Dear CentOS developers,
there is a demand for ready-to-boot virtual machine images for distros like CentOS. Since i am an afinicado of CentOS and Xen, i would like to build and maintain a CentOS5-image. Is centos.org interested in hosting such a sub-project? Testing and tasting CentOS would get much easier, it would help making CentOS more popular.
Planned features:
* support for several VMMs (Xen3, VMware player/workstation/server, VirtualBox, UML, KVM, ...; maybe even VirtualPC ;-)
* Click&Run for win32-users: 1. download & install vmplayer 2. download & unzip CentOS-desktop-image.zip 3. double-click "centos.vmx"
* sparse flat disk image (most VMMs support this image format) containing two or three partitions (swap, /, maybe /boot)
* kernels and initrds to run the image fully and para-virtualized
* Firstboot script (setting root-password and hostname)
* VMM config files, at least for the most popular VMMs (Xen/para, Xen/HVM, VMware player)
* Documentation how to boot the image with those VMMs. Special notes on kernel-xen and virt-manager (CentOS5, FC6)
* clean: never booted, empty /{tmp,var/{log,spool/mail,cache/*}}
* all changes to the pristine image (like customized /etc/fstab, /etc/X11/xorg.conf) properly documented
Different flavors:
* arch: i386; maybe x86_64
* image: flat disk sparse; maybe flat filesystem sparse
* scope: "minimal" (networking, sshd, yum, vim, cron, syslog); "standard desktop"; maybe "standard server"
* archive: sparse-aware .tar.bz2; .zip for win32 hosts
RoadMap:
* wait for CentOS5-beta2 ;-)
* create and post a minimal CentOS5-beta2 i386 image with xen- and vmware configs, wait for reviews/bugreport
* create and post a standard desktop CentOS5-beta2 i386 image, wait for reviews/bugreport
* if there are enough positive reports, repeat for CentOS5-final
* release when/if centos.org is pleased with the (bugfixed) images
Are you interested in such a project? I am eager for comments.
Regards, /nils.
Hi,
On Thu, 25 Jan 2007 16:16:26 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
there is a demand for ready-to-boot virtual machine images for distros like CentOS.
FWIW my uninformed opinion as a user: I have played with Xen support in the latest RHELv5 beta and Fedora Core 6, and I think it could well be the beginning of the end of prebuilt images for most uses. With virt-manager, bootstrapping a virtual machine is as easy as providing a repository URL and a kickstart file.
Personally, I'd rather like to change my kickstart file a bit than downloading yet another (potentially untrusted) prebuilt image. YMMV.
-- Daniel
Am Donnerstag, den 25.01.2007, 16:54 +0100 schrieb Daniel de Kok:
On Thu, 25 Jan 2007 16:16:26 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
there is a demand for ready-to-boot virtual machine images for distros like CentOS.
FWIW my uninformed opinion as a user: I have played with Xen support in the latest RHELv5 beta and Fedora Core 6, and I think it could well be the beginning of the end of prebuilt images for most uses. With virt-manager, bootstrapping a virtual machine is as easy as providing a repository URL and a kickstart file.
For those running RH-based distros on their VMM-host and knowing about kickstart files: absolutely true.
For those not aware of kickstart or running other distros (Debian based, gentoo) or other VMMs (VMware, VirtualBox) or other platforms (win32), RedHat's "virt-install" is not an option. Think about all those SuSE-users, ready to switch to centos ;)
Personally, I'd rather like to change my kickstart file a bit than downloading yet another (potentially untrusted) prebuilt image. YMMV.
That's why maintaining such an image at centos.org is important: The trust-levels of using a centos.org yum-repository or using an image downloaded from centos.org should be equal.
/nils.
Am Donnerstag, den 25.01.2007, 18:20 +0000 schrieb Karanbir Singh:
Nils Toedtmann wrote:
For those running RH-based distros on their VMM-host and knowing about kickstart files: absolutely true.
If you are going to host on CentOS, a Xen VM creation is pretty much point and click..
