[CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Dennis J. 
Hi,
I'm wondering about the impact of using both dom0 and domU's on a server at 
the same time. I'm worried about the performance impact of running a Mysql 
server in a domU and now I'm thinking about moving the Mysql part of a LAMP 
setup into dom0 and running a few Apache guests as domUs. Since the Apaches 
will serve mostly from an NFS share they won't have much impact on the disk 
i/o so the database should be able to utilize the local storage without 
much interference from the guests. The plan is to limit dom0 to let's say 
4gb of ram and then use the rest of it for the VMs.

Has anyone experinece with this kind of "mixed" setup (physical/virtual). 
Are there any known problems with this approach?

Regards,
   Dennis
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Tim Verhoeven 
On Wed, Feb 4, 2009 at 10:03 AM, Dennis J.  wrote:
>
> I'm wondering about the impact of using both dom0 and domU's on a server at
> the same time. I'm worried about the performance impact of running a Mysql
> server in a domU and now I'm thinking about moving the Mysql part of a LAMP
> setup into dom0 and running a few Apache guests as domUs. Since the Apaches
> will serve mostly from an NFS share they won't have much impact on the disk
> i/o so the database should be able to utilize the local storage without
> much interference from the guests. The plan is to limit dom0 to let's say
> 4gb of ram and then use the rest of it for the VMs.
>
> Has anyone experinece with this kind of "mixed" setup (physical/virtual).
> Are there any known problems with this approach?

Hi,

On a performance level it shouldn't make that much of a difference.
But a domU will have some more overhead in I/O. So it make sence to
run your DB in the dom0.

The only thing to remember is that when something happens to your dom0
the domU's will most likely also be impacted. So that your need to
keep in the back of your head.

Regards,
Tim

-- 
Tim Verhoeven - tim.verhoeven...@gmail.com - 0479 / 88 11 83

Hoping the problem  magically goes away  by ignoring it is the
"microsoft approach to programming" and should never be allowed.
(Linus Torvalds)
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Henrik Holmboe 
++ 04/02/09 10:03 +0100 - Dennis J.:
>Has anyone experinece with this kind of "mixed" setup (physical/virtual). 
>Are there any known problems with this approach?

Dennis,

the dom0 and domU's are both virtual machines on top of the Xen hypervisor. In
short, the only difference between the two is that dom0 has additional
permissions to control the hypervisor (and thus it has xend and the other
management tools). The performance should therefore be equal in dom0 and domU.

All the best,
Henrik

-- 
Henrik Holmboe, Stockholm, Sweden

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Using the parallel port from domU

2009-02-04 Thread Manuel Wolfshant 
Short follow-up: I had to revert to the stock xen. With the newer 
version, Java in the VM went nuts, taking 99% of the CPU. Beats me why...

/me eagerly waiting for  the newer stock version



Manuel Wolfshant wrote:
>Just for the record: due to lack of time (I am really really under 
> pressure and I do not have the time to compile the xen version from 
> 5.3 ), I have switched to a custom built xen-3.3.0 and it works as it 
> should.
>
>Manuel
>
> Manuel Wolfshant wrote:
>> Hello
>>
>>I use xen and I am trying to use the parallel port of Centos 5.2 
>> host from a Windows XP (HVM) guest. I have tried to transfer control 
>> of the port by blacklisting lp, parport and parport_pc + adding:
>>ioports = [ "0378-037a" ]
>> to the xen configuration file.
>>
>>However, in the presence of this line, xm create replies with:
>>
>> Error: function takes exactly 4 arguments (3 given)
>> [...]
>>Except of a bug from 2007 and which should be fixed for a long 
>> time (and which is only PARTIALLY included in xen as available in 
>> 5.2), I have not found anything. I did apply the unapplied part of 
>> http://bugs.centos.org/file_download.php?file_id=474&type=bug but 
>> there is no change.
>>
>>Any ideas ?
>>TIA
>>
>>   manuel
>>
>

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Christopher G. Stach II 
- "Dennis J."  wrote:

> Hi,
> I'm wondering about the impact of using both dom0 and domU's on a
> server at 
> the same time. I'm worried about the performance impact of running a
> Mysql 
> server in a domU and now I'm thinking about moving the Mysql part of a
> LAMP 
> setup into dom0 and running a few Apache guests as domUs. Since the
> Apaches 
> will serve mostly from an NFS share they won't have much impact on the
> disk 
> i/o so the database should be able to utilize the local storage
> without 
> much interference from the guests. The plan is to limit dom0 to let's
> say 
> 4gb of ram and then use the rest of it for the VMs.
> 
> Has anyone experinece with this kind of "mixed" setup
> (physical/virtual). 
> Are there any known problems with this approach?

