Hi, after thinking a lot about continuing xen as a hypervisor for ipfire 3.x (and after having talked to micha) I decided to not maintain Xen Hypervisor and Xen Userspace tools any more for now.
The reasons for this are: - I will switch from xen to kvm with my systems and so I will not spend a lot of time reading xen mailing lists - The Xen-Sourcecode is not really well "written" and documented - This leads to a big effort in looking for patches because of the hardened system - libvirt is not supported yet - and finally: I don't have the time to spend several evenings bug fixing after each new released xen version.
Ben
I currently use ipFire under Xen, but this sounds like a whole lot of work just for one or two Xen machines. I'm assuming it can simply be installed by booting an HVM from the ISO? If not (if there would be security holes by doing it), I can simply change to a stand alone.
Thank you very much for all the hard work.
Rod
On 02/07/2013 02:24 PM, Benjamin Schweikert wrote:
Hi, after thinking a lot about continuing xen as a hypervisor for ipfire 3.x (and after having talked to micha) I decided to not maintain Xen Hypervisor and Xen Userspace tools any more for now.
The reasons for this are:
- I will switch from xen to kvm with my systems and so I will not spend a lot of time reading xen mailing lists
- The Xen-Sourcecode is not really well "written" and documented
- This leads to a big effort in looking for patches because of the hardened system
- libvirt is not supported yet
- and finally: I don't have the time to spend several evenings bug fixing after each new released xen version.
Ben _______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
Hi, you do not have to change your setup. We are talking about different things. You are using ipfire as a guest which is alwas possible. Our Kernel has all needed modules enabled to run as a paravirtualized kernel.
I was talking about letting ipfire be the VM host. We still have KVM for this which is much easier to maintain. Also Dracut, which is used in the version 3.x for generating the initramdisk, does not need any parts of the xen userspace tools.
Ben
2013/2/8 R. W. Rodolico rodo@dailydata.net:
I currently use ipFire under Xen, but this sounds like a whole lot of work just for one or two Xen machines. I'm assuming it can simply be installed by booting an HVM from the ISO? If not (if there would be security holes by doing it), I can simply change to a stand alone.
Thank you very much for all the hard work.
Rod
On 02/07/2013 02:24 PM, Benjamin Schweikert wrote:
Hi, after thinking a lot about continuing xen as a hypervisor for ipfire 3.x (and after having talked to micha) I decided to not maintain Xen Hypervisor and Xen Userspace tools any more for now.
The reasons for this are:
- I will switch from xen to kvm with my systems and so I will not spend a lot of time reading xen mailing lists
- The Xen-Sourcecode is not really well "written" and documented
- This leads to a big effort in looking for patches because of the hardened system
- libvirt is not supported yet
- and finally: I don't have the time to spend several evenings bug fixing after each new released xen version.
Ben _______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
-- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170
Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
Support for VMWare (ESXi) would be great. I assume you could install IPFire as VM there but are the VMWare-Tools available?
Cheers, Jochen
-- WorldCommunityGrid.org: Gemeinsam für eine gute Sache! Hilf mit, spende Deine ungenutzte PC-Rechenzeit! Infos unter: http://www.worldcommunitygrid.org/
Gesendet: Freitag, 08. Februar 2013 um 05:22 Uhr Von: "R. W. Rodolico" rodo@dailydata.net An: development@lists.ipfire.org Betreff: Re: No Xen development for 3.x any more
I currently use ipFire under Xen, but this sounds like a whole lot of work just for one or two Xen machines. I'm assuming it can simply be installed by booting an HVM from the ISO? If not (if there would be security holes by doing it), I can simply change to a stand alone.
Thank you very much for all the hard work.
Rod
On 02/07/2013 02:24 PM, Benjamin Schweikert wrote:
Hi, after thinking a lot about continuing xen as a hypervisor for ipfire 3.x (and after having talked to micha) I decided to not maintain Xen Hypervisor and Xen Userspace tools any more for now.