Granted. C5 users are not the target audience for a C5 image ;-) /nils.
Hi Nils,
Nils Toedtmann wrote:
Dear CentOS developers,
there is a demand for ready-to-boot virtual machine images for distros like CentOS. Since i am an afinicado of CentOS and Xen, i would like to build and maintain a CentOS5-image. Is centos.org interested in hosting such a sub-project? Testing and tasting CentOS would get much easier, it would help making CentOS more popular.
Sounds interesting, and going by just the amount of times such questions get asked, I'd say there were a fair few people interested in this as well.
Planned features:
<- lots of interesting stuff ->
Different flavors:
<- lots of interesting stuff ->
RoadMap:
- wait for CentOS5-beta2 ;-)
Why ?
CentOS-4 is in quite a decent shape to make it into VM's and _lots_ people are going to want VM's for CentOS-3 ( Q: Why? A: I can imagine that lots of people who run CentOS are going to want to move to CentOS-5 for its newer hardware support and better performance on very high end machines ). It makes much sense to move the host to C5 and have VM's run the C3/ C4 roles.
One of the things on the ToDo list here is a document for a known process to help with this migration -> Move a C3/C4 machine into a VM under C5, so that your C3/C4 apps remain supported and function as they do now, while still getting the added benefit of C5 on the host.
- create and post a minimal CentOS5-beta2 i386 image with xen- and vmware configs, wait for reviews/bugreport
- create and post a standard desktop CentOS5-beta2 i386 image, wait for reviews/bugreport
Once there is a basic setup and required infrastructure in place, doing roles is just a question of adding some more details to scripts etc, I am sure there are many roles we can address like this.
- if there are enough positive reports, repeat for CentOS5-final
We are really not interested in doing / spending time on something that is not going to be there for CentOS-5/Release - so if you are getting involved, do so with the intent of seeing this through.
- release when/if centos.org is pleased with the (bugfixed) images
yes, we have a QA team now!
Are you interested in such a project? I am eager for comments.
You have my attention and I am happy to push this along from the inside, but if we are going to do this - lets try and cover the spectrum, not just focus on C5 ( specially taking on board what Daniel has said, C5 VM's are trivial once you have the C5 host running ) - One (of the many ) places where users are going to see really good benefit is when we can provide some alternatives to move their C3 / C4 machines into.
Still interested ?
- KB
Hey Folks,
I'll be happy to provide an image for Parallels Desktop Macintosh! (I am pretty sure the file is portable to the OTHER releases of Parallels Workstation.
FWIW: this a virtual machine for Intel based Macs allowing them to run ANY Intel based OS as a virtual machine.
I've been meaning to do this for my own consumption, but doing it as a project will motivate me! ;-)
Cheers,
Hi Joe,
Thanks for stepping up for this. I am sure we will take you up on this offer. Might need to find a centos developer who has an intel Mac first :) My Mac's are a 2.5Ghz G5 smp and a rusty G4.
Joe Kazura wrote:
Hey Folks,
I'll be happy to provide an image for Parallels Desktop Macintosh! (I am pretty sure the file is portable to the OTHER releases of Parallels Workstation.
FWIW: this a virtual machine for Intel based Macs allowing them to run ANY Intel based OS as a virtual machine.
I've been meaning to do this for my own consumption, but doing it as a project will motivate me! ;-)
Cheers,
Hi Karanbir,
I'm no code jockey, but I can handle builds.
I have a MacBook Pro w/Core Duo 2Ghz and 2GB RAM.
I'm ready ... ;)
-- +----------------------------[ Joe.Kazura@UNH.EDU ]---+ | Joe Kazura | Mac OS X ... | CIS/TCS -- 1 Leavitt Lane PHONE: +1-603-862-2012 | Because UNIX | University of New Hampshire | should be user | Durham, NH 03824-3512 USA "docendo discimus" | friendly! | | +-----------------[ http://www.unh.edu/tcs/ ]---------+
On Jan 25, 2007, at 6:54 PM, Karanbir Singh wrote:
Hi Joe,
Thanks for stepping up for this. I am sure we will take you up on this offer. Might need to find a centos developer who has an intel Mac first :) My Mac's are a 2.5Ghz G5 smp and a rusty G4.
