XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Early testable PVH support

    Scheduled Pinned Locked Moved Development
    1 Posts 1 Posters 55 Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • TeddyAstieT Offline
      TeddyAstie Vates 🪐 XCP-ng Team Xen Guru
      last edited by TeddyAstie

      Hello !

      Xen supports 3 virtualization modes, PV (deprecated), HVM (used in XCP-ng) and PVH.
      While HVM is supported in XCP-ng (and used), PVH hasn't been integrated yet, but today in XCP-ng 8.3 we have some early support for it.

      The PVH mode has been officially introduced in Xen 4.10 as leaner, simpler variant of HVM (it was initially named HVM-lite) with little to no emulation, only PV devices, and less overall complexity.
      It aims to be a great and simpler alternative to traditional HVM for modern guests.

      A quick comparison of all modes
      PV mode :

      • needs specific guest support
      • only PV devices (no legacy hardware)
      • relies on PV MMU (less efficient than VT-x EPT/AMD-V NPT overall, but works without virtualization technologies)
      • unsafe against Spectre-style attacks
      • supports: direct kernel boot, pygrub
      • deprecated

      HVM mode :

      • emulate a real-behaving machine (using QEMU)
        • including legacy platform hardware (IOAPIC, HPET, PIT, PIC, ...)
        • including (maybe legacy) I/O hardware (network card, storage ...)
        • some can be disabled by the guest (PVHVM), but they exist at the start of the guest
      • relies on VT-x/AMD-V
      • traditional PC boot flow (BIOS/UEFI)
      • optional PV devices (opt-in by guest; PVHVM)
      • performs better than PV mode on most machines
      • compatible with pretty much all guests (including Windows and legacy OS)

      PVH mode :

      • relies on VT-x/AMD-V (regarding that, on the Xen side, it's using the same code as HVM)
      • minimal emulation (e.g no QEMU), way simpler overall, lower overhead
      • only PV devices
      • support : direct kernel boot (like PV), PVH-GRUB, or UEFI boot (PVH-OVMF)
      • needs guest support (but much less intrusive than PV)
      • works with most Linux distros and most BSD; doesn't work with Windows (yet)

      Installation

      🚧 Keep in mind that this is very experimental and not officially supported. 🚧

      PVH vncterm patches (optional)

      While XCP-ng 8.3 actually has support for PVH, due to a XAPI bug, you will not be able to access the guest console. I provide a patched XAPI with a patched console.

      # Download repo file for XCP-ng 8.3
wget https://koji.xcp-ng.org/repos/user/8/8.3/xcpng-users.repo -O /etc/yum.repos.d/xcpng-users.repo

# You may need to update to testing repositories.
yum update --enablerepo=xcp-ng-testing

# Installing the patched XAPI packages (you should see `.pvh` XAPI packages)
yum update --enablerepo=xcp-ng-tae2

      This is optional, but you probably want that to see what's going on in your guest without having to rely on SSH or xl console.

      Making/converting into a PVH guest

      You can convert any guest into a PVH guest by modifying its domain-type parameter.

      xe vm-param-set uuid={UUID} domain-type=pvh

      And revert this change by changing it back to HVM

      xe vm-param-set uuid={UUID} domain-type=hvm

      PVH OVMF (boot using UEFI)

      You also need a PVH-specific OVMF build that can be used to boot the guest in UEFI mode.

      Currently, there is no package available for getting it, but I provide a custom-built OVMF with PVH support
      https://nextcloud.vates.tech/index.php/s/L8a4meCLp8aZnGZ

      You need to place this file in the host as /var/lib/xcp/guest/pvh-ovmf.elf (create all missing parents).
      Then sets it as PV-kernel

      xe vm-param-set uuid={UUID} PV-kernel=/var/lib/xcp/guest/pvh-ovmf.elf

      Once done, you can boot your guest as usual.

      Tested guests

      On many Linux distros, you need to add console=hvc0 in the cmdline, otherwise, you may not have access to a PV console.

      • Alpine Linux
      • Debian

      Known limitations

      • Some stats shows "no stats" (XAPI bug ?)
      • No support for booting from ISO, you can workaround this by importing your iso as a disk and using it as read-only disk
      • No live migration support (or at least, don't expect it to work properly)
      • No PCI passthrough support
      • No actual display (only PV console)
      1 Reply Last reply Reply Quote 0
      • TeddyAstieT TeddyAstie referenced this topic
      • First post
        Last post