Maintaining Xen with FAI - Questions

Mario Bischof mbischof at gmx.net
Thu Nov 30 00:03:19 CET 2006



>> Hello,
>>
>> I've got several Questions about using FAI to install a Xen virtual
>> Domain.
>>
>> - First of all, what did you use to make custom kernels? I tried to
>> use make-kpkg for generating xen dom0 and domU kernels, for the dom0
>> kernel it works fine, I am using the xen hypervisor provided by the
>> debian repository, that works ok together with homemade Dom0 linux-
>> kernel.
>> Please correct me if I already have done something stupid at this  
>> time.
>>
> I'm using a custom built xen kernel as well, because Debian kernels  
> for xen
> lack pae support :-(
>
>> - If I install the whole xen-system by apt-getting it, i can start a
>> FAI Installation with the initrd provided by the deb package and the
>> xenu kernel i generated by myself, of course i have to install my
>> domu kernel over the xen system installation, also not very clean,
>> but i dont know how to build a .deb-package out of the xen-utils or
>> the hypervisor when i compile it from source.  But if i try to use
>> ONLY my domu kernel it doesnt start. XEND.log says "domain has
>> crashed".  Building deb-pkgs from xen-source seems pretty advanced to
>> me, because there are several make targets, dom0, domu and xen-utils
>> with hypervisor,so how did you guys manage this?
>>
> Why don't you use the packages provided by Debian? Here we've got:
>
> root at wasp:~# dpkg -l | grep xen
> ii  libc6-xen                               
> 2.3.6.ds1-7                     GNU C Library: Shared libraries  
> [Xen version
> ii  linux-xen0-2.6.18-686xenbigmem         F. 
> 1                             Linux xen kernel binary image for  
> version 2.
> ii  xen-hypervisor-3.0-unstable-1-i386-pae 3.0-unstable 
> +hg11561-1          The Xen Hypervisor on i386-pae-class
> ii  xen-utils-3.0-unstable-1               3.0-unstable 
> +hg11561-1          XEN administrative tools
> ii  xen-utils-common                        
> 3.0.3-0-1                       XEN administrative tools - common  
> files
>
> (System is entirely from Debian/etch)
>
>> - Is there any essential support I have to setup in my domu kernel to
>> get FAI to start running without an initrd?? I've checked there is
>> already NFS support built into my domU-kernel. But what else do i
>> need to be ready to use fai with xen?
>>
> Network, disk, NFS should be about it...
>
>> - Do you use seperate kernels for dom0 and domU? the debian pkg from
>> official server installs one kernel for both. What are the advantages
>> of using just one for both purposes?
>>
> The same kernel everywhere... The advantage of using one for both  
> should be
> obvious: It takes a lot more time to build and maintain two  
> variants of your
> kernel. And I don't know about any disadvantages...
>

I always thought using custom xen kernels is  better for security? So  
you can do a bit kernel-hardening and just put the things in Dom0 and  
DomU you want and not just everything that seems to be used by the  
common debian user (?) . Well, does the standard xen-kernel from  
debian also provide HVM support for using win xp? does it include tun/ 
tap device support for creating openVPN domains?
I'm still not very familiar with the thought of using this .deb-pkg  
while having the opportunity to build it myself and having the power  
over what goes into my kernel and what doesnt. I want to build  
servers for day-to-day use, I just want to have a little bit more  
control :-)

Would be still interesting to know how to build all these things from  
source.

How did you get your custom kernel to run with fai?

Thanks,

Mario



More information about the linux-fai mailing list