Joe Kazura wrote:
Hey Folks, I'll be happy to provide an image for Parallels Desktop Macintosh! (I am pretty sure the file is portable to the OTHER releases of Parallels Workstation. FWIW: this a virtual machine for Intel based Macs allowing them to run ANY Intel based OS as a virtual machine. I've been meaning to do this for my own consumption, but doing it as a project will motivate me! ;-) Cheers,
-- Karanbir Singh : http://www.karan.org/ : 2522219@icq _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel
Am Donnerstag, den 25.01.2007, 17:01 +0000 schrieb Karanbir Singh:
Nils Toedtmann wrote:
there is a demand for ready-to-boot virtual machine images for distros like CentOS. Since i am an afinicado of CentOS and Xen, i would like to build and maintain a CentOS5-image.
[snip]
RoadMap:
- wait for CentOS5-beta2 ;-)
Why ?
CentOS-4 is in quite a decent shape to make it into VM's and _lots_ people are going to want VM's for CentOS-3 [...]
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
For glibc there is the ugly workaround to blackhole /lib/tls. But you have to make sure that glibc-updates do not fill /lib/tls again. For db4 there is no other option than rebuild it with other compiletime options. I know at least one application (cyrus-imapd) which does not run on a C4-VM with standard db4.
Unfortunately i am not a coder. So i can (and did) blackhole TLS-libs and rebuild db4 - without exactly knowing what i'm doing! That WorksForMe[tm] (uptimes > 1year), but probably won't meet CentOS quality standards. So without the help of the glibc- and db4-maintainers, i could only provide C4-images of questionable quality.
Btw: pointing virt-install to a C4-repo won't avoid that problem.
One of the things on the ToDo list here is a document for a known process to help with this migration -> Move a C3/C4 machine into a VM under C5, so that your C3/C4 apps remain supported and function as they do now, while still getting the added benefit of C5 on the host.
I am willing to write a migration guide. Besides the NPTL problem, migration of a headless server native->VM should be fairly easy:
1) install a kernel-xen-*.rpm into C4 (to get the necessary LKMs) 2) build an initrd in C4 and copy it to C5 3) write a /etc/xen/C4 config file. Map all blockdevs the native C4 has used to virtual /dev/sd*: disk = ['phy:,VolGroup00/C4_root,sda1,w', ... ] and adjust C4's /etc/fstab to that mapping. 5) "xm create -c C4"
I could provide a customized DomU-kernel with static xen-{blk,net}- support, obsoleting (1) and (2).
The main prob would be the C4 complaining about changed HW (particularly if it runs kudzu): your tape-roboters, raid-controllers etc are gone, you probably want to switch from local X to vnc- or rdp-server, ...
- create and post a minimal CentOS5-beta2 i386 image with xen- and vmware configs, wait for reviews/bugreport
- create and post a standard desktop CentOS5-beta2 i386 image, wait for reviews/bugreport
Once there is a basic setup and required infrastructure in place, doing roles is just a question of adding some more details to scripts etc, I am sure there are many roles we can address like this.
Sure (i hope i know what you mean with "role"). Could be done by empty meta-packages like ubuntu's "{,k,x}ubuntu-desktop".
- if there are enough positive reports, repeat for CentOS5-final
We are really not interested in doing / spending time on something that is not going to be there for CentOS-5/Release - so if you are getting involved, do so with the intent of seeing this through.
Now my english is drained - You mean i shall do it for C5/release unconditionally ;-? OK
- release when/if centos.org is pleased with the (bugfixed) images
yes, we have a QA team now!
Are you interested in such a project? I am eager for comments.
