WIXLIB

ForewordThe Xen open source hypervisor is changing the world of virtualization. It encourages the broad distribution of acommon industry standard hypervisor that runs on a wide range of architectures from super computers toservers to clients to PDAs. By focusing on the hypervisor, the "engine" of virtualization, rather than a specificproduct embodiment, the Xen open source project enables multiple vendors and the community to combine thecommon cross platform virtualization features of Xen into exciting new products and service offerings.To date, the community around the Xen hypervisor has been squarely in the camp of developers and expertusers. While the Xen-users mailing list offers a friendly and useful source of advice for those wanting to deployand manage Xen-based environments, the new user might find herself in need of advice about best practice andstep-by-step instructions for the deployment of Xen. Running Xen: A Hands-on Guide to the Art of Virtualizationspeaks directly to this critical need. It provides users with everything they need to know to download, build,deploy, and manage Xen implementations.To the authors, a set of Xen contributors, practitioners, and researchers, I would like to say thank you on behalfof the broader Xen community for an accessible and immediately useful book. Code might rule, but "know-how"builds the community itself. Clear information, advice, and documentation like this book will allow the Xenproject to grow and solidify its user base, to renew its creativity and innovation, to focus itself on a larger set ofnew virtualization initiatives.To the readers, I would like to say welcome to the community of Xen users. We look forward to yourinvolvement and contributions! We believe this book will provide you with an excellent introduction to runningXen.Ian Pratt, Xen Project LeaderVP Advanced Technology, Citrix Systems

PrefaceWe began using Xen in the fall of 2003 soon after reading the paper "Xen and the Art of Virtualization" publishedin the Symposium on Operating Systems Principles (SOSP). After attending SOSP and talking to some of theauthors, Jeanna Matthews returned excited about Xen. She and her graduate operating systems course atClarkson University decided to repeat and extend the results reported in that paper. That class included two ofthe coauthors for this book, Eli Dow (currently at IBM) and Todd Deshane (currently completing his Ph.D.), whowere both studying for their Master's degrees at the time. In the process of repeating the results from the 2003Xen paper, we learned a lot about running Xen—much of it the hard way! Our goal for this book was to writeexactly the material we wished was available when we first started using Xen.In July 2004, we published the paper "Xen and the Art of Repeated Research," describing our experience withXen and presenting the results we obtained repeating and extending the results. All the authors, in addition tobeing a part of the Fall 2003 graduate operating systems course, were also members of the Applied ComputingLaboratories at Clarkson University, specifically the Clarkson Open Source Institute (COSI) and the ClarksonInternet Teaching Laboratory (ITL). These labs were founded to provide students with hands-on experience withcutting-edge computing technologies and to form a community in which everyone both learns and teaches.Other students in the labs—both graduate and undergraduate—began to use Xen as the basis for bothproduction systems and for research projects. Through the years, we have used Xen as the basis for a numberof academic papers as well as the basis of award-winning team projects. In the process, we have learned a lotabout running Xen. It is our goal in this book to share this knowledge with you and to make your experiencerunning Xen as smooth and simple as possible.The book is targeted at individuals and organizations that are deploying Xen systems. It walks the readerthrough the basics, from installing Xen to using prebuilt guest images. It even tells readers how to experimentwith Xen using only a Xen LiveCD. It covers the basics of virtualizations and important elements of all Xensystems like the hypervisor and Domain0. It explains the details of the xm commands for managing guestdomains. It helps users deploy custom guest images based on operating systems from Linux to Windows. Itcovers more advanced topics such as device virtualization, network configuration, security, and live migration.We hope you will find it a good mix of introductory and advanced topics that will prove useful from your firstXen deployment experiment to running production Xen systems.Chapter 1, "Xen—Background and Virtualization Basics," is a quick introduction to virtualization in general andto Xen in particular. Chapter 2, "A Quick Tour with the Xen LiveCD," provides an overview of Xen'sfunctionalities by exploring the Xen LiveCD. Chapter 3, "The Xen Hypervisor," focuses on the hypervisor that isthe core of any Xen system and some other trusted components such as Domain0 and xend. We build on thatcommon understanding of the Xen hypervisor by concretely showing you how to install and configure your ownhard-disk-based Xen installation in Chapter 4, "Hardware Requirements and Installation of Xen Domain0." Afteryou have your own hypervisor installation up and running, this book eases you into using guest images by firstshowing you how to download and use images available from the Internet in Chapter 5, "Using Prebuilt GuestImages." Chapter 6, "Managing Unprivileged Domains," covers the basics of administering the running DomUsor unprivileged guest domains. You are then guided through the various methods of creating your own customguest images in Chapter 7, "Populating Guest Images." Now that you have all these guests, Chapter 8, "StoringGuest Images," covers a variety of choices for storing guest images for online use as well as backup andsharing.The second half of this book delves into more advanced system management topics including devicemanagement (Chapter 9, "Device Virtualization and Management"), networking (Chapter 10, "NetworkConfiguration"), security (Chapter 11, "Securing a Xen System"), resource distribution (Chapter 12, "ManagingGuest Resources"), and migration (Chapter 13, "Guest Save, Restore and Live Migration"). We conclude with asurvey of some of the popular administrative tools available for your Xen systems in Chapter 14, "An Overviewof Xen Enterprise Management Tools."Throughout the book, we include listings illustrating relevant commands and their output. We use the commandprompt to indicate where the command should be run.

