[lug] virtualization first boot question
Dan Ferris
dan at usrsbin.com
Tue Sep 14 21:53:39 MDT 2010
On 9/14/2010 5:49 PM, karl horlen wrote:
> although my question is xen specific since that's what i'm currently exploring, i may turn out using an alternative like kvm, virtualbox, etc. so this question is really posed generically.
I have used Citrix Xenserver extensively (which is like Open Source Xen
only worse). I would take KVM over Xenserver any day, because it's MUCH
easier to set up and run. Opensource Xen is a little easier than
Xenserver, but I find that it is still a little more complex than KVM.
With Red Hat's libvirt and virt-manager apps, both aren't to bad. If
you want to use Xen, you will have to use a Xen aware kernel. If you
don't, Xen will run your VM in HVM, or fully emulated mode, which is
quite slow.
KVM is a set of Kernel drivers that allow a user space program to access
the AMD-V and Intel VT hardware on your processor. KVM works in
conjunction with a KVM aware version of Qemu. Qemu does all of the
heavy lifting. If your processor does not support Intel VT or AMD-V,
KVM will not work for you.
Both Xen and KVM both support Paravirtualization. Xen supports
paravirtualizing the entire Linux kernel, which is why you don't need
the Intel VT or AMD-V processor extensions when you use Xen. Qemu
supports paravirtualized IO. Both have about the same performance,
because the Intel VT / AMD-V will make up the speed for things that
aren't paravirtualized in KVM.
> lets say i'm running an apache web server at known public ip addresses. it's been running well for a long time but now i want to make that same server a virtual server.
>
> i need to download xen kernel and accompanying xen related tools (if another virtualization method is used, substitute appropriate pkgs).
>
> my questions
>
> 1) when i reboot my server with the xen kernel, and assuming i don't create any additional virtual servers, am i correct in assuming that all services (in my case apache, but any other services listening on an ip address at a given port would qualify as well) will work exactly as they did in the non virtual kernel? meaning i don't have to screw with ip addresses, networking config etc post xen boot?
None of the services will know or care that they are in a VM. If you
are running paravirtualized VMs, then only the kernel of the VM will
know that it's virtualized. That goes for both Xen and KVM.
> i believe the real physical networking interface and it's associated config *pre* virtualization simply gets bridged and then the config (public ips, etc) gets automatically copied to the virtual interfaces that now live in the first virtual machine / master domain (see #2) right?
With Xen, you will get special network interfaces called VIFs. I
believe this is a Xen specific thing. With KVM you just use tap
interfaces. You then use the Linux bridge utilities to make bridges
between the VIF/tap and a real ethernet interface and you are good to
go. You can also make bridges of taps / VIFs and you can put your VMS
on a seperate subnet and use the host OS as a firewall / router. With
my current KVM setup, the VMs run on a routed subnet and the host OS
does NAT and firewalling for them.
> 2) the way i understand it is that when xen (i presume it's similar in other virtualization solutions but maybe i shouldn't) boots, it immediately creates dom0. dom0 essentially and transparently (unless you tell it otherwise via configuration) simply virtualizes your existing networking interfaces within dom0. dom0 becomes the "default operating container" for what was "your old non virtual" system. everything runs under dom0 until and unless you specifically start creating domUs to house other virtual servers and systems.
dom0 and domU are a Xen specific. dom0 is just a fancy way of saying
"the host OS". domU is a fancy way of saying, any VM running on the
host OS.
> the terminology is confusing but what i'm getting at is whether somebody can confirm for me that dom0 essentially equals the old server "getting shoved" into a (the first master) virtual container - . meaning i don't need to perform any monkeying around with networking to get my services to work in the virtualized reboot?
You will be monkeying with the network on the host OS. Once you get the
VM bridged onto a real ethernet interface where it can talk to the
world, then you won't have to mess with the network on the VM asides
from setting its IP address.
> what i'm asking is if dom0 is a synonym for the old, base, non-virtualized system?
As I said, dom0 is Xen's way of referring to the host OS.
> again, i just want to know that my base system will continue to function normally on the reboot. and then a reconfirm that the base system essentially is dom0 from a theoretical, technological understanding standpoint.
>
> my plan is to not screw with the original base system. the goal of adding virtualization to an existing server is to leave what i have in tact and then simply add new functionality to the new virtual machines via domUs.
>
> whew. hope that makes sense. i've been through the documentation but the dom0 thing is sort of only nebulously explained.
>
> thanks
None of your services will care that they are running inside a VM.
With my current employer, we run KVM extensively and it works great. No
problems with it at all. At my previous employer, we used Citrix
Xenserver extensively and it also works great so long as you run an OS
that is actually supported. If you run an OS that isn't supported, it
sucks horribly. I also find that fully virtualized KVM is faster that
Xen running in HVM mode.
Have fun,
Dan
More information about the LUG
mailing list