ones. These are found in
+\path{dist/install/boot/} along with the image for Xen itself and the
+configuration files used during the build.
+
+%The NetBSD port can be built using:
+%\begin{quote}
+%\begin{verbatim}
+%# make netbsd20
+%\end{verbatim}\end{quote}
+%NetBSD port is built using a snapshot of the netbsd-2-0 cvs branch.
+%The snapshot is downloaded as part of the build process if it is not
+%yet present in the \path{NETBSD\_SRC\_PATH} search path. The build
+%process also downloads a toolchain which includes all of the tools
+%necessary to build the NetBSD kernel under Linux.
+
+To customize the set of kernels built you need to edit the top-level
+Makefile. Look for the line:
+\begin{quote}
+\begin{verbatim}
+KERNELS ?= linux-2.6-xen0 linux-2.6-xenU
+\end{verbatim}
+\end{quote}
+
+You can edit this line to include any set of operating system kernels
+which have configurations in the top-level \path{buildconfigs/}
+directory.
+
+%% Inspect the Makefile if you want to see what goes on during a
+%% build. Building Xen and the tools is straightforward, but XenLinux
+%% is more complicated. The makefile needs a `pristine' Linux kernel
+%% tree to which it will then add the Xen architecture files. You can
+%% tell the makefile the location of the appropriate Linux compressed
+%% tar file by
+%% setting the LINUX\_SRC environment variable, e.g. \\
+%% \verb!# LINUX_SRC=/tmp/linux-2.6.11.tar.bz2 make world! \\ or by
+%% placing the tar file somewhere in the search path of {\tt
+%% LINUX\_SRC\_PATH} which defaults to `{\tt .:..}'. If the
+%% makefile can't find a suitable kernel tar file it attempts to
+%% download it from kernel.org (this won't work if you're behind a
+%% firewall).
+
+%% After untaring the pristine kernel tree, the makefile uses the {\tt
+%% mkbuildtree} script to add the Xen patches to the kernel.
+
+%% \framebox{\parbox{5in}{
+%% {\bf Distro specific:} \\
+%% {\it Gentoo} --- if not using udev (most installations,
+%% currently), you'll need to enable devfs and devfs mount at boot
+%% time in the xen0 config. }}
+
+\subsection{Custom Kernels}
+
+% If you have an SMP machine you may wish to give the {\tt '-j4'}
+% argument to make to get a parallel build.
+
+If you wish to build a customized XenLinux kernel (e.g.\ to support
+additional devices or enable distribution-required features), you can
+use the standard Linux configuration mechanisms, specifying that the
+architecture being built for is \path{xen}, e.g:
+\begin{quote}
+\begin{verbatim}
+# cd linux-2.6.12-xen0
+# make ARCH=xen xconfig
+# cd ..
+# make
+\end{verbatim}
+\end{quote}
+
+You can also copy an existing Linux configuration (\path{.config}) into
+e.g.\ \path{linux-2.6.12-xen0} and execute:
+\begin{quote}
+\begin{verbatim}
+# make ARCH=xen oldconfig
+\end{verbatim}
+\end{quote}
+
+You may be prompted with some Xen-specific options. We advise accepting
+the defaults for these options.
+
+Note that the only difference between the two types of Linux kernels
+that are built is the configuration file used for each. The ``U''
+suffixed (unprivileged) versions don't contain any of the physical
+hardware device drivers, leading to a 30\% reduction in size; hence you
+may prefer these for your non-privileged domains. The ``0'' suffixed
+privileged versions can be used to boot the system, as well as in driver
+domains and unprivileged domains.
+
+\subsection{Installing Generated Binaries}
+
+The files produced by the build process are stored under the
+\path{dist/install/} directory. To install them in their default
+locations, do:
+\begin{quote}
+\begin{verbatim}
+# make install
+\end{verbatim}
+\end{quote}
+
+Alternatively, users with special installation requirements may wish to
+install them manually by copying the files to their appropriate
+destinations.
+
+%% Files in \path{install/boot/} include:
+%% \begin{itemize}
+%% \item \path{install/boot/xen-3.0.gz} Link to the Xen 'kernel'
+%% \item \path{install/boot/vmlinuz-2.6-xen0} Link to domain 0
+%% XenLinux kernel
+%% \item \path{install/boot/vmlinuz-2.6-xenU} Link to unprivileged
+%% XenLinux kernel
+%% \end{itemize}
+
+The \path{dist/install/boot} directory will also contain the config
+files used for building the XenLinux kernels, and also versions of Xen
+and XenLinux kernels that contain debug symbols such as
+(\path{xen-syms-3.0.0} and \path{vmlinux-syms-2.6.12.6-xen0}) which are
+essential for interpreting crash dumps. Retain these files as the
+developers may wish to see them if you post on the mailing list.
+
+
+\section{Configuration}
+\label{s:configure}
+
+Once you have built and installed the Xen distribution, it is simple to
+prepare the machine for booting and running Xen.
+
+\subsection{GRUB Configuration}
+
+An entry should be added to \path{grub.conf} (often found under
+\path{/boot/} or \path{/boot/grub/}) to allow Xen / XenLinux to boot.
+This file is sometimes called \path{menu.lst}, depending on your
+distribution. The entry should look something like the following:
+
+%% KMSelf Thu Dec 1 19:06:13 PST 2005 262144 is useful for RHEL/RH and
+%% related Dom0s.
+{\small
+\begin{verbatim}
+title Xen 3.0 / XenLinux 2.6
+ kernel /boot/xen-3.0.gz dom0_mem=262144
+ module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro console=tty0
+\end{verbatim}
+}
+
+The kernel line tells GRUB where to find Xen itself and what boot
+parameters should be passed to it (in this case, setting the domain~0
+memory allocation in kilobytes and the settings for the serial port).
+For more details on the various Xen boot parameters see
+Section~\ref{s:xboot}.
+
+The module line of the configuration describes the location of the
+XenLinux kernel that Xen should start and the parameters that should be
+passed to it. These are standard Linux parameters, identifying the root
+device and specifying it be initially mounted read only and instructing
+that console output be sent to the screen. Some distributions such as
+SuSE do not require the \path{ro} parameter.
+
+%% \framebox{\parbox{5in}{
+%% {\bf Distro specific:} \\
+%% {\it SuSE} --- Omit the {\tt ro} option from the XenLinux
+%% kernel command line, since the partition won't be remounted rw
+%% during boot. }}
+
+To use an initrd, add another \path{module} line to the configuration,
+like: {\small
+\begin{verbatim}
+ module /boot/my_initrd.gz
+\end{verbatim}
+}
+
+%% KMSelf Thu Dec 1 19:05:30 PST 2005 Other configs as an appendix?
+
+When installing a new kernel, it is recommended that you do not delete
+existing menu options from \path{menu.lst}, as you may wish to boot your
+old Linux kernel in future, particularly if you have problems.
+
+\subsection{Serial Console (optional)}
+
+Serial console access allows you to manage, monitor, and interact with
+your system over a serial console. This can allow access from another
+nearby system via a null-modem (``LapLink'') cable or remotely via a serial
+concentrator.
+
+You system's BIOS, bootloader (GRUB), Xen, Linux, and login access must
+each be individually configured for serial console access. It is
+\emph{not} strictly necessary to have each component fully functional,
+but it can be quite useful.
+
+For general information on serial console configuration under Linux,
+refer to the ``Remote Serial Console HOWTO'' at The Linux Documentation
+Project: \url{http://www.tldp.org}
+
+\subsubsection{Serial Console BIOS configuration}
+
+Enabling system serial console output neither enables nor disables
+serial capabilities in GRUB, Xen, or Linux, but may make remote
+management of your system more convenient by displaying POST and other
+boot messages over serial port and allowing remote BIOS configuration.