The reasons for this are:
- I will switch from xen to kvm with my systems and so I will not spend a lot of time reading xen mailing lists
- The Xen-Sourcecode is not really well "written" and documented
- This leads to a big effort in looking for patches because of the hardened system
- libvirt is not supported yet
- and finally: I don't have the time to spend several evenings bug fixing after each new released xen version.
Ben _______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
-- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170
Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
On Fri, 8 Feb 2013 09:04:08 +0100 (CET), "Jochen Rupp" jochen_rupp@web.de wrote:
Support for VMWare (ESXi) would be great. I assume you could install IPFire as VM there but are the VMWare-Tools available?
What has vmware to do with Xen-Hypervisor support? vmware tools are not free (gpl or bsd) so we cannot add them. Only some parts are free and they are already included (openvmtools addon).
Some words to clarify. We don't drop support to install IPFire as guest on a xen-host (it is already build into the pae-linux kernel). Ben will only drop the host support for other xen-guest that was planned for IPFire 3.x.
Arne
Cheers, Jochen
-- WorldCommunityGrid.org: Gemeinsam für eine gute Sache! Hilf mit, spende Deine ungenutzte PC-Rechenzeit! Infos unter: http://www.worldcommunitygrid.org/
Gesendet: Freitag, 08. Februar 2013 um 05:22 Uhr Von: "R. W. Rodolico" rodo@dailydata.net An: development@lists.ipfire.org Betreff: Re: No Xen development for 3.x any more
I currently use ipFire under Xen, but this sounds like a whole lot of work just for one or two Xen machines. I'm assuming it can simply be installed by booting an HVM from the ISO? If not (if there would be security holes by doing it), I can simply change to a stand alone.
Thank you very much for all the hard work.
Rod
On 02/07/2013 02:24 PM, Benjamin Schweikert wrote:
Hi, after thinking a lot about continuing xen as a hypervisor for ipfire 3.x (and after having talked to micha) I decided to not maintain Xen Hypervisor and Xen Userspace tools any more for now.
The reasons for this are:
- I will switch from xen to kvm with my systems and so I will not spend a lot of time reading xen mailing lists
- The Xen-Sourcecode is not really well "written" and documented
- This leads to a big effort in looking for patches because of the hardened system
- libvirt is not supported yet
- and finally: I don't have the time to spend several evenings bug fixing after each new released xen version.
Ben _______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
-- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170
Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
I am delighted, that we have a nice discussion about the topic!
Basically, this was motivated because we are not doing too much progress in IPFire 3 right now. Since October, we barely had time to work it and so we need to cut out things that are not widely used to get IPFire 3 done at some point.
In my (very personal) opinion, Xen is shit. It has ever been and probably will ever be. Bringing all that into a distribution is impossible - even the big distributions are struggling with that as Xen is poorly supported, buggy and nobody takes care about it.
Support for Xen guests (that means IPFire is running as a guest on a Xen system) comes for free, because finally a lot of the requirements have been merged into the Linux kernel. We won't have to do anything else on the user-space level to get this done. No major work at least. Maybe fighting the bugs...
Running it the other way round (IPFire is the virtualization host and some virtual machines are running on it) is much more complicated. It's not that compiling the tools is the main problem, it's rather fighting the bugs. Xen often breaks things like working with libvirt and stuff like that, so this is not going to be fun. Ben volunteered to do this work in IPFire, but together we decided that the use case for this is not worth doing all that work.
We are happy if there is someone who wants to dig into the problems and solve them. Frankly, this is a 40 hours a week job. Half of it is doing the work, the rest is crying because of the things you will find in the Xen code.
Despite that, we are planning to have KVM, so you can run virtual machines on a system that comes with the virtualization extensions in the CPU. KVM is much cleaner, faster and less work from a package maintainer's point of view.
The essential VMware and Hyper-V kernel modules have been merged into the Linux kernel a while ago, so running IPFire (2 and 3) on these hypervisors should be working perfectly.
-Michael
-
Arne Fitzenreiter -
Benjamin Schweikert -
Jochen Rupp -
Michael Tremer -
R. W. Rodolico