Daddy's got a brand new toy to play with :-) I have been looking for a new server for quite some time now. My old server is an aging HP NetServer LC3 Dual PII 233 Mhz that was donated to me. I use it as a general purpose home server and I also run a few other services off it, such as our Bugzilla and Subversion repository. It works but it was a little inflexible. I've had to repartition it a couple of times to make more room for my backups and maintenance wasn't too friendly with so many services running off the same OS.
A few months ago swbrown posted a fantastic tutorial on the LXer forums that gave a short overview of setting up RAID with LVM, Xen and LUKS. Around that same time I noticed a decommissioned HP server at my job. I decided to buy it off my boss and see if I could get to swbrown's nice setup. Here is how I fared.
Specs first. Here is an overview of the machine:
HP ProLiant ML370 G3
Dual Xeon 3.2 Ghz CPU
1024 Mb RAM
4 x 36.4 Gb + 2 x 18.2 Gb hardware RAID array
I started off by checking the BIOS settings and setting up the RAID array. I created to RAID volumes. The first one uses all four 36.4 Gb drives as a RAID5 giving me 109.2 Gb. I joined the 18.2 drives as RAID1. Then I downloaded the latest daily debian-netinstall for Etch. I created a 256 Mb /boot partition and make the rest physical volumes for LVM. These were joined in one big volume group. Then I created a 5 Gb root partition and 1 Gb swap partition inside the the volume group. The rest of the install was pretty uneventful — Debian installs usually are. I selected only "standard" in the tasksel menu. My base system was ready.
Up to now I have deviated a bit from swbrown's tutorial. I decided that I did not need file system encryption so I skipped LUKS. I also used my hardware RAID instead of Linux's software RAID. Hardware RAID is simply faster, and with HP's hpasm software I would be able to monitor the RAID from inside Debian anyway. That was the next thing I installed so that I could get my fan speed down. Without HP's software the fans are stuck at "medium" or "high" (BIOS setting) which sounds a bit like an F16 at take-off. HP's software monitors the temperature inside the case and adjusts the fan speed accordingly. Usually that means they will run at low speed and sound much quieter.
Installing Xen 3.0
Installing the Xen packages is pretty easy, but you have to pick the right xen-hypervisor package. Etch has two xen-hypervisor packages, one with a -pae extension and the other without. If you want the PAE version then you can simply install the xen-linux-system package. If you want the non-PAE version then you need to install the linux-image-3.6.18-4-xen kernel, xen-utils and the xen-hypervisor separately. The kernel in question is for both the dom0 (host) as well as the domu (guest) operating systems. There are also -xen-vserver packages which I found a bit confusing, but those are if you want to mix Xen and vserver virtualization on the same machine.
The xen-hypervisor description says that the PAE version is for systems with more than 4 Gb of RAM but that is not entirely correct. My server only has 1 Gb of RAM but it supports up to 24 Gb of RAM. According to the description I should use the non-PAE version but that failed to boot. I got the error that the OS could not be started as Xen domain0. Replacing the hypervisor with the PAE version resolved this issue. So, it looks like the 4 Gb PAE limit is about supported RAM, not installed RAM. Ofcourse I submitted a bug report about that.
Next up was setting up a Xen bridge for the network. Debian didn't do this automatically but it's really easy to do it yourself. Simply install the bridge-utils package and add an entry to your /etc/network/interfaces file.
- # The Xen bridge
- auto xenbr0
- iface xenbr0 inet static
- address 192.168.1.5
- netmask 255.255.255.0
- gateway 192.168.1.1
- broadcast 192.168.1.255
- bridge_ports eth0
The interface must be called xenbr0 because that is what Xen will look for. Then issue /etc/init.d/networking restart and you're set.
Creating Xen guests
I am using the scripts in the xen-tools package to manage my guest systems. First I set some defaults in /etc/xen-tools/xen-tools.conf. I uncommented the lvm and debootstrap settings and set the following guest OS defaults for new guests. They can be overridden from the commandline later on.
- lvm = my_lvm_vg
- debootstrap = 1
- size = 5Gb # Disk image size.
- memory = 128Mb # Memory size
- swap = 128Mb # Swap size
- fs = ext3 # use the EXT3 filesystem for the disk image.
- dist = etch # Default distribution to install.
- gateway = 192.168.1.1
- netmask = 255.255.255.0
- passwd = 1
That last option prompts me to set a root password for the new guest at creation time. If you don't set it then xen-tools will create a guest with an empty root password. Don't forget to set the correct kernel as well. Most likely the xen-tools configuration will point to a non-existing kernel in your system (in my case a 2.6.16 kernel). Just look in your /boot to see what you should set.
- # Default kernel and ramdisk to use for the virtual servers
- kernel = /boot/vmlinuz-2.6.18-4-xen-686
- initrd = /boot/initrd.img-2.6.18-4-xen-686
Now it's time to actually create a virtual server! Because all the defaults have been set, the only thing that I have to set on the commandline are the guests IP address and hostname (including domain).
- ~# xen-create-image --ip=192.168.1.6 --hostname=websever.jejik.com
This will create the Xen guest and install a base system with debootstrap. Once it has been created you will want to turn that bare system into a full system. I'll show you how I did that. First I start the guest system with the (rather confusingly named) xm create command. The -c option attaches the console of the guest OS to the current shell. This allows you to see the boot messages so you can verify everything works correctly. I usually only use that option on a newly created virtual server. After that I simply start them and log in over ssh.
- ~# xm create -c webserver.jejik.com.cfg
After logging in as root, the first thing I do is install and configure two packages to get rid of the annoying Perl locale warnings from APT.
- ~# apt-get install locales console-data
Look at the Perl warnings generated by the install and find what locale it expects. That's the locale you need to set when configuring the locales package (along with any other locales you wish to set).
- ~# dpkg-reconfigure locales
After that I use tasksel to turn the base Etch into a full Etch install. The --new-install option is important because that will install all the standard debian packages.
- ~# tasksel --new-install
Finally I created a new user and disable the PermitRootLogin option in /etc/ssh/sshd_config. And that's all there is to it!