Difference between revisions of "Book/HelloXenProject/5-Chapter"

From Xen
 
(32 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= Chapter 5: =
+
= Chapter 5: Have fun with The Xen Project =
  
= Have fun with The Xen Project =
 
  
 +
Welcome to the final chapter of our book. In this chapter, we want show you some extra works that you can doing with the Xen Project.
  
 +
=== {{anchor|Toc476606927}} Converting VirtualBox VM to The Xen Project ===
  
 +
Open the VirtualBox and select your VM in VB. Right click on your VM and select “Settings...”. The Settings windows opened and after it click on “Storage” :
  
 +
[[Image:Figure_41-_Settings_Window..png|top|600px|none|thumb|Figure 41 : Settings Window.]]
  
 +
In “Controller” section you can see your Virtual HDD name and in the right panel you can see its location. For example, My Virtual HDD name is “Windows 7.vdi” and location is “/home/mohsen/VirtualBox VMs/Windows 7”. You have two options : 1) Install VirtualBox on your Xen Server and then convert your VM on your Xen 2) Convert file locally and move it to your Xen Server. OK, If you like the first options then Navigate to the location and copy *.vdi file to your Xen Server via “scp” command or any tools that you are being comfortable with it. Your .vdi file maybe large so it is better to compress it via “zip” command. After copying then you must doing steps that we introduced below :
  
 +
We assume you installed VirtualBox on your local computer or Xen Server and everything is OK. We will show you how you can convert your VM. The VB provide a command with the name “VboxManage” and we will use it for Clone our HDD. Use below command :
  
 +
<syntaxhighlight lang="sh"># VBoxManage clonehd YourVDIName.vdi OutPut.img -format RAW</syntaxhighlight>
  
 +
For example :
  
 +
<syntaxhighlight lang="sh">
 +
mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$ VBoxManage clonehd Windows7.vdi Windows7.img --format RAW
  
 +
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
  
 +
Clone medium created in format 'RAW'. UUID: df5344f3-4756-4d04-9395-90a88431c0d3
  
 +
mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$
 +
</syntaxhighlight>
  
 +
As you see, Converting Done and we must move it to our Xen Server (I choice option 2).
  
 +
We assume you moved it your Xen Server and everything is OK. After it, We must create a config file for our new VM. I used “touch” command for create a config file as below :
  
 +
<syntaxhighlight lang="sh"># touch /etc/xen/windows.via.virtualbox.cfg</syntaxhighlight>
  
 +
Open your config file via an editor like “nano” and fill it :
  
 +
<syntaxhighlight lang="sh">
 +
name = "Windows Converted"
  
 +
builder = "hvm"
  
 +
uuid = "df5344f3-4756-4d04-9395-90a88431c0d3"
  
 +
memory = 1024
  
 +
vcpus = 2
  
 +
interface=['br0']
  
 +
vif = [ "mac=00:16:3e:46:e6:fb,bridge=br0" ]
  
 +
disk = [ "file:/home/mohsen/Windows7.img,xvda,w" ]
  
 +
vnc=”1”
  
 +
vnclisten=”172.30.9.20”
  
 +
on_poweroff = "destroy"
  
 +
on_reboot = "restart"
  
 +
on_crash = "restart"
 +
</syntaxhighlight>
  
 +
If you pay attention then you see a section with the name “ UUID” in the output of “ VboxManage” command. We must copy and paste it exactly in our Xen config file as above. The “Disk” option is like older config and you must specific your .img file. Finally, just run below command :
  
 +
<syntaxhighlight lang="sh"># xl create /etc/xen/YourConfigName.cfg</syntaxhighlight>
  
 +
Don't forget, Migration VMs between Virtualization Platforms is not a very good idea and you may got some problems. For example, Windows show your Blue Page or...
  
 +
=== {{anchor|Toc476606928}} Selinux and Xen Project ===
  
 +
The SElinux Project is a Linux Kernel module that provide a security mechanism for supporting mandatory access controls (MAC). It is a very good tool for enhanced security under Linux and added to various Linux Distros. The main sponsors of this project are NSA and Red Hat. We don't like cover All aspects of Selinux here because its need a Bible book but as NSA team said : The Selinux is a set of patches to Linux kernel that provide flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. The Selinux provide a mechanism that by help it malicious or flawed applications can't bypass security mechanisms. By default, Selinux provide a set of sample security policy configuration files for general-purpose security goals.
  
