I recently took the hard decision for my wallet to transfer my website from Dedibox to OVH, in the transfer I moved Fridu from a monolithic server where everyone one shared a unique Linux box, to something smarter base on Xen, where every services have their own virtual machine. This small note explain how to run XEN on an OVH dedicated server, I use OpenSuSE-10.2, nevertheless any serious admin should be able to translate this to it own distribution.
IMPORTANT: OVH is now supporting XEN.
Since summer 2008, OVH provides pre-configured XEN, OpenVZ and VMware distributions. While technical contend of this article remains valid, it is now only usefull to people searching deep understing of XEN boot process.
WARNING: this can break your server !!!
- if you're not an experimented Linux sysadmin, just do not try this.
- If you're experimented enough, make sure you have appropriate backup.
Introduction
This FAQ talk about how to install Xen on OpenSuSE-10.2 with OVH dedicate server Pentium-4/Start 100M-L+, while most of described technics can probably be applied to other OVH plan and/or to other hosting companies and cabinet configuration. Nevertheless as the chance for you to find 100% the same config is very minimal, you should not cut & paste without first checking that it fit with your configuration. Ideally you should test this on a newly configurated server with not data, if you do it on in production server, then you crazier the me.
The Problem
Running a remote server has advantages and constrains, two of them are especially significants for XEN.
- Hosting companies usually provide you, with custom kernels tailored to their configurations
- When booting you do not have access to the console and before SSH works you're blind.
OVH and Dedibox the two cheapest French hosting offers I tested, they have more or less the same strategy. They propose many distributions (OpenSuSE, Ubuntu, Debian, ....) but with a custom kernel, in fact using your standard preferred distribution "online kernel update" will unpleasantly in most cases prevent your Linux box from rebooting.
The second problem is the lack of access to the console, I do not understand this as it is be quite simple to provide an SSH access to the terminal server in charge of your cabinet, but that's an other story!!! In any case ,final result is that you're blind in between, the time you enter "reboot", and the time your ping/ssh is allowing you to log back on your box. Unfortunately if your kernel fails to boot you don't see anything, even worse you don't know why!!! The only option is to reboot in "rescue mode" and from their try to fix your problem, this without knowing what the problem is, lucky you 
OVH does not propose any XEN preconfigurated kernel, one option would be to start from a valid madein-OVH kernels and to recompile it to be XEN aware. Unfortunately this option generates a lot of work, as for each security update you will have to redo the job again and again. I personally started to use Linux at kernel 0.9, a period where you had to recompile everything kernel, tools, ... and I'm happy that since already few years I was able to stop recompiling my kernel and/or most of my tools. Gentoo people will for sure disagree with me, but I like this model where you just "online update" and rely on someone else to do the job for you, I use OpenSuSE but also run for a while Kubutu, I consider every major distributions almost equivalents and use SuSE mostly because it is the one I know the best.
The Solution
Taking in account "Madein-OVH" kernel strategy, the fact that I'm too lazy to recompile kernels at each security update, and last but not least that I want OpenSuSE standard "OnLine Update" to work smoothly, my only working option is not to rely on OVH's custom kernels but to run an OpenSuSE standard kernel. Some people may argue that this will stole few KB of Ram or few 0.x% of CPU, I could argue about it, but I just don't care.
Installing XEN
Obviously you need to installed XEN and associated tools, for this YaST or other package management will do the job for you, what ever is your strategy before moving forward you need to have following modules.
| rpm -qa | grep -i xen xen-3.0.3_11774-20 xen-libs-3.0.3_11774-20 kernel-xen-2.6.18.8-0.5 xen-tools-3.0.3_11774-22 |
Now you have a standard XEN kernel installed on your machine, but you still have two problems to solve before moving forward. First provide the adequate modules for your kernel to find your disk, second find a way to bypass LILO boot loader limit, as be default it is not XEN compatible.
Let start with modules issue. A naked standard kernel will fail because it will miss both the SATA and Ethernet driver. OVH does not leverage modules and each kernel is tailored for a given cabinet and embed every needed drivers. On order to boot your standard XEN kernel you first need to find which modules your kernel must load in order to support for those two fundamental piece of hardware that are your Disk and your Ethernet board. Last you need to build an initrd to make sure it will have them early enough during boot process.
