Xen is a free software virtual machine monitor for IA-32, x86-64, IA-64 and PowerPC architectures. It runs on a host operating system and allows several guest operating systems to be run on top of the host on the same computer hardware at the same time. There are many ways to setup xen, but i’ve put together a simple step-by-step guide to get a working xen system based on debian etch. Easy as pie.

Install your host system, you should leave a partition available for lvm, that your virtual machines will use for disk storage.

Create a logical volume group

Get the linux logical volume manager;

apt-get install lvm2

Initialize your partition (or disk) for lvm;

pvcreate /dev/myLvmPartition

Create a logical volume group on your partition;

vgcreate skx-vg /dev/myLvmPartition

Install xen

You can install Xen from the debian packages. Find a list with

apt-cache search xen-linux-system

apt-get install xen-tools xen-linux-system-2.6.18-4-xen-686 xen-docs-3.0 libc6-xen

you should end up with something like the following, depending on what you chose:

# dpkg --list | grep xen
ii  libc6-xen                         2.3.6.ds1-13etch2
ii  linux-image-2.6.18-4-xen-686      2.6.18.dfsg.1-12etch2
ii  linux-modules-2.6.18-4-xen-686    2.6.18.dfsg.1-12etch2
ii  xen-docs-3.0                      3.0.3-0-2
ii  xen-hypervisor-3.0.3-1-i386-pae   3.0.3-0-2
ii  xen-linux-system-2.6.18-4-xen-686 2.6.18.dfsg.1-12etch2
ii  xen-tools                         2.8-2
ii  xen-utils-3.0.3-1                 3.0.3-0-2
ii  xen-utils-common                  3.0.3-0-2

Reboot your system and make sure that you’re now running the xen kernel

# uname -a
Linux yourhostmachine 2.6.18-4-xen-686 #1 SMP Thu May 10 03:24:35 UTC 2007 i686 GNU/Linux

Configure a network bridge

Get the bridge utils package

apt-get install bridge-utils

add a bridging interface to /etc/network/interfaces

auto xenbr0
iface xenbr0 inet static
   pre-up brctl addbr xenbr0
   post-down brctl delbr xenbr0
   post-up iptables -t nat -F
   post-up iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j MASQUERADE
   address 192.168.1.1
   netmask 255.255.255.0
   bridge_fd 0
   bridge_hello 0
   bridge_stp off

bring up this new interface:

ifup xenbr0

Edit /etc/sysctl.conf and uncomment the following line:

net.ipv4.conf.default.forwarding=1

enable this by:

sysctl -p
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding

Configure your default guest system using xen-tools. You can use xen-tools to configure a default guest system. It’s here you specify what OS you want to use, how networking is configured, how disk is configured etc. This can be overridden when you create a specific guest system, but it’s a good idea to configure your starting point.

Creating a guest system

you can create a guest system as follows:

xen-create-image --ip=192.168.1.6 --hostname=mymachine

This takes a minute or two. you can follow along with the progress by tailing the log file:

tail -f /var/log/xen-tools/mymachine.log

You can later delete this image using:

xen-delete-image mymachine

You can list all your images using:

xen-list-images

Boot up that sucker

You can quickly test-boot your new system as follows.

xm create -c mymachine.cfg

This attaches a console to it and is useful for making sure that it works ok. When you’ve got everything working you’ll probably want to use a start / stop technique described later.

Port forward (optional)

If you want external machines to access ports on your virtual machines you can setup port forwards using IP tables e.g. if you wanted to install apache on one of your virtual machines and have it answer on http://yourhostmachine:80, you’d do the following (which forwards HTTP traffic on your eth0 interface to a virtual machine at address 192.168.1.8). add the following two lines to your network/interfaces file:

post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.8:80
post-up iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth0 -j ACCEPT

Your complete bridge definition might look like:

auto xenbr0
iface xenbr0 inet static
   pre-up brctl addbr xenbr0
   post-down brctl delbr xenbr0
   post-up iptables -t nat -F
   post-up iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j MASQUERADE
   post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.8:80
   post-up iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth0 -j ACCEPT
   address 192.168.1.1
   netmask 255.255.255.0
   bridge_fd 0
   bridge_hello 0
   bridge_stp off

Cloning a machine

One of the great things about Xen, is that it makes it really simple to build a machine exactly the way that you want it, then clone it and distribute it to everyone that needs it. allowing you to:

  • Easily create development sandboxes
  • Create and distribute a standardized development environment
  • Create a machine and then build a cluster
  • Upgrade machines by duplicating them, patching the duplicates and if everything goes well, switching over to the new machines or rolling back.

Anyway, here’s an easy way that you can do it.

Create an tarfile of an existing virtual machine

Create a place to store your image

mkdir /var/xen-images

Shutdown the machine that you’re planning to clone (duh). Create a mount point to mount of of your existing images

mkdir /mnt/xen

Mount the image you want to copy

mount /dev/skx-vg/mymachine-disk /mnt/xen

Go to the mount point and tar everything up

cd /mnt/xen ; tar pcfzv /var/xen-images/myImage.tar.gz *

Take a peek at your nice new tar file

tar tvfz /var/xen-images/myImage.tar.gz

Get out of the mount point and unmount.

cd / ; umount /mnt/xen

Creating a virtual machine from a tarfile (like the one created above)

Temporarily comment out any installation method in /etc/xen-tools/xen-tools.conf e.g. this line debootstrap = 1 Create your image with whatever flags you want.

xen-create-image --tar=/var/xen-images/myImage.tar.gz --ip=192.168.1.10 --hostname=flossyTheClonedMachine

Off you go to happy land.

Starting and stopping on boot

If you want to automatically start / stop your machines on bootup, link the machine configuration in /etc/xen/auto e.g.

mkdir /etc/xen/auto
ln -s /etc/xen/mymachine.cfg /etc/xen/auto/

Manually starting and stopping

You can easily start and stop all your xen domains with the handy /etc/init.d/xendomains script e.g. by:

/etc/init.d/xendomains stop

You can use the usual stop, start, restart commands

Utilities

Take a look at XenMan (apt-get install xenman), is a nifty little x-windows tool for managing the virtual machines running on your host.

Cleaning up the debian install

If you install a debian guest, you should consider some post install steps including:

Setup locales:

apt-get install locales
dpkg-reconfigure locales

picking e.g.en_US.UTF-8 UTF-8 set the timezone:

tzconfig

(note: say yes and follow the prompts even if it looks right) By default your domU clock is the dom0 clock. This is probably the way you should leave it i.e. install ntp on dom0 and have your domU’s use the dom0 synchronized clock. If you want your domU to operate independenly, you’ll want to try:

echo 1 > /proc/sys/xen/independent_wallclock

Notes

If you are seeing errors like “4Gb seg fixup” spewed to the console, you need to install the libc6-xen package

apt-get install libc6-xen

Backing up your xen guests

If you need to backup your xen guests, please take a look at my article backing up your xen domains for a discussion on the subject. a flexible script that you can use, xenBackup, is also provided.

Setting up a bridging interface

In the configuration above the xen guests are only visible to the xen-host, and any services on the xen-hosts must be accesses via port forwarding, tunneling etc. for some applications, a bridging configuration works better. you can set this up by following the instructions in setting up a xen bridging interface.