For example, the following would indicate a command to be run as root on the privileged domain, Domain0:[root@dom0 ]#The following would indicate a command to be run as any user in a regular guest domain:[user@domU] Watching these command prompts will help you identify which of the many guests in your Xen system should beused for running any given command.It is our intention to maintain a website with additional information and materials relevant to the book. We haveregistered the domain, runningxen.com, for this purpose and are working on assembling materials. We inviteyou to check on our progress and to send questions or suggestions.

AcknowledgmentsWe are indebted to the many people who provided feedback and suggestions on the book's content. SimonCrosby provided key feedback on the overall content of the book. Keir Fraser answered a number of technicalquestions with amazing speed and good humor. Andy Warfield provided feedback for Chapter 9. We thank allthe Xen contributors who have released their work to the open source community.Several of the authors attended the Xen Summit at IBM T.J. Watson Research in April 2007 and we would like toexpress our gratitude to all the organizers and attendees. Many people provided invaluable feedback and advicein various conversations—short and long. We would especially like to thank Sean Dague, who provided excellentoverall Xen advice and feedback throughout this process, and Jose Renato Santos, who provided detailedfeedback on the networking material in the book. In general, online materials from all the Xen summits were aninvaluable resource for us, as was the Xen Wiki, Xen mailing lists, and other similar resources. We appreciatethe efforts of all the individuals who contributed to those materials.We would like to thank everyone who read early drafts of the book. Jessie Yu in particular went above andbeyond the call of duty in reviewing and helping to revise many chapters. Jim Owens provided valuable earlyfeedback for Chapter 13. Tom "Spot" Callaway from Red Hat gave us some excellent suggestions about Chapter14. (Thanks also to Spot and Máirìn Duffy for several screenshots in that chapter.) Chris Peterman did someearly writing on the security chapter and provided valuable comments in the initial phases of organizing thetext. Lindsay Hoffman and Barbara Brady provided detailed comments on the writing in Chapter 10. RyanKornheisl read a number of chapters and helped test many of the instructions in the book. Anthony Peltz alsohelped with testing.We would also like to thank everyone who helped with final revisions. In the last days before the manuscriptwas submitted, a small army of people volunteered to do a fresh read of many chapters, finding everything fromtypos to substantial problems. We would like to thank Zach Shepherd, Keegan M. Lowenstein, Igor Hernandez,Alexander M. Polimeni, Erika Gorczyca, Justin Bennett, Joseph Skufca, Mathew S. McCarrell, Krista Gould, andRon Arenas. We couldn't have done it without you! Tom Doeppner and Dan Kuebrich from Brown University alsoprovided some very helpful feedback on Chapter 3. We would especially like to thank Michael Thurston and KenHess for their excellent suggestions. Beside the authors, we believe they are the only ones who have read theentire book!We would like to thank many members of the Clarkson Open Source Institute and Clarkson Internet TeachingLaboratory who over time added to our understanding and hands-on experience with Xen. Bryan Clark (now atRed Hat), Steven Evanchik (now at VMware), Matt Finlayson, and Jason Herne (both now at IBM) were allcoauthors on the 2004 "Xen and the Art of Repeated Research" paper. Jason Herne, Patricia Jablonski, LeslieCherian, and Michael McCabe were all coauthors on the 2005 "Data Protection and Rapid Recovery From AttackWith A Virtual Private File Server and Virtual Machine Appliances" paper, which used Xen for some of theprototypes being tested. Madhu Hapauarachchi, Demetrios Dimatos, Gary Hamilton, Michael McCabe, and JimOwens were coauthors on the 2007 paper "Quantifying the Performance Isolation Properties of VirtualizationSystems." Justin Basinger, Michael McCabe, and Ed Despard were part of the Xenophilia project that won secondplace in the 2005 Unisys Tuxmaster competition. Cyrus Katrak and Zach Shepherd have been key to thedeployment of Xen in our production environment in the Applied CS labs. They have both been a crucial sourceof advice and feedback.We would like to thank the OpenSolaris Xen Community Leaders, especially Todd Clayton, Mark Johnson, JohnLevon, and Christopher Beal, for their quick and helpful responses over e-mail and IRC during our testing of Xenon OpenSolaris. We would like to have included more coverage of Solaris in this book. Additional support inSolaris for Xen beyond what is covered in this book is expected soon.We would like to thank our editor, Debra Williams Cauley, for her help and encouragement through this entireprocess. Thanks also to Catherine Nolan who initially contacted us about this project.Richard A. Wilbur provided access to early HVM-enabled equipment used in testing.

