The Perfect Xen Setup For Debian And Ubuntu
Submitted by falko on Wed, 2005-11-09 13:39
原文:http://www.howtoforge.com/perfect_xen_s ... ian_ubuntu
这篇很长。
The Perfect Xen Setup For Debian And Ubuntu
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
The Perfect Xen Setup For Debian And Ubuntu
Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 11/08/2005
This tutorial provides step-by-step instructions on how to install Xen (version 2) on a Debian Sarge (3.1) system. It should apply to Ubuntu systems with little or no modifications.
Xen lets you create guest operating systems (*nix operating systems like Linux and FreeBSD), so called "virtual machines" or domUs, under a host operating system (dom0). Using Xen you can separate your applications into different virtual machines that are totally independent from each other (e.g. a virtual machine for a mail server, a virtual machine for a high-traffic web site, another virtual machine that serves your customers' web sites, a virtual machine for DNS, etc.), but still use the same hardware. This saves money, and what is even more important, it's more secure. If the virtual machine of your DNS server gets hacked, it has no effect on your other virtual machines. Plus, you can move virtual machines from one Xen server to the next one.
I will use Debain Sarge for both the host OS (dom0) and the guest OS (domU). In an additional section at the end I will also show how to create a virtual local network with virtual machines, with dom0 being the router.
This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.
This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 11/08/2005
This tutorial provides step-by-step instructions on how to install Xen (version 2) on a Debian Sarge (3.1) system. It should apply to Ubuntu systems with little or no modifications.
Xen lets you create guest operating systems (*nix operating systems like Linux and FreeBSD), so called "virtual machines" or domUs, under a host operating system (dom0). Using Xen you can separate your applications into different virtual machines that are totally independent from each other (e.g. a virtual machine for a mail server, a virtual machine for a high-traffic web site, another virtual machine that serves your customers' web sites, a virtual machine for DNS, etc.), but still use the same hardware. This saves money, and what is even more important, it's more secure. If the virtual machine of your DNS server gets hacked, it has no effect on your other virtual machines. Plus, you can move virtual machines from one Xen server to the next one.
I will use Debain Sarge for both the host OS (dom0) and the guest OS (domU). In an additional section at the end I will also show how to create a virtual local network with virtual machines, with dom0 being the router.
This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.
This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
1 Install The Debian Host System (dom0)
You can overall follow these instructions, but with a few changes:
* http://www.howtoforge.com/perfect_setup_debian_sarge
* http://www.howtoforge.com/perfect_setup_debian_sarge_p2
However, it's important that you type linux26 at the boot prompt to install a kernel 2.6 system. dom0's FQDN in this example will be server1.example.com, so I specify server1 as Hostname and example.com as Domain name. server1.example.com's IP address will be 192.168.0.100 in this tutorial.
When it comes to the partitioning, I select Manually edit partition table. I create the following partitions:
* /boot 100 MB (Primary) (Location for the new partition: Beginning) (ext3) (Bootable flag: on <-- important, otherwise your system will not boot!)
* swap 1GB (Logical) (Location for the new partition: Beginning)
* / 2GB (Logical) (Location for the new partition: Beginning) (ext3)
* /vserver the rest (Logical) (Location for the new partition: Beginning) (ext3)
(Side note: You can also install everything in one big partition (as described here: http://www.howtoforge.com/perfect_setup_debian_sarge), but then you have to keep in mind that the Grub stanzas I describe in this howto are slightly different. For example, when I write that I add
title Xen 2.0.6 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
to /boot/grub/menu.lst then you should probably use
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /boot/xen.gz dom0_mem=65536
module /boot/vmlinuz-2.6.11.12-xen0 root=/dev/hda1 ro console=tty0
in that file...)
When the Debian installer prompts Choose software to install: I make no selection and go on (dom0 should run as few software as possible in order not to be vulnerable to attacks. To the outside world it will be accessible only over SSH.).
2 Configure dom0's Network
Because the Debian Sarge installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Then restart your network:
/etc/init.d/networking restart
Edit /etc/resolv.conf and add some nameservers:
search server
nameserver 145.253.2.75
nameserver 193.174.32.18
nameserver 194.25.0.60
Then set dom0's hostname:
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
3 Install Xen
There are two ways to install Xen: install the binary package from the Xen website, or compile Xen and the Xen kernels from the sources.
The first way is easier, but it has the disadvantage that the domU kernel that comes with the binary package has no support for quota and iptables, both features that I need in my virtual machines (domU). Plus, the dom0 kernel has no support for the dummy network driver, which I need at the end in the optional chapter 5 where I describe how to set up a virtual local network with virtual machines.
In chapter 3.1 I describe how to install the Xen binary package which is recommended for beginners (skip chapter 3.2 and continue with chapter 4). If you need quota and iptables in your virtual machines, then skip chapter 3.1 and continue with chapter 3.2 where I show how to install Xen from the sources.
You can overall follow these instructions, but with a few changes:
* http://www.howtoforge.com/perfect_setup_debian_sarge
* http://www.howtoforge.com/perfect_setup_debian_sarge_p2
However, it's important that you type linux26 at the boot prompt to install a kernel 2.6 system. dom0's FQDN in this example will be server1.example.com, so I specify server1 as Hostname and example.com as Domain name. server1.example.com's IP address will be 192.168.0.100 in this tutorial.
When it comes to the partitioning, I select Manually edit partition table. I create the following partitions:
* /boot 100 MB (Primary) (Location for the new partition: Beginning) (ext3) (Bootable flag: on <-- important, otherwise your system will not boot!)
* swap 1GB (Logical) (Location for the new partition: Beginning)
* / 2GB (Logical) (Location for the new partition: Beginning) (ext3)
* /vserver the rest (Logical) (Location for the new partition: Beginning) (ext3)
(Side note: You can also install everything in one big partition (as described here: http://www.howtoforge.com/perfect_setup_debian_sarge), but then you have to keep in mind that the Grub stanzas I describe in this howto are slightly different. For example, when I write that I add
title Xen 2.0.6 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
to /boot/grub/menu.lst then you should probably use
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /boot/xen.gz dom0_mem=65536
module /boot/vmlinuz-2.6.11.12-xen0 root=/dev/hda1 ro console=tty0
in that file...)
When the Debian installer prompts Choose software to install: I make no selection and go on (dom0 should run as few software as possible in order not to be vulnerable to attacks. To the outside world it will be accessible only over SSH.).
2 Configure dom0's Network
Because the Debian Sarge installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Then restart your network:
/etc/init.d/networking restart
Edit /etc/resolv.conf and add some nameservers:
search server
nameserver 145.253.2.75
nameserver 193.174.32.18
nameserver 194.25.0.60
Then set dom0's hostname:
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
3 Install Xen
There are two ways to install Xen: install the binary package from the Xen website, or compile Xen and the Xen kernels from the sources.
The first way is easier, but it has the disadvantage that the domU kernel that comes with the binary package has no support for quota and iptables, both features that I need in my virtual machines (domU). Plus, the dom0 kernel has no support for the dummy network driver, which I need at the end in the optional chapter 5 where I describe how to set up a virtual local network with virtual machines.
In chapter 3.1 I describe how to install the Xen binary package which is recommended for beginners (skip chapter 3.2 and continue with chapter 4). If you need quota and iptables in your virtual machines, then skip chapter 3.1 and continue with chapter 3.2 where I show how to install Xen from the sources.
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
3.1 Installing The Binary Package
Run the following commands:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install screen ssh debootstrap python python2.3-twisted iproute bridge-utils libcurl-dev
<-- Yes
<-- Yes
<-- Yes
3.1.1 Install Xen
Next do this:
cd /usr/src/
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... x86_32.tgz
tar xvzf xen-2.0.7-install-x86_32.tgz
cd xen-2.0-install
./install.sh
mv /lib/tls /lib/tls.disabled
Now Xen is installed. In order to start the Xen services at boot time, do the following:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.1.2 Configure The Bootloader And Reboot
Next we add the Xen kernel to Grub, our bootloader. Edit /boot/grub/menu.lst, and before the line ### BEGIN AUTOMAGIC KERNELS LIST add the following stanza:
title Xen 2.0 / XenLinux 2.6.11
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6.11-xen0 root=/dev/hda6 ro console=tty0
Make sure that /dev/hda6 is your / partition. Keep in mind what I said about Grub and partitioning in chapter 1!
Now reboot the system:
shutdown -r now
At the boot prompt, Grub should now list Xen 2.0 / XenLinux 2.6.11 as the first kernel and boot it automatically. If your system comes up without problems, then everything is fine!
3.2 Installing From The Sources
Run the following commands:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install iproute bridge-utils python-twisted gcc-3.3 binutils make libcurl3-dev zlib1g-dev python-dev transfig bzip2 screen ssh debootstrap libcurl-dev libncurses5-dev (1 line!)
cd ~
mkdir xen
cd xen
mkdir archive
cd archive
3.2.1 Install Xen
Now execute these commands:
wget http://www.kernel.org/pub/linux/kernel/ ... 12.tar.bz2
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... .7-src.tgz
cd ..
tar -xvzf archive/xen-2.0.7-src.tgz
tar -xvjf archive/linux-2.6.11.12.tar.bz2
cd xen-2.0
make world
make install
sh ./install.sh
Now Xen is installed. In order to start the Xen services at boot time, do the following:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.2.2 Compile A New dom0 Kernel
Next we compile a new dom0 kernel with Xen-, iptables-, quota-, and dummy support. The kernel will be installed to ~/xen/install so that we can save it for other machines. From ~/xen/install we will install it to the real locations. Xen works with kernel 2.6.11, so I take the latest 2.6.11 kernel (2.6.11.12) instead of newer kernels, e.g. 2.6.14.
cd ..
mv /lib/tls /lib/tls.disabled
cp -al linux-2.6.11.12 linux-2.6.11.12-xen0
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xen0/
cd ../..
echo "-xen0" > linux-2.6.11.12-xen0/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xen0 > archive/linux-2.6.11.12-xen0.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xen0.patch
cd ../
mkdir install
cd linux-2.6.11.12-xen0
cp arch/xen/configs/xen0_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
In the kernel comfiguration menu that shows up we have to enable quota, iptables and the dummy network driver as modules. This is where you enable these modules:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> <M> Dummy net driver support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
Now we install the kernel to ~/xen/install:
make modules
make modules_install
make install
Finally, we copy the kernel to the "real" locations:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xen0/ /lib/modules
cp -r usr/include/xen /usr/include
(If you are interested, this is my dom0 kernel configuration.)
