Xen Integration

Overview

This project aims at integrating LiSA with Xen, a widely used virtualization system.

Traditionally, Xen network connectivity is accomplished by using the bridge module in the privileged (host) VM (which is called Domain 0 in Xen terminology). This VM has access to the machine's physical network devices. All other VMs have a virtual network device inside, and a corresponding virtual network device in the privileged VM. In Xen terminology, the devices inside guest VMs are called "network frontends" and the corresponding devices inside the host VM are called "network backends". Packets are moved back and forth between the two paired virtual devices by means of the Xen hypervisor (kernel) memory management. Thus, implementing network connectivity for the guest VMs comes up to switching packets in the privileged VM between the real network device and the guest VMs virtual devices.

Instead of the traditional bridge module, LiSA can be used to switch packets between the real network device and the network backends. This way, it's very easy to implement a setup where the real network device (the "uplink") is configured as trunk (tagged) mode and each guest VM is assigned to a specific VLAN. Also, the switching process benefits from all LiSA's management features, pushing the setup closer to a real switch connecting independent physical machines.

Setup

A lot of work has been done to make Xen's ip checksum optimizations and LiSA's switching and vlan tagging functions to interoperate correctly. Moreover, LiSA's configuration save and restore part has rethought to allow saving and restoring the configuration on a per-VM (rather than per-interface) basis.

All of the features required for Xen integration are included in the standard LiSA source code. Please follow the brief guideline below to set up your system.

Fedora users

Pre-built packages are available for Fedora 8 i386/i686 (see the download page for details). Currently, we don't support pre-built binaries for other architectures, other distros or any other kind of binaries at all - unless of course someone volunteers to build them :)

To get a working setup, you need the liblisa and lisa packages. Optionally, for a Xen environment, you need the lisa-xen package, which includes the LiSA network scripts for xen.

Additionally, you need a LiSA-enabled kernel. Currently we only have pre-built packages for the xen enabled version of the Fedora kernel packages. Because LiSA adds its own protocol family (PF_SWITCH) and a hook in the rx stack, some key network headers are changed. This means the LiSA module cannot be built separately, using a kernel-devel package. The whole kernel must be recompiled with the LiSA patch included. For details on how to build LiSA from source, read below.

Building from source

  • get the latest LiSA release;
  • patch and recompile the kernel for Dom0 (don't forget to enable Xen and the "Privileged guest" option when configuring the kernel);
  • build and install the LiSA userspace tools;
  • copy Xen scripts from the scripts/xen directory in the LiSA tarball to /etc/xen/xen/scripts;
  • edit /etc/xen/xend-config.sxp and change the network-script option to network-lisa and the vif-script option to vif-lisa;
  • make sure the cdpd daemon is automatically started at boot and that the main configuration is automatically loaded (this means running cdpd and swcfgload -m; for RedHat-like systems, just copy rc.fedora from the scripts directory in the LiSA tarball to /etc/init.d and enable the "lisa" service.

The LiSA network script for Xen no longer touches eth0 in any way. You have to add it manually to the switch and configure it appropriately. When starting a guest domain, the network backend (vifX.0) is automatically added to the switch. If the network backend for that particular domain was previously configured in LiSA (and the configuration was saved), the configuration will also be automatically loaded upon domain startup. However, LiSA configuration for the backend is NOT automatically saved upon domain shutdown.