Running processes in dom0 that aren't for running Xen is going to destroy your 
domU I/O performance.  The backends are just processes.  If you take time away 
from those processes for other things, performance will suffer.  You should run 
some load tests and see if it suits your model, though.

Running the MySQL process in dom0 isn't going to get you very much of a 
performance boost if your MySQL configuration is tuned properly, either.

-- 
Christopher G. Stach II


___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Ben Montanelli 
With this in mind, that dom0 should be lightweight, is there a list of
optimal minimal services to run in a CentOS dom0?

I assume no need to uninstall, just a service toggle off in runlevels 3
and 5?

I believe some apps and services might be useful if a maintenance task
required some utils running out of dom0 with some burden on the domUs
for a while.

Regards,
Ben



> 
> Running processes in dom0 that aren't for running Xen is going to destroy 
> your domU I/O performance.  The backends are just processes.  If you take 
> time away from those processes for other things, performance will suffer.  
> You should run some load tests and see if it suits your model, though.
> 
> Running the MySQL process in dom0 isn't going to get you very much of a 
> performance boost if your MySQL configuration is tuned properly, either.
> 

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Henrik Holmboe 
++ 04/02/09 09:27 -0500 - Ben Montanelli:
>With this in mind, that dom0 should be lightweight, is there a list of
>optimal minimal services to run in a CentOS dom0?
>
>I assume no need to uninstall, just a service toggle off in runlevels 3
>and 5?

I run this in Centos 5.x domU's:

 for svc in acpid apmd bluetooth cpuspeed gpm microcode_ctl \
 pcscd smartd irqbalance mdmonitor; \
 do chkconfig $svc off; \
 service $svc stop; \
 done

And in addition to that I also run this in Centos 5.x dom0's:

 for svc in bluetooth gpm pcscd cups avahi-daemon yum-updatesd; \
 do chkconfig $svc off; \
 service $svc stop; \
 done

There is some overlap, and possibly services that I've missed - but these are
from my notes when I had a look at it. Feel free to comment.

Cheers,
Henrik

-- 
Henrik Holmboe, Stockholm, Sweden

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Henrik Holmboe 
++ 04/02/09 16:56 +0100 - Henrik Holmboe:

[...]

>And in addition to that I also run this in Centos 5.x dom0's:
>
> for svc in bluetooth gpm pcscd cups avahi-daemon yum-updatesd; \
> do chkconfig $svc off; \
> service $svc stop; \
> done

Oh, I forgot this for dom0's:

 for svc in nfslock portmap rpcidmapd cups yum-updatesd; \
  do chkconfig $svc off; \
  service $svc stop; \
 done

-- 
Henrik Holmboe, Stockholm, Sweden

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Manuel Wolfshant 
Dennis J. wrote:
> Hi,
> I'm wondering about the impact of using both dom0 and domU's on a server at 
> the same time. I'm worried about the performance impact of running a Mysql 
> server in a domU and now I'm thinking about moving the Mysql part of a LAMP 
> setup into dom0 and running a few Apache guests as domUs. Since the Apaches 
> will serve mostly from an NFS share they won't have much impact on the disk 
> i/o so the database should be able to utilize the local storage without 
> much interference from the guests. The plan is to limit dom0 to let's say 
> 4gb of ram and then use the rest of it for the VMs.
>
> Has anyone experinece with this kind of "mixed" setup (physical/virtual). 
> Are there any known problems with this approach?
>   
Go ahead, performance wise there is not much difference. I have a 
machine which runs 2 oracle instances (in separate domUs) + some other 
stuff in other VMs
Just make sure that your network card has a very good quality.  Do not 
even think about realtek and if possible avoid Broadcom. I've never 
heard anyone complaining about Intel.

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Ben Montanelli 
Thank you Henric, exactly what I was looking for. I hope to try this
tweek over the weekend.

I guess many of us want the optimized "grail" dom0. (Please forgive me
if this is in the archive, I find nothing to little on this topic.)


Does this look like a decent summary of your suggestions:

-bluetooth

-gpm

-pcscd

-cups

-avahi-daemon

-yum-updatesd (oh yeah)

-nfslock

-portmap (hmnn, not needed on new domUs, NIC configs as well as
migration for xend? Truly do not know the answer here.)

