Testing out the Xen live CD

January 11, 2006

This article was contributed by Ravi Kumar

Linux had always lacked a open source virtualization technology in the same league as Solaris Containers or a commercial product like VMware. That was until Xen came into the picture. Xen is an open source virtual machine monitor for x86 that supports execution of multiple guest operating systems. Xen is released under the GPL and can easily be used to run operating systems as diverse as different Linux distributions, BSDs and even Windows XP (though Windows port is not available because of licensing restrictions).

Virtualization technologies are nothing new, what with VMware, User-mode Linux and others available. But Xen is relevant here because of the support for it from Red Hat, its GPL license, and also its active development. Strictly speaking, Xen does not do full virtualization like that being done by commercial ventures like VMware. But it presents a virtual machine abstraction that is similar - but not identical - to the underlying hardware. This type of semi virtualization is dubbed by the makers of Xen as para-virtualization.

The benefits of using para-virtualization over full virtualization are the improved performance and strong resource isolation on uncooperative machine architectures like x86. Of course, there is a down side to it too in that you need a specially compiled Linux kernel to successfully run Xen on Linux. A comparison of Xen over other virtualization technologies (like VMware and Usermode Linux) has already been published.

Xen Live CD - A Review

Recently, a Live CD was released to showcase the power of Xen virtualization. I had downloaded the Xen Demo Live CD ISO image (503 MB) from their website and burned it on to a CD in order to give it a trial run. What follows below are my experiences in trying out this very promising virtualization technology.

The Xen Live CD comes with two images: Debian Etch and CentOS 4.1. When I booted using the Live CD, I was presented with the GRUB boot loader which gave me a choice of booting either of the two systems. I selected Debian Etch and the booting proceeded without any problem. It took around 3 minutes to present the GUI login screen. Xen live CD uses GDM as the display manager and loads the Xfce desktop. When the gdm (Gnome display manager) was fully loaded, you are presented with the login screen where you are prompted to log in as user 'root' and password 'xensource'. Once you are logged in, you are presented with two open applications - one an X terminal and another giving a real time data of the virtual machine status (see figure, left).

Next I decided to create a virtual machine for the CentOS Linux distribution inside the Debian etch distribution. For achieving this, you have a command line utility called xm. I created the CentOS image by running the command :

# xm create -c /root/centos-conf name=centos_1

It gave an error, saying that it couldn't find enough memory to load CentOS and that it needed at least 96 MB for the same when there was only 17 MB available. The machine on which I tested Xen is a Pentium IV 256 MB RAM machine. At this point I realized that almost all the memory on my machine was allocated to Debian.

I figured out that one can reduce amount of memory allocated to the virtual OSes by using the same xm utility. For that you have to find the domain ID of the virtual OS whose memory allocation you want to change.

# xm domid Debian_os1
0

Now that I got the domain id of the Debian etch virtual os, I reduced the memory allocated to it to 98 MB as follows :

# xm  mem-set 0 98

The above command reduces the memory allocated to the domain ID 0 to 98 MB. Thus I succeeded in reducing the memory allocated to the Debian etch os to just 98 MB. Which meant at least 100 MB memory was freed in the process.

After that I again tried creating the CentOS virtual system. The previous low memory error was rectified but CentOS started in the paused state and I set about figuring out how to unpause it - which was quite simple as finding the domain id of the centos_1 image and then unpausing it using the universal xm command.

# xm domid centos_1
2
# xm unpause 2

That done, eventually I got the CentOS login screen shown on the right.

Of course, if I have enough memory, I can start any number of these virtual OSes following the above methods. Xen uses VNC to display the virtual OS. So if you are starting say 10 virtual OSes, each will have its own VNC window. You can even start Xen on a server and then access a complete independent OS using a VNC client from a remote machine.

Uses of Xen Virtualization

Here are a few ways I figured out how Xen could be put to good use.

If you are a student interested in getting hands-on networking skills, then you can set up your own virtual networking lab on your home computer provided you have at least 1 GB RAM. Using three or more virtual OSes, you can set up a virtual network and try out tasks like routing, bridging, setting up gateways, running firewalls, subnetting your network and more, all in the safe confines of a virtual environment.

As a frequent netizen, you must be aware of the rumors that spread around two months back, of a certain very popular public company which planned to bring out its own operating system based on Linux. Of course, the rumor turned out to be a dud. But if such a project were to kick off, then it will most probably be using virtualization technology like Xen. Using Xen, each user can be given his own copy of a OS complete with root privileges. And since Xen is using VNC to display the desktop, it is most suitable for a network OS.
Kernel developers and debugging specialists in the kernel space will find Xen useful because they can compile code and try out things on the virtual system without affecting the parent system.

Application developers on the Linux platform can test their applications on different Linux distributions at the same time by running copies of the distributions simultaneously using Xen on their PC.

Current drawbacks of Xen Virtualization

Needs to enable virtualization in the parent Linux kernel which, at this time, requires recompiling a kernel from source. But it is bound to change when Intel supports virtualization at the hardware level on more of its CPUs.

Needs a good amount of memory for it to be of any use to anybody. I would recommend at least 1 GB memory even though, with a little bit of tweaking like I did above, you might be able to use it with less than 256 MB RAM.
It is a relatively new technology (when compared to products like VMware which do full virtualization).

Index entries for this article
GuestArticles	Kumar, Ravi

Xen & VMware

Posted Jan 12, 2006 10:03 UTC (Thu) by addw (guest, #1771) [Link] (1 responses)

It is not fair to compare Xen to VMware, the two have different objectives; Xen is better compared to IBM's VM that is available on it's big iron.