Jeanna Matthews would like to thank her husband Leonard Matthews and children Robert and Abigail Matthewsfor their patience and love throughout this whole process. She would also like to thank her current and formerstudents—including the six other authors on this book—for all she continues to learn from them.Eli M. Dow would like to thank his parents, Terry and Mona, as well as his siblings, Ian and Ashley, foreverything. He would also like to thank IBM and the Test and Integration Center for Linux for their supportduring the writing process. Specifically he wishes to acknowledge Frank Lefevre, Duane Beyer, Robert JayBrenneman, Phil Chan, Scott Loveland, and Kyle Smith for their insightful conversations regarding virtualizationand this book in particular. Eli would also like to thank the wonderful faculty and staff at Clarkson Universitywho made his academic career such a wonderful experience. Lastly he would like to thank his significant other,Jessie, for her enduring patience during the writing process.Todd Deshane would like to thank his significant other, Patty, for her support during the writing of this book.Wenjin Hu would like to thank his mom, Yajuan Song, and his dad, Hengduo Hu, for their constant support of hisstudy at Clarkson University, and his friend, Liang Zheng, for emotional support.Patrick F. Wilbur would like to thank his mother, Claudia, his father, Richard, and his significant other, Krista, fortheir support and patience throughout the development of this book.

About the AuthorsJeanna Matthews is an associate professor of Computer Science at Clarkson University (Potsdam, New York)where she leads several hands-on computing laboratories including the Clarkson Open Source Institute andClarkson Internet Teaching Laboratory. Students in these labs and in her classes have been winners in a numberof prestigious computing contests including the 2001, 2002, and 2004 IBM Linux Challenge, the 2005 IBM NorthAmerican Grid Scholar's Challenge, the 2005 Unisys Tuxmaster competition, and the 2006 VMware UltimateVirtual Appliance Challenge. Her research interests include virtualization, operating systems, computernetworks, and computer security. She is actively involved in the Association for Computing Machinery astreasurer of the Special Interest Group on Operating Systems, editor of Operating Systems Review, and is amember of the Executive Committee ACM's U.S. Public Policy Committee, US-ACM. She is also the author of acomputer networking textbook, Computer Networking: Internet Protocols in Action, that has been translatedinto several languages. Jeanna received her Ph.D. in Computer Science from the University of California atBerkeley in 1999.Eli M. Dow is a software engineer in IBM's Test and Integration Center for Linux in Poughkeepsie, NY. He holdsa B.S. degree in Computer Science and Psychology as well as an M.S. in Computer Science from ClarksonUniversity. He is passionate about open source software and is an alumnus and founding member of theClarkson Open Source Institute. His interests include virtualization, Linux systems programming, the GNOMEdesktop, and human-computer interaction. He is the author of numerous IBM developerWorks articles focusedon Linux and open source software. Additionally, he has coauthored two books on the mainframe hypervisorz/VM, entitled Introduction to the New Mainframe: z/VM Basics and Linux for IBM System z9 and IBM zSeries.His first published experience with Xen was coauthoring an early academic paper entitled "Xen and the Art ofRepeated Research." Recently he has focused on developing highly available, enterprise customer solutionsdeployed on virtualized Linux using the z/VM hypervisor.Todd Deshane expects to obtain a Ph.D. in Engineering Science from Clarkson University in 2008. He also hasa Master of Science in Computer Science and a Bachelor of Science in Software Engineering from Clarkson.While at Clarkson University, he has had a variety of research publications—many involving Xen. In 2005, aproject that was based on Todd's Master's thesis—an open source