Schulung-Teil2-Server mit Xen aufsetzen
This training session took place on 11-17-2016. It is the continuation of ersten Teil. Today we learned how to setup a Xen-Server. With a Xen-Server we can create virtual machines, that we can use for various purposes. The first virtual machine will be a webserver (Apache). jr
If there are still questions open after these instructions, please go to "Views" and then "Discussion" to leave your feedback, so I can add more Details to this page. jr
Remotely start the server
Our teacher installed the program "wakeonlan" on the LTSP-System we have for our training sessions. So, all our clients also get to use this program. With "wakenonlan" we can turn on our server through the LAN connection. In our training session the server is only a few meters away from us, but if there are several floors between us and the server or even several kilometers, this is a very handy tool, so we don't have to be on-site to power up the server. We do this with the following command:
wakeonlan -i 192.168.67.255 00:21:5a:6d:6d:42
-i states that an IP address follows
192.168.67.255 is the broadcast address of our network. Most likely this will be differnt in your case. For a little introduction into IPv4 I made this page.
00:21:5a:6d:6d:42 is the MAC address of my server's network card. This must be unique, so your's will be different
So, the general synthax for this is:
wakeonlan -i "broadcast IP" "MAC address"
To be able to do an SSH session to our server, we had to find out the IP address our servers received. Our teacher did this by viewing the following:
This file only exists on a DHCP server. It won't exist on a DHCP client. The path /var/lib/dhcp/ will exist on a server and a client.
How to login on the server
In my case I had to enter the following command to login to my server:
A more general synthax is
ssh "username"@"remote computer"
Username is the user you wish to use to login to the server. The user "root" can't login through SSH on the server for security reasons.
Remote computer can be either an IP address or a DNS name.
When you connect the first time to a remote computer, it sends you it's finger print. To continue, you need to write out the answer. A simple "y" isn't enough.
Are you sure you want to continue connecting (yes/no)? yes
Before we start installing a new program, we want to update the list of available packages for our Debian Jessie. If we're logged in as a regular user we do this with the following command:
sudo apt update
If you do this as "root", the "sudo" isn't necessary
Install packages for Xen-Hypervisor
For our Xen-server, we need the packages xen-linux-system and xen-tools. So, we enter the following command on the CLI:
user1@server1:~$ sudo apt install xen-linux-system xen-tools
An outdated version of this installation can be found in german in our wiki. We can copy some things from there, so we don't have to type too much.
We have to enter the following command:
sudo dpkg-divert --divert /etc/grub.d/08_linux_xen --rename /etc/grub.d/20_linux_xen
We change the name of the file, so it won't be overwritten with the next update of the package. My own understanding of Linux isn't well enough to give a better explanation of what we do with the command. If that ever changes, I'll update this text.
Since I got tired of having to enter sudo at the beginning of each command, I changed to the root user. I did this by entering
Next we have to update our boot loader GRUB. For that we need to enter:
To test if our changes were successful, we rebooted the server. We can do this with the following command:
Reconfigure the network connection
Since the connection to the server was lost with the reboot, we need to reconnect to it with:
ssh "username"@"remote computer" (in my case ssh firstname.lastname@example.org)
and changed again to root user
To check if the server started with the new parameters, we used the program "dmesg". The computer shows a lot of information. As it's more than the console can show at once on the screen, we redirect the output to the programm "less", so we can also use PageUp and PageDown to look at the text.
dmesg | less
Here we found our entries to Xen. To leave the progam "less" you need to press "q".
If you wish to see the first or last lines, you can use the program "head" or "tail". Without further parameters it will show 10 lines:
dmesg | head
-> Shows the first 10 lines
dmesg | tail
-> Shows the last 10 lines
As we're planing on changing a file, we first make a copy of it for backup purposes:
root@server1:~# cp /etc/network/interfaces /etc/network/interfaces.orig
And we open the file with the editor "nano":
root@server1:~# nano /etc/network/interfaces
If you don't want to write out a long path, you can first change into the directory by typing the following:
and make the copy of the file:
cp interfaces interfaces.orig
that you can go and edit the original:
We commented the existing entries out:
# allow-hotplug eth0 # iface eth0 inet dhcp
Lines that start with a # are considered a comment and everything that follows it is ignored.
And added the folloing:
iface eth0 inet manual auto xenbr0 iface xenbr0 inet dhcp bridge_ports eth0
To save the changes press Ctrl+o and to leave the nano-editor press Ctrl+x. The commands are also listed at the bottom of the editor.
Here's an explanation what we do with the new settings.
iface eth0 inet manual -> Interface für Internet is configured manually
auto xenbr0 -> When the computer starts up it automatically enables the Xen-Bridge
iface xenbr0 inet dhcp -> Xen-Bridge uses DHCP
bridge_ports eth0 -> Bridge to Interface eth0
The purpose of the Xen-Bridge is to be able to communicate with the virtual machine, as we only have one physical network interface. For more details follow this link. I hope that the picture I copied helps a bit to understand what the bridge does.
After the editing we reboot once more by typing:
Create a virtual machine
Our teacher checked if the IP addresses changed due to the reboot.
Now we go back to the server by typing
ssh "username"@"remote computer"
Now we can see the changes we did to /etc/network/interfaces. We use the command "ip address". We don't have to write the full command, the system knows what do when we type the following:
Here is what it showed on my test machine:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master xenbr0 state UP group default qlen 1000 link/ether 00:21:5a:6d:6d:42 brd ff:ff:ff:ff:ff:ff 3: xenbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 00:21:5a:6d:6d:42 brd ff:ff:ff:ff:ff:ff inet 192.168.67.68/24 brd 192.168.67.255 scope global xenbr0 valid_lft forever preferred_lft forever inet6 fe80::221:5aff:fe6d:6d42/64 scope link valid_lft forever preferred_lft forever
We can see that there is no address on eth0 and that Xen manages the address. If you wish to know a little more to IPv4, there is a short introduction to it under this link.