As with Xen an OS needs to know that it is running on top of VM, the purpose is to allow multiple guest OS images to run concurrently and have them not interfere with each other and to dynamically load balance between the separate OS images. IE the aim is control over resources and prevention of disasters/upgrade_issues/... in one guest from interfering with another guest.

VMware is for running an unmodified guest operating system, you will use it because of the reasons that you run Xen/VM, but also because it is the only way of running a precious application that only runs under some version of an OS.

VMware needs to do more work to maintain the illusion to the guest of it running natively on the hardware; this illusion is not part of the Xen/VM aim - where management/resource_control is top of the list.

Xen & VMware

Posted Jan 12, 2006 15:00 UTC (Thu) by fatrat (guest, #1518) [Link]

Xen is also comparable to "Zones" in Solaris 10.

Testing out the Xen live CD

Posted Jan 12, 2006 10:34 UTC (Thu) by duck (guest, #4444) [Link]

With SuSE you can just install Xen as an option, and avoid compiling your
own kernel. They ship a prepard Xen kernel.

Missed the point in a big way

Posted Jan 12, 2006 13:37 UTC (Thu) by bfeeney (guest, #6855) [Link] (1 responses)

The big draw of Xen is not in easing or refining development, it's in enhancing security. In a way it's like an extreme verison of a hyper-visor.

In other words, each individual server runs in it's own little virtual box, and cannot damage the integrity of the rest of the system, through either fault or attack. This is why RedHat and Solaris are so into virtualisation right now, it's the next big thing in securing servers.

exactly

Posted Jan 21, 2006 13:03 UTC (Sat) by niner (subscriber, #26151) [Link]

That's exactly what I have in mind for securing our company's webserver. Our problem is, that we have exactly one server for many different services and much old code running there where no one knows about the security risks.

So I thought about using Xen to let every service run on it's own virtual machine and using destination NAT and apache proxying (for splitting our PHP scripts and the frontpage stuff one customer needs) to bring them together on one external IP.

So when the catastrophy finally comes it's only one service that's going down instead of everything.

Testing out the Xen live CD

Posted Jan 12, 2006 18:07 UTC (Thu) by drosser (guest, #29597) [Link] (1 responses)

I feel the need to point out QEMU does full virtualization just like VMWare. The drawbacks include an accelerator module that isn't free software (although there is a 3rd party module I haven't tried), and the networking stack can be a bit difficult to setup.

QEMU also supports the emulation of different processor architectures. This is in direct contrast to Xen, which I think is more like it's own sub-architecture of i386 Linux kernel.

Xen, with hardware support, will of course be much higher performing. But for kernel hacking (especially non-x86) I don't think it can be beat.

Testing out the Xen live CD

Posted Jan 15, 2006 20:20 UTC (Sun) by oak (guest, #2786) [Link]

Is the official term "Full virtualization"?

I have always thought that VMWare is mostly virtualization and partially
emulation, Qemu is emulation (like Valgrind) except that it can also
use dynamic translation to speed up the emulation. I'm not completely
sure how much User Mode Linux is virtualization and whether it does
emulation.

At least earlier WMWare needed a kernel module to work whereas I think
UML (and of course Qemu) could work without even that.

Don't forget: linux-vserver and openvz

Posted Jan 12, 2006 19:49 UTC (Thu) by dowdle (subscriber, #659) [Link] (1 responses)

I have tried Xen... via Fedora's Xen packages. On the older Athlon I was using, kernel upgrades broke Xen. Xen also is very rough in a number of areas including OS installation. To the best of my knowledge, the Xen folks offer no mechanism for installing a client OS and all of the methods currently used have been cooked up using various pre-existing distro packaging tools.

As mentioned in the article, Xen is very fat. That is because it runs a complete system, kernel and all.

I realize that the linux-vserver project and the openvz project do NOT let you run different OSes and different kernels in their client machines... but for most people, that probably isn't an issue.

I use linux-vserver on Debian systems and openvz on Red Hat/Fedora systems. Between the two, I prefer openvz because it feels more mature and the fact that it comes with tools to manage VPS (Virtual Private Server) installation including creation of your own cache (respository) makes one wonder why Xen is lacking that... given all of the buzz behind Xen.

I installed openvz on a 6 year old Athlon system with 768MB of RAM and was easily able to create 10 virtual machines from scratch in about a minute per machine. The only drawback with openvz is that they don't include sound support and a few other things that you'd want on a desktop system... but for servers, openvz is amazing.

Now if someone could get the Red Hat distro people interested in including openvz as a default part of their distro... I would be so happy.

Don't get me wrong, Xen is amazing for what it does... but it is just too resource consuming... and I think the vast majority of people would prefer the approaches taken by linux-vserver and openvz... and ACTUALLY USE said virtualization.

OpenVZ templates are available for CentOS, Fedora 3, Fedora 4, and Debian Sarge... meaning you can create VPS machines of those distros.

Don't forget: linux-vserver and openvz

Posted Apr 12, 2006 3:04 UTC (Wed) by SocketCreep (guest, #37089) [Link]

One concern I have is this: Although Virtualization is great for maximizing server utilization, it would seem to also to create a single point of failure. What is there were a hardward failure? All services and virtual servers would go down. (Unless you had a fault tolerant system with built-in hardware redundancy.)

So, along with that concern is a question: How well does virtualization do in a clustered environment? Does the process load get distributed well to the nodes, or would it stay on the host or master node?

I do not have any experience yet with clusters or virtualization, but am thinking this could be a great way for all those old cpu we all have laying around to be used.