NOTE: This is historical content that may contain outdated information.
In this article, we will learn the caveats in deploying FreeBSD over XenServer and the advantages over the traditional schema to improve administration, provisioning and delivery times.
FreeBSD is an excellent platform; it is rock solid, easy to manage, easy to update, very well documented and has outstanding performance. All those reasons made me choose it over other Unix-like operating systems many years ago. However, configuration is time consuming and I wanted to reduce that in order to improve provisioning to replicate environments. After some research, I decided to use XenServer because it is used in many companies, plus it is free. This article shows how to install and customize FreeBSD over Xen-Server to achieve the maximum performance and improve administration, provisioning and delivery time, something critical in today’s world of Cloud Computing.
FreeBSD Virtualization
Virtualization is a technique to implement resource separation and isolation of one physical computer into multiple environments called Virtual Machines. There are many techniques to implement this functionality with different benefits and their respective problems. This document is not a complete overview of FreeBSD virtualization or virtualization in general, but a review of some important information to understand where we can use XenServer, plus FreeBSD.
Virtual machines
This technique is designed to emulate hardware to run different operating systems on the same host computer. It is the most used technique and we can test it using tools like VirtualBox, QEMU, and other virtual machine implementations. Here, each VM, or guest, runs without modifications because the virtualization software emulates the hardware and the guest is not aware that it is not running on real hardware. This is an unnecessarily heavy solution, but it’s the best option if we want operating systems like Windows to do our tax report from BSD platforms.
OS level virtualization or Jails
This technique is a layer on the Operating System designed to isolate environments inside the main system. You have a base system with many environments working on the same platform version, for example, FreeBSD 9.1. Each virtual machine or jail has its own IP address or addresses with processes, system accounts, applications and files exclusive for that environment. The advantage of this technique is the low overhead of each environment because they share the same resources such as memory, CPUs, disks and network, while maintaining full isolation. On the other hand, the disadvantages are the same resource sharing since when we have a jail with high resource consumption, this can affect the performance of another jail or the host in general.
Paravirtualization
This technique uses an operating system with a small footprint called a hypervisor, specifically designed to handle resource assignation and interruptions between guests. The guest operating systems (or VM) must be adapted to be paravirtualization-aware to take full advantage of it.
The advantage of this technique is that you can run different operating systems on the same computer without the overhead of virtual machines. XenServer fits in this kind of virtualization and FreeBSD is paravirtualizations aware through the XENHVM kernel.
As a side note, the BSD community is working on a hypervisor called bhyve, The BSD Hypervisor. It is designed to support different versions of FreeBSD and it has been claimed to run CentOS at BSDCan 2013, so it looks like a promising solution.
Virtual Machine Setup
The first step, even before we start with the installation of FreeBSD, is to download the ISO image with the installer and save it in the NFS ISO repository in XenServer. For this article, we will be using the FreeBSD 9.1 installer because 9.2 has not been released yet.
To simplify the process, we will be using a Windows application called XenCenter under a virtualized Windows and we can begin the installation as you see in Figure 1.
Because XenServer does not have a specific FreeBSD template, we need to follow the “Other install media” option and advance to the next screen. We are not providing any screenshots for the installation process because it is really easy and we are focused on showing you how to make FreeBSD work.
In the next screens, you can choose the amount of RAM and vCPUs assigned to the VM. It is important to assign plenty of RAM because we will build a custom kernel (and world). Once we have finished, we can reassign it to free memory for other Virtual Machines.
Next, we need to create a custom disk and choose the right network interface. It is important to create a disk with enough space to build world and the custom kernel although it is possible to increase the size of the disk after the initial setup, but it requires additional steps. Later, we will explain how to do it.
Finally, we will see a confirmation screen, as shown in Figure 2, with the summary of options.
If we leave the option “Start the new VM automatically” checked, the FreeBSD installer will run immediately as we can see in Figure 3.
And that is all for the VM setup. Next, we will install FreeBSD using the XenCenter Console.