+
+Refer to your hardware vendor's documentation for capabilities and
+procedures to enable BIOS serial redirection.
+
+
+\subsubsection{Serial Console GRUB configuration}
+
+Enabling GRUB serial console output neither enables nor disables Xen or
+Linux serial capabilities, but may made remote management of your system
+more convenient by displaying GRUB prompts, menus, and actions over
+serial port and allowing remote GRUB management.
+
+Adding the following two lines to your GRUB configuration file,
+typically either \path{/boot/grub/menu.lst} or \path{/boot/grub/grub.conf}
+depending on your distro, will enable GRUB serial output.
+
+\begin{quote}
+{\small \begin{verbatim}
+ serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
+ terminal --timeout=10 serial console
+\end{verbatim}}
+\end{quote}
+
+Note that when both the serial port and the local monitor and keyboard
+are enabled, the text ``\emph{Press any key to continue}'' will appear
+at both. Pressing a key on one device will cause GRUB to display to
+that device. The other device will see no output. If no key is
+pressed before the timeout period expires, the system will boot to the
+default GRUB boot entry.
+
+Please refer to the GRUB documentation for further information.
+
+
+\subsubsection{Serial Console Xen configuration}
+
+Enabling Xen serial console output neither enables nor disables Linux
+kernel output or logging in to Linux over serial port. It does however
+allow you to monitor and log the Xen boot process via serial console and
+can be very useful in debugging.
+
+%% kernel /boot/xen-2.0.gz dom0_mem=131072 com1=115200,8n1
+%% module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro
+
+In order to configure Xen serial console output, it is necessary to
+add a boot option to your GRUB config; e.g.\ replace the previous
+example kernel line with:
+\begin{quote} {\small \begin{verbatim}
+ kernel /boot/xen.gz dom0_mem=131072 com1=115200,8n1
+\end{verbatim}}
+\end{quote}
+
+This configures Xen to output on COM1 at 115,200 baud, 8 data bits, 1
+stop bit and no parity. Modify these parameters for your environment.
+
+One can also configure XenLinux to share the serial console; to achieve
+this append ``\path{console=ttyS0}'' to your module line.
+
+
+\subsubsection{Serial Console Linux configuration}
+
+Enabling Linux serial console output at boot neither enables nor
+disables logging in to Linux over serial port. It does however allow
+you to monitor and log the Linux boot process via serial console and can be
+very useful in debugging.
+
+To enable Linux output at boot time, add the parameter
+\path{console=ttyS0} (or ttyS1, ttyS2, etc.) to your kernel GRUB line.
+Under Xen, this might be:
+\begin{quote}
+{\footnotesize \begin{verbatim}
+ module /vmlinuz-2.6-xen0 ro root=/dev/VolGroup00/LogVol00 \
+ console=ttyS0, 115200
+\end{verbatim}}
+\end{quote}
+to enable output over ttyS0 at 115200 baud.
+
+
+
+\subsubsection{Serial Console Login configuration}
+
+Logging in to Linux via serial console, under Xen or otherwise, requires
+specifying a login prompt be started on the serial port. To permit root
+logins over serial console, the serial port must be added to
+\path{/etc/securetty}.
+
+\newpage
+To automatically start a login prompt over the serial port,
+add the line: \begin{quote} {\small {\tt c:2345:respawn:/sbin/mingetty
+ttyS0}} \end{quote} to \path{/etc/inittab}. Run \path{init q} to force
+a reload of your inttab and start getty.
+
+To enable root logins, add \path{ttyS0} to \path{/etc/securetty} if not
+already present.
+
+Your distribution may use an alternate getty; options include getty,
+mgetty and agetty. Consult your distribution's documentation
+for further information.
+
+
+\subsection{TLS Libraries}
+
+Users of the XenLinux 2.6 kernel should disable Thread Local Storage
+(TLS) (e.g.\ by doing a \path{mv /lib/tls /lib/tls.disabled}) before
+attempting to boot a XenLinux kernel\footnote{If you boot without first
+ disabling TLS, you will get a warning message during the boot process.
+ In this case, simply perform the rename after the machine is up and
+ then run \path{/sbin/ldconfig} to make it take effect.}. You can
+always reenable TLS by restoring the directory to its original location
+(i.e.\ \path{mv /lib/tls.disabled /lib/tls}).
-%% Chapter Installing Xen on Debian
-\include{src/user/debian}
+The reason for this is that the current TLS implementation uses
+segmentation in a way that is not permissible under Xen. If TLS is not
+disabled, an emulation mode is used within Xen which reduces performance
+substantially. To ensure full performance you should install a
+`Xen-friendly' (nosegneg) version of the library.
-%% Chapter Installing Xen on Fedora Core
-\include{src/user/fedora}
-%% Chapter Installing Xen on Gentoo Linux
-\include{src/user/gentoo}
+\section{Booting Xen}
-%% Chapter Installing Xen on SuSE or SuSE SLES
-\include{src/user/suse}
+It should now be possible to restart the system and use Xen. Reboot and
+choose the new Xen option when the Grub screen appears.
-%% Chapter Installing Xen on Red Hat Enterprise Linux (RHEL)
-\include{src/user/rhel}
+What follows should look much like a conventional Linux boot. The first
+portion of the output comes from Xen itself, supplying low level
+information about itself and the underlying hardware. The last portion
+of the output comes from XenLinux.
-% Chapter dom0 Installation
-\include{src/user/dom0_installation}
+You may see some error messages during the XenLinux boot. These are not
+necessarily anything to worry about---they may result from kernel
+configuration differences between your XenLinux kernel and the one you
+usually use.
-% Chapter domU Installation
-\include{src/user/domU_installation}
+When the boot completes, you should be able to log into your system as
+usual. If you are unable to log in, you should still be able to reboot
+with your normal Linux kernel by selecting it at the GRUB prompt.
-% Building Xen
-\include{src/user/building_xen}
% Booting Xen
-\include{src/user/booting_xen}
+\chapter{Booting a Xen System}
+
+Booting the system into Xen will bring you up into the privileged
+management domain, Domain0. At that point you are ready to create
+guest domains and ``boot'' them using the \texttt{xm create} command.
+
+\section{Booting Domain0}
+
+After installation and configuration is complete, reboot the system
+and and choose the new Xen option when the Grub screen appears.
+
+What follows should look much like a conventional Linux boot. The
+first portion of the output comes from Xen itself, supplying low level
+information about itself and the underlying hardware. The last
+portion of the output comes from XenLinux.
+
+%% KMSelf Wed Nov 30 18:09:37 PST 2005: We should specify what these are.
+
+When the boot completes, you should be able to log into your system as
+usual. If you are unable to log in, you should still be able to
+reboot with your normal Linux kernel by selecting it at the GRUB prompt.
+
+The first step in creating a new domain is to prepare a root
+filesystem for it to boot. Typically, this might be stored in a normal
+partition, an LVM or other volume manager partition, a disk file or on
+an NFS server. A simple way to do this is simply to boot from your
+standard OS install CD and install the distribution into another
+partition on your hard drive.
+
+To start the \xend\ control daemon, type
+\begin{quote}
+ \verb!# xend start!
+\end{quote}
+
+If you wish the daemon to start automatically, see the instructions in
+Section~\ref{s:xend}. Once the daemon is running, you can use the
+\path{xm} tool to monitor and maintain the domains running on your
+system. This chapter provides only a brief tutorial. We provide full
+details of the \path{xm} tool in the next chapter.