-rpcidmapd


I'm only slightly above noob on Xen and I still like to do a bit in gui,
(fluxbox or Gnome/XFCE4), so I can see right away if there are any balks
in the service window. I do know that dropping windows manager(s) opens
up some resources, but I still need the assist.

I'm weak in dom0 configuration and securing. I am relying on a separate
NIC (private IP, tight ingress/egress) for dom0 with profound hardware
firewalling and monitoring until I get this aspect comfortably nailed
down. I just don't trust my knowledge of inherent linux firewalling for
servers yet.

I doubt I will ever drop the separate NIC and firewall setup on dom0 though.


Henrik Holmboe wrote:
> ++ 04/02/09 16:56 +0100 - Henrik Holmboe:
> 
> [...]
> 
>> And in addition to that I also run this in Centos 5.x dom0's:
>>
>> for svc in bluetooth gpm pcscd cups avahi-daemon yum-updatesd; \
>> do chkconfig $svc off; \
>> service $svc stop; \
>> done
> 
> Oh, I forgot this for dom0's:
> 
>  for svc in nfslock portmap rpcidmapd cups yum-updatesd; \
>   do chkconfig $svc off; \
>   service $svc stop; \
>  done
> 

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Kai Schaetzl 
Henrik Holmboe wrote on Wed, 4 Feb 2009 16:58:50 +0100:

> for svc in nfslock portmap rpcidmapd cups yum-updatesd; \

Or you just don't install this stuff beforehand ;-)

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Kai Schaetzl 
Dennis J. wrote on Wed, 04 Feb 2009 10:03:36 +0100:

> I'm wondering about the impact of using both dom0 and domU's on a server at 
> the same time. I'm worried about the performance impact of running a Mysql 
> server in a domU and now I'm thinking about moving the Mysql part of a LAMP 
> setup into dom0

I do not see any problems with MySQL on domUs. Works just fine.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Kai Schaetzl 
Ben Montanelli wrote on Wed, 04 Feb 2009 11:50:04 -0500:

> I guess many of us want the optimized "grail" dom0.

There is none. It depends on your needs.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Mixed dom0/domU usage?

2009-02-04 Thread Christopher G. Stach II 
- "Kai Schaetzl"  wrote:

> Ben Montanelli wrote on Wed, 04 Feb 2009 11:50:04 -0500:
> 
> > I guess many of us want the optimized "grail" dom0.
> 
> There is none. It depends on your needs.

This is pretty close to one. :)  I also attached a trimmed down version of the 
kickstart config I use for dom0s.  Some of it is irrelevant to many people, but 
I figured someone would find something useful in it, like fixing some of the 
brokenness.  Some of the packages (like the ones for NTP, MD RAID, IPMI, LUKS, 
and iSCSI) can be removed if you don't need them.  ntpd and snmpd can be 
disabled if you don't need/use them, or for security policy reasons, as well.

dom0 services:

srv1:[1:13pm]:120:~# chkconfig --list | grep :on
acpid   0:off   1:off   2:off   3:on4:on5:on6:off
auditd  0:off   1:off   2:on3:on4:on5:on6:off
cpuspeed0:off   1:on2:on3:on4:on5:on6:off
crond   0:off   1:off   2:on3:on4:on5:on6:off
edac0:off   1:off   2:on3:on4:on5:on6:off
ip6tables   0:off   1:off   2:on3:on4:on5:on6:off
iptables0:off   1:off   2:on3:on4:on5:on6:off
libvirtd0:off   1:off   2:off   3:on4:on5:on6:off
lm_sensors  0:off   1:off   2:on3:on4:on5:on6:off
lvm2-monitor0:off   1:on2:on3:on4:on5:on6:off
mcstrans0:off   1:off   2:on3:on4:on5:on6:off
mdmonitor   0:off   1:off   2:on3:on4:on5:on6:off
network 0:off   1:off   2:on3:on4:on5:on6:off
ntpd0:off   1:off   2:on3:on4:on5:on6:off
postfix 0:off   1:off   2:on3:on4:on5:on6:off
restorecond 0:off   1:off   2:on3:on4:on5:on6:off
smartd  0:off   1:off   2:on3:on4:on5:on6:off
snmpd   0:off   1:off   2:on3:on4:on5:on6:off
sshd0:off   1:off   2:on3:on4:on5:on6:off
syslog  0:off   1:off   2:on3:on4:on5:on6:off
sysstat 0:off   1:off   2:on3:on4:off   5:on6:off
xend0:off   1:off   2:on3:on4:on5:on6:off
xendomains  0:off   1:off   2:off   3:on4:on5:on6:off

dom0 kickstart:

[...]
services --disabled=avahi-daemon,gpm,haldaemon,kudzu,messagebus,netfs 
--enabled=ntpd,snmpd
[...]