You have my attention and I am happy to push this along from the inside, but if we are going to do this - lets try and cover the spectrum, not just focus on C5 ( specially taking on board what Daniel has said, C5 VM's are trivial once you have the C5 host running )
Don't forget all those not using CentOS - yet!
One (of the many) places where users are going to see really good benefit is when we can provide some alternatives to move their C3 / C4 machines into.
Still interested ?
Yes.
But either you have to accept poor glibc/db4-hacks for C4 (and maybe C3), or we need support from CentOS' glibc/db4-maintainers.
Still interested? (SCNR)
Regard, /nils.
On Thu, 25 Jan 2007 20:54:13 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
Upstream is working on domainU support for their 4 branch, so that will probably not be a problem in the future.
Sure (i hope i know what you mean with "role"). Could be done by empty meta-packages like ubuntu's "{,k,x}ubuntu-desktop".
I like the approach that is taken with FC6 live CD's, they use some meta packages that pull in all dependencies for a "role". They have written some nice Python scripts to automate the build process. Since some of the build path will be equal, it would probably be useful to extend their scripts with functions to build disk images rather than squashfs filesystems. In that manner, one could produce Live CD images and VM images with one tool.
The live CD scripts, as-is don't work on CentOS 4. But when I looked into it the required changes were fairly trivial (sorry, I don't have patches for the work I had done).
Don't forget all those not using CentOS - yet!
I'd say, develop the build framework for C4 and possibly C3, and retrofit it to C5 if it works. Personally, I think using the FC6 live CD scripts as a base is the best path. If you like this path, and need help, let me know, since I have some interest to get a good live CD building infrastructure that works across releases for personal uses.
-- Daniel
Am Donnerstag, den 25.01.2007, 21:31 +0100 schrieb Daniel de Kok:
On Thu, 25 Jan 2007 20:54:13 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
Upstream is working on domainU support for their 4 branch, so that will probably not be a problem in the future.
Great news! (Who is "upstream" - RedHat? Do they backport the nptl-patches from RHEL5?)
Sure (i hope i know what you mean with "role"). Could be done by empty meta-packages like ubuntu's "{,k,x}ubuntu-desktop".
I like the approach that is taken with FC6 live CD's, they use some meta packages that pull in all dependencies for a "role".
Me too, it's the same approach as ubuntu's. It's more appropriate than the "groupinstall" method.
[...] The live CD scripts, as-is don't work on CentOS 4. But when I looked into it the required changes were fairly trivial (sorry, I don't have patches for the work I had done).
What are the advantages over virt-install (part of virt-manager) you mentioned in the other post?
Don't forget all those not using CentOS - yet!
I'd say, develop the build framework for C4 and possibly C3, and retrofit it to C5 if it works. [...]
Isn't that breaking a fly on the wheel? I just supposed some officially released, polished sample-images running on as many VMMs and Host-OSes as possible. That could be done by a shell script of a few dozens lines or by calling virt-install with a nice kickstart.
Just my 2ct, /nils.
On Fri, 26 Jan 2007 03:41:53 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
What are the advantages over virt-install (part of virt-manager) you mentioned in the other post?
In that the CentOS team (and others) could use it to build LiveCD/VM images, possibly in one run. My idea was a generalized build tool/framework that one could use to build different kind of images. That would IMO be far more useful than just another script that does just one thing.
-- Daniel
Nils Toedtmann wrote:
Great news! (Who is "upstream" - RedHat? Do they backport the nptl-patches from RHEL5?)
upstream is redhat.
Sure (i hope i know what you mean with "role"). Could be done by empty meta-packages like ubuntu's "{,k,x}ubuntu-desktop".
I like the approach that is taken with FC6 live CD's, they use some meta packages that pull in all dependencies for a "role".
Me too, it's the same approach as ubuntu's. It's more appropriate than the "groupinstall" method.
why is it more appropriate ? it sounds more of a kludge to achieve something with a package manager unable to support groups directly. Since yum can, we should use groupinstall and group/* to manage such stuff.
remember that group/* functionality need not only come from the core distro repo, its can be added via addon repo's as well.