Next we have to change into a different folder:
Here is what's currently in this folder:
root@server1:/etc/xen-tools/partitions.d# ls -la insgesamt 12 drwxr-xr-x 2 root root 4096 Nov 17 14:29 . drwxr-xr-x 6 root root 4096 Nov 17 14:29 .. -rw-r--r-- 1 root root 463 Okt 26 2014 sample-server
We could make a copy of "sample-server" and modify it, but that's not what we're going to do. We'll create a new file and we're going to use the nano-editor
nano vm1 (chose the same number as your server)
With Ctrl+Shift+V we can paste something in the console that we've copied in the browser. Ctrl+Shift+C can copy something in the console. Unfortunately this key combination doesn't work in all consoles. I use the program "Terminator" where this works.
Here is the text that we pasted into the file vm1:
[root] size=20G type=ext4 mountpoint=/ [swap] size=5G type=swap
Ctrl+o to save the file and Ctrl+x to leave the nano-editor.
Now follows a very long command to create the virtual machine:
root@server1:/etc/xen-tools/partitions.d# xen-create-image --hostname=vm1 --memory=2gb --vcpus=1 --dhcp --lvm=vg01 --dist=jessie --partitions=/etc/xen-tools/partitions.d/vm1 --pygrub --verbose --password=****
Here's the explanation of what we entered here:
xen-create-image -> This is the command we use to create the virtual machine
--hostname=vm1 -> The name that the virtual machine will have
--memory=2gb -> How much RAM will be available to the virtual machine
--vcpus=1 -> wieviele Processoren die virtuelle Maschine brauchen darf
--dhcp -> IP address will be obtained through DHCP
--lvm=vg01 -> The partition where the virtual machine will be created. In the first training session we activated LVM and created vg01
--dist=jessie -> What Debian distribution will be installed on the virtual machine.
--partitions=/etc/xen-tools/partitions.d/vm1 -> Information for what partitions will be created. It has the path to the file we've created previously.
--pygrub -> alternative boot loader for our virtual machine
--verbose -> we receive more information from the system while the virtual machine is being created
--password=**** -> root password for the virtual machine
At the end of the installation we receive a little summary from the xen-create-image-tool:
Installation Summary --------------------- Hostname : vm1 Distribution : jessie MAC Address : 00:16:3E:98:82:D7 IP Address(es) : dynamic RSA Fingerprint : 31:75:57:0d:c9:f2:8e:79:b6:ef:bb:85:04:ea:75:b4 Root Password : ****
cd /etc/xen -rw-r--r-- 1 root root 651 Nov 17 15:30 vm1.cfg
This file was created by xen-create-image. To see it's context we enter:
# # Configuration file for the Xen instance vm1, created # by xen-tools 4.5 on Thu Nov 17 15:30:28 2016. # # # Kernel + memory size # bootloader = '/usr/lib/xen-4.4/bin/pygrub' vcpus = '1' memory = '2048' # # Disk device(s). # root = '/dev/xvda2 ro' disk = [ 'phy:/dev/vg01/vm1-root,xvda2,w', 'phy:/dev/vg01/vm1-swap,xvda1,w', ] # # Physical volumes # # # Hostname # name = 'vm1' # # Networking # dhcp = 'dhcp' vif = [ 'mac=00:16:3E:98:82:D7' ] # # Behaviour # on_poweroff = 'destroy' on_reboot = 'restart' on_crash = 'restart'
With q we can end the program "less"
root@server1:/etc/xen# xl list Name ID Mem VCPUs State Time(s) Domain-0 0 1853 2 r----- 187.2
The virtual machine hasn't been started yet.
root@server1:/etc/xen# free -h total used free shared buffers cached Mem: 1.7G 217M 1.5G 5.0M 12M 139M -/+ buffers/cache: 65M 1.6G Swap: 4.7G 0B 4.7G
The free command showed us that my server doesn't have enough RAM. So, it's necessary to edit the configuration file that xen-create-image created:
root@server1:/etc/xen# nano vm1.cfg memory = '1024'
Login to the virtual machine
Now we can start the virtual server
root@server1:/etc/xen# xl create -c /etc/xen/vm1.cfg
xl -> The program we use
create -> A subcommand that will require a .cfg file. Here a link to the man page of the xl command
-c -> we wish to have a console for the virtual machine
/etc/xen/vm1.cfg -> path to the configuration file of the virtual machine
Since no other users have been created to far we need to login as root with the password we entered during the xen-create-image command (the long line).
That we're able to login to the virtual machine with SSH in the future, we need to create a new user. For security purposes the user root isn't allowed to login via SSH. In my case I chose "user1":
So the newly created user will also have administrative rights we need to installl the program "sudo":
apt install sudo
That we get those right, we also need to add the username to the group sudo:
adduser user1 sudo
To be able to login directly through SSH it's best to quickly check the IP address we have on our network interface. The command for it is:
As the hard drive of our LTSP server for training purposes crashed, we had to stop here. The continuation will be in Teil3
Automatically boot the virtual machine
On 02-16-2017 we learned how to automatically start the virtual machine when the server is turned on. Thematically it belongs here, so I wanted to at least add a link on this page.,