Finding adequate module driver for your hardware
| # lspci will provide you this info, on my server it returnlspci | grep -i ether> 01:0d.0 Ethernet controller: Marvell Technology Group Ltd. 88E8001 Gigabit Ethernet Controller (rev 13)lspci | grep -i SATA> 00:1f.2 IDE interface: Intel Corporation 82801EB (ICH5) SATA Controller (rev 02) |
From those lspci information and except if you have equivalent hardware at home and already know which modules fit with them, the easiest option is to grep your kernel source to find what are the corresponding kernel modules.
| Fulup@logoden:/usr/src/linux/drivers/net> grep -r 88E8001 . ./Kconfig: Marvell 88E8001, Belkin F5D5005, CNet GigaCard, DLink DGE-530T, ./Kconfig: Marvell 88E8001 Gigabit LOM Ethernet Adapter (Abit) fulup@logoden:/usr/src/linux/drivers/ata> grep -r 82801EB . ./ata_piix.c: /* 82801EB (ICH5) */ ./ata_piix.c: /* 82801EB (ICH5) */ |
From those file you do not have to dig very far to understand that your network module is "sk98lin" and your sata module "ata_piix". In fact only SATA is mandatory for INITRD as when your kernel boots and find your disk, it then discovers the network module automatically. As a result you only have to add "ata_pix" to your initrd.
Building your initrd
| Edit /etc/sysconfig/kernel Search for: INITRD_MODULES INITRD_MODULES="processor thermal ata_piix piix mptspi fan jbd ext3 edd" |
Note that "mkinitrd" take INITRD_MODULES line from sysconfig as input list and then scan /boot+/module/lib to discover which kernel need to an initrd. If your configuration is ok at the end this operation you should have a file like /boot/initrd-2.6.18.8-0.5-xen.
Using Lilo to start Xen kernel
OVH does not officially support GRUB even if works perfectly (cf next chapter). If you choose to stick to Lilo (which a do not recommend) in order to boot XEN from Lilo you need an extra tools named mbootpack that you can download from here, this tools is shipped in source code but is very easy to recompile. The first thing is to prepare your Xen Kernel+initrd to be compatible with Lilo zimage format.
| # mbootpack does not support compressed kernel zcat vmlinuz-2.6.18.8-0.5-xen >vmlinux-2.6.18.8-0.5-xen zcat xen-3.0.gz > xen-3.0 # move everything into a Lilo compatible Image ./mbootpack -o mbootpack-2.6.18.8-0.5-xen \ -m vmlinux-2.6.18.8-0.5-xen \ -m initrd-2.6.18.8-0.5-xen \ ./xen-3.0 # build your lilo.conf with image = /boot/mbootpack-2.6.18.8-0.5-xen label = xen read-only root = /dev/sda1# update lilo boot loader lilo -v ;# (check your xen image is your default image) |
Using GRUB to start Xen kernel
While OVH does not officially support GRUB it nevertheless works (thanks to Homer for the TIP). Within OVH context you cannot choose your kernel/boot options because of console absence, nevertheless Grub still remains preferable to Lilo, this because it does not impose you to prepare kernels with mbootpack In order to boot Xen. While this may initially look minimal it will make your life much simpler at "Online Update" when a security patch will have to be applied to your kernel.