I just supposed some officially released, polished sample-images running on as many VMMs and Host-OSes as possible. That could be done by a shell script of a few dozens lines or by calling virt-install with a nice kickstart.
Lets start with documenting the process ( hint: wiki ) and then we can take it from there, adding and providing the process guides might also come in handy for people.
- KB
Am Sonntag, den 28.01.2007, 18:42 +0000 schrieb Karanbir Singh:
Nils Toedtmann wrote:
Sure (i hope i know what you mean with "role"). Could be done by empty meta-packages like ubuntu's "{,k,x}ubuntu-desktop".
I like the approach that is taken with FC6 live CD's, they use some meta packages that pull in all dependencies for a "role".
Me too, it's the same approach as ubuntu's. It's more appropriate than the "groupinstall" method.
why is it more appropriate ? it sounds more of a kludge to achieve something with a package manager unable to support groups directly. Since yum can, we should use groupinstall and group/* to manage such stuff.
Oops, my knowledge about rpm/yum groups is obviosly out of date, sorry. Is there some documentation out there?
(So yum groups are defined in xml files which must be somehow imported to the systems rpmdb ... isn't that a bit inflexible? How can i maintain a groupdefinition ("Application Server") and add that definition to a 3rd-party yum repo?)
/nils.
Nils Toedtmann wrote:
Oops, my knowledge about rpm/yum groups is obviosly out of date, sorry. Is there some documentation out there?
(So yum groups are defined in xml files which must be somehow imported to the systems rpmdb ... isn't that a bit inflexible? How can i maintain a groupdefinition ("Application Server") and add that definition to a 3rd-party yum repo?)
you need to RTFM the yum and createrepo pages :)
as an example - use the groups setup in the centos-extras repo on mirror.centos.org/4/
Nils Toedtmann wrote:
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
I agree that C3 would be a problem - both guest and host.
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Perhaps your VM is the issue with tls. Once I started using a recent enough host (FC6) and a recent enough guest (C4), all my tls problems disappeared. Even SELinux, which was always problematic for me under UML, seems to be working smoothly now.
If someone wants a Xen C4 guest image, let me know, it only takes a few minutes to create.
On 1/26/07, Bernard Johnson bjohnson-dated-1169703224.9d1a0c@symetrix.com wrote:
Nils Toedtmann wrote:
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
I agree that C3 would be a problem - both guest and host.
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Perhaps your VM is the issue with tls. Once I started using a recent enough host (FC6) and a recent enough guest (C4), all my tls problems disappeared. Even SELinux, which was always problematic for me under UML, seems to be working smoothly now.
If someone wants a Xen C4 guest image, let me know, it only takes a few minutes to create.
If the press-briefs are to be believed.. RHEL-4.5.x should have Xen kernels.. which would help this starting out for that level..
As a hear and now.. vmware-player images of Centos-2.1/3.8/4.4 could be made.
On Fri, 26 Jan 2007 14:27:21 -0700 "Stephen John Smoogen" smooge@gmail.com wrote:
As a hear and now.. vmware-player images of Centos-2.1/3.8/4.4 could be made.
That should be no problem, IMO it would be nice if this could be done in an automated manner. Since qemu-img can create VMWare disk images, this could be done without VMWare Workstation or Server.
-- Daniel
Am Freitag, den 26.01.2007, 22:53 +0100 schrieb Daniel de Kok:
On Fri, 26 Jan 2007 14:27:21 -0700 "Stephen John Smoogen" smooge@gmail.com wrote:
As a hear and now.. vmware-player images of Centos-2.1/3.8/4.4 could be made.
That should be no problem, IMO it would be nice if this could be done in an automated manner. Since qemu-img can create VMWare disk images, this could be done without VMWare Workstation or Server.
Another way is to use the flat disk image that can be also used by Xen and UML. VMware calls that image-layout "monolithicFlat". So automation is easy again, just some losetup/fdisk/grub-magic.