collaborative, large database explorer—wonfirst place in the Unisys TuxMaster competition. Todd's primary academic and research interests are in the areaof operating system technologies, such as virtual machine monitors, high availability, and file systems. Hisdoctoral dissertation focuses on using these technologies to provide desktop users with an attack-resistantexperience, with automatic and autonomic recovery from viruses, worms, and adverse system modifications.During his Ph.D. years, Todd has been a teaching assistant and an IBM Ph.D. Fellowship recipient. At IBM, Toddhas worked on internship projects involving Xen and IBM technologies. Todd enjoys teaching, tutoring, andhelping people.Wenjin Hu graduated from Clarkson University in 2007 with a Master's degree of Computer Science and iscurrently working on his Ph.D. His Masters thesis was "A Study of the Performance Isolation Properties ofVirtualization Systems." His research field is applying virtualization techniques to operating systems andsecurity.Jeremy Bongio is currently a Master's student at Clarkson University. He won second place in the UnisysTuxmaster competition in 2005 with a project called Xenophilia, an early effort to make Xen more user friendly.He is a current member and former student director of the Clarkson Open Source Institute, where he activelylearns and experiments with different kinds of virtualization.Patrick F. Wilbur is currently pursuing graduate studies in Computer Science at Clarkson University. Hisinterests include operating systems, systems and application security, natural language processing, and homeautomation. In his spare time, Patrick enjoys composing music, experimenting with amateur radio, stormchasing, and working on various electronics, software, and carpentry projects around the house. He is currentlya member of the Clarkson Open Source Institute, a volunteer at the Applied Computer Science Laboratories atClarkson University, an emergency communications volunteer, and a member of the Association for ComputingMachinery.

Brendan Johnson graduated from Clarkson University in 2002 with a Bachelor's degree in Computer Scienceand a minor in Mathematics. Brendan continued his education at Clarkson University and obtained a Master's ofScience in Computer Science with a thesis in quantum computing. Brendan is currently a senior softwarearchitect at Mobile Armor, a world leading "Data At Rest" encryption software company.

Chapter 1. Xen—Background and Virtualization BasicsXen is a virtual machine monitor (hypervisor) that allows you to use one physical computer to run many virtualcomputers—for example, running a production Web server and a test server on the same physical machine orrunning Linux and Windows simultaneously. Although not the only virtualization system available, Xen has acombination of features that make it uniquely well suited for many important applications. Xen runs oncommodity hardware platforms and is open source. Xen is fast, scalable, and provides server-class featuressuch as live migration. This chapter discusses common uses and types of virtualization, describes the history ofvirtualization and origins of Xen, provides a brief overview of the Xen architecture, and compares Xen with othervirtualization systems.Common Uses and Benefits of VirtualizationVirtual machine monitors provide a convenient way to use the same physical computer hardware for manydifferent tasks. Operating systems have been doing this for years simply by enabling users to run manydifferent applications at once, such as Web browsers, database servers, and games. However, withoutvirtualization, the act of choosing an operating system and system configuration to run on your physicalcomputer has the unfortunate side effect o

Running Xen: A Hands-on Guide to the Art of Virtualization speaks directly to this critical need. It provides users with everything they need to know to download, build, deploy, and manage Xen implementations. To the authors, a set of Xen contributors, practitioners, and researchers, I would like to say thank you on behalf