| # make sure Grub is installed rpm -qa | grep grub > grub-0.97-40 # Edit /boot/grub/menu.lst cat /boot/grub/menu.lst ;# Must be taillored to your Kernel version > # > # Object: OVH GRUB XEN boot > # Warning: As you do not have access to console you MUST boot default kernel automatically > # Author: Fulup Ar Foll > # > timeout 1 > default 0 > serial --unit=0 --speed=9600 > terminal --timeout=2 serial console > >title XEN -- openSUSE 10.2 - 2.6.18.8-0.5 > root (hd0,0) > kernel /boot/xen.gz > module /boot/vmlinuz-2.6.18.8-0.5-xen root=/dev/sda1 splash=silent showopts > module /boot/initrd-2.6.18.8-0.5-xen # Install Grub in MBR in place of Lilo ;# probe your disk from BIOS and update device MAP grub-install --recheck --root-directory=/ /dev/sda > Probing devices to guess BIOS drives. This may take a long time. > ... > (fd0) /dev/fd0 > (hd0) /dev/sda ;# install grub loader in master boot record grub ;# start Grub shell grub > root (hd0,0) ;# set default root > Filesystem type is ext2fs, partition type 0x83 ** usage (hd0,0)=/dev/sda1 (hd0,1)=/dev/sda2,(hd1,0)=/dev/sdb1, ... grub> find /boot/grub/stage2 ;# check grub finds its bootstrap file from your root > (hd0,0) ** if you have a /boot dedicated partition then you should only search for /grub/stage2 grub> setup (hd0) > Checking if "/boot/grub/stage1" exists... yes > Checking if "/boot/grub/stage2" exists... yes > Checking if "/boot/grub/e2fs_stage1_5" exists... yes > Running "embed /boot/grub/e2fs_stage1_5 (hd0)"... 15 sectors are embedded. > succeeded > Running "install /boot/grub/stage1 (hd0) (hd0)1+15 p (hd0,0)/boot/grub/stage2 /boot/grub/menu.lst"... > succeeded > Done. |
Ready for rebooting
Last but not least rebooting :) As you do not have access to system console during boot phase, as soon as you will have entered "reboot" you will be completely blind. Furthermore then is no way for you to selected an alternative kernel from lilo/grub prompt, or to even know what's went wrong, your only choice is to wait and hope it will work (let's cross fingers !!!)
Switch on a candel, cross fingers, ... reboot > Broadcast message from root (pts/1) (Thu Jul 26 10:12:48 2007):> The system is going down for reboot NOW! ** now you're bind until your ping respond ping your-box-ip-addr > PING 91.121.xx.xx (91.121.xx.xx) 56(84) bytes of data. >... long, very long ... suspense !!! > 64 bytes from 91.121.xx.xx: icmp_seq=10 ttl=49 time=56.8 ms > 64 bytes from 91.121.xx.xx: icmp_seq=14 ttl=49 time=60.7 ms ssh root@your-box-ip-addr uname -a ;# verify you effectively run the kernel you want > Linux ns25564 2.6.18.8-0.5-xen #1 SMP Fri Jun 22 12:17:53 UTC 2007 i686 i686 i386 GNU/Linux |
Things went wrong
Shi.. happen and one or even many failure should not stop you (I rebooted at least 20 time with half of them in rescue mode, before posting this paper), at OVH the easiest way to reboot is by selecting a working network kernel and then to reboot your box, unfortunatly OVH "stupid console" will probably refuse you to "hard reboot" because you're already in a boot process, depending on data center activity this "hard manual" reboot take usually in between 10mn and more than 1h. When you have reboot two options, you're on OpenSuSE with a valid network madein-OVH kernel or your in rescue mode. When in rescue mode, things are a little more complex as you have to change root and update your lilo.conf and run lilo again refore either retrying your second chance or to move back to previous non xen config.
| # connect in rescue mode ssh root@myServerIP passwd: MyRescue password # Mount your disk and change root mount /dev/sda1 /mnt chroot /mnt /bin/bash # update your Lilo.conf vi /etc/lilo.conf lilo.conf -v # ready for an other try reboot |
Everything is working
Boot on your server and start building your config, have fun !!!
| # Check you're running your Xen kernel uname -a Linux ns25564 2.6.18.8-0.5-xen #1 SMP Fri Jun 22 12:17:53 UTC 2007 i686 i686 i386 GNU/Linux # Start xend process /etc/init.d/xend start > Starting xend done # Check for Xen main domain xm list > Name ID Mem(MiB) VCPUs State Time(s) > Domain-0 0 931 2 r----- 129.5 |
Next Step
You're now ready to install your Xen virtual machines. If you insterested in making this automatically with Fridu-in-aXen script Click Here .