3.2.3 Configure The Bootloader And Reboot
Next we add our new kernel to Grub, our bootloader. Edit /boot/grub/menu.lst, and before the line ### BEGIN AUTOMAGIC KERNELS LIST add the following stanza:
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
Make sure that /dev/hda6 is your / partition. Keep in mind what I said about Grub and partitioning in chapter 1!
Now reboot the system:
shutdown -r now
At the boot prompt, Grub should now list Xen 2.0.7 / XenLinux 2.6.11.12-xen0 as the first kernel and boot it automatically. If your system comes up without problems, then everything is fine!
3.2.4 Compile A New domU Kernel
Now we compile a new domU kernel for our virtual machines. Again, we install the kernel in ~/xen/install and copy it to the real location afterwards:
cd ~/xen
cd linux-2.6.11.12
make clean
cd ../
cp -al linux-2.6.11.12 linux-2.6.11.12-xenU
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xenU/
cd ../..
echo "-xenU" > linux-2.6.11.12-xenU/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xenU > archive/linux-2.6.11.12-xenU.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xenU.patch
cd ../
rm -fr install
mkdir install
cd linux-2.6.11.12-xenU
cp arch/xen/configs/xenU_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
In the kernel comfiguration menu that shows up we have to enable quota and iptables as modules (it is important that they are modules. I could not get iptables to work in a virtual machine when I compiled it into the kernel statically!). This is where you enable these modules:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
Now we install the kernel to ~/xen/install:
make modules
make modules_install
make install
Finally, we copy the kernel to the "real" locations:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xenU/ /lib/modules
cp -r usr/include/xen /usr/include
(This is my domU kernel configuration.)
Run the following commands:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install screen ssh debootstrap python python2.3-twisted iproute bridge-utils libcurl-dev
<-- Yes
<-- Yes
<-- Yes
3.1.1 Install Xen
Next do this:
cd /usr/src/
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... x86_32.tgz
tar xvzf xen-2.0.7-install-x86_32.tgz
cd xen-2.0-install
./install.sh
mv /lib/tls /lib/tls.disabled
Now Xen is installed. In order to start the Xen services at boot time, do the following:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.1.2 Configure The Bootloader And Reboot
Next we add the Xen kernel to Grub, our bootloader. Edit /boot/grub/menu.lst, and before the line ### BEGIN AUTOMAGIC KERNELS LIST add the following stanza:
title Xen 2.0 / XenLinux 2.6.11
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6.11-xen0 root=/dev/hda6 ro console=tty0
Make sure that /dev/hda6 is your / partition. Keep in mind what I said about Grub and partitioning in chapter 1!
Now reboot the system:
shutdown -r now
At the boot prompt, Grub should now list Xen 2.0 / XenLinux 2.6.11 as the first kernel and boot it automatically. If your system comes up without problems, then everything is fine!
3.2 Installing From The Sources
Run the following commands:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install iproute bridge-utils python-twisted gcc-3.3 binutils make libcurl3-dev zlib1g-dev python-dev transfig bzip2 screen ssh debootstrap libcurl-dev libncurses5-dev (1 line!)
cd ~
mkdir xen
cd xen
mkdir archive
cd archive
3.2.1 Install Xen
Now execute these commands:
wget http://www.kernel.org/pub/linux/kernel/ ... 12.tar.bz2
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... .7-src.tgz
cd ..
tar -xvzf archive/xen-2.0.7-src.tgz
tar -xvjf archive/linux-2.6.11.12.tar.bz2
cd xen-2.0
make world
make install
sh ./install.sh
Now Xen is installed. In order to start the Xen services at boot time, do the following:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.2.2 Compile A New dom0 Kernel
Next we compile a new dom0 kernel with Xen-, iptables-, quota-, and dummy support. The kernel will be installed to ~/xen/install so that we can save it for other machines. From ~/xen/install we will install it to the real locations. Xen works with kernel 2.6.11, so I take the latest 2.6.11 kernel (2.6.11.12) instead of newer kernels, e.g. 2.6.14.
cd ..
mv /lib/tls /lib/tls.disabled
cp -al linux-2.6.11.12 linux-2.6.11.12-xen0
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xen0/
cd ../..
echo "-xen0" > linux-2.6.11.12-xen0/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xen0 > archive/linux-2.6.11.12-xen0.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xen0.patch
cd ../
mkdir install
cd linux-2.6.11.12-xen0
cp arch/xen/configs/xen0_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
In the kernel comfiguration menu that shows up we have to enable quota, iptables and the dummy network driver as modules. This is where you enable these modules:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> <M> Dummy net driver support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
Now we install the kernel to ~/xen/install:
make modules
make modules_install
make install
Finally, we copy the kernel to the "real" locations:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xen0/ /lib/modules
cp -r usr/include/xen /usr/include
(If you are interested, this is my dom0 kernel configuration.)
3.2.3 Configure The Bootloader And Reboot
Next we add our new kernel to Grub, our bootloader. Edit /boot/grub/menu.lst, and before the line ### BEGIN AUTOMAGIC KERNELS LIST add the following stanza:
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
Make sure that /dev/hda6 is your / partition. Keep in mind what I said about Grub and partitioning in chapter 1!
Now reboot the system:
shutdown -r now
At the boot prompt, Grub should now list Xen 2.0.7 / XenLinux 2.6.11.12-xen0 as the first kernel and boot it automatically. If your system comes up without problems, then everything is fine!
3.2.4 Compile A New domU Kernel
Now we compile a new domU kernel for our virtual machines. Again, we install the kernel in ~/xen/install and copy it to the real location afterwards:
cd ~/xen
cd linux-2.6.11.12
make clean
cd ../
cp -al linux-2.6.11.12 linux-2.6.11.12-xenU
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xenU/
cd ../..
echo "-xenU" > linux-2.6.11.12-xenU/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xenU > archive/linux-2.6.11.12-xenU.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xenU.patch
cd ../
rm -fr install
mkdir install
cd linux-2.6.11.12-xenU
cp arch/xen/configs/xenU_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
In the kernel comfiguration menu that shows up we have to enable quota and iptables as modules (it is important that they are modules. I could not get iptables to work in a virtual machine when I compiled it into the kernel statically!). This is where you enable these modules:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
Now we install the kernel to ~/xen/install:
make modules
make modules_install
make install
Finally, we copy the kernel to the "real" locations:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xenU/ /lib/modules
cp -r usr/include/xen /usr/include
(This is my domU kernel configuration.)
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
4 Create A Virtual Machine (domU)
Next we create an image of a virtual machine. It will be a basic Debian system. This image will be the template for all our virtual machines. Whenever we want to create a new virtual machine, we just copy this image, create a new Xen configuration file and boot the copy, and then we can go on and configure the copy to our needs (e.g install a mail server, web server, DNS server, etc. on it). All our images will be on the /vserver partition which should be the largest one we have.
mkdir /vserver/vm_base
mkdir /vserver/images
Now we create a 1 GB image file and a 500 MB swap image. In the end the virtual machines will have 1 GB space and 500 MB swap. These are just example values, in the real world you might want to have more space for your virtual machines (e.g. between 5 and 30 GB), so just increase the value of count to create larger images.
dd if=/dev/zero of=/vserver/images/vm_base.img bs=1024k count=1000
dd if=/dev/zero of=/vserver/images/vm_base-swap.img bs=1024k count=500
Then we format /vserver/images/vm_base.img with ext3 and vm_base-swap.img with swap:
mkfs.ext3 /vserver/images/vm_base.img
When you see the following, answer with y:
/vserver/images/mail.img is not a block special device.
Proceed anyway? (y,n) <-- y
mkswap /vserver/images/vm_base-swap.img
4.1 Install A Basic Debian In The Image
In order to install a basic Debian system in our image, we mount the image, run debootstrap and a few other commands:
mount -o loop /vserver/images/vm_base.img /vserver/vm_base
debootstrap --arch i386 sarge /vserver/vm_base/ http://ftp2.de.debian.org/debian
chroot /vserver/vm_base
apt-setup
You are asked the following question:
Archive access method for apt: <-- http
Then select a mirror close to you.
Afterwards, edit /etc/apt/sources.list and replace testing with stable. That's how my /etc/apt/sources.list looks:
deb http://ftp2.de.debian.org/debian/ stable main
deb-src http://ftp2.de.debian.org/debian/ stable main
deb http://security.debian.org/ stable/updates main
Then run
apt-get update
Now we set up our locales. If we do not do this now, we will see some ugly warnings during base-config like these:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_DE:en_US:en_GB:en",
LC_ALL = (unset),
LANG = "en_US"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
They are not serious, but ugly... So we run
apt-get install localeconf
Select locales to install (e.g. en_US ISO-8859-1) and select the standard locale (e.g. en_US).
You will be asked a few questions:
Manage locale configuration files with debconf? <-- Yes
Environment settings that should override the default locale: <-- do not select anything
Replace existing locale configuration files? <-- Yes
Default system locale: <-- e.g. en_US ISO-8859-1
Next run
base-config
You will see a menu with installation options. This is what we do:
1. Configure timezone
2. Set up users and passwords
3. Select and install packages (when it comes to Choose software to install:, you can choose whatever you like; I, however, choose nothing because I want to install a basic system.)
