Modify Yubiradius image to boot in Xen

In this post which is part of the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will modify the image we have built in order to have all the bits and pieces to correctly boot under Xen Hypervisor environment as a paravirtual domain
The image we created in the previous post would not boot as a Xen paravirtual host, but it would (eventually) boot in a fully virtualized domain. It would be extremely inefficient to simulate the whole hardware. Rather we replace the kernel with another that understands it is run in a virtual host an runs efficiently under the Dom0 Hypervisor.

The task in this section is greatly simplified by the fact we did create a working DomU in a previous step in fact we will duplicate the library modules from the Dom0 and then drop in the /boot directory from the DomU (this can be done because the Dom0 and the DomU are running the same Xen kernel, otherwise we would have to use the DomU /lib/modules tree).

cp –r /lib/modules/`uname –r` /mnt/img/lib/modules
cp /boot/*2.6.32-5-xen* /mnt/img/boot
cd /mnt/img
tar –xvf /home/user/boot_dir.tar

This sequence will create the modules directories for the Xen kernel and add the proper kernel and ramdisk from DomU(the ramdisk of Dom0 will not be able to mount the virtual disks). It will also load the grub configuration file that pygrub will use to boot the domain.

At this point we need to change the etc/fstab file end the network/interfaces you can use those from the DomU as reference the important one is fstab which if wrong wold prevent  your appliance from booting:

root@yrva35:~# cat /etc/fstab
# /etc/fstab: static file system information.
# This is modified to run into a PV Guest Domain
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
devpts          /dev/pts        devpts  rw,noexec,nosuid,gid=5,mode=620 0  0
/dev/xvda1 none swap sw 0 0
/dev/xvda2 / ext3 noatime,nodiratime,errors=remount-ro 0 1

The Interfaces file

root@yrva35:~# cat /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The first network card – this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 192.168.x.x
gateway 192.168.x.y
post-up  ethtool -K eth0 tx off
post-up ifconfig eth0 mtu 1496

the last 2 lines are required to disable optimization in the DomU and to support  .1Q VLAN if the Network Interface Card does not support tagging natively.

Remember to umount the image at this point. At this point we have a full image with the right kernel, the right ramdisk and the proper config in the interfaces and fstab files. Almost ready to boot ….

About Fabio

Love of technology and flying have been the drivers of my life, more about me.
Tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Please solve the Sweet CAPTCHA below (when displayed) in order to post a comment.