Re: Xen support on Squeeze
> Novell is actively developing their SLES11 2.6.27 kernel-xen, > and upcoming SLES11 SP1 will have 2.6.32 kernel-xen. I did not know that. > > > vcpu pinning is not required for a properly working kernel.. > > > > It shouldn't be, I agree... but it seems like it is required to keep the > > kernel from a daily panic. > > > > Does this happen with other kernels aswell? I thought the bug only happens > with the lenny 2.6.26-2-xen kernels. As I said before, I was not able to get any other kernel to work properly. micah pgphRV44BFW0Y.pgp Description: PGP signature
Re: Xen support on Squeeze
On Tue, Apr 06, 2010 at 11:00:50AM -0400, micah anderson wrote: > On 2010-04-06, micah anderson wrote: > > On Thu, Apr 01, 2010 at 03:40:40PM -0400, Micah Anderson wrote: > > > "Nikita V. Youshchenko" writes: > > > > > > >> We have had to carry that patch without any upstream support (or > > > >> sharing > > > >> with Novell, which eventually released SLES 11 with 2.6.27). As a > > > >> result, the xen-flavour kernels for lenny are very buggy, particularly > > > >> for domains with multiple vCPUs (though that *may* be fixed now). > > > > > > > > Unfortunately it is not fixed. > > > > > > > > We here once migrated to xen and now rely on it, and that gives lots of > > > > frustration. For any loaded domain we still have to run etch kernel, > > > > because lenny kernel constantly crashes after several days of heavy > > > > load. > > > > Dom0's run lenny kernel - and with a fix for #542250 they don't crash, > > > > but > > > > those are almost unloaded. > > > > > > I was having problems with multiple vCPUs also, under moderate load I > > > would regularly get crashes. I reported my findings in #504805. I > > > swapped out machines, didn't work. When the fix for the xen_spin_wait() > > > came out, I eagerly switched to that, but it didn't fix my problem. I > > > even tried my hardest to switch to the latest upstream Xen kernel to see > > > if that would fix things, but it was way too unstable and I couldn't get > > > it to work at all. > > > > > > > What do you exactly mean with the 'upstream Xen kernel' ? > > The latest xen-kernel, not from Debian. There are a number of them, the > Novell/OpenSuse forward-port of the old-style xenlinux patches, and the > pvops dom0 git tree. The pvops one was the one I was trying to get > working since the other versions of the kernel aren't receiving any > attention and all dev is happening in the pvops. > Novell is actively developing their SLES11 2.6.27 kernel-xen, and upcoming SLES11 SP1 will have 2.6.32 kernel-xen. > > > > Eventually I stumbled on a way to keep my machines from restarting, its > > > not a great solution, but it stops me from having to deal with the > > > failure on a daily basis. I think that anyone else who is having this > > > problem can do this and it will work. Obviously this is not the right > > > solution, but it works until we can get a fix. > > > > > > First I made sure this was set: > > > > > > /etc/xen/xend-config.sxp: (dom0-cpus 0) > > > > > > Then I pinned individual physical CPUs to specific domU's, once pinned, > > > the problem stops. > > > > > > > vcpu pinning is not required for a properly working kernel.. > > It shouldn't be, I agree... but it seems like it is required to keep the > kernel from a daily panic. > Does this happen with other kernels aswell? I thought the bug only happens with the lenny 2.6.26-2-xen kernels. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100406162730.gz1...@reaktio.net
Re: Xen support on Squeeze
On 2010-04-06, micah anderson wrote: > On Thu, Apr 01, 2010 at 03:40:40PM -0400, Micah Anderson wrote: > > "Nikita V. Youshchenko" writes: > > > > >> We have had to carry that patch without any upstream support (or sharing > > >> with Novell, which eventually released SLES 11 with 2.6.27). As a > > >> result, the xen-flavour kernels for lenny are very buggy, particularly > > >> for domains with multiple vCPUs (though that *may* be fixed now). > > > > > > Unfortunately it is not fixed. > > > > > > We here once migrated to xen and now rely on it, and that gives lots of > > > frustration. For any loaded domain we still have to run etch kernel, > > > because lenny kernel constantly crashes after several days of heavy load. > > > Dom0's run lenny kernel - and with a fix for #542250 they don't crash, > > > but > > > those are almost unloaded. > > > > I was having problems with multiple vCPUs also, under moderate load I > > would regularly get crashes. I reported my findings in #504805. I > > swapped out machines, didn't work. When the fix for the xen_spin_wait() > > came out, I eagerly switched to that, but it didn't fix my problem. I > > even tried my hardest to switch to the latest upstream Xen kernel to see > > if that would fix things, but it was way too unstable and I couldn't get > > it to work at all. > > > > What do you exactly mean with the 'upstream Xen kernel' ? The latest xen-kernel, not from Debian. There are a number of them, the Novell/OpenSuse forward-port of the old-style xenlinux patches, and the pvops dom0 git tree. The pvops one was the one I was trying to get working since the other versions of the kernel aren't receiving any attention and all dev is happening in the pvops. > > Eventually I stumbled on a way to keep my machines from restarting, its > > not a great solution, but it stops me from having to deal with the > > failure on a daily basis. I think that anyone else who is having this > > problem can do this and it will work. Obviously this is not the right > > solution, but it works until we can get a fix. > > > > First I made sure this was set: > > > > /etc/xen/xend-config.sxp: (dom0-cpus 0) > > > > Then I pinned individual physical CPUs to specific domU's, once pinned, > > the problem stops. > > > > vcpu pinning is not required for a properly working kernel.. It shouldn't be, I agree... but it seems like it is required to keep the kernel from a daily panic. m pgpEf1qHpKVOJ.pgp Description: PGP signature
Re: Xen support on Squeeze
On Thu, Apr 01, 2010 at 03:40:40PM -0400, Micah Anderson wrote: > "Nikita V. Youshchenko" writes: > > >> We have had to carry that patch without any upstream support (or sharing > >> with Novell, which eventually released SLES 11 with 2.6.27). As a > >> result, the xen-flavour kernels for lenny are very buggy, particularly > >> for domains with multiple vCPUs (though that *may* be fixed now). > > > > Unfortunately it is not fixed. > > > > We here once migrated to xen and now rely on it, and that gives lots of > > frustration. For any loaded domain we still have to run etch kernel, > > because lenny kernel constantly crashes after several days of heavy load. > > Dom0's run lenny kernel - and with a fix for #542250 they don't crash, but > > those are almost unloaded. > > I was having problems with multiple vCPUs also, under moderate load I > would regularly get crashes. I reported my findings in #504805. I > swapped out machines, didn't work. When the fix for the xen_spin_wait() > came out, I eagerly switched to that, but it didn't fix my problem. I > even tried my hardest to switch to the latest upstream Xen kernel to see > if that would fix things, but it was way too unstable and I couldn't get > it to work at all. > What do you exactly mean with the 'upstream Xen kernel' ? > Eventually I stumbled on a way to keep my machines from restarting, its > not a great solution, but it stops me from having to deal with the > failure on a daily basis. I think that anyone else who is having this > problem can do this and it will work. Obviously this is not the right > solution, but it works until we can get a fix. > > First I made sure this was set: > > /etc/xen/xend-config.sxp: (dom0-cpus 0) > > Then I pinned individual physical CPUs to specific domU's, once pinned, > the problem stops. > vcpu pinning is not required for a properly working kernel.. Although good to hear there's a workaround. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100406080601.gu1...@reaktio.net
Re: Xen support on Squeeze
"Nikita V. Youshchenko" writes: >> We have had to carry that patch without any upstream support (or sharing >> with Novell, which eventually released SLES 11 with 2.6.27). As a >> result, the xen-flavour kernels for lenny are very buggy, particularly >> for domains with multiple vCPUs (though that *may* be fixed now). > > Unfortunately it is not fixed. > > We here once migrated to xen and now rely on it, and that gives lots of > frustration. For any loaded domain we still have to run etch kernel, > because lenny kernel constantly crashes after several days of heavy load. > Dom0's run lenny kernel - and with a fix for #542250 they don't crash, but > those are almost unloaded. I was having problems with multiple vCPUs also, under moderate load I would regularly get crashes. I reported my findings in #504805. I swapped out machines, didn't work. When the fix for the xen_spin_wait() came out, I eagerly switched to that, but it didn't fix my problem. I even tried my hardest to switch to the latest upstream Xen kernel to see if that would fix things, but it was way too unstable and I couldn't get it to work at all. Eventually I stumbled on a way to keep my machines from restarting, its not a great solution, but it stops me from having to deal with the failure on a daily basis. I think that anyone else who is having this problem can do this and it will work. Obviously this is not the right solution, but it works until we can get a fix. First I made sure this was set: /etc/xen/xend-config.sxp: (dom0-cpus 0) Then I pinned individual physical CPUs to specific domU's, once pinned, the problem stops. What does that mean? Well, Xen does this wacky thing where it creates virtual CPUs (VCPUs), each domU has one of them by default (but you can have more), and then it moves physical CPUs between those VCPUs depending on need. So lets say you have four CPUs, and a domU. That domU has one VCPU by default. That VCPU could actually have the physical CPU 0, 1, 2, 3 all servicing it to provide that VCPU, even at the same time. I found somewhere that this can be a performance hit, because it needs to figure out how to deal with this and switch contexts. I also read that it could cause some instability (!), so pinning the physical CPUs so they don't move around seemed to solve this. The pinning does not stick across reboots, so it has to be done again if the system is rebooted, and it isn't really possible to set this in a startup script, at least I don't think so. So how do you do this? If you look at 'xm vcpu-list' (which annoyingly isn't listed in 'xm help') you will see the CPU column populated with a random CPU, depending on scheduling, and then the CPU Affinity column all say 'any cpu'. This means that any physical CPU could travel between them, and would, depending on the scheduling. Once you pin things, then the individual domU's are set to have specific CPU affinities, so the CPUs don't 'travel' between them, and magically the crash stops. So an example: r...@shoveler:~# xm vcpu-list NameID VCPU CPU State Time(s) CPU Affinity Domain-0 0 0 1 -b- 283688.8 any cpu Domain-0 0 1 1 --- 39666.3 any cpu Domain-0 0 2 1 r-- 49224.4 any cpu Domain-0 0 3 1 -b- 75591.1 any cpu kite 1 0 3 -b- 71411.8 any cpu murrelet 2 0 0 -b- 47.2 any cpu test 3 0 0 r-- 342182.3 any cpu So we want to fix that final column using 'xm vcpu-pin' (also a command not listed in 'xm help'): Usage: xm vcpu-pin Set which CPUs a VCPU can use. r...@shoveler:~# xm vcpu-pin 0 0 0 r...@shoveler:~# xm vcpu-pin 0 1 0 r...@shoveler:~# xm vcpu-pin 0 2 0 r...@shoveler:~# xm vcpu-pin 0 3 0 r...@shoveler:~# xm vcpu-pin 1 0 1 r...@shoveler:~# xm vcpu-pin 2 0 2 r...@shoveler:~# xm vcpu-pin 3 0 3 r...@shoveler:~# xm vcpu-list Name ID VCPU CPU State Time(s) CPU Affinity Domain-0 0 0 1 -b- 283700.3 0 Domain-0 0 1 1 r-- 39669.6 0 Domain-0 0 2 1 -b- 49227.4 0 Domain-0 0 3 1 -b- 75596.2 0 kite 1 0 3 -b- 71415.3 1 murrelet 2 0 0 -b- 472237.8 2 test 3 0 0 r-- 342182.3 3 And voila, no more crashes... :P micah -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87d3yj7yh3@pond.riseup.net
Re: Xen support on Squeeze
Ian Campbell writes: > On Wed, 2010-01-20 at 17:10 +0100, Goswin von Brederlow wrote: >> Pasi Kärkkäinen writes: >> >> > On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: >> >> On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: >> >> > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then >> >> > that's >> >> > in progress, see: >> >> > >> >> > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html >> >> > >> >> > the 2.6.32 tree should be available shortly after Jeremy gets back from >> >> > his vacation. >> >> >> >> What chance does this have of making it in time for Squeeze? >> >> >> > >> > When actually is 'in time' for Squeeze? >> > >> > Novell already has the oldstyle xenlinux patches for 2.6.32, so they >> > could be used, if pv_ops dom0 patches weren't in shape for Squeeze. > > Are Novell going to be releasing a distribution which uses 2.6.32 and is > supported for the lifetime of Squeeze? We've been here before with Lenny > where we took 2.6.26 patches from Novell and they eventually shipped a > 2.6.27 based system leaving us with unsupported (and buggy) 2.6.26 > patches in Lenny. > >> > >> > -- Pasi >> >> Given that the pv_ops dom0 is still unstable: > > I don't think that is the case. There are some issues which prevent it > going upstream immediately but those are to do with the impact of the > patches, not stability issues, and are being actively resolved. Doesn't even boot here. Seems to be incompatible to my laptops bios. (i.e. the bios is crap *surprise, surprise* and xen no longer works around it) >> Where are the oldstyle patches for 2.6.32? > > I don't think that would be wise -- Debian has been bitten two releases > in a row now by taking 3rd party Xen patches and having that third party > move onto other things, thereby leaving us with an unsupported patch. No > one on the Debian kernel team has expressed an interest in maintaining > such a patch this time around. I just need something that works for me now. I didn't want suggest that for Debian. MfG Goswin -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Wed, 2010-01-20 at 17:10 +0100, Goswin von Brederlow wrote: > Pasi Kärkkäinen writes: > > > On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: > >> On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: > >> > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then > >> > that's > >> > in progress, see: > >> > > >> > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html > >> > > >> > the 2.6.32 tree should be available shortly after Jeremy gets back from > >> > his vacation. > >> > >> What chance does this have of making it in time for Squeeze? > >> > > > > When actually is 'in time' for Squeeze? > > > > Novell already has the oldstyle xenlinux patches for 2.6.32, so they > > could be used, if pv_ops dom0 patches weren't in shape for Squeeze. Are Novell going to be releasing a distribution which uses 2.6.32 and is supported for the lifetime of Squeeze? We've been here before with Lenny where we took 2.6.26 patches from Novell and they eventually shipped a 2.6.27 based system leaving us with unsupported (and buggy) 2.6.26 patches in Lenny. > > > > -- Pasi > > Given that the pv_ops dom0 is still unstable: I don't think that is the case. There are some issues which prevent it going upstream immediately but those are to do with the impact of the patches, not stability issues, and are being actively resolved. > Where are the oldstyle patches for 2.6.32? I don't think that would be wise -- Debian has been bitten two releases in a row now by taking 3rd party Xen patches and having that third party move onto other things, thereby leaving us with an unsupported patch. No one on the Debian kernel team has expressed an interest in maintaining such a patch this time around. 2.6.32 is going to be a long term supported release both from kernel.org[0] and xen.org[1] and I think it makes perfect sense to base Squeeze's Xen support on that tree. Ian. [0] http://www.kroah.com/log/linux/stable-status-01-2010.html and http://marc.info/?l=linux-kernel&m=126384198403392&w=2 [1] http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html description of xen/stable-2.6.32 branch. -- Ian Campbell BOFH excuse #379: We've picked COBOL as the language of choice. signature.asc Description: This is a digitally signed message part
Re: Xen support on Squeeze
On Wed, Jan 20, 2010 at 06:16:27PM +0200, Pasi Kärkkäinen wrote: > On Wed, Jan 20, 2010 at 05:10:55PM +0100, Goswin von Brederlow wrote: > > Pasi Kärkkäinen writes: > > > > > On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: > > >> On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: > > >> > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then > > >> > that's > > >> > in progress, see: > > >> > > > >> > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html > > >> > > > >> > the 2.6.32 tree should be available shortly after Jeremy gets back from > > >> > his vacation. > > >> > > >> What chance does this have of making it in time for Squeeze? > > >> > > > > > > When actually is 'in time' for Squeeze? > > > > > > Novell already has the oldstyle xenlinux patches for 2.6.32, so they > > > could be used, if pv_ops dom0 patches weren't in shape for Squeeze. > > > > > > -- Pasi > > > > Given that the pv_ops dom0 is still unstable: > > > > Where are the oldstyle patches for 2.6.32? > > > > Various Xen dom0 kernel options listed here: > http://wiki.xensource.com/xenwiki/XenDom0Kernels > > Links to the OpenSUSE kernels (including Xen patches): > http://download.opensuse.org/repositories/Kernel:/HEAD/openSUSE_Factory/ > ftp://ftp.suse.com/pub/projects/kernel/kotd/master/ > http://www.gitorious.org/opensuse/kernel-source > > I'll ask Andrew Lyon if he has plans to release more easy-to-use patches > against vanilla kernel.org 2.6.32. > This is the reply I got from Andrew Lyon: http://lists.xensource.com/archives/html/xen-users/2010-01/msg00592.html -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Wed, Jan 20, 2010 at 05:10:55PM +0100, Goswin von Brederlow wrote: > Pasi Kärkkäinen writes: > > > On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: > >> On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: > >> > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then > >> > that's > >> > in progress, see: > >> > > >> > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html > >> > > >> > the 2.6.32 tree should be available shortly after Jeremy gets back from > >> > his vacation. > >> > >> What chance does this have of making it in time for Squeeze? > >> > > > > When actually is 'in time' for Squeeze? > > > > Novell already has the oldstyle xenlinux patches for 2.6.32, so they > > could be used, if pv_ops dom0 patches weren't in shape for Squeeze. > > > > -- Pasi > > Given that the pv_ops dom0 is still unstable: > > Where are the oldstyle patches for 2.6.32? > Various Xen dom0 kernel options listed here: http://wiki.xensource.com/xenwiki/XenDom0Kernels Links to the OpenSUSE kernels (including Xen patches): http://download.opensuse.org/repositories/Kernel:/HEAD/openSUSE_Factory/ ftp://ftp.suse.com/pub/projects/kernel/kotd/master/ http://www.gitorious.org/opensuse/kernel-source I'll ask Andrew Lyon if he has plans to release more easy-to-use patches against vanilla kernel.org 2.6.32. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
Pasi Kärkkäinen writes: > On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: >> On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: >> > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then >> > that's >> > in progress, see: >> > >> > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html >> > >> > the 2.6.32 tree should be available shortly after Jeremy gets back from >> > his vacation. >> >> What chance does this have of making it in time for Squeeze? >> > > When actually is 'in time' for Squeeze? > > Novell already has the oldstyle xenlinux patches for 2.6.32, so they > could be used, if pv_ops dom0 patches weren't in shape for Squeeze. > > -- Pasi Given that the pv_ops dom0 is still unstable: Where are the oldstyle patches for 2.6.32? MfG Goswin -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Thu, Jan 07, 2010 at 11:06:56AM -0200, Henrique de Moraes Holschuh wrote: > On Sun, 03 Jan 2010, William Pitcock wrote: > > > That was opposed quite strongly by the kernel folks last time it was > > > attempted. Were there any fundamental changes in the Xen dom0 patches > > > since then? > > > > Only by the kernel folks which believe all of the crap that the KVM > > guys say about Xen. There are plenty of kernel developers willing > > to see the patches merged. > > Hmm, you have a problem there. > > Linus is very likely going to cheerfully tell the Xen and KVM developers to > duke it out in a bloodbath, and to not forget to bring AlacrityVM into the > fray either. He could care less for virtualization, and he is likely to > refuse to merge anything non-trivial until the "virtualization crazy people" > manage to reach a consensus on a sane API. Look for the AlacrityVM threads > in LKML if you doubt me. > Then again the KVM vs. AlacrityVM discussion is a bit different. AlacrityVM is a fork of KVM.. > Note: I am not defending KVM. I don't agree with their main ideology (that > their hardware-emulating approach is the One True Way). But I can well see > why Linus decided to take that instance. > > Xen's track record from hell on getting their act cleaned up for upstream > merging is also going to get in the way. Some people have long memories. > Linus has been happily accepting a lot of Xen pv_ops (domU) patches from Jeremy lately.. So it seems to be mostly about the 'quality' of the code. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, 03 Jan 2010, William Pitcock wrote: > > That was opposed quite strongly by the kernel folks last time it was > > attempted. Were there any fundamental changes in the Xen dom0 patches > > since then? > > Only by the kernel folks which believe all of the crap that the KVM > guys say about Xen. There are plenty of kernel developers willing > to see the patches merged. Hmm, you have a problem there. Linus is very likely going to cheerfully tell the Xen and KVM developers to duke it out in a bloodbath, and to not forget to bring AlacrityVM into the fray either. He could care less for virtualization, and he is likely to refuse to merge anything non-trivial until the "virtualization crazy people" manage to reach a consensus on a sane API. Look for the AlacrityVM threads in LKML if you doubt me. Note: I am not defending KVM. I don't agree with their main ideology (that their hardware-emulating approach is the One True Way). But I can well see why Linus decided to take that instance. Xen's track record from hell on getting their act cleaned up for upstream merging is also going to get in the way. Some people have long memories. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
I think you are addressing the wrong list. This is debian-devel, for discussion of Debian development. Your question is off-topic here. Please try one of the debian-user mailing lists instead. As a second point, you have replied to an unrelated message on debian-devel and referenced the unrelated messsage in your "References" header as a result. You also have not set a meaningful subject. These are all things which mean many people may miss your message or skip over it altogether. Finally, when you repost your message to a more appropriate list, you should include the versions of the software you are talking about (before and after, if possible). -- Jon Dowland signature.asc Description: Digital signature
Re: Xen support on Squeeze
Good day list, Is anyone else having a problem with the latest squeeze update of gnome-panel? When booting up, the entire desktop shows, icons and everything, and you can work on it. But the panels take almost 5 minutes to come up... after that it's fine. Anyone else experiencing this? Regards, Jaco Wiese > >
Re: Xen support on Squeeze
> We have had to carry that patch without any upstream support (or sharing > with Novell, which eventually released SLES 11 with 2.6.27). As a > result, the xen-flavour kernels for lenny are very buggy, particularly > for domains with multiple vCPUs (though that *may* be fixed now). Unfortunately it is not fixed. We here once migrated to xen and now rely on it, and that gives lots of frustration. For any loaded domain we still have to run etch kernel, because lenny kernel constantly crashes after several days of heavy load. Dom0's run lenny kernel - and with a fix for #542250 they don't crash, but those are almost unloaded. Btw, major problem is virtual device performance - even in pure paravirtualization case (no qemu). We have multi-user /home serviced by a dedicated domu that gets it in a virtual block device - and it is terribly slow. signature.asc Description: This is a digitally signed message part.
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 09:42:53PM +0300, William Pitcock wrote: > > That was opposed quite strongly by the kernel folks last time it was > > attempted. Were there any fundamental changes in the Xen dom0 patches > > since then? > Only by the kernel folks which believe all of the crap that the KVM > guys say about Xen. There are plenty of kernel developers willing > to see the patches merged. That didn't seem massively clear the last time I looked at one of those threads - the primary issue was the invasiveness of the patches which most people would be able to assess for themselves. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Mon, Jan 04, 2010 at 11:02:51AM +1100, Brian May wrote: > On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: > > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then > > that's > > in progress, see: > > > > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html > > > > the 2.6.32 tree should be available shortly after Jeremy gets back from > > his vacation. > > What chance does this have of making it in time for Squeeze? > When actually is 'in time' for Squeeze? Novell already has the oldstyle xenlinux patches for 2.6.32, so they could be used, if pv_ops dom0 patches weren't in shape for Squeeze. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Mon, 2010-01-04 at 10:38 +1100, Brian May wrote: > On Sun, Jan 03, 2010 at 09:49:24PM +0300, William Pitcock wrote: > > > Xen is unsupportable due to clueless upstream, who has been in a > > > constant FAIL state regarding support of current kernels for years. > > > > Do you have any proof for this claim? xen.git seems pretty up to date to > > me (2.6.31.6), and there are already people who are hacking on xen.git who > > have it working on 2.6.32, which means that xen.git will be up-to-date once > > Jeremy is back from holiday. > > I would assume he is thinking back to the release of Lenny, where it looked > like there wasn't going to be Xen support, or limited Xen support maybe, > because upstream were slow to update from 2.6.18. > > Fortunately Lenny did get Xen support, and for 2.6.26. We have had to carry that patch without any upstream support (or sharing with Novell, which eventually released SLES 11 with 2.6.27). As a result, the xen-flavour kernels for lenny are very buggy, particularly for domains with multiple vCPUs (though that *may* be fixed now). Ben. -- Ben Hutchings The obvious mathematical breakthrough [to break modern encryption] would be development of an easy way to factor large prime numbers. - Bill Gates signature.asc Description: This is a digitally signed message part
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 06:12:28PM +0200, Pasi Kärkkäinen wrote: > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then that's > in progress, see: > > http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html > > the 2.6.32 tree should be available shortly after Jeremy gets back from > his vacation. What chance does this have of making it in time for Squeeze? -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 09:49:24PM +0300, William Pitcock wrote: > > Xen is unsupportable due to clueless upstream, who has been in a > > constant FAIL state regarding support of current kernels for years. > > Do you have any proof for this claim? xen.git seems pretty up to date to > me (2.6.31.6), and there are already people who are hacking on xen.git who > have it working on 2.6.32, which means that xen.git will be up-to-date once > Jeremy is back from holiday. I would assume he is thinking back to the release of Lenny, where it looked like there wasn't going to be Xen support, or limited Xen support maybe, because upstream were slow to update from 2.6.18. Fortunately Lenny did get Xen support, and for 2.6.26. -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 11:26:34AM +0100, Bastian Blank wrote: > On Sun, Jan 03, 2010 at 04:55:27PM +1100, Brian May wrote: > > On Sun, Jan 03, 2010 at 01:21:55AM +, Ben Hutchings wrote: > > > I believe we will have Xen hypervisor and Linux dom0 packages, but they > > > will not be supported to the degree that ordinary kernel packages are. > > I can't see any Xen kernel in Squeeze with support for Xen. Am I blind? > > Yes, you are. > > | Package: linux-image-2.6.32-trunk-686-bigmem > | [...] > | Description: Linux 2.6.32 for PCs with 4GB+ RAM > | [...] > | This kernel also runs on a Xen hypervisor. It supports only unprivileged > | (domU) operation. No wonder I didn't see it, it doesn't have xen in the name. However that is only a domU kernel, Ben Hutchings said there was a dom0 kernel - was he mistaken? > > I don't see the hypervisor either, the only packages with xen in are: > > | Package: xen-hypervisor-3.4-i386 > | [...] > | Description: The Xen Hypervisor on i386 Hmm. Looks like I was brain dead and did the wrong type of search (searched contents of package as opposed to package names). -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 12:47:54PM +0800, Paul Wise wrote: > On Sun, Jan 3, 2010 at 9:01 AM, Brian May wrote: > > > 1) I believe Xen, with paravirtualization (that is without QEMU) is more > > secure > > then KVM (or Xen) with QEMU. > > I haven't heard this claim before, do you have any references to support this? > Xen guests (domUs) communicate only with Xen hypervisor, and the guests are totally separated from each other and dom0. Xen hypervisor then passes IO requests to/from dom0 for disk/net. Also if running HVM guests the qemu-dm emulator binary can be run in a 'stubdom', so qemu can be put into it's own/private guest to get it out of dom0.. this makes HVM guests communicate with dom0 in the same way as PV guest would. Some people prefer these models, instead of the KVM model where guests are directly running on the host kernel. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
- "Gabor Gombas" wrote: > On Sun, Jan 03, 2010 at 06:31:20PM +0200, Pasi Kärkkäinen wrote: > > > So the change has happened, lthough it took painfully long to get > the > > upstream Linux pv_ops framework in shape and all that.. and > obviously > > the pv_ops dom0 patches still need to get merged upstream. > > That was opposed quite strongly by the kernel folks last time it was > attempted. Were there any fundamental changes in the Xen dom0 patches > since then? Only by the kernel folks which believe all of the crap that the KVM guys say about Xen. There are plenty of kernel developers willing to see the patches merged. William -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
- "Marc Haber" wrote: > On Sun, 3 Jan 2010 16:55:27 +1100, Brian May > wrote: > >Like I said previously, I think dropping Xen support is a mistake > because KVM > >requires QEMU and QEMU seems to have a reputation of being insecure. > > Xen is unsupportable due to clueless upstream, who has been in a > constant FAIL state regarding support of current kernels for years. Do you have any proof for this claim? xen.git seems pretty up to date to me (2.6.31.6), and there are already people who are hacking on xen.git who have it working on 2.6.32, which means that xen.git will be up-to-date once Jeremy is back from holiday. William -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 07:33:07PM +0100, Gabor Gombas wrote: > On Sun, Jan 03, 2010 at 06:31:20PM +0200, Pasi Kärkkäinen wrote: > > > So the change has happened, lthough it took painfully long to get the > > upstream Linux pv_ops framework in shape and all that.. and obviously > > the pv_ops dom0 patches still need to get merged upstream. > > That was opposed quite strongly by the kernel folks last time it was > attempted. Were there any fundamental changes in the Xen dom0 patches > since then? > Yeah, the APIC stuff has been re-architected after that. See: http://www.xen.org/files/xensummit_intel09/xensummit-asia-2009-talk.pdf Actually last time when Jeremy tried to upstream the patches there was a lot of noise, and less actual problems. So hoping all the best for next round.. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 06:31:20PM +0200, Pasi Kärkkäinen wrote: > So the change has happened, lthough it took painfully long to get the > upstream Linux pv_ops framework in shape and all that.. and obviously > the pv_ops dom0 patches still need to get merged upstream. That was opposed quite strongly by the kernel folks last time it was attempted. Were there any fundamental changes in the Xen dom0 patches since then? Gabor -- - MTA SZTAKI Computer and Automation Research Institute Hungarian Academy of Sciences - -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 11:23:28AM +0100, Bastian Blank wrote: > On Sun, Jan 03, 2010 at 01:21:55AM +, Ben Hutchings wrote: > > I believe we will have Xen hypervisor and Linux dom0 packages, > > The hypervisor works well, but the Linux Dom0 packages are not available > yet, upstream is again fading behind. > If we're talking about Linux 2.6.32 support for pv_ops dom0 here, then that's in progress, see: http://lists.xensource.com/archives/html/xen-devel/2009-12/msg01127.html the 2.6.32 tree should be available shortly after Jeremy gets back from his vacation. -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 10:46:38AM +0100, Marc Haber wrote: > On Sun, 3 Jan 2010 16:55:27 +1100, Brian May > wrote: > >Like I said previously, I think dropping Xen support is a mistake because KVM > >requires QEMU and QEMU seems to have a reputation of being insecure. > > Xen is unsupportable due to clueless upstream, who has been in a > constant FAIL state regarding support of current kernels for years. > For 6 months now (since summer 2009) xen-unstable (the development version) has been using pv_ops dom0 kernel as a default. pv_ops dom0 kernel is based on upstream kernel.org git tree (of Linus), so it has been pretty much in sync with the upstream Linux development. Currently it's at 2.6.31.6, but will get updated to 2.6.32.x when the main developer gets back from his christmas/NY break. Upcoming Xen 4.0 release will use pv_ops dom0 as a default kernel. So the change has happened, lthough it took painfully long to get the upstream Linux pv_ops framework in shape and all that.. and obviously the pv_ops dom0 patches still need to get merged upstream. pv_ops dom0 kernel definitely needs more testing still, so now it's a good moment to do some testing, if you're interested of this stuff. pv_ops dom0 kernel: http://wiki.xensource.com/xenwiki/XenParavirtOps If pv_ops dom0 is not what you want, there are many other Xen dom0 kernel options aswell: http://wiki.xensource.com/xenwiki/XenDom0Kernels -- Pasi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
Brian May, le Sun 03 Jan 2010 16:48:06 +1100, a écrit : > On Sun, Jan 03, 2010 at 12:47:54PM +0800, Paul Wise wrote: > > On Sun, Jan 3, 2010 at 9:01 AM, Brian May wrote: > > > > > 1) I believe Xen, with paravirtualization (that is without QEMU) is more > > > secure > > > then KVM (or Xen) with QEMU. > > > > I haven't heard this claim before, do you have any references to support > > this? > > http://blog.orebokech.com/2007/05/xen-security-or-lack-thereof.html links to > http://taviso.decsystem.org/virtsec.pdf. BTW, nowadays Xen is able to start qemu in stubdomains to sandbox it. That is however not yet packaged in Debian. Samuel -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
Brian May writes: > http://blog.orebokech.com/2007/05/xen-security-or-lack-thereof.html links to > http://taviso.decsystem.org/virtsec.pdf. > I don't know for certain this applies to KVM, however I would assume so. Only to a certain extent. Nowadays Linux guests in KVM use virtio for disk/network devices and you can disable most of the rest (vga/cdrom, etc) if you only need a Xen replacement, leaving only a few emulated devices. You can additionally run the kvm processes unprivileged and chrooted on the host, and in some distributions you can even sandbox them using SELinux (Fedora/RHEL) or AppArmor (Ubuntu). Sadly, it seems that Debian isn't quite there yet. Also, it is my impression that QEMU receives much more attention now that KVM is popular, so its security record will probably improve over time. -- Romain Francoise http://people.debian.org/~rfrancoise/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 04:55:27PM +1100, Brian May wrote: > On Sun, Jan 03, 2010 at 01:21:55AM +, Ben Hutchings wrote: > > I believe we will have Xen hypervisor and Linux dom0 packages, but they > > will not be supported to the degree that ordinary kernel packages are. > I can't see any Xen kernel in Squeeze with support for Xen. Am I blind? Yes, you are. | Package: linux-image-2.6.32-trunk-686-bigmem | [...] | Description: Linux 2.6.32 for PCs with 4GB+ RAM | [...] | This kernel also runs on a Xen hypervisor. It supports only unprivileged | (domU) operation. > I don't see the hypervisor either, the only packages with xen in are: | Package: xen-hypervisor-3.4-i386 | [...] | Description: The Xen Hypervisor on i386 Bastian -- "Get back to your stations!" "We're beaming down to the planet, sir." -- Kirk and Mr. Leslie, "This Side of Paradise", stardate 3417.3 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 01:21:55AM +, Ben Hutchings wrote: > I believe we will have Xen hypervisor and Linux dom0 packages, The hypervisor works well, but the Linux Dom0 packages are not available yet, upstream is again fading behind. Bastian -- What kind of love is that? Not to be loved; never to have shown love. -- Commissioner Nancy Hedford, "Metamorphosis", stardate 3219.8 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, 3 Jan 2010 16:55:27 +1100, Brian May wrote: >Like I said previously, I think dropping Xen support is a mistake because KVM >requires QEMU and QEMU seems to have a reputation of being insecure. Xen is unsupportable due to clueless upstream, who has been in a constant FAIL state regarding support of current kernels for years. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, 3 Jan 2010, Ben Hutchings wrote: > It does require virtualisation extensions, but most x86 processors sold in > the last few years have them. My SE Linux Play Machine is currently running on a P3-800 system with 256M of RAM. I would like to continue running on that hardware until someone gives me better hardware that uses no more electricity and makes no more noise - I expect that I will be waiting for a while as the machine in question was specifically designed to be quiet and low-power. NB I am not soliciting donations of hardware. http://etbe.coker.com.au/2008/07/16/xen-and-eeepc/ My EeePC 701 has no support for PAE and therefore doesn't even run the recent versions of Xen. The same applies to my Thinkpad T41p (which I am using to write this message) and a couple of older Thinkpads that I have lying around. If we could get virtualisation running using older and less capable hardware than an i686 with PAE (the current Xen requirements) then I would be very happy! I expect that it will be several years before Netbook class systems routinely ship with hardware that is capable of running KVM. Even then we won't want to drop support for lesser hardware, it's still out there and still running. I am not the only Debian user who relies on gifts of "obsolete" hardware for a significant portion of their computer use. Some Debian users do this for environmental reasons, others do so for financial reasons. My personal aim is to never buy new hardware except in the case of systems that break, and in that case I'll buy at auction - which probably means systems that are 2+ years old. -- Russell Coker http://etbe.coker.com.au/ My Blog http://etbe.coker.com.au/category/security/ My Security blog posts http://www.coker.com.au/selinux/play.html My Play Machine, root PW "SELINUX" -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 01:21:55AM +, Ben Hutchings wrote: > I believe we will have Xen hypervisor and Linux dom0 packages, but they > will not be supported to the degree that ordinary kernel packages are. I can't see any Xen kernel in Squeeze with support for Xen. Am I blind? I don't see the hypervisor either, the only packages with xen in are: dtc-xen, xen-utils-common, and libc6-xen. > It does require virtualisation extensions, but most x86 processors sold in > the last few years have them. Most, if not all the computers I have access to do not have the virtualisation extensions. Like I said previously, I think dropping Xen support is a mistake because KVM requires QEMU and QEMU seems to have a reputation of being insecure. -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 12:47:54PM +0800, Paul Wise wrote: > On Sun, Jan 3, 2010 at 9:01 AM, Brian May wrote: > > > 1) I believe Xen, with paravirtualization (that is without QEMU) is more > > secure > > then KVM (or Xen) with QEMU. > > I haven't heard this claim before, do you have any references to support this? http://blog.orebokech.com/2007/05/xen-security-or-lack-thereof.html links to http://taviso.decsystem.org/virtsec.pdf. I don't know for certain this applies to KVM, however I would assume so. In doing a search for the above I come across a number of security issues in Xen that are blamed on QEMU. Also see: http://etbe.coker.com.au/2007/10/28/xen-and-security/ -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 3, 2010 at 9:01 AM, Brian May wrote: > 1) I believe Xen, with paravirtualization (that is without QEMU) is more > secure > then KVM (or Xen) with QEMU. I haven't heard this claim before, do you have any references to support this? -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 3, 2010 at 9:21 AM, Ben Hutchings wrote: > On Sun, Jan 03, 2010 at 12:01:40PM +1100, Brian May wrote: >> 2) I believe KVM needs CPU support, and this is not yet available on all >> modern computers. > > It does require virtualisation extensions, but most x86 processors sold in > the last few years have them. With the major exception of most netbooks. A couple of years ago market segmentation was also an issue, especially with Intel CPUs, does anyone know if that still occurs? -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Xen support on Squeeze
On Sun, Jan 03, 2010 at 12:01:40PM +1100, Brian May wrote: > Hello, > > I have heard rumours that Xen is not going to be supported on Squeeze in > favour > of KVM. True or False? I believe we will have Xen hypervisor and Linux dom0 packages, but they will not be supported to the degree that ordinary kernel packages are. The kernel team does not intend to carry Xen patches after squeeze, so if dom0 support is not merged upstream then it will be gone in squeeze+1. > The reason I am concerned is: > > 1) I believe Xen, with paravirtualization (that is without QEMU) is more > secure > then KVM (or Xen) with QEMU. > > 2) I believe KVM needs CPU support, and this is not yet available on all > modern computers. It does require virtualisation extensions, but most x86 processors sold in the last few years have them. Ben. -- Ben Hutchings Teamwork is essential - it allows you to blame someone else. signature.asc Description: Digital signature
Xen support on Squeeze
Hello, I have heard rumours that Xen is not going to be supported on Squeeze in favour of KVM. True or False? The reason I am concerned is: 1) I believe Xen, with paravirtualization (that is without QEMU) is more secure then KVM (or Xen) with QEMU. 2) I believe KVM needs CPU support, and this is not yet available on all modern computers. Thanks. -- Brian May -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
