4105
Kommentar: network overview
|
5005
xen network-bridge script broken
|
Gelöschter Text ist auf diese Art markiert. | Hinzugefügter Text ist auf diese Art markiert. |
Zeile 116: | Zeile 116: |
Our | After the first reboot with the new lenny kernel and xen-utils v3.2, the network interfaces of dom0 were broken. During bootup error messages like the following appeared: {{{ Ignoring unknown interface xenbr0=xenbr0 }}} This was most probably caused by a problem of the ''network-bridge'' script in ''xen-utils-common''. See this [http://lists.xensource.com/archives/html/xen-users/2008-09/msg00475.html post in the xen-users mailing list] for details. Apply the following patch on ''/etc/xen/scripts/network-bridge'' to solve this problem: {{{ --- network-bridge.orig 2008-12-28 06:30:54.000000000 +0100 +++ network-bridge 2008-12-28 06:31:08.000000000 +0100 @@ -96,7 +96,7 @@ } do_ifup() { - if ! ifup $1 ; then + if ! ifconfig $1 up ; then if [ -n "$addr_pfx" ] ; then # use the info from get_ip_info() ip addr flush $1 }}} |
Overview
Updating a debian etch (v4.1) system to lenny (v5.0) also involves an upgrade of xen from v3.0 to v3.2. This can create quite some hassle for specific setups.
The documentation below describes some of the issues, that we ran into, when we upgraded the https://systemausfall.org server.
The xen network setup
Our xen network setup is not very common. Thus it should be helpful to give you a short introduction.
Overview
Network interfaces:
dom0 has one physical network interface: eth0
dummy network interfaces (kernel module dummy) are used for most bridges in dom0
most domU share a common network bridge xenbr0
dom0's eth0 is bridged to only one gateway domU as xenbr1
some domU are connected to the gateway domU via separate bridges (xenbr2 and xenbr3)
Advantages of this setup:
the traffic of all domU hosts flows through the gateway domU:
- effective traffic control is possible
- global routing or tunneling (vpn?) setups are possible
- separate networks for different zones of trust
Disadvantages:
complexity
Configuration details
Our network configuration script is linked in /etc/xen/xend-config.sxp:
(network-script custom_separate_bridges.sh)
The above script is located in /etc/xen/scripts/custom_separate_bridges.sh:
dir=$(dirname "$0") # the common network bridge for all sao hosts "$dir/network-bridge" "$@" vifnum=0 netdev=dummy0 bridge=xenbr0 # the bridge connected to the internet (only for the gateway) "$dir/network-bridge" "$@" vifnum=1 netdev=eth0 bridge=xenbr1 # the bridge for the separated sao-network (www-users) "$dir/network-bridge" "$@" vifnum=2 netdev=dummy1 bridge=xenbr2 # the bridge for the network of public IP addresses (mail server ...) "$dir/network-bridge" "$@" vifnum=3 netdev=dummy2 bridge=xenbr3
Problematic details
Update the kernel
Update the kernel link for all domU
To ease the maintenance of the domU kernel during upgrades, we use symlinks in /boot:
thorax:~# ls -l /boot lrwxrwxrwx 1 root root 35 2008-12-28 05:20 domU-initrd -> /boot/initrd.img-2.6.18-6-xen-amd64 lrwxrwxrwx 1 root root 32 2008-12-28 05:20 domU-kernel -> /boot/vmlinuz-2.6.18-6-xen-amd64 -- snipped some more details --
Update these links to the new domU kernel:
lrwxrwxrwx 1 root root 35 2008-12-28 05:20 domU-initrd -> /boot/initrd.img-2.6.26-1-xen-amd64 lrwxrwxrwx 1 root root 32 2008-12-28 05:20 domU-kernel -> /boot/vmlinuz-2.6.26-1-xen-amd64
Make sure, that all xen host configuration files (e.g. in /etc/xen/ or /etc/xen/vm/) contain the following lines:
kernel = '/boot/domU-kernel' ramdisk = '/boot/domU-initrd'
Update the configuration file of xen-tools (/etc/xen-tools/xen-tools.conf) to use these kernel symlinks by default for new xen hosts:
kernel = /boot/domU-kernel initrd = /boot/domU-initrd #kernel = /boot/vmlinuz-`uname -r` #initrd = /boot/initrd.img-`uname -r`
Update the new module directory in all domU
- shutdown all xen hosts
- mount the system partitions of the xen hosts
copy the new modules directory:
cp -a /lib/modules/`uname -r` $MNT_DIR/lib/modules/
No terminal for ssh login
Behaviour
Login to domU hosts via ssh fails with the following output:
PTY allocation request failed on channel 0 stdin: is not a tty
Even xm console $HOST_NAME stops before the login prompt.
Workaround
Debian bug [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502798 #502798] suggests to add the following lines to the configuration file of each domU:
# necessary for ssh login since lenny # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502798 extra = "console=hvc0"
This allows to login via ssh, but xm console still does not work.
Broken network interfaces in dom0
After the first reboot with the new lenny kernel and xen-utils v3.2, the network interfaces of dom0 were broken.
During bootup error messages like the following appeared:
Ignoring unknown interface xenbr0=xenbr0
This was most probably caused by a problem of the network-bridge script in xen-utils-common. See this [http://lists.xensource.com/archives/html/xen-users/2008-09/msg00475.html post in the xen-users mailing list] for details.
Apply the following patch on /etc/xen/scripts/network-bridge to solve this problem:
--- network-bridge.orig 2008-12-28 06:30:54.000000000 +0100 +++ network-bridge 2008-12-28 06:31:08.000000000 +0100 @@ -96,7 +96,7 @@ } do_ifup() { - if ! ifup $1 ; then + if ! ifconfig $1 up ; then if [ -n "$addr_pfx" ] ; then # use the info from get_ip_info() ip addr flush $1