4. Finish configuring the base system
Don't deal with the other menu items, you don't need them. Then we remove nfs-common and delete /etc/hostname:
apt-get remove nfs-common
rm -f /etc/hostname
Then edit /etc/fstab. It should look like this:
/dev/hda1 / ext3 defaults 1 2
/dev/hda2 none swap sw 0 0
/dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
Change /etc/network/interfaces to look like this:
auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0
Then create /etc/hosts:
127.0.0.1 localhost.localdomain localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Now we leave the chroot environment:
exit
Then we copy over the kernel modules to our virtual machine image and unmount the image:
cp -dpR /lib/modules/2.6.11.12-xenU /vserver/vm_base/lib/modules/
mv /vserver/vm_base/lib/tls /vserver/vm_base/lib/tls.disabled
umount /vserver/vm_base
If you get a warning like this: umount: /vserver/vm_base: device is busy don't worry about it, it's not important.
Now our virtual machine image template is ready!
Next we create an image of a virtual machine. It will be a basic Debian system. This image will be the template for all our virtual machines. Whenever we want to create a new virtual machine, we just copy this image, create a new Xen configuration file and boot the copy, and then we can go on and configure the copy to our needs (e.g install a mail server, web server, DNS server, etc. on it). All our images will be on the /vserver partition which should be the largest one we have.
mkdir /vserver/vm_base
mkdir /vserver/images
Now we create a 1 GB image file and a 500 MB swap image. In the end the virtual machines will have 1 GB space and 500 MB swap. These are just example values, in the real world you might want to have more space for your virtual machines (e.g. between 5 and 30 GB), so just increase the value of count to create larger images.
dd if=/dev/zero of=/vserver/images/vm_base.img bs=1024k count=1000
dd if=/dev/zero of=/vserver/images/vm_base-swap.img bs=1024k count=500
Then we format /vserver/images/vm_base.img with ext3 and vm_base-swap.img with swap:
mkfs.ext3 /vserver/images/vm_base.img
When you see the following, answer with y:
/vserver/images/mail.img is not a block special device.
Proceed anyway? (y,n) <-- y
mkswap /vserver/images/vm_base-swap.img
4.1 Install A Basic Debian In The Image
In order to install a basic Debian system in our image, we mount the image, run debootstrap and a few other commands:
mount -o loop /vserver/images/vm_base.img /vserver/vm_base
debootstrap --arch i386 sarge /vserver/vm_base/ http://ftp2.de.debian.org/debian
chroot /vserver/vm_base
apt-setup
You are asked the following question:
Archive access method for apt: <-- http
Then select a mirror close to you.
Afterwards, edit /etc/apt/sources.list and replace testing with stable. That's how my /etc/apt/sources.list looks:
deb http://ftp2.de.debian.org/debian/ stable main
deb-src http://ftp2.de.debian.org/debian/ stable main
deb http://security.debian.org/ stable/updates main
Then run
apt-get update
Now we set up our locales. If we do not do this now, we will see some ugly warnings during base-config like these:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_DE:en_US:en_GB:en",
LC_ALL = (unset),
LANG = "en_US"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
They are not serious, but ugly... So we run
apt-get install localeconf
Select locales to install (e.g. en_US ISO-8859-1) and select the standard locale (e.g. en_US).
You will be asked a few questions:
Manage locale configuration files with debconf? <-- Yes
Environment settings that should override the default locale: <-- do not select anything
Replace existing locale configuration files? <-- Yes
Default system locale: <-- e.g. en_US ISO-8859-1
Next run
base-config
You will see a menu with installation options. This is what we do:
1. Configure timezone
2. Set up users and passwords
3. Select and install packages (when it comes to Choose software to install:, you can choose whatever you like; I, however, choose nothing because I want to install a basic system.)
4. Finish configuring the base system
Don't deal with the other menu items, you don't need them. Then we remove nfs-common and delete /etc/hostname:
apt-get remove nfs-common
rm -f /etc/hostname
Then edit /etc/fstab. It should look like this:
/dev/hda1 / ext3 defaults 1 2
/dev/hda2 none swap sw 0 0
/dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
Change /etc/network/interfaces to look like this:
auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0
Then create /etc/hosts:
127.0.0.1 localhost.localdomain localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Now we leave the chroot environment:
exit
Then we copy over the kernel modules to our virtual machine image and unmount the image:
cp -dpR /lib/modules/2.6.11.12-xenU /vserver/vm_base/lib/modules/
mv /vserver/vm_base/lib/tls /vserver/vm_base/lib/tls.disabled
umount /vserver/vm_base
If you get a warning like this: umount: /vserver/vm_base: device is busy don't worry about it, it's not important.
Now our virtual machine image template is ready!
-
millenniumdark
- 论坛版主
- 帖子: 4159
- 注册时间: 2005-07-02 14:41
- 系统: Ubuntu 14.04 (Kylin)
- 联系:
4.2 Create And Start The First Virtual Machine
Now we create our first virtual machine, vm01, by making a copy of our template:
cp -pf /vserver/images/vm_base.img /vserver/images/vm01.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm01-swap.img
Then we create a Xen configuration file for vm01, /etc/xen/vm01-config.sxp:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.101"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm01.example.com"
extra="3"
In memory you specify the RAM you want to allocate to that virtual machine (here: 128 MB). In disk you specify which images to use and how to mount them (i.e., under which partition, e.g. hda1). This must correspond to the settings in the image's /etc/fstab file! In the network settings we tell vm01 that its IP address is 192.168.0.101 (the main machine's (dom0) IP address is 192.168.0.100), and what hostname it has.
If you want vm01 to start automatically at the next boot of the system, then do this:
ln -s /etc/xen/vm01-config.sxp /etc/xen/auto
Now let's start vm01:
xm create -c /etc/xen/vm01-config.sxp
If nothing's wrong, vm01 should come up without problems, and you should be able to login. If you installed Xen from the sources, by running iptables -L you should see that iptables is available on vm01. To leave vm01's shell, type CTRL+] if you are at the console, or CTRL+5 if you're using PuTTY. From the outside you should be able to connect to 192.168.0.101 via SSH.
Back on dom0's shell, you can shutdown vm01 by running
xm shutdown vm01
Here are some other Xen commands:
xm create -c /path/to/config - Start a virtual machine.
xm shutdown <name> - Stop a virtual machine.
xm list - List all running systems.
xm console <name> - Login on a virtual machine.
xm help - List of all commands.
Now you can reboot the main system to see if vm01 comes up automatically (if you created the symlink in /etc/xen/auto):
shutdown -r now
4.3 Creating And Customizing Further Virtual Machines
You can create further virtual machines simply by copying the image template:
cp -pf /vserver/images/vm_base.img /vserver/images/vm02.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm02-swap.img
Then you have to create a Xen configuration file, e.g. /etc/xen/vm02-config.sxp:
name ="vm02"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =64
disk = ['file:/vserver/images/vm02.img,hda1,w','file:/vserver/images/vm02-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.102"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm02.example.com"
extra="3"
Start the machine:
xm create -c /etc/xen/vm02-config.sxp
and create a symlink, if you want to start the virtual machine at boot time:
ln -s /etc/xen/vm02-config.sxp /etc/xen/auto
Now you can log into each machine, e.g. via SSH, and configure it as if it was a normal system.
You can create as many virtual machines as you like. Your hardware's the limit!
5 Create A Virtual Local Network From The Virtual Machines (Optional)
(This chapter is optional, and what is described here can only be done if you installed Xen from the sources and compiled a dom0 kernel with iptables and the dummy network driver as modules (see chapter 3.2).)
Now let's say you got a dedicated server in some data center that has one network card and only one IP address. Now you want to set up a web server (vm01) and a mail server (vm02) as virtual machines. If you would do it the way described above, you would need three public IP addresses (one for dom0, one for vm01, one for vm02), but you only got one. The solution is to set up a virtual local network on your server which means the dom0 has the public IP address and acts as a router (doing NAT, network address translation), and behind that router we have a local network (in this example it is the network 192.168.3.0).
This is how you do it (all these steps have to be made on dom0!):
First, we need a second network interface; it is for the local network. Since we have only one real network card (eth0) which has the public IP address, we use the dummy network driver to set up the network interface dummy0.
echo dummy >> /etc/modules
Append the following part to /etc/network/interfaces:
auto dummy0
iface dummy0 inet static
address 192.168.3.1
netmask 255.255.255.0
This will give dummy0 the IP address 192.168.3.1.
Then we have to tell Xen that it should bind the Xen bridge xen-br0 to dummy0. Therefore you have to edit /etc/xen/scripts/network. Change the line
netdev=${netdev:-eth0}
to
netdev=${netdev:-dummy0}
Of course, we have to change the network settings in /etc/xen/vm01-config.sxp and /etc/xen/vm02-config.sxp. vm01 will have the IP address 192.168.3.2, so its configuration file looks like this:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.3.2"
netmask="255.255.255.0"
gateway="192.168.3.1"
hostname="vm01.example.com"
extra="3"
Now we have to tell dom0 that it should do NAT so that the virtual machines have internet access. We also have to tell dom0 which ports it should forward to which IP address. Therefore we create the file /etc/network/if-up.d/iptables:
#!/bin/sh
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
### Port Forwarding ###
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j DNAT --to 192.168.3.2:80
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 25 -j DNAT --to 192.168.3.3:25
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 110 -j DNAT --to 192.168.3.3:110
The first two commands enable Nat'ing on dom0. In the section after ### Port Forwarding ### you put as many rules as you need. This tells dom0 to forward certain ports to certain destination ports on certain destination IP addresses. For example, the first rule tells dom0 to forward requests on port 80 (http) to port 80 on 192.168.3.2. So if you have a web server running on vm01 (192.168.3.2), then all requests on port 80 on dom0 will be forwarded to this web server. The last two rules forward ports 25 (smtp) and 110 (pop3) to our mail server vm02 (192.168.3.3).