FreeBSD Setup
Here we will do a common FreeBSD installation without customization options like ZFS or other customized options. We can leave out the “src” and “ports” components from the install because later, we will download the latest versions.
The only relevant thing here is when we will create the partitions because, as mentioned previously, if disk resizing is desired, we will need to leave root, or the growing partition at the end of the list. In that way, we can resize the disk in XenServer and the UFS partition (using growfs) without problems.
You can check the setup used for this case in Figure 4. After finishing the installation, the first thing we need to do is shut down the VM and remove the CD/DVD drive from the VM. This is not required yet but it is a must when we build the custom HVM kernel otherwise we will receive the message “run_interrupt_driven_hooks: still waiting after X seconds for xenbusb_nop_confighook_cb” continuously, and it will never boot. To do this, first login to the XenServer console and run the commands on Listing 1. Remember to run the xe vbd-destroy command with the VM shutdown otherwise you will get the message “You attempted an operation that was not allowed.”
We can now turn the VM on and log in as root. The next step is to install subversion to do the checkout of the source, build the “world” and XENHVM kernel as seen in Listing 2. After compilation, we must change the final settings before restarting. The first one is updating the network interface in rc.conf from “ifconfig_reX” to “ifconfig_xnX” because an HVM kernel renames the interface to xnX. If we wish to do offloading, we can add the flags “-txcsum -rxcsum -lro -tso” also.
I have read on the freebsd-xen mailing list that if you are using pf, you must setnet.inet.tcp.tso=0.
Also, many websites write about the need to update the fstab and change all the references from “adaX” to “adX”, but in this version of XenServer (6.2) and FreeBSD (9.x), it was not required. You can leave your fstab as it is. Check Listing 3 for further information.
Now we can restart the VM using shutdown -r now and we will boot using the new HVM kernel and the latest version of FreeBSD. At the moment of this writing, it is 9.2-PRERELEASE.
Maybe you’re wondering why I’m going through all this trouble when a vanilla FreeBSD will work great on its own? The reason is performance and support. 64-bit Intel/AMD (amd64) kernels are only supported using HVM and the performance gain is through PV drivers, supported in HVM configurations.
Virtualization advantages
Now after having a FreeBSD VM completely configured, we must comment on the advantages over a traditional setup. The more notable are variety of versions, security and isolation, backup and finally, provisioning. By variety of versions, I mean different versions of FreeBSD like 7, 8, 9 or CURRENT, and other variants of BSD like OpenBSD and NetBSD – something impossible to do using only jails. Next, although we have jails and chroot to do security and isolation and they have plenty of benefits, this kind of isolation allows us to restrict the amount of resources, such as memory and CPU by VM, not just by user or group of users.
Backup is more robust to do because we receive the benefit of full VM snapshots. It is easier to back up the entire VM before doing something risky and if that test does not work, return to the previous state.
I know we can do something similar using UFS or ZFS snapshots. But the problem is that they are still inside of the operating system/filesystem while VM’s snapshots are outside of the OS, giving us other advantages such as the possibility of creating new VMs using them.
The advantages for provisioning are enormous because with one snapshot from a guest, we can create images and templates with a different stack of applications and services such as web, mail, file servers, etc., and then use those to create environments for development, testing, quality assurance and production – all in a matter of minutes and not hours/weeks as in a traditional deployment. Another advantage in using XenServer is the integration with Cloud Stack to give customers a self-service portal.
Summary
This article was an overview of how to run FreeBSD on XenServer to make it more dynamic and easy-to-manage, more efficiently, with more control, isolation and better resource assignation, all to improve our services and customers’ experience.
About the Author
Angel Leon has been working on high demand websites for the Mexican Government and has more than nine years of experience with BSD systems. Currently he works as a consultant, helping companies construct robust platforms for high availability and high performance. He writes about technical topics in his free time for the portal, http://sysadmin.org.mx and can be reached at http://nixnetworks.mx/contact.
This article was re-published with the permission of BSD Magazine. To Learn More about iXsystem’s commitment to open source check us out here: https://www.ixsystems.com/about-ix/