Pro: one image for different VMMs; no need for qemu-img
Con: flat disk images waste space on filesystems which don't know sparse files (NTFS?)
/nils.
On Sat, 27 Jan 2007 03:33:25 +0100 Nils Toedtmann centos-mail@nils.toedtmann.net wrote:
Another way is to use the flat disk image that can be also used by Xen and UML. VMware calls that image-layout "monolithicFlat". So automation is easy again, just some losetup/fdisk/grub-magic.
But adding a "qemu-img convert" stanza is cheap :). Anyway, maybe we can work together on this. I have a half-finished Python script that does the creation/partitioning/filesystem creation, and takes a first stab at installing packages via yum. Though, I have to tidy up the code a bit first (and add some getopt magic). It's aimed at being general enough for various image formats (disk/ISO).
-- Daniel
On Fri, 2007-01-26 at 14:27 -0700, Stephen John Smoogen wrote:
On 1/26/07, Bernard Johnson bjohnson-dated-1169703224.9d1a0c@symetrix.com wrote:
Nils Toedtmann wrote:
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
I agree that C3 would be a problem - both guest and host.
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Just for the record, there are test kernels here that MIGHT work:
http://dev.centos.org/centos/4/testing/i386/RPMS/
(and substitute x86_64 for i386 if desired)
Perhaps your VM is the issue with tls. Once I started using a recent enough host (FC6) and a recent enough guest (C4), all my tls problems disappeared. Even SELinux, which was always problematic for me under UML, seems to be working smoothly now.
If someone wants a Xen C4 guest image, let me know, it only takes a few minutes to create.
If the press-briefs are to be believed.. RHEL-4.5.x should have Xen kernels.. which would help this starting out for that level..
See my link above for test kernels if anyone is interested.
As a hear and now.. vmware-player images of Centos-2.1/3.8/4.4 could be made.
Johnny Hughes wrote:
On 1/26/07, Bernard Johnson bjohnson-dated-1169703224.9d1a0c@symetrix.com wrote:
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Just for the record, there are test kernels here that MIGHT work:
http://dev.centos.org/centos/4/testing/i386/RPMS/
(and substitute x86_64 for i386 if desired)
Here is where I got my domU kernel: http://people.redhat.com/~jbaron/rhel4/RPMS.kernel/
When I get a spare moment, I'll drop your testing kernel in my repo and see if I can build a C4 guest.
On Sun, 2007-01-28 at 09:26 -0700, Bernard Johnson wrote:
Johnny Hughes wrote:
On 1/26/07, Bernard Johnson bjohnson-dated-1169703224.9d1a0c@symetrix.com wrote:
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Just for the record, there are test kernels here that MIGHT work:
http://dev.centos.org/centos/4/testing/i386/RPMS/
(and substitute x86_64 for i386 if desired)
Here is where I got my domU kernel: http://people.redhat.com/~jbaron/rhel4/RPMS.kernel/
When I get a spare moment, I'll drop your testing kernel in my repo and see if I can build a C4 guest.
That's we we got ours too (well ... from the SRPMS.kernel dir and built with the CentOS mods :P)
Johnny Hughes wrote:
On Sun, 2007-01-28 at 09:26 -0700, Bernard Johnson wrote:
Here is where I got my domU kernel: http://people.redhat.com/~jbaron/rhel4/RPMS.kernel/
When I get a spare moment, I'll drop your testing kernel in my repo and see if I can build a C4 guest.
That's we we got ours too (well ... from the SRPMS.kernel dir and built with the CentOS mods :P)
I have kernel-xenU-2.6.9-42.27.EL.i686.rpm in my repository. When I drop in kernel-xenU-2.6.9-42.37.EL.c4test.i686.rpm from the CentOS repo, I am able to build domU image for C4 but on first boot, it hangs when starting HAL. Not sure what the issue is.
I'll try to upgrade my repo with the RH 2.6.9-42.37 and see if it works... just so I'm comparing apples to apples.