Now we have to make that script executable:
chmod 755 /etc/network/if-up.d/iptables
Finally, we reboot the server:
shutdown -r now
After the reboot, you should have a virtual local network on your Xen system!
Whenever you need new port forwarding rules, put them at the end of /etc/network/if-up.d/iptables. And because you do not want to reboot your system whenever you need new port forwarding rules, you can run the same rule on the shell. For example, if you want to forward port 21 (ftp) to vm01, you put the rule
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
at the end of /etc/network/if-up.d/iptables. Plus, you run this rule on the shell so that it becomes valid immediately:
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
Links
Xen: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Debian: http://www.debian.org/
Ubuntu: http://www.ubuntu.com/
全文完
Now we create our first virtual machine, vm01, by making a copy of our template:
cp -pf /vserver/images/vm_base.img /vserver/images/vm01.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm01-swap.img
Then we create a Xen configuration file for vm01, /etc/xen/vm01-config.sxp:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.101"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm01.example.com"
extra="3"
In memory you specify the RAM you want to allocate to that virtual machine (here: 128 MB). In disk you specify which images to use and how to mount them (i.e., under which partition, e.g. hda1). This must correspond to the settings in the image's /etc/fstab file! In the network settings we tell vm01 that its IP address is 192.168.0.101 (the main machine's (dom0) IP address is 192.168.0.100), and what hostname it has.
If you want vm01 to start automatically at the next boot of the system, then do this:
ln -s /etc/xen/vm01-config.sxp /etc/xen/auto
Now let's start vm01:
xm create -c /etc/xen/vm01-config.sxp
If nothing's wrong, vm01 should come up without problems, and you should be able to login. If you installed Xen from the sources, by running iptables -L you should see that iptables is available on vm01. To leave vm01's shell, type CTRL+] if you are at the console, or CTRL+5 if you're using PuTTY. From the outside you should be able to connect to 192.168.0.101 via SSH.
Back on dom0's shell, you can shutdown vm01 by running
xm shutdown vm01
Here are some other Xen commands:
xm create -c /path/to/config - Start a virtual machine.
xm shutdown <name> - Stop a virtual machine.
xm list - List all running systems.
xm console <name> - Login on a virtual machine.
xm help - List of all commands.
Now you can reboot the main system to see if vm01 comes up automatically (if you created the symlink in /etc/xen/auto):
shutdown -r now
4.3 Creating And Customizing Further Virtual Machines
You can create further virtual machines simply by copying the image template:
cp -pf /vserver/images/vm_base.img /vserver/images/vm02.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm02-swap.img
Then you have to create a Xen configuration file, e.g. /etc/xen/vm02-config.sxp:
name ="vm02"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =64
disk = ['file:/vserver/images/vm02.img,hda1,w','file:/vserver/images/vm02-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.102"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm02.example.com"
extra="3"
Start the machine:
xm create -c /etc/xen/vm02-config.sxp
and create a symlink, if you want to start the virtual machine at boot time:
ln -s /etc/xen/vm02-config.sxp /etc/xen/auto
Now you can log into each machine, e.g. via SSH, and configure it as if it was a normal system.
You can create as many virtual machines as you like. Your hardware's the limit!
5 Create A Virtual Local Network From The Virtual Machines (Optional)
(This chapter is optional, and what is described here can only be done if you installed Xen from the sources and compiled a dom0 kernel with iptables and the dummy network driver as modules (see chapter 3.2).)
Now let's say you got a dedicated server in some data center that has one network card and only one IP address. Now you want to set up a web server (vm01) and a mail server (vm02) as virtual machines. If you would do it the way described above, you would need three public IP addresses (one for dom0, one for vm01, one for vm02), but you only got one. The solution is to set up a virtual local network on your server which means the dom0 has the public IP address and acts as a router (doing NAT, network address translation), and behind that router we have a local network (in this example it is the network 192.168.3.0).
This is how you do it (all these steps have to be made on dom0!):
First, we need a second network interface; it is for the local network. Since we have only one real network card (eth0) which has the public IP address, we use the dummy network driver to set up the network interface dummy0.
echo dummy >> /etc/modules
Append the following part to /etc/network/interfaces:
auto dummy0
iface dummy0 inet static
address 192.168.3.1
netmask 255.255.255.0
This will give dummy0 the IP address 192.168.3.1.
Then we have to tell Xen that it should bind the Xen bridge xen-br0 to dummy0. Therefore you have to edit /etc/xen/scripts/network. Change the line
netdev=${netdev:-eth0}
to
netdev=${netdev:-dummy0}
Of course, we have to change the network settings in /etc/xen/vm01-config.sxp and /etc/xen/vm02-config.sxp. vm01 will have the IP address 192.168.3.2, so its configuration file looks like this:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.3.2"
netmask="255.255.255.0"
gateway="192.168.3.1"
hostname="vm01.example.com"
extra="3"
Now we have to tell dom0 that it should do NAT so that the virtual machines have internet access. We also have to tell dom0 which ports it should forward to which IP address. Therefore we create the file /etc/network/if-up.d/iptables:
#!/bin/sh
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
### Port Forwarding ###
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j DNAT --to 192.168.3.2:80
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 25 -j DNAT --to 192.168.3.3:25
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 110 -j DNAT --to 192.168.3.3:110
The first two commands enable Nat'ing on dom0. In the section after ### Port Forwarding ### you put as many rules as you need. This tells dom0 to forward certain ports to certain destination ports on certain destination IP addresses. For example, the first rule tells dom0 to forward requests on port 80 (http) to port 80 on 192.168.3.2. So if you have a web server running on vm01 (192.168.3.2), then all requests on port 80 on dom0 will be forwarded to this web server. The last two rules forward ports 25 (smtp) and 110 (pop3) to our mail server vm02 (192.168.3.3).
Now we have to make that script executable:
chmod 755 /etc/network/if-up.d/iptables
Finally, we reboot the server:
shutdown -r now
After the reboot, you should have a virtual local network on your Xen system!
Whenever you need new port forwarding rules, put them at the end of /etc/network/if-up.d/iptables. And because you do not want to reboot your system whenever you need new port forwarding rules, you can run the same rule on the shell. For example, if you want to forward port 21 (ftp) to vm01, you put the rule
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
at the end of /etc/network/if-up.d/iptables. Plus, you run this rule on the shell so that it becomes valid immediately:
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
Links
Xen: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Debian: http://www.debian.org/
Ubuntu: http://www.ubuntu.com/
全文完
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
Debian 和 Ubuntu 中完美设置 Xen
版本:1.0
作者:Falko Timme <ft [at] falkotimme [dot] com>
最后编辑:11/08/2005
翻译:Holz <hemengui [at] gmail [dot] com>
本教程一步一步教您在 Debian Sarge (3.1) 系统上安装 Xen (version 2),可能作些少甚至无需修改就能适用于 Ubuntu 系统。
Xen 让您在宿主操作系统 (dom0) 下建立称之为 “虚拟机” 或 domU 的客户操作系统 (类似 Linux 和 FreeBSD 的 *nix 操作系统)。通过使用 Xen 您可以将您的应用分离在不同的虚拟机器中,而他们之间是完全独立的 (例如一个虚拟机用于邮件服务器、一个虚拟机用于高流量的网站、另一个虚拟机为您的客户站点提供服务、一个虚拟机作为 DNS,等等),但他们仍然使用的是相同的硬件。 这节省了金钱,而更重要的是,更加安全。 如果 DNS 服务器那个虚拟机被黑了,别的虚拟机一点都不受影响。 此外,您还可以将虚拟机从一个 Xen 服务器转移到另一个上面。
我将使用 Debian Sarge 作为宿主操作系统 (dom0) 和客户操作系统 (domU),在后面的附录章节中我还会解释如何用虚拟机建立一个虚拟的局部网络,用 dom0 作为路由。
这份 howto 可说是一个实践指导,并没有涵盖理论背景,在网上您可以找到许多该类文档。
本文档不提供任何保证! 我想说的是这不是设置这样的一个系统的唯一途径,有许多方法都能达到这个目标只不过这是我用的方式。 我真的不能保证这对您也有效!
版本:1.0
作者:Falko Timme <ft [at] falkotimme [dot] com>
最后编辑:11/08/2005
翻译:Holz <hemengui [at] gmail [dot] com>
本教程一步一步教您在 Debian Sarge (3.1) 系统上安装 Xen (version 2),可能作些少甚至无需修改就能适用于 Ubuntu 系统。
Xen 让您在宿主操作系统 (dom0) 下建立称之为 “虚拟机” 或 domU 的客户操作系统 (类似 Linux 和 FreeBSD 的 *nix 操作系统)。通过使用 Xen 您可以将您的应用分离在不同的虚拟机器中,而他们之间是完全独立的 (例如一个虚拟机用于邮件服务器、一个虚拟机用于高流量的网站、另一个虚拟机为您的客户站点提供服务、一个虚拟机作为 DNS,等等),但他们仍然使用的是相同的硬件。 这节省了金钱,而更重要的是,更加安全。 如果 DNS 服务器那个虚拟机被黑了,别的虚拟机一点都不受影响。 此外,您还可以将虚拟机从一个 Xen 服务器转移到另一个上面。
我将使用 Debian Sarge 作为宿主操作系统 (dom0) 和客户操作系统 (domU),在后面的附录章节中我还会解释如何用虚拟机建立一个虚拟的局部网络,用 dom0 作为路由。
这份 howto 可说是一个实践指导,并没有涵盖理论背景,在网上您可以找到许多该类文档。
本文档不提供任何保证! 我想说的是这不是设置这样的一个系统的唯一途径,有许多方法都能达到这个目标只不过这是我用的方式。 我真的不能保证这对您也有效!
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
1 安装 Debian 宿主系统 (dom0)
您可以完全用这些安装方法,不过有少量改变:
* http://www.howtoforge.com/perfect_setup_debian_sarge
* http://www.howtoforge.com/perfect_setup_debian_sarge_p2
然而,在启动提示时输入 linux26 以安装 2.6 内核系统非常重要。 本次示范中 dom0 的 FQDN 将是 server1.example.com,因此指定 server1 为主机名以及 example.com 作为域名,本教程中 server1.example.com 的 IP 地址将是 192.168.0.100。
当安装来到分区部分,我选择手工编辑分区表,我建立了下列分区:
* /boot 100 MB (主分区) (新分区位置: 开始) (ext3) (启动标志: 开 <-- 重要,否则您的系统不能启动!)
* swap 1GB (逻辑分区) (新分区位置: 开始)
* / 2GB (逻辑分区) (新分区位置: 开始) (ext3)
* /vserver 剩余空间 (逻辑分区) (新分区位置: 开始) (ext3)
(旁白: 您也可以将所有东西安装在一个大的分区上 (正如此处描述的: http://www.howtoforge.com/perfect_setup_debian_sarge),但要留心本 howto 中描述的 Grub 设置将有所区别,例如,当我说我添加
title Xen 2.0.6 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
到 /boot/grub/menu.lst 时您可能应该添加
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /boot/xen.gz dom0_mem=65536
module /boot/vmlinuz-2.6.11.12-xen0 root=/dev/hda1 ro console=tty0
到该文件中……)
当 Debian 安装提示选择要安装的软件时,我取消所有选择然后继续 (dom0 应该运行尽可能少的软件以减少受攻击的可能,对于外部世界,它应该只能通过 SSH 访问)。
您可以完全用这些安装方法,不过有少量改变:
* http://www.howtoforge.com/perfect_setup_debian_sarge
* http://www.howtoforge.com/perfect_setup_debian_sarge_p2
然而,在启动提示时输入 linux26 以安装 2.6 内核系统非常重要。 本次示范中 dom0 的 FQDN 将是 server1.example.com,因此指定 server1 为主机名以及 example.com 作为域名,本教程中 server1.example.com 的 IP 地址将是 192.168.0.100。
当安装来到分区部分,我选择手工编辑分区表,我建立了下列分区:
* /boot 100 MB (主分区) (新分区位置: 开始) (ext3) (启动标志: 开 <-- 重要,否则您的系统不能启动!)
* swap 1GB (逻辑分区) (新分区位置: 开始)
* / 2GB (逻辑分区) (新分区位置: 开始) (ext3)
* /vserver 剩余空间 (逻辑分区) (新分区位置: 开始) (ext3)
(旁白: 您也可以将所有东西安装在一个大的分区上 (正如此处描述的: http://www.howtoforge.com/perfect_setup_debian_sarge),但要留心本 howto 中描述的 Grub 设置将有所区别,例如,当我说我添加
title Xen 2.0.6 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
到 /boot/grub/menu.lst 时您可能应该添加
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /boot/xen.gz dom0_mem=65536
module /boot/vmlinuz-2.6.11.12-xen0 root=/dev/hda1 ro console=tty0
到该文件中……)
当 Debian 安装提示选择要安装的软件时,我取消所有选择然后继续 (dom0 应该运行尽可能少的软件以减少受攻击的可能,对于外部世界,它应该只能通过 SSH 访问)。
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
2 配置 dom0 网络
因为 Debian Sarge 安装已经通过 DHCP 获取网络设置而配置了我们的系统,我们现在必须改变之,因为一个服务器应该有一个静态 IP。编辑 /etc/network/interfaces 并按您的实际情况设置 (本例使用 IP 地址 192.168.0.100):
# /etc/network/interfaces -- configuration file for ifup(Cool, ifdown(Cool
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
然后重新启动您的网络:
/etc/init.d/networking restart
编辑 /etc/resolv.conf 并加入一些 nameservers:
search server
nameserver 145.253.2.75
nameserver 193.174.32.18
nameserver 194.25.0.60
然后设置 dom0 的主机名:
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
因为 Debian Sarge 安装已经通过 DHCP 获取网络设置而配置了我们的系统,我们现在必须改变之,因为一个服务器应该有一个静态 IP。编辑 /etc/network/interfaces 并按您的实际情况设置 (本例使用 IP 地址 192.168.0.100):
# /etc/network/interfaces -- configuration file for ifup(Cool, ifdown(Cool
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
然后重新启动您的网络:
/etc/init.d/networking restart
编辑 /etc/resolv.conf 并加入一些 nameservers:
search server
nameserver 145.253.2.75
nameserver 193.174.32.18
nameserver 194.25.0.60
然后设置 dom0 的主机名:
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
3.1 安装二进制包
运行下面的命令:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install screen ssh debootstrap python python2.3-twisted iproute bridge-utils libcurl-dev
<-- Yes
<-- Yes
<-- Yes
3.1.1 安装 Xen
接下来这样:
cd /usr/src/
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... x86_32.tgz
tar xvzf xen-2.0.7-install-x86_32.tgz
cd xen-2.0-install
./install.sh
mv /lib/tls /lib/tls.disabled
现在 Xen 已被安装,为了在启动时开始 Xen 服务,继续这样:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.1.2 配置启动引导并重启
接下来添加 Xen kernel 到 Grub,也就是我们的启动引导程序。 编辑 /boot/grub/menu.lst,在 ### BEGIN AUTOMAGIC KERNELS LIST 的前面添加以下代码:
title Xen 2.0 / XenLinux 2.6.11
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6.11-xen0 root=/dev/hda6 ro console=tty0
确保 /dev/hda6 是您的 / 分区,紧记我在第 1 章说的关于 Grub 和分区!
现在重启系统:
shutdown -r now
在启动提示中, Grub 现在应该将 Xen 2.0 / XenLinux 2.6.11 列在首位并自动启动它了。 如果您的系统启动过程没有出现问题,那一切都很好!
运行下面的命令:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install screen ssh debootstrap python python2.3-twisted iproute bridge-utils libcurl-dev
<-- Yes
<-- Yes
<-- Yes
3.1.1 安装 Xen
接下来这样:
cd /usr/src/
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... x86_32.tgz
tar xvzf xen-2.0.7-install-x86_32.tgz
cd xen-2.0-install
./install.sh
mv /lib/tls /lib/tls.disabled
现在 Xen 已被安装,为了在启动时开始 Xen 服务,继续这样:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.1.2 配置启动引导并重启
接下来添加 Xen kernel 到 Grub,也就是我们的启动引导程序。 编辑 /boot/grub/menu.lst,在 ### BEGIN AUTOMAGIC KERNELS LIST 的前面添加以下代码:
title Xen 2.0 / XenLinux 2.6.11
kernel /xen.gz dom0_mem=64000
module /vmlinuz-2.6.11-xen0 root=/dev/hda6 ro console=tty0
确保 /dev/hda6 是您的 / 分区,紧记我在第 1 章说的关于 Grub 和分区!
现在重启系统:
shutdown -r now
在启动提示中, Grub 现在应该将 Xen 2.0 / XenLinux 2.6.11 列在首位并自动启动它了。 如果您的系统启动过程没有出现问题,那一切都很好!
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
3.2 从源安装
执行下面的命令:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install iproute bridge-utils python-twisted gcc-3.3 binutils make libcurl3-dev zlib1g-dev python-dev transfig bzip2 screen ssh debootstrap libcurl-dev libncurses5-dev (1 line!)
cd ~
mkdir xen
cd xen
mkdir archive
cd archive
3.2.1 安装 Xen
现在执行这些命令:
wget http://www.kernel.org/pub/linux/kernel/ ... 12.tar.bz2
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... .7-src.tgz
cd ..
tar -xvzf archive/xen-2.0.7-src.tgz
tar -xvjf archive/linux-2.6.11.12.tar.bz2
cd xen-2.0
make world
make install
sh ./install.sh
现在 Xen 已被安装,为了在系统启动时开始 Xen 服务,我们这样:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.2.2 编译一个新的 dom0 Kernel
接下来我们编译一个新的 dom0 kernel 以获得 Xen-, iptables-, quota- 和 dummy 支持。该 kernel 将被安装到 ~/xen/install 以便我们重复利用于其他机器中,从 ~/xen/install 我们将它安装到真实的位置。 Xen 工作于 kernel 2.6.11,因此我拉下最新的 2.6.11 kernel (2.6.11.12) 而不是更新的 kernels 如 2.6.14。
cd ..
mv /lib/tls /lib/tls.disabled
cp -al linux-2.6.11.12 linux-2.6.11.12-xen0
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xen0/
cd ../..
echo "-xen0" > linux-2.6.11.12-xen0/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xen0 > archive/linux-2.6.11.12-xen0.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xen0.patch
cd ../
mkdir install
cd linux-2.6.11.12-xen0
cp arch/xen/configs/xen0_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
在 kernel 配置菜单中我们要启用 quota、iptables 和 dummy 网络驱动作为模块,将启用这些模块:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> <M> Dummy net driver support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
现在我们安装 kernel 到 ~/xen/install:
make modules
make modules_install
make install
最后,我们拷贝该 kernel 到 "真实" 位置:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xen0/ /lib/modules
cp -r usr/include/xen /usr/include
(如果您感兴趣,这是我的 dom0 kernel 配置。)
3.2.3 配置启动引导并重启
接下来我们添加新的 kernel 到 Grub,也就是我们的启动引导程序。 编辑 /boot/grub/menu.lst 并在 ### BEGIN AUTOMAGIC KERNELS LIST 前面添加下面的代码:
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
确保 /dev/hda6 是您的 / 分区。紧记我在第 1 章中说的关于 Grub 和分区!