%packages --nobase
@core
xen
kernel-xen
libvirt
postfix
ntp
net-snmp
sudo
sysstat
rsync
tcpdump
tcsh
bzip2
man
lsof
smartmontools
mailx
screen
vim-enhanced
isns-utils
iscsi-initiator-utils
cryptsetup-luks
vconfig
acpid
audit
cpuspeed
mdadm
psacct
xorg-x11-xauth
edac-utils
memtest86+
patch
which
yum-protectbase
OpenIPMI
OpenIPMI-tools

%post

touch /.autorelabel

sed -i '/^\[/aprotect=1' /etc/yum.repos.d/CentOS-Base.repo

cat << _EOF_ >> /etc/sysctl.conf

net.core.rmem_max = 1048576
net.core.rmem_default = 1048576
net.core.wmem_max = 1048576
net.core.wmem_default = 1048576

vm.swappiness = 1

_EOF_

cat << _EOF_ > /etc/snmp/snmpd.conf
[...]
# This is so SNMP reports correct interface rates
interface bond0 161 10
interface bond0.10 135 10
interface bond0.20 135 10
interface bond0.30 135 10
interface bond0.40 135 10
interface bond0.101 135 10
[...]
_EOF_

sed -i 's/^[ \t]*LoginGraceTime.*/#&/g' /etc/ssh/sshd_config
sed -i 's/^[ \t]*PermitRootLogin.*/#&/g' /etc/ssh/sshd_config
sed -i 's/^[ \t]*MaxAuthTries.*/#&/g' /etc/ssh/sshd_config
sed -i 's/^[ \t]*PasswordAuthentication.*/#&/g' /etc/ssh/sshd_config
sed -i 's/^[ \t]*MaxStartups.*/#&/g' /etc/ssh/sshd_config

cat << _EOF_ >> /etc/ssh/sshd_config

LoginGraceTime 1m
PermitRootLogin forced-commands-only
MaxAuthTries 2
PasswordAuthentication no
MaxStartups 2
_EOF_

sed -i 's#kernel /xen.*#& dom0_mem=2G#' /boot/grub/grub.conf

sed -i 's#module /vmlinuz.*#& elevator=deadline#' /boot/grub/grub.conf

cat << _EOF_ >> /etc/modprobe.conf
alias bond0 bonding
options bond0 mode=balance-rr miimon=100 updelay=1000
options netloop nloopbacks=64
options forcedeth max_interrupt_work=10
_EOF_

touch /etc/sysconfig/iptables

sed -i -r 's/^IPTABLES_MODULES=.*/#&/' /etc/sysconfig/iptables-config

sed -i -r '/^#IPTABLES_MODULES=.*/a \IPTABLES_MODULES=""' 
/etc/sysconfig/iptables-config

cat << _EOF_ > /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
_EOF_

cat << _EOF_ > /etc/sysconfig/network-scripts/ifcfg-bond0.10
DEVICE=bond0.10
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
VLAN=yes
BRIDGE=br10
_EOF_

cat << _EOF_ > /etc/sysconfig/network-scripts/ifcfg-br10
DEVICE=br10
TYPE=Bridge
BOOTPROTO=static
BROADCAST=
IPADDR=
NETMASK=
NETWORK=
IPV6INIT=yes
IPV6_AUTOCONF=yes
ONBOOT=yes
DELAY=0
STP=on
_EOF_

sed -i -r '/^(HWADDR=|#)/!d' /etc/sysconfig/network-scripts/ifcfg-eth0

cat << _EOF_ >> /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=

[CentOS-virt] XEN FLOPPY VIRTUAL

2009-02-04 Thread Adriano Frare 
Dear Friends,

I created a file IMAGE of diskette, and I configurate to GUEST WINXP 
read floppy disk (a:), but I start GUEST WINXP the virtual hardware 
FLOPPY not show.

Below, I show configuration xen gust WINXP.

disk = [ "file:/var/lib/xen/images/winxp_sp2-1.img,hda,w",
"file:/data/MSOFFICE2003.iso,ioemu:hdc:cdrom,r",
"file:/var/lib/xen/images/disk1_44M.img,ioemu:fda:floppy,w" ]
vif = [ "mac=00:16:3e:27:02:75,bridge=xenbr0,type=ioemu" ]


Thank for help.

Adriano
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt