RunningXen:AHands-OnGuidetotheArtof
Virtualization
byJeannaN.Matthews;EliM.Dow;ToddDeshane;
WenjinHu;JeremyBongio;PatrickF.Wilbur;
BrendanJohnson
Publisher:PrenticeHall
PubDate:April10,2008
PrintISBN-10:0-13-234966-3
PrintISBN-13:978-0-13-234966-6
eTextISBN-10:0-13-207467-2
eTextISBN-13:978-0-13-207467-4
Pages:624
TableofContents|Index

Overview
"Thisaccessibleandimmediatelyusefulbookexpertlyprovides
theXencommunitywitheverythingitneedstoknowto
download,build,deployandmanageXenimplementations."
–IanPratt,XenProjectLeaderVPAdvancedTechnology,Citrix
Systems
TheReal—World,100%PracticalGuidetoXen
VirtualizationinProductionEnvironments
Usingfree,opensourceXenvirtualizationsoftware,youcan
savemoney,gainnewflexibility,improveutilization,and
simplifyeverythingfromdisasterrecoverytosoftwaretesting.
RunningXenbringstogetheralltheknowledgeyouneedto
createandmanagehigh—performanceXenvirtualmachinesin
anyenvironment.Drawingontheunparalleledexperienceofa
world—classXenteam,itcoverseverythingfrominstallationto
administration–sharingfield-testedinsights,bestpractices,and
casestudiesyoucanfindnowhereelse.

Theauthorsbeginwithaprimeronvirtualization:itsconcepts,
uses,andadvantages.Next,theytourXen'scapabilities,
exploretheXenLiveCD,introducetheXenhypervisor,andwalk
youthroughconfiguringyourownhard—disk—basedXen
installation.Afteryou'rerunning,theyguideyouthrougheach
leadingmethodforcreating"guests"andmigratingexisting
systemstorunasXenguests.Thentheyoffercomprehensive
coverageofmanagingandsecuringXenguests,devices,
networks,anddistributedresources.Whetheryou'rean
administrator,datacentermanager,developer,system
integrator,orISP,RunningXenwillhelpyouachieveyourgoals
withXen—reliably,efficiently,withoutstandingperformance,
andatasurprisinglylowcost.
•UnderstandingtheXenhypervisor:whatitdoes,andhowit
works
•Usingpre-builtsystemimages,includingcompressedfile
systems
•Managingdomainswiththexmconsole
•Populatingandstoringguestimages
•Planning,designing,andconfiguringnetworksinXen
•UtilizingXensecurity:specialpurposeVMs,virtualnetwork
segments,remoteaccess,firewalls,networkmonitors,sHype
accesscontrol,XenSecurityModules(XSM),andmore
•Managingguestresources:memory,CPU,andI/O
•EmployingXenintheenterprise:tools,products,and
techniques



RunningXen:AHands-OnGuidetotheArtof
Virtualization
byJeannaN.Matthews;EliM.Dow;ToddDeshane;
WenjinHu;JeremyBongio;PatrickF.Wilbur;
BrendanJohnson
Publisher:PrenticeHall
PubDate:April10,2008
PrintISBN-10:0-13-234966-3
PrintISBN-13:978-0-13-234966-6
eTextISBN-10:0-13-207467-2
eTextISBN-13:978-0-13-207467-4
Pages:624
TableofContents|Index

Copyright
Foreword
Preface
Acknowledgments
AbouttheAuthors
Chapter1.Xen—BackgroundandVirtualizationBasics
CommonUsesandBenefitsofVirtualization
TypesofVirtualization
VirtualizationHeritage
OtherVirtualizationSystemsforCommodityHardware
Summary
ReferencesandFurtherReading
Chapter2.AQuickTourwiththeXenLiveCD
RunningtheLiveCD
Step1:DownloadingtheLiveCDImageandCreatingtheCD
Step2:ChoosingaDomain0ImagefromtheGRUBMenu

Step3:LoggingInandtheDesktop
Step4:CreatingGuests


Step5:DeletingaGuest
Step6:InteractingwithYourGuests
Step7:TestingYourNetworking
TooManyGuests
Summary
ReferencesandFurtherReading
Chapter3.TheXenHypervisor
XenHypervisor
APrivilegedPosition
Domain0
XenBootOptions
ChoosinganOSforDomain0
xend
XenStore
Summary
ReferencesandFurtherReading
Chapter4.HardwareRequirementsandInstallationofXen
Domain0
XenDomain0ProcessorRequirements
HardwareDeviceSupportandRecommendations
MemoryRequirements
ChoosingandObtainingaVersionofXen
MethodsofInstallingDomain0Hosts
LinuxDistributions
XenExpress
Non-LinuxDomain0Installations

BuildingfromSource
Summary
ReferencesandFurtherReading
Chapter5.UsingPrebuiltGuestImages
IntroductiontoDomUGuests
WorkingwithPrebuiltGuestImages


ConvertingImagesfromOtherVirtualizationPlatforms
Summary
ReferencesandFurtherReading
Chapter6.ManagingUnprivilegedDomains
IntroductiontothexmUtility
ThexmlistSubcommand
ThexmcreateSubcommand
GuestConfigurationFiles
DiagnosingProblemswithGuestCreation
AutomaticallyStartingDomUs
ShuttingDownGuestDomains
PausingDomains
InteractingwithaGuestNongraphically
InteractingwithaGuestGraphically
Summary
ReferencesandFurtherReading
Chapter7.PopulatingGuestImages
HardwareVirtualMachine(HVM)GuestPopulation
GuestImageCustomization
ConvertingExistingInstallations
Summary
ReferencesandFurtherReading

Chapter8.StoringGuestImages
LogicalVolumes
NetworkImageStorageOptions
GuestImageFiles
Summary
ReferencesandFurtherReading
Chapter9.DeviceVirtualizationandManagement
DeviceVirtualization
BackendsandFrontends


GrantingControlofaPCIDevice
ExclusiveDeviceAccessVersusTrustedDriverDomains
DeviceEmulationwithQEMU-DM
FutureDirections
Summary
ReferencesandFurtherReading
Chapter10.NetworkConfiguration
NetworkVirtualizationOverview
DesigningaVirtualNetworkTopology
Bridging,Routing,andNetworkAddressTranslation
FrontendandBackendNetworkDriversandNaming
OverviewofNetworkConfigurationinXen
DetailsofBridgingMode
DetailsofRoutingMode
DetailsofNATMode
ConfiguringPurelyVirtualNetworkSegments
AssigningMACAddressestoVirtualNetworkInterfaces
AssigningIPAddresses
HandlingMultipleNetworkInterfacesinaDomain

vnet—DomainVirtualNetwork
Summary
ReferencesandFurtherReading
Chapter11.SecuringaXenSystem
StructuringYourSystemforSecurity
SecuringthePrivilegedDomain
FirewallandNetworkMonitors
MandatoryAccessControlwithsHypeandXenSecurity
Modules
DomUSecurity
Summary
ReferencesandFurtherReading
Chapter12.ManagingGuestResources


AccessingInformationaboutGuestsandtheHypervisor
AllocatingGuestMemory
ManagingGuestVirtualCPUs
TuningtheHypervisorScheduler
ChoosingaGuestIOScheduler
Summary
ReferencesandFurtherReading
Chapter13.GuestSave,Restore,andLiveMigration
RepresentingtheStateofaVirtualMachine
BasicGuestDomainSaveandRestore
TypesofGuestRelocation
Preparingforxmmigrate
Experiencewithxmmigrate
Summary
ReferencesandFurtherReading

Chapter14.AnOverviewofXenEnterpriseManagementTools
ProgrammaticInterfacestotheXenHypervisor
CitrixXenServerEnterprise,Standard,andXenExpress
Editions
VirtualIron
IBMVirtualizationManager
Enomalism
virt-manager
XenMan
ManagingMultipleSystems
Summary
ReferencesandFurtherReading
AppendixA.Resources
XenCommunity
XenWiki
XenMailingListsandBugReporting
XenSummits


XenSourceCode
AcademicPapersandConferences
Distribution-SpecificResources
AppendixB.ThexmCommand
AppendixC.XendConfigurationParameter
AppendixD.GuestConfigurationParameter
AppendixE.XenPerformanceEvaluation
XenPerformanceMeasurements
PerformanceIsolationinXen
PerformanceofXenVirtualNetworkandRealNetwork
Summary

Index


Copyright
Manyofthedesignationsusedbymanufacturersandsellersto
distinguishtheirproductsareclaimedastrademarks.Where
thosedesignationsappearinthisbook,andthepublisherwas
awareofatrademarkclaim,thedesignationshavebeenprinted
withinitialcapitallettersorinallcapitals.
Theauthorsandpublisherhavetakencareinthepreparationof
thisbook,butmakenoexpressedorimpliedwarrantyofany
kindandassumenoresponsibilityforerrorsoromissions.No
liabilityisassumedforincidentalorconsequentialdamagesin
connectionwithorarisingoutoftheuseoftheinformationor
programscontainedherein.
Thepublisheroffersexcellentdiscountsonthisbookwhen
orderedinquantityforbulkpurchasesorspecialsales,which
mayincludeelectronicversionsand/orcustomcoversand
contentparticulartoyourbusiness,traininggoals,marketing
focus,andbrandinginterests.Formoreinformation,please
contact:
U.S.CorporateandGovernmentSales
(800)382-3419

ForsalesoutsidetheUnitedStatespleasecontact:
InternationalSales

VisitusontheWeb:www.informit.com/ph
LibraryofCongressCataloging-in-PublicationData:
Matthews,JeannaN.


RunningXen:ahandsonguidetotheartofvirtualization/JeannaN.Matthews,EliM.Dow,Todd
Deshane,WenjinHu,JeremyBongio,PatrickF.Wilbur,BrendanJohnson.


p.cm.
ISBN0-13-2349663(pbk.:alk.paper)1.Xen(Electronicresource)2.Virtualcomputersyste
3.Computerorganization.4.Parallelprocessing(Electroniccomputers)I.T
QA76.9.V5M382008
005.4'3--dc22
2007052439
Copyright©2008PearsonEducation,Inc.
Allrightsreserved.PrintedintheUnitedStatesofAmerica.This
publicationisprotectedbycopyright,andpermissionmustbe
obtainedfromthepublisherpriortoanyprohibited
reproduction,storageinaretrievalsystem,ortransmissionin
anyformorbyanymeans,electronic,mechanical,
photocopying,recording,orlikewise.Forinformationregarding
permissions,writeto:
PearsonEducation,Inc
RightsandContractsDepartment
501BoylstonStreet,Suite900
Boston,MA02116
Fax(617)6713447
ISBN-13:978-0-132-34966-6
TextprintedintheUnitedStatesonrecycledpaperatCourier
StoughtoninStoughton,Massachusetts.
FirstprintingApril2008
Editor-in-Chief
MarkTaub

AcquisitionsEditor
DebraWilliamsCauley
DevelopmentEditor
MichaelThurston


ManagingEditor
GinaKanouse
ProjectEditor
ChelseyMarti
CopyEditor
GeneilBreeze
Indexer
ErikaMillen
Proofreader
MegShaw
TechnicalReviewers
JessieYu
KenHess
JoseRenatoSantos
AndrewWarfield
Tom"Spot"Callaway
SimonCrosby
TomDoeppner
DanKuebrich
JimOwens
ZachShepherd
KeeganM.Lowenstein
RyanKornheisl
IgorHernandez

AlexanderM.Polimeni
ErikaGorczyca
JustinBennett
JosephSkufca
MathewS.McCarrell
KristaGould
RonArenas


PublishingCoordinator
KimBoedigheimer
CoverDesigner
AlanClements
SeniorCompositor
GloriaSchurick

Dedication
ThisbookisdedicatedtotheAppliedComputing
LaboratoriesatClarksonUniversityandespeciallytothe
ClarksonOpenSourceInstitute.Maythelabsalwaysbea
placeforcontribution,forachievement,for
experimentation,andforfun.


Foreword
TheXenopensourcehypervisorischangingtheworldof
virtualization.Itencouragesthebroaddistributionofacommon
industrystandardhypervisorthatrunsonawiderangeof
architecturesfromsupercomputerstoserverstoclientsto
PDAs.Byfocusingonthehypervisor,the"engine"of

virtualization,ratherthanaspecificproductembodiment,the
Xenopensourceprojectenablesmultiplevendorsandthe
communitytocombinethecommoncrossplatform
virtualizationfeaturesofXenintoexcitingnewproductsand
serviceofferings.
Todate,thecommunityaroundtheXenhypervisorhasbeen
squarelyinthecampofdevelopersandexpertusers.Whilethe
Xen-usersmailinglistoffersafriendlyandusefulsourceof
adviceforthosewantingtodeployandmanageXen-based
environments,thenewusermightfindherselfinneedofadvice
aboutbestpracticeandstep-by-stepinstructionsforthe
deploymentofXen.RunningXen:AHands-onGuidetotheArt
ofVirtualizationspeaksdirectlytothiscriticalneed.Itprovides
userswitheverythingtheyneedtoknowtodownload,build,
deploy,andmanageXenimplementations.
Totheauthors,asetofXencontributors,practitioners,and
researchers,Iwouldliketosaythankyouonbehalfofthe
broaderXencommunityforanaccessibleandimmediately
usefulbook.Codemightrule,but"know-how"buildsthe
communityitself.Clearinformation,advice,anddocumentation
likethisbookwillallowtheXenprojecttogrowandsolidifyits
userbase,torenewitscreativityandinnovation,tofocusitself
onalargersetofnewvirtualizationinitiatives.
Tothereaders,Iwouldliketosaywelcometothecommunityof
Xenusers.Welookforwardtoyourinvolvementand
contributions!Webelievethisbookwillprovideyouwithan
excellentintroductiontorunningXen.


IanPratt,XenProjectLeader

VPAdvancedTechnology,CitrixSystems


Preface
WebeganusingXeninthefallof2003soonafterreadingthe
paper"XenandtheArtofVirtualization"publishedinthe
SymposiumonOperatingSystemsPrinciples(SOSP).After
attendingSOSPandtalkingtosomeoftheauthors,Jeanna
MatthewsreturnedexcitedaboutXen.Sheandhergraduate
operatingsystemscourseatClarksonUniversitydecidedto
repeatandextendtheresultsreportedinthatpaper.Thatclass
includedtwoofthecoauthorsforthisbook,EliDow(currently
atIBM)andToddDeshane(currentlycompletinghisPh.D.),
whowerebothstudyingfortheirMaster'sdegreesatthetime.
Intheprocessofrepeatingtheresultsfromthe2003Xen
paper,welearnedalotaboutrunningXen—muchofitthehard
way!Ourgoalforthisbookwastowriteexactlythematerialwe
wishedwasavailablewhenwefirststartedusingXen.
InJuly2004,wepublishedthepaper"XenandtheArtof
RepeatedResearch,"describingourexperiencewithXenand
presentingtheresultsweobtainedrepeatingandextendingthe
results.Alltheauthors,inadditiontobeingapartoftheFall
2003graduateoperatingsystemscourse,werealsomembersof
theAppliedComputingLaboratoriesatClarksonUniversity,
specificallytheClarksonOpenSourceInstitute(COSI)andthe
ClarksonInternetTeachingLaboratory(ITL).Theselabswere
foundedtoprovidestudentswithhands-onexperiencewith
cutting-edgecomputingtechnologiesandtoformacommunity
inwhicheveryonebothlearnsandteaches.Otherstudentsin
thelabs—bothgraduateandundergraduate—begantouseXen

asthebasisforbothproductionsystemsandforresearch
projects.Throughtheyears,wehaveusedXenasthebasisfor
anumberofacademicpapersaswellasthebasisofawardwinningteamprojects.Intheprocess,wehavelearnedalot
aboutrunningXen.Itisourgoalinthisbooktosharethis
knowledgewithyouandtomakeyourexperiencerunningXen
assmoothandsimpleaspossible.
Thebookistargetedatindividualsandorganizationsthatare


deployingXensystems.Itwalksthereaderthroughthebasics,
frominstallingXentousingprebuiltguestimages.Iteventells
readershowtoexperimentwithXenusingonlyaXenLiveCD.It
coversthebasicsofvirtualizationsandimportantelementsof
allXensystemslikethehypervisorandDomain0.Itexplains
thedetailsofthexmcommandsformanagingguestdomains.It
helpsusersdeploycustomguestimagesbasedonoperating
systemsfromLinuxtoWindows.Itcoversmoreadvanced
topicssuchasdevicevirtualization,networkconfiguration,
security,andlivemigration.Wehopeyouwillfinditagoodmix
ofintroductoryandadvancedtopicsthatwillproveusefulfrom
yourfirstXendeploymentexperimenttorunningproduction
Xensystems.
Chapter1,"Xen—BackgroundandVirtualizationBasics,"isa
quickintroductiontovirtualizationingeneralandtoXenin
particular.Chapter2,"AQuickTourwiththeXenLiveCD,"
providesanoverviewofXen'sfunctionalitiesbyexploringthe
XenLiveCD.Chapter3,"TheXenHypervisor,"focusesonthe
hypervisorthatisthecoreofanyXensystemandsomeother
trustedcomponentssuchasDomain0andxend.Webuildon
thatcommonunderstandingoftheXenhypervisorbyconcretely

showingyouhowtoinstallandconfigureyourownhard-diskbasedXeninstallationinChapter4,"HardwareRequirements
andInstallationofXenDomain0."Afteryouhaveyourown
hypervisorinstallationupandrunning,thisbookeasesyouinto
usingguestimagesbyfirstshowingyouhowtodownloadand
useimagesavailablefromtheInternetinChapter5,"Using
PrebuiltGuestImages."Chapter6,"ManagingUnprivileged
Domains,"coversthebasicsofadministeringtherunning
DomUsorunprivilegedguestdomains.Youarethenguided
throughthevariousmethodsofcreatingyourowncustomguest
imagesinChapter7,"PopulatingGuestImages."Nowthatyou
havealltheseguests,Chapter8,"StoringGuestImages,"
coversavarietyofchoicesforstoringguestimagesforonline
useaswellasbackupandsharing.
Thesecondhalfofthisbookdelvesintomoreadvancedsystem


managementtopicsincludingdevicemanagement(Chapter9,
"DeviceVirtualizationandManagement"),networking(Chapter
10,"NetworkConfiguration"),security(Chapter11,"Securinga
XenSystem"),resourcedistribution(Chapter12,"Managing
GuestResources"),andmigration(Chapter13,"GuestSave,
RestoreandLiveMigration").Weconcludewithasurveyof
someofthepopularadministrativetoolsavailableforyourXen
systemsinChapter14,"AnOverviewofXenEnterprise
ManagementTools."
Throughoutthebook,weincludelistingsillustratingrelevant
commandsandtheiroutput.Weusethecommandpromptto
indicatewherethecommandshouldberun.
Forexample,thefollowingwouldindicateacommandtoberun
asrootontheprivilegeddomain,Domain0:

[root@dom0]#
Thefollowingwouldindicateacommandtoberunasanyuser
inaregularguestdomain:
[user@domU]$
Watchingthesecommandpromptswillhelpyouidentifywhich
ofthemanyguestsinyourXensystemshouldbeusedfor
runninganygivencommand.
Itisourintentiontomaintainawebsitewithadditional
informationandmaterialsrelevanttothebook.Wehave
registeredthedomain,runningxen.com,forthispurposeand
areworkingonassemblingmaterials.Weinviteyoutocheckon
ourprogressandtosendquestionsorsuggestions.


Acknowledgments
Weareindebtedtothemanypeoplewhoprovidedfeedback
andsuggestionsonthebook'scontent.SimonCrosbyprovided
keyfeedbackontheoverallcontentofthebook.KeirFraser
answeredanumberoftechnicalquestionswithamazingspeed
andgoodhumor.AndyWarfieldprovidedfeedbackforChapter
9.WethankalltheXencontributorswhohavereleasedtheir
worktotheopensourcecommunity.
SeveraloftheauthorsattendedtheXenSummitatIBMT.J.
WatsonResearchinApril2007andwewouldliketoexpressour
gratitudetoalltheorganizersandattendees.Manypeople
providedinvaluablefeedbackandadviceinvarious
conversations—shortandlong.Wewouldespeciallyliketo
thankSeanDague,whoprovidedexcellentoverallXenadvice
andfeedbackthroughoutthisprocess,andJoseRenatoSantos,
whoprovideddetailedfeedbackonthenetworkingmaterialin

thebook.Ingeneral,onlinematerialsfromalltheXensummits
wereaninvaluableresourceforus,aswastheXenWiki,Xen
mailinglists,andothersimilarresources.Weappreciatethe
effortsofalltheindividualswhocontributedtothosematerials.
Wewouldliketothankeveryonewhoreadearlydraftsofthe
book.JessieYuinparticularwentaboveandbeyondthecallof
dutyinreviewingandhelpingtorevisemanychapters.Jim
OwensprovidedvaluableearlyfeedbackforChapter13.Tom
"Spot"CallawayfromRedHatgaveussomeexcellent
suggestionsaboutChapter14.(ThanksalsotoSpotandMáirìn
Duffyforseveralscreenshotsinthatchapter.)ChrisPeterman
didsomeearlywritingonthesecuritychapterandprovided
valuablecommentsintheinitialphasesoforganizingthetext.
LindsayHoffmanandBarbaraBradyprovideddetailed
commentsonthewritinginChapter10.RyanKornheislreada
numberofchaptersandhelpedtestmanyoftheinstructionsin
thebook.AnthonyPeltzalsohelpedwithtesting.
Wewouldalsoliketothankeveryonewhohelpedwithfinal


revisions.Inthelastdaysbeforethemanuscriptwassubmitted,
asmallarmyofpeoplevolunteeredtodoafreshreadofmany
chapters,findingeverythingfromtypostosubstantialproblems.
WewouldliketothankZachShepherd,KeeganM.Lowenstein,
IgorHernandez,AlexanderM.Polimeni,ErikaGorczyca,Justin
Bennett,JosephSkufca,MathewS.McCarrell,KristaGould,and
RonArenas.Wecouldn'thavedoneitwithoutyou!Tom
DoeppnerandDanKuebrichfromBrownUniversityalso
providedsomeveryhelpfulfeedbackonChapter3.Wewould
especiallyliketothankMichaelThurstonandKenHessfortheir

excellentsuggestions.Besidetheauthors,webelievetheyare
theonlyoneswhohavereadtheentirebook!
WewouldliketothankmanymembersoftheClarksonOpen
SourceInstituteandClarksonInternetTeachingLaboratorywho
overtimeaddedtoourunderstandingandhands-onexperience
withXen.BryanClark(nowatRedHat),StevenEvanchik(now
atVMware),MattFinlayson,andJasonHerne(bothnowatIBM)
wereallcoauthorsonthe2004"XenandtheArtofRepeated
Research"paper.JasonHerne,PatriciaJablonski,LeslieCherian,
andMichaelMcCabewereallcoauthorsonthe2005"Data
ProtectionandRapidRecoveryFromAttackWithAVirtual
PrivateFileServerandVirtualMachineAppliances"paper,which
usedXenforsomeoftheprototypesbeingtested.Madhu
Hapauarachchi,DemetriosDimatos,GaryHamilton,Michael
McCabe,andJimOwenswerecoauthorsonthe2007paper
"QuantifyingthePerformanceIsolationPropertiesof
VirtualizationSystems."JustinBasinger,MichaelMcCabe,and
EdDespardwerepartoftheXenophiliaprojectthatwonsecond
placeinthe2005UnisysTuxmastercompetition.CyrusKatrak
andZachShepherdhavebeenkeytothedeploymentofXenin
ourproductionenvironmentintheAppliedCSlabs.Theyhave
bothbeenacrucialsourceofadviceandfeedback.
WewouldliketothanktheOpenSolarisXenCommunity
Leaders,especiallyToddClayton,MarkJohnson,JohnLevon,
andChristopherBeal,fortheirquickandhelpfulresponsesover
e-mailandIRCduringourtestingofXenonOpenSolaris.We


wouldliketohaveincludedmorecoverageofSolarisinthis
book.AdditionalsupportinSolarisforXenbeyondwhatis

coveredinthisbookisexpectedsoon.
Wewouldliketothankoureditor,DebraWilliamsCauley,for
herhelpandencouragementthroughthisentireprocess.
ThanksalsotoCatherineNolanwhoinitiallycontactedusabout
thisproject.
RichardA.WilburprovidedaccesstoearlyHVM-enabled
equipmentusedintesting.
JeannaMatthewswouldliketothankherhusbandLeonard
MatthewsandchildrenRobertandAbigailMatthewsfortheir
patienceandlovethroughoutthiswholeprocess.Shewould
alsoliketothankhercurrentandformerstudents—including
thesixotherauthorsonthisbook—forallshecontinuestolearn
fromthem.
EliM.Dowwouldliketothankhisparents,TerryandMona,as
wellashissiblings,IanandAshley,foreverything.Hewould
alsoliketothankIBMandtheTestandIntegrationCenterfor
Linuxfortheirsupportduringthewritingprocess.Specifically
hewishestoacknowledgeFrankLefevre,DuaneBeyer,Robert
JayBrenneman,PhilChan,ScottLoveland,andKyleSmithfor
theirinsightfulconversationsregardingvirtualizationandthis
bookinparticular.Eliwouldalsoliketothankthewonderful
facultyandstaffatClarksonUniversitywhomadehisacademic
careersuchawonderfulexperience.Lastlyhewouldliketo
thankhissignificantother,Jessie,forherenduringpatience
duringthewritingprocess.
ToddDeshanewouldliketothankhissignificantother,Patty,for
hersupportduringthewritingofthisbook.
WenjinHuwouldliketothankhismom,YajuanSong,andhis
dad,HengduoHu,fortheirconstantsupportofhisstudyat
ClarksonUniversity,andhisfriend,LiangZheng,foremotional

support.


PatrickF.Wilburwouldliketothankhismother,Claudia,his
father,Richard,andhissignificantother,Krista,fortheir
supportandpatiencethroughoutthedevelopmentofthisbook.


AbouttheAuthors
JeannaMatthewsisanassociateprofessorofComputer
ScienceatClarksonUniversity(Potsdam,NewYork)whereshe
leadsseveralhands-oncomputinglaboratoriesincludingthe
ClarksonOpenSourceInstituteandClarksonInternetTeaching
Laboratory.Studentsintheselabsandinherclasseshavebeen
winnersinanumberofprestigiouscomputingcontestsincluding
the2001,2002,and2004IBMLinuxChallenge,the2005IBM
NorthAmericanGridScholar'sChallenge,the2005Unisys
Tuxmastercompetition,andthe2006VMwareUltimateVirtual
ApplianceChallenge.Herresearchinterestsinclude
virtualization,operatingsystems,computernetworks,and
computersecurity.SheisactivelyinvolvedintheAssociationfor
ComputingMachineryastreasureroftheSpecialInterestGroup
onOperatingSystems,editorofOperatingSystemsReview,
andisamemberoftheExecutiveCommitteeACM'sU.S.Public
PolicyCommittee,US-ACM.Sheisalsotheauthorofa
computernetworkingtextbook,ComputerNetworking:Internet
ProtocolsinAction,thathasbeentranslatedintoseveral
languages.JeannareceivedherPh.D.inComputerSciencefrom
theUniversityofCaliforniaatBerkeleyin1999.
EliM.DowisasoftwareengineerinIBM'sTestandIntegration

CenterforLinuxinPoughkeepsie,NY.HeholdsaB.S.degreein
ComputerScienceandPsychologyaswellasanM.S.in
ComputerSciencefromClarksonUniversity.Heispassionate
aboutopensourcesoftwareandisanalumnusandfounding
memberoftheClarksonOpenSourceInstitute.Hisinterests
includevirtualization,Linuxsystemsprogramming,theGNOME
desktop,andhuman-computerinteraction.Heistheauthorof
numerousIBMdeveloperWorksarticlesfocusedonLinuxand
opensourcesoftware.Additionally,hehascoauthoredtwo
booksonthemainframehypervisorz/VM,entitledIntroduction
totheNewMainframe:z/VMBasicsandLinuxforIBMSystem
z9andIBMzSeries.HisfirstpublishedexperiencewithXenwas
coauthoringanearlyacademicpaperentitled"XenandtheArt


ofRepeatedResearch."Recentlyhehasfocusedondeveloping
highlyavailable,enterprisecustomersolutionsdeployedon
virtualizedLinuxusingthez/VMhypervisor.
ToddDeshaneexpectstoobtainaPh.D.inEngineering
SciencefromClarksonUniversityin2008.HealsohasaMaster
ofScienceinComputerScienceandaBachelorofSciencein
SoftwareEngineeringfromClarkson.WhileatClarkson
University,hehashadavarietyofresearchpublications—many
involvingXen.In2005,aprojectthatwasbasedonTodd's
Master'sthesis—anopensourcecollaborative,largedatabase
explorer—wonfirstplaceintheUnisysTuxMastercompetition.
Todd'sprimaryacademicandresearchinterestsareinthearea
ofoperatingsystemtechnologies,suchasvirtualmachine
monitors,highavailability,andfilesystems.Hisdoctoral
dissertationfocusesonusingthesetechnologiestoprovide

desktopuserswithanattack-resistantexperience,with
automaticandautonomicrecoveryfromviruses,worms,and
adversesystemmodifications.DuringhisPh.D.years,Toddhas
beenateachingassistantandanIBMPh.D.Fellowship
recipient.AtIBM,Toddhasworkedoninternshipprojects
involvingXenandIBMtechnologies.Toddenjoysteaching,
tutoring,andhelpingpeople.
WenjinHugraduatedfromClarksonUniversityin2007witha
Master'sdegreeofComputerScienceandiscurrentlyworking
onhisPh.D.HisMastersthesiswas"AStudyofthe
PerformanceIsolationPropertiesofVirtualizationSystems."His
researchfieldisapplyingvirtualizationtechniquestooperating
systemsandsecurity.
JeremyBongioiscurrentlyaMaster'sstudentatClarkson
University.HewonsecondplaceintheUnisysTuxmaster
competitionin2005withaprojectcalledXenophilia,anearly
efforttomakeXenmoreuserfriendly.Heisacurrentmember
andformerstudentdirectoroftheClarksonOpenSource
Institute,whereheactivelylearnsandexperimentswith
differentkindsofvirtualization.


PatrickF.Wilburiscurrentlypursuinggraduatestudiesin
ComputerScienceatClarksonUniversity.Hisinterestsinclude
operatingsystems,systemsandapplicationsecurity,natural
languageprocessing,andhomeautomation.Inhissparetime,
Patrickenjoyscomposingmusic,experimentingwithamateur
radio,stormchasing,andworkingonvariouselectronics,
software,andcarpentryprojectsaroundthehouse.Heis
currentlyamemberoftheClarksonOpenSourceInstitute,a

volunteerattheAppliedComputerScienceLaboratoriesat
ClarksonUniversity,anemergencycommunicationsvolunteer,
andamemberoftheAssociationforComputingMachinery.
BrendanJohnsongraduatedfromClarksonUniversityin2002
withaBachelor'sdegreeinComputerScienceandaminorin
Mathematics.BrendancontinuedhiseducationatClarkson
UniversityandobtainedaMaster'sofScienceinComputer
Sciencewithathesisinquantumcomputing.Brendanis
currentlyaseniorsoftwarearchitectatMobileArmor,aworld
leading"DataAtRest"encryptionsoftwarecompany.


Chapter1.Xen—Backgroundand
VirtualizationBasics
Xenisavirtualmachinemonitor(hypervisor)thatallowsyouto
useonephysicalcomputertorunmanyvirtualcomputers—for
example,runningaproductionWebserverandatestserveron
thesamephysicalmachineorrunningLinuxandWindows
simultaneously.Althoughnottheonlyvirtualizationsystem
available,Xenhasacombinationoffeaturesthatmakeit
uniquelywellsuitedformanyimportantapplications.Xenruns
oncommodityhardwareplatformsandisopensource.Xenis
fast,scalable,andprovidesserver-classfeaturessuchaslive
migration.Thischapterdiscussescommonusesandtypesof
virtualization,describesthehistoryofvirtualizationandorigins
ofXen,providesabriefoverviewoftheXenarchitecture,and
comparesXenwithothervirtualizationsystems.

CommonUsesandBenefitsof
Virtualization

Virtualmachinemonitorsprovideaconvenientwaytousethe
samephysicalcomputerhardwareformanydifferenttasks.
Operatingsystemshavebeendoingthisforyearssimplyby
enablinguserstorunmanydifferentapplicationsatonce,such
asWebbrowsers,databaseservers,andgames.However,
withoutvirtualization,theactofchoosinganoperatingsystem
andsystemconfigurationtorunonyourphysicalcomputerhas
theunfortunatesideeffectofclosingoffmanyotheroptions.
Forexample,ifyourunLinuxtodevelopandtestprogramsin
thatenvironment,youmaynotbeabletorunprogramswritten
exclusivelyforWindows.Also,ifyourunthenewestandfully
patchedversionofWindows,reproducingproblemsexperienced
bycustomersonearlierversionsmaybedifficult.Additionally,if
yourWebserveranddatabaseserverrequiredifferentversions
ofasystemlibrary,theymaynotbeabletorunonthesame
system.Withoutvirtualizationineachoftheseexamples,you