Installing and using a fully-virtualized Xen guest
1. Introduction
Besides installing paravirtualized guest systems, Xen can also host fully-virtualized guests on machines with appropriate hardware. This means that you can run unaltered operating systems like CentOS 3 or Microsoft Windows.
This howto describes how you can install a fully-virtualized guest, without using virt-manager, or its console variant virt-install. Often, users require more customizations than these tools provide, so it is usually better to use the tools that lie underneath. This howto uses the virsh tool from the libvirt package, which is a generic tool for management of virtual machines.
We will look at a sample install of CentOS 3. Some potential changes to the configuration are discussed after that.
2. Checking your hardware
To be able to install a fully virtualized guest, you will need a CPU with the VT-X (Intel) or AMD-V (AMD) extension. You can easily check this by looking at the flags field of /proc/cpuinfo to see if it has the vmx or svm flag. For instance:
$ egrep '^flags.*(vmx|svm)' /proc/cpuinfo flags : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm flags : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc up pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
Some systems do not have VT-X or AMD-V support enabled by default, check your BIOS setup to see whether your CPU extension is enabled. The information from cpuinfo is not indicative for this. Even if CPU virtualization support in the BIOS disabled, the vmx flag wil be shown.
3. Creating an image
The first step is to create an image that will hold the domU virtual disk. Since this can just be a raw zero-filled file, our usual friend dd becomes handy. In this howto we will put images in /srv/xen, although the semi-officially sanctioned location seems to be /var/lib/xen/images. If you would like to allocate disk blocks as the file grows, you can create a file with a hole. The following command will create a /srv/xen/centos3.img file of 4096MB, although the actual data blocks are allocated in a lazy fashion:
# dd if=/dev/zero of=/srv/xen/centos3.img oflag=direct bs=1M seek=4095 count=1
If you want to reserve all the data blocks right away, you can also do that:
# dd if=/dev/zero of=/srv/xen/centos3.img oflag=direct bs=1M count=4096
This will avoid data block allocation problems if the volume that holds the image is full.
If you are using SELinux, it is important to check that the image has the correct security context (xen_image_t), or access to the virtual disk will be denied to the domU system. You can check this with ls:
# ls -Z /srv/xen/centos3.img -rw-r--r-- root root user_u:object_r:xen_image_t /srv/xen/centos3.img
If you are having trouble setting the right file context, please have a look at the Xen tips and tricks page. At any rate, turning off SELinux, as some howtos on this subject advise is a very poor workaround. Reading two manual pages (semanage(8) and restorecon(8)), for an extra layer of security is a good trade!
4. Installing the guest system
To start the installation, we will need a configuration file that defines the guest system. You could use the following example to install CentOS 3:
<domain type='xen'>
<name>CentOS3</name>
<os>
<type>hvm</type>
<loader>/usr/lib/xen/boot/hvmloader</loader>
<boot dev='cdrom'/>
</os>
<memory>262144</memory>
<vcpu>1</vcpu>
<on_poweroff>destroy</on_poweroff>
<on_reboot>destroy</on_reboot>
<on_crash>destroy</on_crash>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<devices>
<emulator>/usr/lib/xen/bin/qemu-dm</emulator>
<interface type='bridge'>
<source bridge='xenbr0'/>
<script path='vif-bridge'/>
</interface>
<disk type='file' device='disk'>
<driver name='file'/>
<source file='/srv/xen/centos3.img'/>
<target dev='hda'/>
</disk>
<disk type='file' device='cdrom'>
<source file='/srv/xen/boot-centos3.iso'/>
<target dev='hdc'/>
<readonly/>
</disk>
<graphics type='vnc' port='5900'/>
</devices>
</domain>The following aspects of the configuration are important at this point:
- Since the disk image is not populated yet, you will have to boot from another medium. We will use an ISO image in this example (which is presented as a CD-ROM to the guest
system. The default boot device can be specified with the boot tag:
<boot dev='cdrom'/>
The amount of memory for the guest system is specified with the memory tag, in kilobytes:
<memory>262144</memory>
- Since we do not want to boot the guest with the same parameters after the installation is completed, we want to make sure that the virtual machine is destroyed after a reboot. We will do the same thing for a crash or poweroff:
<on_poweroff>destroy</on_poweroff> <on_reboot>destroy</on_reboot> <on_crash>destroy</on_crash>
- A device entry is added for the hard disk of the guest system. In this case, this is the disk image we have previously created:
<disk type='file' device='disk'> <driver name='file'/> <source file='/srv/xen/centos3.img'/> <target dev='hda'/> </disk>
Additionally, a CD-ROM device is added. The virtual CD is provided through an ISO image (in this case we have just used the boot.iso file that is available from the CentOS 3 tree):<disk type='file' device='disk'> <driver name='file'/> <source file='/srv/xen/centos3.img'/> <target dev='hda'/> </disk> - Finally, we will attach a graphical console to the virtual machine that we can attach to with a VNC viewer:
<graphics type='vnc' port='5900'/>
You can now start the guest system with virsh. Suppose that the configuration file was saved as /srv/xen/centos3.xml, you can start the guest system with the following command:
virsh create /srv/xen/centos3.xml
When the command returns without an error, the guest is running. You will have to attach a VNC viewer to view the graphical console. To attach to this specific domain, you will first need the domain ID. This can be retrieved through the virsh list command:
$ virsh list Id Name State ---------------------------------- 0 Domain-0 running 12 CentOS3 running
In this example, the guest system is running as ID 12. You can now attach to this system with vncviewer localhost:<ID>. In this case, the command to use would be vncviewer localhost:12. With a bit of luck the ISOLinux prompt will be shown, allowing you to kick off the installation as you are used to :^).
After the installation, the guest system will be shut down.
5. Using the guest system
You will have to adjust the guest system configuration a bit for normal use. First of all, you will have to change the boot device from cdrom to hd to boot from the hard disk image. Besides that, it is a good idea to change the on_reboot option to restart for consitency, as well as the on_crash option. This configuration has these changes, as well as the deletion of the cdrom device:
<domain type='xen'>
<name>CentOS3</name>
<os>
<type>hvm</type>
<loader>/usr/lib/xen/boot/hvmloader</loader>
<boot dev='hd'/>
</os>
<memory>262144</memory>
<vcpu>1</vcpu>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<devices>
<emulator>/usr/lib/xen/bin/qemu-dm</emulator>
<interface type='bridge'>
<source bridge='xenbr0'/>
<script path='vif-bridge'/>
</interface>
<disk type='file' device='disk'>
<driver name='file'/>
<source file='/srv/xen/centos3.img'/>
<target dev='hda'/>
</disk>
<graphics type='vnc' port='5900'/>
</devices>
</domain>You can then start the guest system with this configuration:
virsh create /srv/xen/centos3.xml
You can attach to the graphical console with the same procedure as described above.
6. Using a real CD-ROM drive
You can also use a real CD-ROM drive in the virtual guest. Use the following device entry for the guest CD-ROM drive, changing the source option to list the device name of the CD-ROM drive to be used:
<disk type='block' device='cdrom'> <driver name='phy'/> <source dev='/dev/hdc'/> <target dev='hdc'/> <readonly/> </disk>
7. Installing Windows
If the Windows installer hangs when the Windows kernel is booted (the xentop command will usually say the guest is 100% busy), this can likely be solved by disabling ACPI and the APIC in the guest. You can do this by commenting out these options in the configuration. Change
<acpi/> <apic/>
to
<!-- <acpi/> --> <!-- <apic/> -->
and restart the installation.