+
+% \section{From the web interface}
+%
+% Boot the Xen machine and start Xensv (see Chapter~\ref{cha:xensv}
+% for more details) using the command: \\
+% \verb_# xensv start_ \\
+% This will also start Xend (see Chapter~\ref{cha:xend} for more
+% information).
+%
+% The domain management interface will then be available at {\tt
+% http://your\_machine:8080/}. This provides a user friendly wizard
+% for starting domains and functions for managing running domains.
+%
+% \section{From the command line}
+\section{Booting Guest Domains}
+
+\subsection{Creating a Domain Configuration File}
+
+Before you can start an additional domain, you must create a
+configuration file. We provide two example files which you can use as
+a starting point:
+\begin{itemize}
+\item \path{/etc/xen/xmexample1} is a simple template configuration
+ file for describing a single VM\@.
+\item \path{/etc/xen/xmexample2} file is a template description that
+ is intended to be reused for multiple virtual machines. Setting the
+ value of the \path{vmid} variable on the \path{xm} command line
+ fills in parts of this template.
+\end{itemize}
+
+There are also a number of other examples which you may find useful.
+Copy one of these files and edit it as appropriate. Typical values
+you may wish to edit include:
+
+\begin{quote}
+\begin{description}
+\item[kernel] Set this to the path of the kernel you compiled for use
+ with Xen (e.g.\ \path{kernel = ``/boot/vmlinuz-2.6-xenU''})
+\item[memory] Set this to the size of the domain's memory in megabytes
+ (e.g.\ \path{memory = 64})
+\item[disk] Set the first entry in this list to calculate the offset
+ of the domain's root partition, based on the domain ID\@. Set the
+ second to the location of \path{/usr} if you are sharing it between
+ domains (e.g.\ \path{disk = ['phy:your\_hard\_drive\%d,sda1,w' \%
+ (base\_partition\_number + vmid),
+ 'phy:your\_usr\_partition,sda6,r' ]}
+\item[dhcp] Uncomment the dhcp variable, so that the domain will
+ receive its IP address from a DHCP server (e.g.\ \path{dhcp=``dhcp''})
+\end{description}
+\end{quote}
+
+You may also want to edit the {\bf vif} variable in order to choose
+the MAC address of the virtual ethernet interface yourself. For
+example:
+
+\begin{quote}
+\verb_vif = ['mac=00:16:3E:F6:BB:B3']_
+\end{quote}
+If you do not set this variable, \xend\ will automatically generate a
+random MAC address from the range 00:16:3E:xx:xx:xx, assigned by IEEE to
+XenSource as an OUI (organizationally unique identifier). XenSource
+Inc. gives permission for anyone to use addresses randomly allocated
+from this range for use by their Xen domains.
+
+For a list of IEEE OUI assignments, see
+\url{http://standards.ieee.org/regauth/oui/oui.txt}
+
+
+\subsection{Booting the Guest Domain}
+
+The \path{xm} tool provides a variety of commands for managing
+domains. Use the \path{create} command to start new domains. Assuming
+you've created a configuration file \path{myvmconf} based around
+\path{/etc/xen/xmexample2}, to start a domain with virtual machine
+ID~1 you should type:
+
+\begin{quote}
+\begin{verbatim}
+# xm create -c myvmconf vmid=1
+\end{verbatim}
+\end{quote}
+
+The \path{-c} switch causes \path{xm} to turn into the domain's
+console after creation. The \path{vmid=1} sets the \path{vmid}
+variable used in the \path{myvmconf} file.
+
+You should see the console boot messages from the new domain appearing
+in the terminal in which you typed the command, culminating in a login
+prompt.
+
+
+\section{Starting / Stopping Domains Automatically}
+
+It is possible to have certain domains start automatically at boot
+time and to have dom0 wait for all running domains to shutdown before
+it shuts down the system.
+
+To specify a domain is to start at boot-time, place its configuration
+file (or a link to it) under \path{/etc/xen/auto/}.
+
+A Sys-V style init script for Red Hat and LSB-compliant systems is
+provided and will be automatically copied to \path{/etc/init.d/}
+during install. You can then enable it in the appropriate way for
+your distribution.
+
+For instance, on Red Hat:
+
+\begin{quote}
+ \verb_# chkconfig --add xendomains_
+\end{quote}
+
+By default, this will start the boot-time domains in runlevels 3, 4
+and 5.
+
+You can also use the \path{service} command to run this script
+manually, e.g:
+
+\begin{quote}
+ \verb_# service xendomains start_
+
+ Starts all the domains with config files under /etc/xen/auto/.
+\end{quote}
+
+\begin{quote}
+ \verb_# service xendomains stop_
+
+ Shuts down all running Xen domains.
+\end{quote}
+
\part{Configuration and Management}
%% Chapter Domain Management Tools and Daemons
-\include{src/user/domain_mgmt}
+\chapter{Domain Management Tools}
+
+This chapter summarizes the management software and tools available.
+
+
+\section{\Xend\ }
+\label{s:xend}
+
+The Xen Daemon (\Xend) performs system management functions related to
+virtual machines. It forms a central point of control for a machine
+and can be controlled using an HTTP-based protocol. \Xend\ must be
+running in order to start and manage virtual machines.
+
+\Xend\ must be run as root because it needs access to privileged system
+management functions. A small set of commands may be issued on the
+\xend\ command line:
+
+\begin{tabular}{ll}
+ \verb!# xend start! & start \xend, if not already running \\
+ \verb!# xend stop! & stop \xend\ if already running \\
+ \verb!# xend restart! & restart \xend\ if running, otherwise start it \\
+ % \verb!# xend trace_start! & start \xend, with very detailed debug logging \\
+ \verb!# xend status! & indicates \xend\ status by its return code
+\end{tabular}
+
+A SysV init script called {\tt xend} is provided to start \xend\ at
+boot time. {\tt make install} installs this script in
+\path{/etc/init.d}. To enable it, you have to make symbolic links in
+the appropriate runlevel directories or use the {\tt chkconfig} tool,
+where available. Once \xend\ is running, administration can be done
+using the \texttt{xm} tool.
+
+As \xend\ runs, events will be logged to \path{/var/log/xend.log}
+and \path{/var/log/xend-debug.log}. These, along with the standard
+syslog files, are useful when troubleshooting problems.
+
+\section{Xm}
+\label{s:xm}
+
+Command line management tasks are performed using the \path{xm}
+tool. For online help for the commands available, type:
+
+\begin{quote}
+\begin{verbatim}
+# xm help
+\end{verbatim}
+\end{quote}
+
+You can also type \path{xm help $<$command$>$} for more information on a
+given command.
+
+The xm tool is the primary tool for managing Xen from the console. The
+general format of an xm command line is:
+
+\begin{verbatim}
+# xm command [switches] [arguments] [variables]
+\end{verbatim}
+
+The available \emph{switches} and \emph{arguments} are dependent on the
+\emph{command} chosen. The \emph{variables} may be set using
+declarations of the form {\tt variable=value} and command line
+declarations override any of the values in the configuration file being
+used, including the standard variables described above and any custom
+variables (for instance, the \path{xmdefconfig} file uses a {\tt vmid}
+variable).
+
+\subsection{Basic Management Commands}
+
+A complete list of \path{xm} commands is obtained by typing \texttt{xm
+ help}. One useful command is \verb_# xm list_ which lists all
+ domains running in rows of the following format:
+\begin{center} {\tt name domid memory vcpus state cputime}
+\end{center}
+
+The meaning of each field is as follows:
+\begin{quote}
+ \begin{description}
+ \item[name] The descriptive name of the virtual machine.