现在重启系统:
shutdown -r now
在启动提示中, Grub 现在应该将 Xen 2.0.7 / XenLinux 2.6.11.12-xen0 列在首位并能自动引导之。如果您的系统在启动过程没有出现问题,那么一切很好!
3.2.4 编译一个新的 domU Kernel
现在我们来编译一个新的 domU kernel 以用于我们的虚拟机器。 同样,我们将该 kernel 安装在 ~/xen/install 并在稍后复制到真实位置:
cd ~/xen
cd linux-2.6.11.12
make clean
cd ../
cp -al linux-2.6.11.12 linux-2.6.11.12-xenU
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xenU/
cd ../..
echo "-xenU" > linux-2.6.11.12-xenU/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xenU > archive/linux-2.6.11.12-xenU.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xenU.patch
cd ../
rm -fr install
mkdir install
cd linux-2.6.11.12-xenU
cp arch/xen/configs/xenU_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
在内核配置菜单中我们必须启用 quota 和 iptables 作为模块 (作为模块这一点非常重要,当我将他们静态地编译到内核中时,我不能让 iptables 正常地工作!)。 这样我将启用这些模块:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
现在我们安装 kernel 到 ~/xen/install:
make modules
make modules_install
make install
最后我们将该 kernel 复制到 "真实" 位置:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xenU/ /lib/modules
cp -r usr/include/xen /usr/include
(这是我的 domU kernel 配置)
执行下面的命令:
apt-get remove exim4 exim4-base lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
apt-get install iproute bridge-utils python-twisted gcc-3.3 binutils make libcurl3-dev zlib1g-dev python-dev transfig bzip2 screen ssh debootstrap libcurl-dev libncurses5-dev (1 line!)
cd ~
mkdir xen
cd xen
mkdir archive
cd archive
3.2.1 安装 Xen
现在执行这些命令:
wget http://www.kernel.org/pub/linux/kernel/ ... 12.tar.bz2
wget http://www.cl.cam.ac.uk/Research/SRG/ne ... .7-src.tgz
cd ..
tar -xvzf archive/xen-2.0.7-src.tgz
tar -xvjf archive/linux-2.6.11.12.tar.bz2
cd xen-2.0
make world
make install
sh ./install.sh
现在 Xen 已被安装,为了在系统启动时开始 Xen 服务,我们这样:
update-rc.d xend defaults 20 21
update-rc.d xendomains defaults 21 20
3.2.2 编译一个新的 dom0 Kernel
接下来我们编译一个新的 dom0 kernel 以获得 Xen-, iptables-, quota- 和 dummy 支持。该 kernel 将被安装到 ~/xen/install 以便我们重复利用于其他机器中,从 ~/xen/install 我们将它安装到真实的位置。 Xen 工作于 kernel 2.6.11,因此我拉下最新的 2.6.11 kernel (2.6.11.12) 而不是更新的 kernels 如 2.6.14。
cd ..
mv /lib/tls /lib/tls.disabled
cp -al linux-2.6.11.12 linux-2.6.11.12-xen0
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xen0/
cd ../..
echo "-xen0" > linux-2.6.11.12-xen0/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xen0 > archive/linux-2.6.11.12-xen0.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xen0.patch
cd ../
mkdir install
cd linux-2.6.11.12-xen0
cp arch/xen/configs/xen0_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
在 kernel 配置菜单中我们要启用 quota、iptables 和 dummy 网络驱动作为模块,将启用这些模块:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> <M> Dummy net driver support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
现在我们安装 kernel 到 ~/xen/install:
make modules
make modules_install
make install
最后,我们拷贝该 kernel 到 "真实" 位置:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xen0/ /lib/modules
cp -r usr/include/xen /usr/include
(如果您感兴趣,这是我的 dom0 kernel 配置。)
3.2.3 配置启动引导并重启
接下来我们添加新的 kernel 到 Grub,也就是我们的启动引导程序。 编辑 /boot/grub/menu.lst 并在 ### BEGIN AUTOMAGIC KERNELS LIST 前面添加下面的代码:
title Xen 2.0.7 / XenLinux 2.6.11.12-xen0
root (hd0,0)
kernel /xen.gz dom0_mem=65536
module /vmlinuz-2.6.11.12-xen0 root=/dev/hda6 ro console=tty0
确保 /dev/hda6 是您的 / 分区。紧记我在第 1 章中说的关于 Grub 和分区!
现在重启系统:
shutdown -r now
在启动提示中, Grub 现在应该将 Xen 2.0.7 / XenLinux 2.6.11.12-xen0 列在首位并能自动引导之。如果您的系统在启动过程没有出现问题,那么一切很好!
3.2.4 编译一个新的 domU Kernel
现在我们来编译一个新的 domU kernel 以用于我们的虚拟机器。 同样,我们将该 kernel 安装在 ~/xen/install 并在稍后复制到真实位置:
cd ~/xen
cd linux-2.6.11.12
make clean
cd ../
cp -al linux-2.6.11.12 linux-2.6.11.12-xenU
cd xen-2.0/linux-2.6.11-xen-sparse/
./mkbuildtree ../../linux-2.6.11.12-xenU/
cd ../..
echo "-xenU" > linux-2.6.11.12-xenU/localversion-xen
diff -Naur linux-2.6.11.12 linux-2.6.11.12-xenU > archive/linux-2.6.11.12-xenU.patch
cd linux-2.6.11.12
patch -p1 < ../archive/linux-2.6.11.12-xenU.patch
cd ../
rm -fr install
mkdir install
cd linux-2.6.11.12-xenU
cp arch/xen/configs/xenU_defconfig .config
ARCH=xen; INSTALL_PATH=../install; INSTALL_MOD_PATH=../install
export ARCH INSTALL_PATH INSTALL_MOD_PATH
make oldconfig
make menuconfig
在内核配置菜单中我们必须启用 quota 和 iptables 作为模块 (作为模块这一点非常重要,当我将他们静态地编译到内核中时,我不能让 iptables 正常地工作!)。 这样我将启用这些模块:
File systems --> [*] Quota support
<M> Old quota format support
<M> Quota format v2 support
Device Drivers ---> Networking support ---> Networking options ---> [*] Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration ---> <M> IP tables support (required for filtering/masq/NAT)
[*] means: build into the kernel statically.
<M> means: build as a kernel module.
现在我们安装 kernel 到 ~/xen/install:
make modules
make modules_install
make install
最后我们将该 kernel 复制到 "真实" 位置:
cd ../install/
cp boot/* /boot
cp -r lib/modules/2.6.11.12-xenU/ /lib/modules
cp -r usr/include/xen /usr/include
(这是我的 domU kernel 配置)
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
4 建立一个虚拟机器 (domU)
接下来我们建立一个虚拟机的影像,它将是一个基本 Debian 系统,这个影像将作为所有虚拟机的模板。 无论何时,当我们要建立一个新的虚拟机器时,我们只要复制这个影像,建立一个新的 Xen 配置文件并启动该副本,然后我们就能继续配置这个副本以适应我们的需求了 (例如安装一个邮件服务器、 web 服务器、 DNS 服务器等等)。所有的影像将放置在 /vserver 分区,因此该分区是最大的一个。
mkdir /vserver/vm_base
mkdir /vserver/images
现在我们建立一个 1 GB 的影像文件和一个 500 MB 的 swap 影像。 最后虚拟机将拥有 1 GB 空间和 500 MB 交换空间。 这些只是作示范用的值,实际上您的虚拟机可能需要更多的空间 (例如 5 到 30 GB 之间),只要增加 count 值就可以增加影像的大小。
dd if=/dev/zero of=/vserver/images/vm_base.img bs=1024k count=1000
dd if=/dev/zero of=/vserver/images/vm_base-swap.img bs=1024k count=500
然后我们将 /vserver/images/vm_base.img 格式化为 ext3 而 vm_base-swap.img 格式化为 swap:
mkfs.ext3 /vserver/images/vm_base.img
看见下面的提示,回答 y:
/vserver/images/mail.img is not a block special device.
Proceed anyway? (y,n) <-- y
mkswap /vserver/images/vm_base-swap.img
4.1 在影像中安装一个基本 Debian 系统
为了安装一个基本 Debian 系统到我们的影像,我们挂载该影像,运行 debootstrap 和其他命令:
mount -o loop /vserver/images/vm_base.img /vserver/vm_base
debootstrap --arch i386 sarge /vserver/vm_base/ http://ftp2.de.debian.org/debian
chroot /vserver/vm_base
apt-setup
您会被问到下面的一些问题:
Archive access method for apt: <-- http
然后选择一个靠近您的镜像。
然后编辑 /etc/apt/sources.list 并将 testing 替换为 stable,下面是我的 /etc/apt/sources.list:
deb http://ftp2.de.debian.org/debian/ stable main
deb-src http://ftp2.de.debian.org/debian/ stable main
deb http://security.debian.org/ stable/updates main
接着运行
apt-get update
现在我们设置我们的 locales,如果我们不做这一步,将在 base-config 中看到一些难看的警告,类似这些:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_DE:en_US:en_GB:en",
LC_ALL = (unset),
LANG = "en_US"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
虽然他们不是很严重,但难看...因此我们运行
apt-get install localeconf
选择要安装的 locales (如 en_US ISO-8859-1) 并选择标准 locale (如 en_US)。
您将被问到一些问题:
Manage locale configuration files with debconf? <-- Yes
Environment settings that should override the default locale: <-- 不选任何东西
Replace existing locale configuration files? <-- Yes
Default system locale: <-- e.g. en_US ISO-8859-1
接下来运行
base-config
您会看到一个带安装选项的菜单,我们要做的是:
1. 配置时区
2. 设置用户和密码
3. 选择和安装包 (当来到选择要安装的软件时: 选择您需要的软件,但我不选任何东西,因为我希望安装一个基本系统。)
4. 完成配置基本系统
不要理会其他的菜单项目,您不需要他们。然后我们删除 nfs-common 并删除 /etc/hostname:
apt-get remove nfs-common
rm -f /etc/hostname
然后编辑 /etc/fstab,它看起来应该这样:
/dev/hda1 / ext3 defaults 1 2
/dev/hda2 none swap sw 0 0
/dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
改变 /etc/network/interfaces 使它看起来类似这样:
auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0
然后建立 /etc/hosts:
127.0.0.1 localhost.localdomain localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
现在我们离开 chroot 环境:
exit
然后我们将 kernel modules 复制到我们的虚拟机影像并解除影像的挂载:
cp -dpR /lib/modules/2.6.11.12-xenU /vserver/vm_base/lib/modules/
mv /vserver/vm_base/lib/tls /vserver/vm_base/lib/tls.disabled
umount /vserver/vm_base
如果您看见类似警告: umount: /vserver/vm_base: device is busy
别担心,这并不重要。
现在我们的虚拟机影像模板已经就绪!
