WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)

To: Chris Angelico <rosuav@xxxxxxxxx>
Subject: Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
From: Scott Damron <sdamron@xxxxxxxxx>
Date: Thu, 8 Sep 2011 23:18:22 -0500
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 08 Sep 2011 21:19:11 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=91O04tuZ7r4DWA00b+1xnIdJtBPcNG7NmH4CEqFKTeM=; b=Ym7E/ePrTQpkfLlGvRfTJSptni29UjcCE+1VDbtGRTc0cySd5gLtVUAY6KnrKTsMs/ oQiGpu+6jDOdDQh0jlgyd6pzEaY7ZTVNBOJYiihPFFTBxRj3cMo4DEfxq2WwQFixUc6q OB4OsTw26+CGWzeOWJVsBRmYtFBSaRQTPu+g8=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <CAPTjJmr2ETWW0TKA2pa+LFn3NoHmR62E0Cw=wr40_j7XhO2UwA@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <CAPTjJmrGA7JRZwv3gJUkhWqGOfSgzexCBRTLmLDmeTVuZPX=YQ@xxxxxxxxxxxxxx> <1315539696.2164.140258139037957@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <CAPTjJmr2ETWW0TKA2pa+LFn3NoHmR62E0Cw=wr40_j7XhO2UwA@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
There are some things you should use dedicated machines for, a gateway
is one of those things in my opinion.  Why would you run a Xen kernel
on your gateway to the internet?  Now, I would run a base hypervisor
and build my gateway inside of it as a guest, but not vise versa.  My
two centavos.

Scott

On Thu, Sep 8, 2011 at 11:05 PM, Chris Angelico <rosuav@xxxxxxxxx> wrote:
> On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@xxxxxxxxxxxxxx> wrote:
>> One of your problems here is that VGA passthrough (at least if you want
>> it to hit the domU's BIOS) can actually be very hit-or-miss, though it's
>> gotten much better over time:
>>
>>  http://wiki.xensource.com/xenwiki/XenVGAPassthrough
>
> Thanks, an excellent document.
>
> "Xen VGA graphics passthru is a special form of PCI passthru, and PCI
> passthru dedicates the PCI device (graphics card) to exactly one
> single VM."
>
> I assume I can switch it to a different VM on the fly? That is, boot
> with the graphics card dedicated to dom0 Linux, then fire up domU
> Windows and hand control over.
>
>> Can you describe which trouble you're worried about in particular, if any?
>
> Googling for 'xen uninstall' shows up a variety of people asking
> similar questions:
> http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html
> - seems to have uninstalled cleanly
> http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear
> on the question itself there
> http://ubuntuforums.org/archive/index.php/t-953793.html - required
> some manual cleanup and not sure if it really cleaned up (dated 2008)
> http://www.firewall.cx/ftopict-6304.html - no resolution, no responses
> at all (dated 2009)
>
> Not enough weight of evidence to turn me away from Xen, but enough to
> be concerned about.
>
>> Newer Linux kernels have Xen and non-Xen boot processes that are closer to
>> each other (I'm thinking 3.0.0 particularly; I don't know what Ubuntu 10.10
>> has),
>
> According to `uname -a` it's currently 2.6.35-30-generic. I could
> upgrade the kernel to version 3 I guess, but I'm not a kernel expert
> so I'd be navigating unfamiliar waters. It'd be a separate "can I undo
> this if things go wrong" question all of its own.
>
>> and with things like UUID-based filesystem detection (which Ubuntu has
>> done as standard for a while, but not necessarily if you started from a much
>> older version) the differences in exposed hardware can often be automatically
>> dealt with.
>
> This particular box is quite new; 10.10 (I don't like 11.04) was
> installed fresh on a bare HD. It may have had a kernel upgrade or two
> but nothing particularly earth-shattering.
>
>> Older Linuxes had specialized Xen versions of the kernel, and
>> so you'd have to change boot configurations around more.  In either case 
>> it'd be
>> advisable to have a rescue disk handy just in case.  But generally speaking
>> switching a Linux system between dom0 and raw is a very reversible operation
>> unless/until you configure it to depend strongly on Xen-specific or very 
>> low-level
>> hardware operations.
>
> Thank you. I believe you, for I am sure you would not practice on my
> inexperience. I wish to do the right thing, and if - I say if - it
> really is that easy to reverse, the complexity shall be no obstacle to
> our union. Or something like that. (Pirates of Penzance, if you're not
> an opera buff.)
>
>>> 2) Can a DomU Windows have full access to the hardware?
>>
>> You should think about what you mean by "full access".  You may be able to 
>> pass
>> through most of the interface PCI devices and such (with work), but if you 
>> will
>> still need access to the Linux half then you must arrange for enough console 
>> or
>> network devices to be routed to it for that purpose.
>
> I want to play graphical Windows games. It's a 64-bit system with 8GB
> of RAM and a fairly new nVidia chipset video card (don't remember the
> spec atm), so in theory I should be able to give 2-3GB to a 32-bit
> WinXP and let that run happily, while leaving 5-6GB of real RAM for
> everything else.
>
>> Note also that you must have a hardware IOMMU for PCI passthrough to HVM 
>> guests,
>> according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I don't
>> believe Windows can be run paravirtualized since the kernel hasn't been 
>> ported
>> (for obvious reasons).  In practice this may mean some fairly high-class 
>> hardware,
>> depending on your configuration.
>
> Hmm. Is there an easy way to check? It's a high-end Intel motherboard,
> and a high-end modern CPU, although I don't have the precise
> identifiers to hand.
>
> I'm not afraid of a bit of complexity, but my areas of expertise are
> user-level (ring 3) software and networking, not kernels and
> hypervisors. Much appreciate your help!
>
> Chris Angelico
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users