Bernard Johnson wrote:
I have kernel-xenU-2.6.9-42.27.EL.i686.rpm in my repository. When I drop in kernel-xenU-2.6.9-42.37.EL.c4test.i686.rpm from the CentOS repo, I am able to build domU image for C4 but on first boot, it hangs when starting HAL. Not sure what the issue is.
I'll try to upgrade my repo with the RH 2.6.9-42.37 and see if it works... just so I'm comparing apples to apples.
Well, it looks like something was introduced upstream that causes this. I just tried the kernel-xenU-devel-2.6.9-44.EL.i686.rpm from upstream and it hangs in the same place.
Am Freitag, den 26.01.2007, 13:29 -0700 schrieb Bernard Johnson:
Nils Toedtmann wrote:
I agree. But customization of C4 (and probably C3, too) to run smoothly as a VM is a bit evil (i run a bunch of productive C4 DomUs, so walked through that valley ...): glibc and db4 have to be patched/rebuilt because of NPTL incompatibilities.
I agree that C3 would be a problem - both guest and host.
However, for C4 I have a "installer hack" that allows C4 to install under Xen (FC6 host) using virt-manager & kickstart. When it's finished, the only package that is modified is the kernel (to provide a domU image).
Perhaps your VM is the issue with tls.
Among other things: yes.
Once I started using a recent enough host (FC6) and a recent enough guest (C4), all my tls problems disappeared.
I guess they did not disappear but got hidden. AFAIK (correct me if i am wrong) recent xen versions have a hack to workaround TLS-libs silently, but there is still a performance penalty. And the db4-prob ist still there: install and start cyrus-imapd on C4 under xen/FC6. If the maillog does not fill up with DBERROR, i owe you a beer.
/nils.
Nils Toedtmann wrote:
I guess they did not disappear but got hidden. AFAIK (correct me if i am wrong) recent xen versions have a hack to workaround TLS-libs silently, but there is still a performance penalty.
That was not my understanding, however you may be right. Can you point me to documentation as to what the workaround actually does? And what performance penalty we might be paying?
And the db4-prob ist still there: install and start cyrus-imapd on C4 under xen/FC6. If the maillog does not fill up with DBERROR, i owe you a beer.
xen host: FC6, guest: CentOS 4.4
verified - no problem
I will let you off easy on the beer. Instead of sending across the ocean, you can send it to my hotel in Switzerland in 2 weeks ;)
Am Samstag, den 27.01.2007, 00:15 -0700 schrieb Bernard Johnson:
Nils Toedtmann wrote:
And the db4-prob ist still there: install and start cyrus-imapd on C4 under xen/FC6. If the maillog does not fill up with DBERROR, i owe you a beer.
xen host: FC6, guest: CentOS 4.4
verified - no problem
That is interesting. What kernels do you use? Or do you use HVM (that would not really count ...)? I tested cyrus-imapd in three different scenarios:
* CPU: intel P4 Xen: 3.0.2 x86_32 (self built) Dom0: CentOS-4.4/2.6.16.29 (self built) DomU: CentOS-4.4/2.6.16.29 (self built)
* CPU: intel core 2 duo Xen: 3.0.3 x86_32p (from FC6) Dom0: FC6/2.6.18-1.*.fc6xen DomU: CentOS-4.4/2.6.18-1.*.fc6xen (from FC6, rebuilt)
* CPU: intel P3 Xen: 3.0.3 x86_32p (from FC6) Dom0: FC6/2.6.19-1.*.fc6xen DomU: CentOS-4.4/2.6.9-44.ELxenU (from Jason Baron)
and in each case cyrus-imapd fills up the maillog with
DBERROR db4: Berkeley DB library configured to support only DB_PRIVATE environments DBERROR: dbenv->open '/var/lib/imap/db' failed: Invalid argument DBERROR: init() on berkeley executed DBERROR db4: environment not yet opened DBERROR: opening /var/lib/imap/deliver.db: Invalid argument DBERROR: opening /var/lib/imap/deliver.db: cyrusdb error FATAL: lmtpd: unable to init duplicate delivery database
Yes, i removed /lib/tls and /usr/lib/tls. The only workaround i found yet was rebuilding db4.