接下来我们建立一个虚拟机的影像,它将是一个基本 Debian 系统,这个影像将作为所有虚拟机的模板。 无论何时,当我们要建立一个新的虚拟机器时,我们只要复制这个影像,建立一个新的 Xen 配置文件并启动该副本,然后我们就能继续配置这个副本以适应我们的需求了 (例如安装一个邮件服务器、 web 服务器、 DNS 服务器等等)。所有的影像将放置在 /vserver 分区,因此该分区是最大的一个。
mkdir /vserver/vm_base
mkdir /vserver/images
现在我们建立一个 1 GB 的影像文件和一个 500 MB 的 swap 影像。 最后虚拟机将拥有 1 GB 空间和 500 MB 交换空间。 这些只是作示范用的值,实际上您的虚拟机可能需要更多的空间 (例如 5 到 30 GB 之间),只要增加 count 值就可以增加影像的大小。
dd if=/dev/zero of=/vserver/images/vm_base.img bs=1024k count=1000
dd if=/dev/zero of=/vserver/images/vm_base-swap.img bs=1024k count=500
然后我们将 /vserver/images/vm_base.img 格式化为 ext3 而 vm_base-swap.img 格式化为 swap:
mkfs.ext3 /vserver/images/vm_base.img
看见下面的提示,回答 y:
/vserver/images/mail.img is not a block special device.
Proceed anyway? (y,n) <-- y
mkswap /vserver/images/vm_base-swap.img
4.1 在影像中安装一个基本 Debian 系统
为了安装一个基本 Debian 系统到我们的影像,我们挂载该影像,运行 debootstrap 和其他命令:
mount -o loop /vserver/images/vm_base.img /vserver/vm_base
debootstrap --arch i386 sarge /vserver/vm_base/ http://ftp2.de.debian.org/debian
chroot /vserver/vm_base
apt-setup
您会被问到下面的一些问题:
Archive access method for apt: <-- http
然后选择一个靠近您的镜像。
然后编辑 /etc/apt/sources.list 并将 testing 替换为 stable,下面是我的 /etc/apt/sources.list:
deb http://ftp2.de.debian.org/debian/ stable main
deb-src http://ftp2.de.debian.org/debian/ stable main
deb http://security.debian.org/ stable/updates main
接着运行
apt-get update
现在我们设置我们的 locales,如果我们不做这一步,将在 base-config 中看到一些难看的警告,类似这些:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_DE:en_US:en_GB:en",
LC_ALL = (unset),
LANG = "en_US"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
虽然他们不是很严重,但难看...因此我们运行
apt-get install localeconf
选择要安装的 locales (如 en_US ISO-8859-1) 并选择标准 locale (如 en_US)。
您将被问到一些问题:
Manage locale configuration files with debconf? <-- Yes
Environment settings that should override the default locale: <-- 不选任何东西
Replace existing locale configuration files? <-- Yes
Default system locale: <-- e.g. en_US ISO-8859-1
接下来运行
base-config
您会看到一个带安装选项的菜单,我们要做的是:
1. 配置时区
2. 设置用户和密码
3. 选择和安装包 (当来到选择要安装的软件时: 选择您需要的软件,但我不选任何东西,因为我希望安装一个基本系统。)
4. 完成配置基本系统
不要理会其他的菜单项目,您不需要他们。然后我们删除 nfs-common 并删除 /etc/hostname:
apt-get remove nfs-common
rm -f /etc/hostname
然后编辑 /etc/fstab,它看起来应该这样:
/dev/hda1 / ext3 defaults 1 2
/dev/hda2 none swap sw 0 0
/dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
改变 /etc/network/interfaces 使它看起来类似这样:
auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0
然后建立 /etc/hosts:
127.0.0.1 localhost.localdomain localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
现在我们离开 chroot 环境:
exit
然后我们将 kernel modules 复制到我们的虚拟机影像并解除影像的挂载:
cp -dpR /lib/modules/2.6.11.12-xenU /vserver/vm_base/lib/modules/
mv /vserver/vm_base/lib/tls /vserver/vm_base/lib/tls.disabled
umount /vserver/vm_base
如果您看见类似警告: umount: /vserver/vm_base: device is busy
别担心,这并不重要。
现在我们的虚拟机影像模板已经就绪!
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
-
holz
- 帖子: 188
- 注册时间: 2005-07-18 18:20
- 来自: http://www.gdgpi.com.cn
- 联系:
4.2 建立并启动第一个虚拟机
现在我们通过建立的模板的一个副本的方式建立我们的第一个虚拟机 vm01:
cp -pf /vserver/images/vm_base.img /vserver/images/vm01.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm01-swap.img
然后为 vm01 建立一个 Xen 配置文件 /etc/xen/vm01-config.sxp:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.101"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm01.example.com"
extra="3"
在 memory 一项您需要指定您希望分配给虚拟机的 RAM (此处为: 128 MB); 在 disk 项您指定所使用的映象以及如何挂载 (例如,在某个分区下,如 hda1), 这必须与映象中的 /etc/fstab 文件设置相对应! 在 network 设置中我们告诉 vm01 它的 IP 地址为 192.168.0.101 (宿主机器 (dom0) 的 IP 地址为 192.168.0.100) 以及它的主机名。
如果您希望在下次启动系统的时候自动开始 vm01,那么这样作:
ln -s /etc/xen/vm01-config.sxp /etc/xen/auto
现在让我们开始 vm01:
xm create -c /etc/xen/vm01-config.sxp
如果没有错误, vm01 应该正确地启动并可以让我们登陆了。 如果您从源安装 Xen,通过运行 iptables -L 您应该看见 vm01 中已经有了可用的 iptables。 要离开 vm01 的 shell,如果您出于控制台就按 CTRL+],如果您使用 PuTTY 就按 CTRL+5。 从外部您应该 可以通过 SSH 连接到 192.168.0.101。
回到 dom0 的 shell,您可以运行下面的命令关闭 vm01
xm shutdown vm01
这里还有一些其他的 Xen 命令:
xm create -c /path/to/config - 开始一个虚拟机。
xm shutdown <name> - 停止一个虚拟机。
xm list - 列出所有运行中的系统。
xm console <name> - 登陆到一个虚拟机。
xm help - 列出所有命令。
现在您可以重新启动您的主系统并检查 vm01 是否也自动启动 了 (如果您在 /etc/xen/auto 建立了符号连接的话):
shutdown -r now
4.3 建立并定制更多的虚拟机
您可以简单地通过拷贝映象模板来建立更多的虚拟机:
cp -pf /vserver/images/vm_base.img /vserver/images/vm02.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm02-swap.img
然后您必须建立一个 Xen 配置文件,如 /etc/xen/vm02-config.sxp:
name ="vm02"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =64
disk = ['file:/vserver/images/vm02.img,hda1,w','file:/vserver/images/vm02-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.102"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm02.example.com"
extra="3"
启动该机器:
xm create -c /etc/xen/vm02-config.sxp
如果您希望在宿主系统启动的时候自动启动虚拟机,建立一个符号连接:
ln -s /etc/xen/vm02-config.sxp /etc/xen/auto
现在您可以登陆每个机器,如,通过 SSH, 并象配置一个正常系统一样配置他们。
只要您原意,您可以建立尽可能多的虚拟机,唯一的限制是您的硬件!
5 从虚拟机建立一个虚拟局域网 (可选)
(本章为可选章,而且本章描述的只有当您从源安装 Xen 并编译了带 iptables 和 dummy 网络驱动模块的 dom0 kernel才可行 (参见 3.2 章)。)
现在让我们假设您在某数据中心有一服务器,它只有一个网卡和一个 IP 地址,而您希望设置一个 web 服务器 (vm01) 和一个邮件服务器 (vm02) 为虚拟机。 如果您按上面的描述作的话,您将需要三个公共 IP 地址 (一个用于 dom0, 一个用于 vm01, 一个用于 vm02),但现实是您只有一个。 解决办法就是在您的服务器上建立一个虚拟局域网,这意味着 dom0 使用公共 IP 地址并作为一个路由 (实行 NAT, 网络地址转换),而在该路由器后面我们有一个局域网 (在本示范中,该网络是 192.168.3.0)。
下面是您要作的 (所有这些步骤必须在 dom0 上进行!):
首先,我们需要第二个网络接口用于局域网。 由于我们只有一个真实的网卡 (eth0),它使用公共 IP 地址,所以我们使用 dummy 网络驱动来设置网络接口 dummy0。
echo dummy >> /etc/modules
将下面部分加入 /etc/network/interfaces 后面:
auto dummy0
iface dummy0 inet static
address 192.168.3.1
netmask 255.255.255.0
这设置 dummy0 的 IP 地址为 192.168.3.1.