+ \item[domid] The number of the domain ID this virtual machine is
+ running in.
+ \item[memory] Memory size in megabytes.
+ \item[vcpus] The number of virtual CPUs this domain has.
+ \item[state] Domain state consists of 5 fields:
+ \begin{description}
+ \item[r] running
+ \item[b] blocked
+ \item[p] paused
+ \item[s] shutdown
+ \item[c] crashed
+ \end{description}
+ \item[cputime] How much CPU time (in seconds) the domain has used so
+ far.
+ \end{description}
+\end{quote}
+
+The \path{xm list} command also supports a long output format when the
+\path{-l} switch is used. This outputs the fulls details of the
+running domains in \xend's SXP configuration format.
+
+
+You can get access to the console of a particular domain using
+the \verb_# xm console_ command (e.g.\ \verb_# xm console myVM_).
+
-%% Chapter Starting Additional Domains
-\include{src/user/start_addl_dom}
%% Chapter Domain Configuration
-\include{src/user/domain_configuration}
+\chapter{Domain Configuration}
+\label{cha:config}
+
+The following contains the syntax of the domain configuration files
+and description of how to further specify networking, driver domain
+and general scheduling behavior.
+
+
+\section{Configuration Files}
+\label{s:cfiles}
+
+Xen configuration files contain the following standard variables.
+Unless otherwise stated, configuration items should be enclosed in
+quotes: see the configuration scripts in \path{/etc/xen/}
+for concrete examples.
+
+\begin{description}
+\item[kernel] Path to the kernel image.
+\item[ramdisk] Path to a ramdisk image (optional).
+ % \item[builder] The name of the domain build function (e.g.
+ % {\tt'linux'} or {\tt'netbsd'}.
+\item[memory] Memory size in megabytes.
+\item[vcpus] The number of virtual CPUs.
+\item[console] Port to export the domain console on (default 9600 +
+ domain ID).
+\item[nics] Number of virtual network interfaces.
+\item[vif] List of MAC addresses (random addresses are assigned if not
+ given) and bridges to use for the domain's network interfaces, e.g.\
+\begin{verbatim}
+vif = [ 'mac=aa:00:00:00:00:11, bridge=xen-br0',
+ 'bridge=xen-br1' ]
+\end{verbatim}
+ to assign a MAC address and bridge to the first interface and assign
+ a different bridge to the second interface, leaving \xend\ to choose
+ the MAC address.
+\item[disk] List of block devices to export to the domain e.g.
+ \verb_disk = [ 'phy:hda1,sda1,r' ]_
+ exports physical device \path{/dev/hda1} to the domain as
+ \path{/dev/sda1} with read-only access. Exporting a disk read-write
+ which is currently mounted is dangerous -- if you are \emph{certain}
+ you wish to do this, you can specify \path{w!} as the mode.
+\item[dhcp] Set to {\tt `dhcp'} if you want to use DHCP to configure
+ networking.
+\item[netmask] Manually configured IP netmask.
+\item[gateway] Manually configured IP gateway.
+\item[hostname] Set the hostname for the virtual machine.
+\item[root] Specify the root device parameter on the kernel command
+ line.
+\item[nfs\_server] IP address for the NFS server (if any).
+\item[nfs\_root] Path of the root filesystem on the NFS server (if
+ any).
+\item[extra] Extra string to append to the kernel command line (if
+ any)
+\end{description}
+
+Additional fields are documented in the example configuration files
+(e.g. to configure virtual TPM functionality).
+
+For additional flexibility, it is also possible to include Python
+scripting commands in configuration files. An example of this is the
+\path{xmexample2} file, which uses Python code to handle the
+\path{vmid} variable.
+
+
+%\part{Advanced Topics}
+
+
+\section{Network Configuration}
+
+For many users, the default installation should work ``out of the
+box''. More complicated network setups, for instance with multiple
+Ethernet interfaces and/or existing bridging setups will require some
+special configuration.
+
+The purpose of this section is to describe the mechanisms provided by
+\xend\ to allow a flexible configuration for Xen's virtual networking.
+
+\subsection{Xen virtual network topology}
+
+Each domain network interface is connected to a virtual network
+interface in dom0 by a point to point link (effectively a ``virtual
+crossover cable''). These devices are named {\tt
+ vif$<$domid$>$.$<$vifid$>$} (e.g.\ {\tt vif1.0} for the first
+interface in domain~1, {\tt vif3.1} for the second interface in
+domain~3).
+
+Traffic on these virtual interfaces is handled in domain~0 using
+standard Linux mechanisms for bridging, routing, rate limiting, etc.
+Xend calls on two shell scripts to perform initial configuration of
+the network and configuration of new virtual interfaces. By default,
+these scripts configure a single bridge for all the virtual
+interfaces. Arbitrary routing / bridging configurations can be
+configured by customizing the scripts, as described in the following
+section.
+
+\subsection{Xen networking scripts}
+
+Xen's virtual networking is configured by two shell scripts (by
+default \path{network} and \path{vif-bridge}). These are called
+automatically by \xend\ when certain events occur, with arguments to
+the scripts providing further contextual information. These scripts
+are found by default in \path{/etc/xen/scripts}. The names and
+locations of the scripts can be configured in
+\path{/etc/xen/xend-config.sxp}.
+
+\begin{description}
+\item[network:] This script is called whenever \xend\ is started or
+ stopped to respectively initialize or tear down the Xen virtual
+ network. In the default configuration initialization creates the
+ bridge `xen-br0' and moves eth0 onto that bridge, modifying the
+ routing accordingly. When \xend\ exits, it deletes the Xen bridge
+ and removes eth0, restoring the normal IP and routing configuration.
+
+ %% In configurations where the bridge already exists, this script
+ %% could be replaced with a link to \path{/bin/true} (for instance).
+
+\item[vif-bridge:] This script is called for every domain virtual
+ interface and can configure firewalling rules and add the vif to the
+ appropriate bridge. By default, this adds and removes VIFs on the
+ default Xen bridge.
+\end{description}
+
+For more complex network setups (e.g.\ where routing is required or
+integrate with existing bridges) these scripts may be replaced with
+customized variants for your site's preferred configuration.
+
+%% There are two possible types of privileges: IO privileges and
+%% administration privileges.
+
-% Chapter Console Management
-\include{src/user/console_management}
-% Chapter Network Management
-\include{src/user/network_management}
% Chapter Storage and FileSytem Management
-\include{src/user/domain_filesystem}
+\chapter{Storage and File System Management}
+
+Storage can be made available to virtual machines in a number of
+different ways. This chapter covers some possible configurations.
+
+The most straightforward method is to export a physical block device (a
+hard drive or partition) from dom0 directly to the guest domain as a
+virtual block device (VBD).
+
+Storage may also be exported from a filesystem image or a partitioned
+filesystem image as a \emph{file-backed VBD}.
+
+Finally, standard network storage protocols such as NBD, iSCSI, NFS,
+etc., can be used to provide storage to virtual machines.
+
+
+\section{Exporting Physical Devices as VBDs}
+\label{s:exporting-physical-devices-as-vbds}
+
+One of the simplest configurations is to directly export individual
+partitions from domain~0 to other domains. To achieve this use the
+\path{phy:} specifier in your domain configuration file. For example a
+line like
+\begin{quote}
+ \verb_disk = ['phy:hda3,sda1,w']_
+\end{quote}
+specifies that the partition \path{/dev/hda3} in domain~0 should be
+exported read-write to the new domain as \path{/dev/sda1}; one could
+equally well export it as \path{/dev/hda} or \path{/dev/sdb5} should
+one wish.
+
+In addition to local disks and partitions, it is possible to export
+any device that Linux considers to be ``a disk'' in the same manner.
+For example, if you have iSCSI disks or GNBD volumes imported into
+domain~0 you can export these to other domains using the \path{phy:}
+disk syntax. E.g.:
+\begin{quote}
+ \verb_disk = ['phy:vg/lvm1,sda2,w']_
+\end{quote}
-% Chapter Memory Management
-\include{src/user/memory_management}
+\begin{center}
+ \framebox{\bf Warning: Block device sharing}
+\end{center}
+\begin{quote}
+ Block devices should typically only be shared between domains in a
+ read-only fashion otherwise the Linux kernel's file systems will get
+ very confused as the file system structure may change underneath
+ them (having the same ext3 partition mounted \path{rw} twice is a
+ sure fire way to cause irreparable damage)! \Xend\ will attempt to
+ prevent you from doing this by checking that the device is not
+ mounted read-write in domain~0, and hasn't already been exported
+ read-write to another domain. If you want read-write sharing,
+ export the directory to other domains via NFS from domain~0 (or use
+ a cluster file system such as GFS or ocfs2).
+\end{quote}
+
+
+\section{Using File-backed VBDs}
+
+It is also possible to use a file in Domain~0 as the primary storage
+for a virtual machine. As well as being convenient, this also has the
+advantage that the virtual block device will be \emph{sparse} ---
+space will only really be allocated as parts of the file are used. So
+if a virtual machine uses only half of its disk space then the file
+really takes up half of the size allocated.
+
+For example, to create a 2GB sparse file-backed virtual block device
+(actually only consumes 1KB of disk):
+\begin{quote}
+ \verb_# dd if=/dev/zero of=vm1disk bs=1k seek=2048k count=1_
+\end{quote}
+
+Make a file system in the disk file:
+\begin{quote}
+ \verb_# mkfs -t ext3 vm1disk_
+\end{quote}
+
+(when the tool asks for confirmation, answer `y')
+
+Populate the file system e.g.\ by copying from the current root:
+\begin{quote}
+\begin{verbatim}
+# mount -o loop vm1disk /mnt
+# cp -ax /{root,dev,var,etc,usr,bin,sbin,lib} /mnt
+# mkdir /mnt/{proc,sys,home,tmp}
+\end{verbatim}
+\end{quote}
+
+Tailor the file system by editing \path{/etc/fstab},
+\path{/etc/hostname}, etc.\ Don't forget to edit the files in the
+mounted file system, instead of your domain~0 filesystem, e.g.\ you
+would edit \path{/mnt/etc/fstab} instead of \path{/etc/fstab}. For
+this example put \path{/dev/sda1} to root in fstab.
+
+Now unmount (this is important!):
+\begin{quote}
+ \verb_# umount /mnt_
+\end{quote}
+
+In the configuration file set:
+\begin{quote}
+ \verb_disk = ['file:/full/path/to/vm1disk,sda1,w']_
+\end{quote}
+
+As the virtual machine writes to its `disk', the sparse file will be
+filled in and consume more space up to the original 2GB.
+
+{\bf Note that file-backed VBDs may not be appropriate for backing
+ I/O-intensive domains.} File-backed VBDs are known to experience
+substantial slowdowns under heavy I/O workloads, due to the I/O
+handling by the loopback block device used to support file-backed VBDs
+in dom0. Better I/O performance can be achieved by using either
+LVM-backed VBDs (Section~\ref{s:using-lvm-backed-vbds}) or physical
+devices as VBDs (Section~\ref{s:exporting-physical-devices-as-vbds}).
+
+Linux supports a maximum of eight file-backed VBDs across all domains
+by default. This limit can be statically increased by using the
+\emph{max\_loop} module parameter if CONFIG\_BLK\_DEV\_LOOP is
+compiled as a module in the dom0 kernel, or by using the
+\emph{max\_loop=n} boot option if CONFIG\_BLK\_DEV\_LOOP is compiled
+directly into the dom0 kernel.
+
+
+\section{Using LVM-backed VBDs}
+\label{s:using-lvm-backed-vbds}
+
+A particularly appealing solution is to use LVM volumes as backing for
+domain file-systems since this allows dynamic growing/shrinking of
+volumes as well as snapshot and other features.
+
+To initialize a partition to support LVM volumes:
+\begin{quote}
+\begin{verbatim}
+# pvcreate /dev/sda10
+\end{verbatim}
+\end{quote}
+
+Create a volume group named `vg' on the physical partition:
+\begin{quote}
+\begin{verbatim}
+# vgcreate vg /dev/sda10
+\end{verbatim}
+\end{quote}
+
+Create a logical volume of size 4GB named `myvmdisk1':
+\begin{quote}
+\begin{verbatim}
+# lvcreate -L4096M -n myvmdisk1 vg
+\end{verbatim}
+\end{quote}
+
+You should now see that you have a \path{/dev/vg/myvmdisk1} Make a
+filesystem, mount it and populate it, e.g.:
+\begin{quote}
+\begin{verbatim}
+# mkfs -t ext3 /dev/vg/myvmdisk1
+# mount /dev/vg/myvmdisk1 /mnt
+# cp -ax / /mnt
+# umount /mnt
+\end{verbatim}
+\end{quote}
+
+Now configure your VM with the following disk configuration:
+\begin{quote}
+\begin{verbatim}
+ disk = [ 'phy:vg/myvmdisk1,sda1,w' ]
+\end{verbatim}
+\end{quote}
+
+LVM enables you to grow the size of logical volumes, but you'll need
+to resize the corresponding file system to make use of the new space.
+Some file systems (e.g.\ ext3) now support online resize. See the LVM
+manuals for more details.
+
+You can also use LVM for creating copy-on-write (CoW) clones of LVM
+volumes (known as writable persistent snapshots in LVM terminology).
+This facility is new in Linux 2.6.8, so isn't as stable as one might
+hope. In particular, using lots of CoW LVM disks consumes a lot of
+dom0 memory, and error conditions such as running out of disk space
+are not handled well. Hopefully this will improve in future.
+
+To create two copy-on-write clone of the above file system you would
+use the following commands:
+
+\begin{quote}
+\begin{verbatim}
+# lvcreate -s -L1024M -n myclonedisk1 /dev/vg/myvmdisk1
+# lvcreate -s -L1024M -n myclonedisk2 /dev/vg/myvmdisk1
+\end{verbatim}
+\end{quote}
+
+Each of these can grow to have 1GB of differences from the master
+volume. You can grow the amount of space for storing the differences
+using the lvextend command, e.g.:
+\begin{quote}
+\begin{verbatim}
+# lvextend +100M /dev/vg/myclonedisk1
+\end{verbatim}
+\end{quote}
+
+Don't let the `differences volume' ever fill up otherwise LVM gets
+rather confused. It may be possible to automate the growing process by
+using \path{dmsetup wait} to spot the volume getting full and then
+issue an \path{lvextend}.
+
+In principle, it is possible to continue writing to the volume that
+has been cloned (the changes will not be visible to the clones), but
+we wouldn't recommend this: have the cloned volume as a `pristine'
+file system install that isn't mounted directly by any of the virtual
+machines.
+
+
+\section{Using NFS Root}
+
+First, populate a root filesystem in a directory on the server
+machine. This can be on a distinct physical machine, or simply run
+within a virtual machine on the same node.
+
+Now configure the NFS server to export this filesystem over the
+network by adding a line to \path{/etc/exports}, for instance:
+
+\begin{quote}
+ \begin{small}
+\begin{verbatim}
+/export/vm1root 1.2.3.4/24 (rw,sync,no_root_squash)
+\end{verbatim}
+ \end{small}
+\end{quote}
+
+Finally, configure the domain to use NFS root. In addition to the
+normal variables, you should make sure to set the following values in
+the domain's configuration file:
+
+\begin{quote}
+ \begin{small}
+\begin{verbatim}
+root = '/dev/nfs'
+nfs_server = '2.3.4.5' # substitute IP address of server
+nfs_root = '/path/to/root' # path to root FS on the server
+\end{verbatim}
+ \end{small}
+\end{quote}
+
+The domain will need network access at boot time, so either statically
+configure an IP address using the config variables \path{ip},
+\path{netmask}, \path{gateway}, \path{hostname}; or enable DHCP
+(\path{dhcp='dhcp'}).
+
+Note that the Linux NFS root implementation is known to have stability
+problems under high load (this is not a Xen-specific problem), so this
+configuration may not be appropriate for critical servers.
+
+
+\chapter{CPU Management}
+
+%% KMS Something sage about CPU / processor management.
+
+Xen allows a domain's virtual CPU(s) to be associated with one or more
+host CPUs. This can be used to allocate real resources among one or
+more guests, or to make optimal use of processor resources when
+utilizing dual-core, hyperthreading, or other advanced CPU technologies.
+
+Xen enumerates physical CPUs in a `depth first' fashion. For a system
+with both hyperthreading and multiple cores, this would be all the
+hyperthreads on a given core, then all the cores on a given socket,
+and then all sockets. I.e. if you had a two socket, dual core,
+hyperthreaded Xeon the CPU order would be:
+
+
+\begin{center}
+\begin{tabular}{l|l|l|l|l|l|l|r}
+\multicolumn{4}{c|}{socket0} & \multicolumn{4}{c}{socket1} \\ \hline
+\multicolumn{2}{c|}{core0} & \multicolumn{2}{c|}{core1} &
+\multicolumn{2}{c|}{core0} & \multicolumn{2}{c}{core1} \\ \hline
+ht0 & ht1 & ht0 & ht1 & ht0 & ht1 & ht0 & ht1 \\
+\#0 & \#1 & \#2 & \#3 & \#4 & \#5 & \#6 & \#7 \\
+\end{tabular}
+\end{center}
-% Chapter CPU Management
-\include{src/user/cpu_management}
-% Chapter Scheduler Management
-\include{src/user/scheduler_management}
+Having multiple vcpus belonging to the same domain mapped to the same
+physical CPU is very likely to lead to poor performance. It's better to
+use `vcpus-set' to hot-unplug one of the vcpus and ensure the others are
+pinned on different CPUs.
+
+If you are running IO intensive tasks, its typically better to dedicate
+either a hyperthread or whole core to running domain 0, and hence pin
+other domains so that they can't use CPU 0. If your workload is mostly
+compute intensive, you may want to pin vcpus such that all physical CPU
+threads are available for guest domains.
+
+\chapter{Migrating Domains}
+
+\section{Domain Save and Restore}
+
+The administrator of a Xen system may suspend a virtual machine's
+current state into a disk file in domain~0, allowing it to be resumed at
+a later time.
+
+For example you can suspend a domain called ``VM1'' to disk using the
+command:
+\begin{verbatim}
+# xm save VM1 VM1.chk
+\end{verbatim}
+
+This will stop the domain named ``VM1'' and save its current state
+into a file called \path{VM1.chk}.
+
+To resume execution of this domain, use the \path{xm restore} command:
+\begin{verbatim}
+# xm restore VM1.chk
+\end{verbatim}
+
+This will restore the state of the domain and resume its execution.
+The domain will carry on as before and the console may be reconnected
+using the \path{xm console} command, as described earlier.
+
+\section{Migration and Live Migration}
+
+Migration is used to transfer a domain between physical hosts. There
+are two varieties: regular and live migration. The former moves a
+virtual machine from one host to another by pausing it, copying its
+memory contents, and then resuming it on the destination. The latter
+performs the same logical functionality but without needing to pause
+the domain for the duration. In general when performing live migration
+the domain continues its usual activities and---from the user's
+perspective---the migration should be imperceptible.
+
+To perform a live migration, both hosts must be running Xen / \xend\ and
+the destination host must have sufficient resources (e.g.\ memory
+capacity) to accommodate the domain after the move. Furthermore we
+currently require both source and destination machines to be on the same
+L2 subnet.
+
+Currently, there is no support for providing automatic remote access
+to filesystems stored on local disk when a domain is migrated.
+Administrators should choose an appropriate storage solution (i.e.\
+SAN, NAS, etc.) to ensure that domain filesystems are also available
+on their destination node. GNBD is a good method for exporting a
+volume from one machine to another. iSCSI can do a similar job, but is
+more complex to set up.
+
+When a domain migrates, it's MAC and IP address move with it, thus it is
+only possible to migrate VMs within the same layer-2 network and IP
+subnet. If the destination node is on a different subnet, the
+administrator would need to manually configure a suitable etherip or IP
+tunnel in the domain~0 of the remote node.
+
+A domain may be migrated using the \path{xm migrate} command. To live
+migrate a domain to another machine, we would use the command:
+
+\begin{verbatim}
+# xm migrate --live mydomain destination.ournetwork.com
+\end{verbatim}
+
+Without the \path{--live} flag, \xend\ simply stops the domain and
+copies the memory image over to the new node and restarts it. Since
+domains can have large allocations this can be quite time consuming,
+even on a Gigabit network. With the \path{--live} flag \xend\ attempts
+to keep the domain running while the migration is in progress, resulting
+in typical down times of just 60--300ms.
+
+For now it will be necessary to reconnect to the domain's console on the
+new machine using the \path{xm console} command. If a migrated domain
+has any open network connections then they will be preserved, so SSH
+connections do not have this limitation.
-% Chapter Migrating Domains
-\include{src/user/migrating_domains}
%% Chapter Securing Xen
-\include{src/user/securing_xen}
+\chapter{Securing Xen}
+
+This chapter describes how to secure a Xen system. It describes a number
+of scenarios and provides a corresponding set of best practices. It
+begins with a section devoted to understanding the security implications
+of a Xen system.
+
+
+\section{Xen Security Considerations}
+
+When deploying a Xen system, one must be sure to secure the management
+domain (Domain-0) as much as possible. If the management domain is
+compromised, all other domains are also vulnerable. The following are a
+set of best practices for Domain-0:
+
+\begin{enumerate}
+\item \textbf{Run the smallest number of necessary services.} The less
+ things that are present in a management partition, the better.
+ Remember, a service running as root in the management domain has full
+ access to all other domains on the system.
+\item \textbf{Use a firewall to restrict the traffic to the management
+ domain.} A firewall with default-reject rules will help prevent
+ attacks on the management domain.
+\item \textbf{Do not allow users to access Domain-0.} The Linux kernel
+ has been known to have local-user root exploits. If you allow normal
+ users to access Domain-0 (even as unprivileged users) you run the risk
+ of a kernel exploit making all of your domains vulnerable.
+\end{enumerate}
+
+\section{Security Scenarios}
+
+
+\subsection{The Isolated Management Network}
+
+In this scenario, each node has two network cards in the cluster. One
+network card is connected to the outside world and one network card is a
+physically isolated management network specifically for Xen instances to
+use.
+As long as all of the management partitions are trusted equally, this is
+the most secure scenario. No additional configuration is needed other
+than forcing Xend to bind to the management interface for relocation.
-\part{Monitoring and Troubleshooting}
-%% Chapter Monitoring Xen
-\include{src/user/monitoring_xen}
+\subsection{A Subnet Behind a Firewall}
-% Chapter xenstat
-\include{src/user/xenstat}
+In this scenario, each node has only one network card but the entire
+cluster sits behind a firewall. This firewall should do at least the
+following:
-% Chapter Log Files
-\include{src/user/logfiles}
+\begin{enumerate}
+\item Prevent IP spoofing from outside of the subnet.
+\item Prevent access to the relocation port of any of the nodes in the
+ cluster except from within the cluster.
+\end{enumerate}
-%% Chapter Debugging
-\include{src/user/debugging}
+The following iptables rules can be used on each node to prevent
+migrations to that node from outside the subnet assuming the main
+firewall does not do this for you:
-% Chapter xentrace
-\include{src/user/xentrace}
+\begin{verbatim}
+# this command disables all access to the Xen relocation
+# port:
+iptables -A INPUT -p tcp --destination-port 8002 -j REJECT
-%% Chapter Known Problems
-\include{src/user/known_problems}
+# this command enables Xen relocations only from the specific
+# subnet:
+iptables -I INPUT -p tcp -{}-source 192.168.1.1/8 \
+ --destination-port 8002 -j ACCEPT
+\end{verbatim}
-%% Chapter Testing Xen
-\include{src/user/testing}
+\subsection{Nodes on an Untrusted Subnet}
+Migration on an untrusted subnet is not safe in current versions of Xen.
+It may be possible to perform migrations through a secure tunnel via an
+VPN or SSH. The only safe option in the absence of a secure tunnel is to
+disable migration completely. The easiest way to do this is with
+iptables:
-\part{Reference Documentation}
+\begin{verbatim}
+# this command disables all access to the Xen relocation port
+iptables -A INPUT -p tcp -{}-destination-port 8002 -j REJECT
+\end{verbatim}
-%% Chapter Control Software
-\include{src/user/control_software}
+\part{Reference}
%% Chapter Build and Boot Options
-\include{src/user/options}
+\chapter{Build and Boot Options}
+
+This chapter describes the build- and boot-time options which may be
+used to tailor your Xen system.
+
+\section{Top-level Configuration Options}
+
+Top-level configuration is achieved by editing one of two
+files: \path{Config.mk} and \path{Makefile}.
+
+The former allows the overall build target architecture to be
+specified. You will typically not need to modify this unless
+you are cross-compiling or if you wish to build a PAE-enabled
+Xen system. Additional configuration options are documented
+in the \path{Config.mk} file.
+
+The top-level \path{Makefile} is chiefly used to customize the set of
+kernels built. Look for the line:
+\begin{quote}
+\begin{verbatim}
+KERNELS ?= linux-2.6-xen0 linux-2.6-xenU
+\end{verbatim}
+\end{quote}
+
+Allowable options here are any kernels which have a corresponding
+build configuration file in the \path{buildconfigs/} directory.
+
+
+
+\section{Xen Build Options}
+
+Xen provides a number of build-time options which should be set as
+environment variables or passed on make's command-line.
+
+\begin{description}
+\item[verbose=y] Enable debugging messages when Xen detects an
+ unexpected condition. Also enables console output from all domains.
+\item[debug=y] Enable debug assertions. Implies {\bf verbose=y}.
+ (Primarily useful for tracing bugs in Xen).
+\item[debugger=y] Enable the in-Xen debugger. This can be used to
+ debug Xen, guest OSes, and applications.
+\item[perfc=y] Enable performance counters for significant events
+ within Xen. The counts can be reset or displayed on Xen's console
+ via console control keys.
+\end{description}
+
+
+\section{Xen Boot Options}
+\label{s:xboot}
+
+These options are used to configure Xen's behaviour at runtime. They
+should be appended to Xen's command line, either manually or by
+editing \path{grub.conf}.
+
+\begin{description}
+\item [ noreboot ] Don't reboot the machine automatically on errors.
+ This is useful to catch debug output if you aren't catching console
+ messages via the serial line.
+\item [ nosmp ] Disable SMP support. This option is implied by
+ `ignorebiostables'.
+\item [ watchdog ] Enable NMI watchdog which can report certain
+ failures.
+\item [ noirqbalance ] Disable software IRQ balancing and affinity.
+ This can be used on systems such as Dell 1850/2850 that have
+ workarounds in hardware for IRQ-routing issues.
+\item [ badpage=$<$page number$>$,$<$page number$>$, \ldots ] Specify
+ a list of pages not to be allocated for use because they contain bad
+ bytes. For example, if your memory tester says that byte 0x12345678
+ is bad, you would place `badpage=0x12345' on Xen's command line.
+\item [ com1=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$
+ com2=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$ ] \mbox{}\\
+ Xen supports up to two 16550-compatible serial ports. For example:
+ `com1=9600, 8n1, 0x408, 5' maps COM1 to a 9600-baud port, 8 data
+ bits, no parity, 1 stop bit, I/O port base 0x408, IRQ 5. If some
+ configuration options are standard (e.g., I/O base and IRQ), then
+ only a prefix of the full configuration string need be specified. If
+ the baud rate is pre-configured (e.g., by the bootloader) then you
+ can specify `auto' in place of a numeric baud rate.
+\item [ console=$<$specifier list$>$ ] Specify the destination for Xen
+ console I/O. This is a comma-separated list of, for example:
+ \begin{description}
+ \item[ vga ] Use VGA console and allow keyboard input.
+ \item[ com1 ] Use serial port com1.
+ \item[ com2H ] Use serial port com2. Transmitted chars will have the
+ MSB set. Received chars must have MSB set.
+ \item[ com2L] Use serial port com2. Transmitted chars will have the
+ MSB cleared. Received chars must have MSB cleared.
+ \end{description}
+ The latter two examples allow a single port to be shared by two
+ subsystems (e.g.\ console and debugger). Sharing is controlled by
+ MSB of each transmitted/received character. [NB. Default for this
+ option is `com1,vga']
+\item [ sync\_console ] Force synchronous console output. This is
+ useful if you system fails unexpectedly before it has sent all
+ available output to the console. In most cases Xen will
+ automatically enter synchronous mode when an exceptional event
+ occurs, but this option provides a manual fallback.
+\item [ conswitch=$<$switch-char$><$auto-switch-char$>$ ] Specify how
+ to switch serial-console input between Xen and DOM0. The required
+ sequence is CTRL-$<$switch-char$>$ pressed three times. Specifying
+ the backtick character disables switching. The
+ $<$auto-switch-char$>$ specifies whether Xen should auto-switch
+ input to DOM0 when it boots --- if it is `x' then auto-switching is
+ disabled. Any other value, or omitting the character, enables
+ auto-switching. [NB. Default switch-char is `a'.]
+\item [ nmi=xxx ]
+ Specify what to do with an NMI parity or I/O error. \\
+ `nmi=fatal': Xen prints a diagnostic and then hangs. \\
+ `nmi=dom0': Inform DOM0 of the NMI. \\
+ `nmi=ignore': Ignore the NMI.
+\item [ mem=xxx ] Set the physical RAM address limit. Any RAM
+ appearing beyond this physical address in the memory map will be
+ ignored. This parameter may be specified with a B, K, M or G suffix,
+ representing bytes, kilobytes, megabytes and gigabytes respectively.
+ The default unit, if no suffix is specified, is kilobytes.
+\item [ dom0\_mem=xxx ] Set the amount of memory to be allocated to
+ domain0. In Xen 3.x the parameter may be specified with a B, K, M or
+ G suffix, representing bytes, kilobytes, megabytes and gigabytes
+ respectively; if no suffix is specified, the parameter defaults to
+ kilobytes. In previous versions of Xen, suffixes were not supported
+ and the value is always interpreted as kilobytes.
+\item [ tbuf\_size=xxx ] Set the size of the per-cpu trace buffers, in
+ pages (default 1). Note that the trace buffers are only enabled in
+ debug builds. Most users can ignore this feature completely.
+\item [ sched=xxx ] Select the CPU scheduler Xen should use. The
+ current possibilities are `sedf' (default) and `bvt'.
+\item [ apic\_verbosity=debug,verbose ] Print more detailed
+ information about local APIC and IOAPIC configuration.
+\item [ lapic ] Force use of local APIC even when left disabled by
+ uniprocessor BIOS.
+\item [ nolapic ] Ignore local APIC in a uniprocessor system, even if
+ enabled by the BIOS.
+\item [ apic=bigsmp,default,es7000,summit ] Specify NUMA platform.
+ This can usually be probed automatically.
+\end{description}
+
+In addition, the following options may be specified on the Xen command
+line. Since domain 0 shares responsibility for booting the platform,
+Xen will automatically propagate these options to its command line.
+These options are taken from Linux's command-line syntax with
+unchanged semantics.
+
+\begin{description}
+\item [ acpi=off,force,strict,ht,noirq,\ldots ] Modify how Xen (and
+ domain 0) parses the BIOS ACPI tables.
+\item [ acpi\_skip\_timer\_override ] Instruct Xen (and domain~0) to
+ ignore timer-interrupt override instructions specified by the BIOS
+ ACPI tables.
+\item [ noapic ] Instruct Xen (and domain~0) to ignore any IOAPICs
+ that are present in the system, and instead continue to use the
+ legacy PIC.
+\end{description}
+
+
+\section{XenLinux Boot Options}
+
+In addition to the standard Linux kernel boot options, we support:
+\begin{description}
+\item[ xencons=xxx ] Specify the device node to which the Xen virtual
+ console driver is attached. The following options are supported:
+ \begin{center}
+ \begin{tabular}{l}
+ `xencons=off': disable virtual console \\
+ `xencons=tty': attach console to /dev/tty1 (tty0 at boot-time) \\
+ `xencons=ttyS': attach console to /dev/ttyS0
+ \end{tabular}
+\end{center}
+The default is ttyS for dom0 and tty for all other domains.
+\end{description}
+
%% Chapter Further Support
-\include{src/user/further_support}
+\chapter{Further Support}
+
+If you have questions that are not answered by this manual, the
+sources of information listed below may be of interest to you. Note
+that bug reports, suggestions and contributions related to the
+software (or the documentation) should be sent to the Xen developers'
+mailing list (address below).
+
+
+\section{Other Documentation}
+
+For developers interested in porting operating systems to Xen, the
+\emph{Xen Interface Manual} is distributed in the \path{docs/}
+directory of the Xen source distribution.
+
+
+\section{Online References}
+
+The official Xen web site can be found at:
+\begin{quote} {\tt http://www.xensource.com}
+\end{quote}
+
+This contains links to the latest versions of all online
+documentation, including the latest version of the FAQ.
+
+Information regarding Xen is also available at the Xen Wiki at
+\begin{quote} {\tt http://wiki.xensource.com/xenwiki/}\end{quote}
+The Xen project uses Bugzilla as its bug tracking system. You'll find
+the Xen Bugzilla at http://bugzilla.xensource.com/bugzilla/.
+
+
+\section{Mailing Lists}
+
+There are several mailing lists that are used to discuss Xen related
+topics. The most widely relevant are listed below. An official page of
+mailing lists and subscription information can be found at \begin{quote}
+ {\tt http://lists.xensource.com/} \end{quote}
+
+\begin{description}
+\item[xen-devel@lists.xensource.com] Used for development
+ discussions and bug reports. Subscribe at: \\
+ {\small {\tt http://lists.xensource.com/xen-devel}}
+\item[xen-users@lists.xensource.com] Used for installation and usage
+ discussions and requests for help. Subscribe at: \\
+ {\small {\tt http://lists.xensource.com/xen-users}}
+\item[xen-announce@lists.xensource.com] Used for announcements only.
+ Subscribe at: \\
+ {\small {\tt http://lists.xensource.com/xen-announce}}
+\item[xen-changelog@lists.xensource.com] Changelog feed
+ from the unstable and 2.0 trees - developer oriented. Subscribe at: \\
+ {\small {\tt http://lists.xensource.com/xen-changelog}}
+\end{description}
+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -175,7 +1808,72 @@
\appendix
%% Chapter Glossary of Terms moved to glossary.tex
-\include{src/user/glossary}
+\chapter{Glossary of Terms}
+
+\begin{description}
+
+\item[BVT] The BVT scheduler is used to give proportional fair shares
+ of the CPU to domains.
+
+\item[Domain] A domain is the execution context that contains a
+ running {\bf virtual machine}. The relationship between virtual
+ machines and domains on Xen is similar to that between programs and
+ processes in an operating system: a virtual machine is a persistent
+ entity that resides on disk (somewhat like a program). When it is
+ loaded for execution, it runs in a domain. Each domain has a {\bf
+ domain ID}.
+
+\item[Domain 0] The first domain to be started on a Xen machine.
+ Domain 0 is responsible for managing the system.
+
+\item[Domain ID] A unique identifier for a {\bf domain}, analogous to
+ a process ID in an operating system.
+
+\item[Full virtualization] An approach to virtualization which
+ requires no modifications to the hosted operating system, providing
+ the illusion of a complete system of real hardware devices.
+
+\item[Hypervisor] An alternative term for {\bf VMM}, used because it
+ means `beyond supervisor', since it is responsible for managing
+ multiple `supervisor' kernels.
+
+\item[Live migration] A technique for moving a running virtual machine
+ to another physical host, without stopping it or the services
+ running on it.
+
+\item[Paravirtualization] An approach to virtualization which requires
+ modifications to the operating system in order to run in a virtual
+ machine. Xen uses paravirtualization but preserves binary
+ compatibility for user space applications.
+
+\item[Shadow pagetables] A technique for hiding the layout of machine
+ memory from a virtual machine's operating system. Used in some {\bf
+ VMMs} to provide the illusion of contiguous physical memory, in
+ Xen this is used during {\bf live migration}.
+
+\item[Virtual Block Device] Persistant storage available to a virtual
+ machine, providing the abstraction of an actual block storage device.
+ {\bf VBD}s may be actual block devices, filesystem images, or
+ remote/network storage.
+
+\item[Virtual Machine] The environment in which a hosted operating
+ system runs, providing the abstraction of a dedicated machine. A
+ virtual machine may be identical to the underlying hardware (as in
+ {\bf full virtualization}, or it may differ, as in {\bf
+ paravirtualization}).
+
+\item[VMM] Virtual Machine Monitor - the software that allows multiple
+ virtual machines to be multiplexed on a single physical machine.
+
+\item[Xen] Xen is a paravirtualizing virtual machine monitor,
+ developed primarily by the Systems Research Group at the University
+ of Cambridge Computer Laboratory.
+
+\item[XenLinux] A name for the port of the Linux kernel that
+ runs on Xen.
+
+\end{description}
+
\end{document}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-12 10:36:49 +0000