I will let you off easy on the beer. Instead of sending across the ocean, you can send it to my hotel in Switzerland in 2 weeks ;)
Ok, send me the hotel's address! I'll send you my favorite beer from northern Germany. It is a bit austere - if that is the correct word - is that ok4u?
/nils.
Nils Toedtmann wrote:
That is interesting. What kernels do you use? Or do you use HVM (that would not really count ...)? I tested cyrus-imapd in three different scenarios:
I'm not using HVM.
Dom0: kernel-xen-2.6.19-1.2895.fc6 DomU: kernel-xenU-2.6.9-42.27.EL (older jbaron kernel)
I may be missing something in what you're saying. Maybe I wasn't able to trigger the problem you're talking about.
If you want, I can setup a guest image that you can log into and take a look. If you're interested, send me an email off-list.
Am Samstag, den 27.01.2007, 00:15 -0700 schrieb Bernard Johnson:
Nils Toedtmann wrote:
I guess they did not disappear but got hidden. AFAIK (correct me if i am wrong) recent xen versions have a hack to workaround TLS-libs silently, but there is still a performance penalty.
That was not my understanding, however you may be right. Can you point me to documentation as to what the workaround actually does? And what performance penalty we might be paying?
Am Sonntag, den 28.01.2007, 18:45 +0000 schrieb Karanbir Singh:
Do you have some numbers to elaborate on the point of performance loss ?
OK, i digged the MLs ...
If there are Xen-incompatible NPTL/TLS libs, then Xen3 does a "TLS emulation" which gives threaded apps a performance penalty, at least on i86_32 systems (i am not sure about i86_64):
http://wiki.xensource.com/xenwiki/XenFaq (item 4.1) http://wiki.xensource.com/xenwiki/XenSpecificGlibc http://lists.xensource.com/archives/cgi-bin/namazu.cgi?query=%22tls +emulation%22&submit=Search&idxname=xen-users
This mail
http://lists.xensource.com/archives/html/xen-users/2007-01/msg00913.html
from Xen developer Keir Fraser is 9 days old and references to Xen 3.0.4 (which unfortunatly _needs_ TLS in Dom0 for xen-libs):
"For now you can simply use the /lib/tls libraries — you’ll get a warning during boot and performance in domain0 will be reduced"
From the rumors i have read on the xen MLs, OpenLDAP and java suffer
from that problem heavily, but i did not find benchmarks comparing xen-compatible vs. xen-emulated TLS. Sorry, that is all i can tell on that topic, i'm just another admin reading MLs...
/nils.
Nils Toedtmann wrote:
I guess they did not disappear but got hidden. AFAIK (correct me if i am wrong) recent xen versions have a hack to workaround TLS-libs silently, but there is still a performance penalty.
Do you have some numbers to elaborate on the point of performance loss ?
- KB
Am Donnerstag, den 25.01.2007, 20:54 +0100 schrieb Nils Toedtmann:
Am Donnerstag, den 25.01.2007, 17:01 +0000 schrieb Karanbir Singh:
One of the things on the ToDo list here is a document for a known process to help with this migration -> Move a C3/C4 machine into a VM under C5, so that your C3/C4 apps remain supported and function as they do now, while still getting the added benefit of C5 on the host.
Btw: you have to use kernel-2.6 on Xen3 (or HVM), is that an option for C3?
I am willing to write a migration guide.
Here is a beta version, probably still full of typos:
http://wiki.centos.org/HowTos/Xen/MoveNative2DomU
I hope it works for you, too. Please comment,
/nils.
-
Bernard Johnson -
Daniel de Kok -
Joe Kazura -
Johnny Hughes -
Karanbir Singh -
Nils Toedtmann -
Stephen John Smoogen