然后我们必须告诉 Xen 它应该将 Xen bridge xen-br0 绑定到 dummy0。 因此您必须编辑 /etc/xen/scripts/network,将这行
netdev=${netdev:-eth0}
修改为
netdev=${netdev:-dummy0}
当然了,我们还必须在 /etc/xen/vm01-config.sxp 和 /etc/xen/vm02-config.sxp 中设置网络属性。 vm01 的 IP 地址将是 192.168.3.2,因此其配置文件看起来类似这样:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.3.2"
netmask="255.255.255.0"
gateway="192.168.3.1"
hostname="vm01.example.com"
extra="3"
现在我们要告诉 dom0 它应该做 NAT 以便虚拟机可以访问互联网,我们还要告诉 dom0 某个端口应该转到某个 IP 地址。 因此我们建立文件 /etc/network/if-up.d/iptables:
#!/bin/sh
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
### Port Forwarding ###
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j DNAT --to 192.168.3.2:80
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 25 -j DNAT --to 192.168.3.3:25
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 110 -j DNAT --to 192.168.3.3:110
开始的两个命令启用 dom0 的 Nat, 在 ### Port Forwarding ### 后面的部分您放置需要的规则。 这告诉 dom0 将特定的端口转到特定的 IP 地址。 举个例子,第一个规则告诉 dom0 将端口 80 (http) 的请求转到 192.168.3.2 的 80 端口,因此当您在 vm01 (192.168.3.2) 运行这一个 WEB 服务器的时候,所有针对 dom0 的 80 端口的请求都将被转发到这个 web 服务器上。 最后两个规则将 25 (smtp) 和 110 (pop3) 端口转到我们的邮件服务器 vm02 (192.168.3.3) 上。
现在我们必须使该脚本可执行:
chmod 755 /etc/network/if-up.d/iptables
最后,重启服务器:
shutdown -r now
重启后,您应该在您的 Xen 系统上拥有一个虚拟局域网了!
当您需要新的端口转向时,将他们添加到 /etc/network/if-up.d/iptables 的后面就好了。 而且因为当您需要新的转向规则时您不希望重启系统,您可以在 shell 运行该规则,例如,如果您希望将 21 (ftp) 端口转到 vm01,您将规则
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
放在 /etc/network/if-up.d/iptables 的尾部,然后在 shell 中运行该规则使它立即生效:
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
连接
Xen: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Debian: http://www.debian.org/
Ubuntu: http://www.ubuntu.com/
现在我们通过建立的模板的一个副本的方式建立我们的第一个虚拟机 vm01:
cp -pf /vserver/images/vm_base.img /vserver/images/vm01.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm01-swap.img
然后为 vm01 建立一个 Xen 配置文件 /etc/xen/vm01-config.sxp:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.101"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm01.example.com"
extra="3"
在 memory 一项您需要指定您希望分配给虚拟机的 RAM (此处为: 128 MB); 在 disk 项您指定所使用的映象以及如何挂载 (例如,在某个分区下,如 hda1), 这必须与映象中的 /etc/fstab 文件设置相对应! 在 network 设置中我们告诉 vm01 它的 IP 地址为 192.168.0.101 (宿主机器 (dom0) 的 IP 地址为 192.168.0.100) 以及它的主机名。
如果您希望在下次启动系统的时候自动开始 vm01,那么这样作:
ln -s /etc/xen/vm01-config.sxp /etc/xen/auto
现在让我们开始 vm01:
xm create -c /etc/xen/vm01-config.sxp
如果没有错误, vm01 应该正确地启动并可以让我们登陆了。 如果您从源安装 Xen,通过运行 iptables -L 您应该看见 vm01 中已经有了可用的 iptables。 要离开 vm01 的 shell,如果您出于控制台就按 CTRL+],如果您使用 PuTTY 就按 CTRL+5。 从外部您应该 可以通过 SSH 连接到 192.168.0.101。
回到 dom0 的 shell,您可以运行下面的命令关闭 vm01
xm shutdown vm01
这里还有一些其他的 Xen 命令:
xm create -c /path/to/config - 开始一个虚拟机。
xm shutdown <name> - 停止一个虚拟机。
xm list - 列出所有运行中的系统。
xm console <name> - 登陆到一个虚拟机。
xm help - 列出所有命令。
现在您可以重新启动您的主系统并检查 vm01 是否也自动启动 了 (如果您在 /etc/xen/auto 建立了符号连接的话):
shutdown -r now
4.3 建立并定制更多的虚拟机
您可以简单地通过拷贝映象模板来建立更多的虚拟机:
cp -pf /vserver/images/vm_base.img /vserver/images/vm02.img
cp -pf /vserver/images/vm_base-swap.img /vserver/images/vm02-swap.img
然后您必须建立一个 Xen 配置文件,如 /etc/xen/vm02-config.sxp:
name ="vm02"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =64
disk = ['file:/vserver/images/vm02.img,hda1,w','file:/vserver/images/vm02-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.0.102"
netmask="255.255.255.0"
gateway="192.168.0.1"
hostname="vm02.example.com"
extra="3"
启动该机器:
xm create -c /etc/xen/vm02-config.sxp
如果您希望在宿主系统启动的时候自动启动虚拟机,建立一个符号连接:
ln -s /etc/xen/vm02-config.sxp /etc/xen/auto
现在您可以登陆每个机器,如,通过 SSH, 并象配置一个正常系统一样配置他们。
只要您原意,您可以建立尽可能多的虚拟机,唯一的限制是您的硬件!
5 从虚拟机建立一个虚拟局域网 (可选)
(本章为可选章,而且本章描述的只有当您从源安装 Xen 并编译了带 iptables 和 dummy 网络驱动模块的 dom0 kernel才可行 (参见 3.2 章)。)
现在让我们假设您在某数据中心有一服务器,它只有一个网卡和一个 IP 地址,而您希望设置一个 web 服务器 (vm01) 和一个邮件服务器 (vm02) 为虚拟机。 如果您按上面的描述作的话,您将需要三个公共 IP 地址 (一个用于 dom0, 一个用于 vm01, 一个用于 vm02),但现实是您只有一个。 解决办法就是在您的服务器上建立一个虚拟局域网,这意味着 dom0 使用公共 IP 地址并作为一个路由 (实行 NAT, 网络地址转换),而在该路由器后面我们有一个局域网 (在本示范中,该网络是 192.168.3.0)。
下面是您要作的 (所有这些步骤必须在 dom0 上进行!):
首先,我们需要第二个网络接口用于局域网。 由于我们只有一个真实的网卡 (eth0),它使用公共 IP 地址,所以我们使用 dummy 网络驱动来设置网络接口 dummy0。
echo dummy >> /etc/modules
将下面部分加入 /etc/network/interfaces 后面:
auto dummy0
iface dummy0 inet static
address 192.168.3.1
netmask 255.255.255.0
这设置 dummy0 的 IP 地址为 192.168.3.1.
然后我们必须告诉 Xen 它应该将 Xen bridge xen-br0 绑定到 dummy0。 因此您必须编辑 /etc/xen/scripts/network,将这行
netdev=${netdev:-eth0}
修改为
netdev=${netdev:-dummy0}
当然了,我们还必须在 /etc/xen/vm01-config.sxp 和 /etc/xen/vm02-config.sxp 中设置网络属性。 vm01 的 IP 地址将是 192.168.3.2,因此其配置文件看起来类似这样:
name ="vm01"
kernel ="/boot/vmlinuz-2.6.11.12-xenU"
root ="/dev/hda1"
memory =128
disk = ['file:/vserver/images/vm01.img,hda1,w','file:/vserver/images/vm01-swap.img,hda2,w']
# network
nics=1
dhcp ="off"
ip="192.168.3.2"
netmask="255.255.255.0"
gateway="192.168.3.1"
hostname="vm01.example.com"
extra="3"
现在我们要告诉 dom0 它应该做 NAT 以便虚拟机可以访问互联网,我们还要告诉 dom0 某个端口应该转到某个 IP 地址。 因此我们建立文件 /etc/network/if-up.d/iptables:
#!/bin/sh
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
### Port Forwarding ###
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j DNAT --to 192.168.3.2:80
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 25 -j DNAT --to 192.168.3.3:25
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 110 -j DNAT --to 192.168.3.3:110
开始的两个命令启用 dom0 的 Nat, 在 ### Port Forwarding ### 后面的部分您放置需要的规则。 这告诉 dom0 将特定的端口转到特定的 IP 地址。 举个例子,第一个规则告诉 dom0 将端口 80 (http) 的请求转到 192.168.3.2 的 80 端口,因此当您在 vm01 (192.168.3.2) 运行这一个 WEB 服务器的时候,所有针对 dom0 的 80 端口的请求都将被转发到这个 web 服务器上。 最后两个规则将 25 (smtp) 和 110 (pop3) 端口转到我们的邮件服务器 vm02 (192.168.3.3) 上。
现在我们必须使该脚本可执行:
chmod 755 /etc/network/if-up.d/iptables
最后,重启服务器:
shutdown -r now
重启后,您应该在您的 Xen 系统上拥有一个虚拟局域网了!
当您需要新的端口转向时,将他们添加到 /etc/network/if-up.d/iptables 的后面就好了。 而且因为当您需要新的转向规则时您不希望重启系统,您可以在 shell 运行该规则,例如,如果您希望将 21 (ftp) 端口转到 vm01,您将规则
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
放在 /etc/network/if-up.d/iptables 的尾部,然后在 shell 中运行该规则使它立即生效:
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 21 -j DNAT --to 192.168.3.2:21
连接
Xen: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Debian: http://www.debian.org/
Ubuntu: http://www.ubuntu.com/