 +
We just want to show you some good options for use Selinux under your Xen Project. You can see your Selinux status via “sestatus” command :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# sestatus
  
 +
SELinux status: enabled
  
 +
SELinuxfs mount: /sys/fs/selinux
  
=== {{anchor|Toc476606926}} Have fun with The Xen Project ===
+
SELinux root directory: /etc/selinux
  
Welcome to the final chapter of our book. In this chapter, we want show you some extra works that you can doing with the Xen Project.
+
Loaded policy name: targeted
  
 +
Current mode: enforcing
  
 +
Mode from config file: enforcing
  
 +
Policy MLS status: enabled
  
=== {{anchor|Toc476606927}} Converting VirtualBox VM to The Xen Project ===
+
Policy deny_unknown status: allowed
  
Open the VirtualBox and select your VM in VB. Right click on your VM and select “Settings...”. The Settings windows opened and after it click on “Storage” :
+
Max kernel policy version: 30
 +
</syntaxhighlight>
  
 +
The Selinux, provide three modes :* Enforcing : It is the default mode that enable and enforce the SELinux security policy on your system and based on Selinux policy rules denied your access.
 +
* Permissive : In this mode, Selinux enabled but will not enforce the security policy and just show you warning messages and log actions. This mode is very good for troubleshooting SELinux problems.
 +
* Disabled : Needless to say.
  
[[Image:Figure_41-_Settings_Window..png|top|600px|none|thumb]]
+
For change between modes you can use “setenforce” command :
  
===== <span style="color:#00000a;">Figure 41 : Settings Window.=====
+
<syntaxhighlight lang="sh">  
 +
[root@localhost ~]# setenforce
  
 +
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
 +
</syntaxhighlight>
  
In “Controller” section you can see your Virtual HDD name and in the right panel you can see its location. For example, My Virtual HDD name is “Windows 7.vdi” and location is /home/mohsen/VirtualBox VMs/Windows 7”. You have two options : 1) Install VirtualBox on your Xen Server and then convert your VM on your Xen 2) Convert file locally and move it to your Xen Server. OK, If you like the first options then Navigate to the location and copy *.vdi file to your Xen Server via “scp” command or any tools that you are being comfortable with it. Your .vdi file maybe large so it is better to compress it via “zip” command. After copying then you must doing steps that we introduced below :
+
Please note that when you use “setenforce” command, changes do not persist across reboots. To change Selinux to enforcing mode run “setenforce 1” and to change permissive mode just run setenforce 0”. the “1” mean “ Enforcing” and the “0” mean “ Permissive” :
  
We assume you installed VirtualBox on your local computer or Xen Server and everything is OK. We will show you how you can convert your VM. The VB provide a command with the name “VboxManage” and we will use it for Clone our HDD. Use below command :
+
<syntaxhighlight lang="sh">
 +
setenforce 1 == setenforce Enforcing
 +
</syntaxhighlight>
  
<nowiki># </nowiki>VBoxManage clonehd YourVDIName.vdi OutPut.img -format RAW
+
Finally, To view the current SELinux mode just use “getenforce” command :
  
For example :
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# getenforce
  
mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$ VBoxManage clonehd Windows7.vdi Windows7.img --format RAW
+
Enforcing
 +
</syntaxhighlight>
  
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
+
For Disable Selinux you can edit “/etc/sysconfig/selinux” and change “SELINUX=permissive” to “SELINUX=disabled”.
  
Clone medium created in format 'RAW'. UUID: df5344f3-4756-4d04-9395-90a88431c0d3
+
<syntaxhighlight lang="sh">
 +
# This file controls the state of SELinux on the system.
  
mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$
+
# SELINUX= can take one of these three values:
  
 +
enforcing - SELinux security policy is enforced.
  
As you see, Converting Done and we must move it to our Xen Server (I choice option 2).
+
# permissive - SELinux prints warnings instead of enforcing.
  
We assume you moved it your Xen Server and everything is OK. After it, We must create a config file for our new VM. I used “touch” command for create a config file as below :
+
# disabled - No SELinux policy is loaded.
  
<nowiki># touch /etc/xen/windows.via.virtualbox.cfg</nowiki>
+
SELINUX=enforcing
  
Open your config file via an editor like “nano” and fill it :
+
# SELINUXTYPE= can take one of these three values:
  
name = "Windows Converted"
+
# targeted - Targeted processes are protected,
  
builder = "hvm"
+
# minimum - Modification of targeted policy. Only selected processes are protected.
  
uuid = "df5344f3-4756-4d04-9395-90a88431c0d3"
+
# mls - Multi Level Security protection.
  
memory = 1024
+
SELINUXTYPE=targeted
 +
</syntaxhighlight>
  
vcpus = 2
+
You can see a list of Selinux modules by running “semodule -l” :
  
interface=['br0']
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# semodule -l
  
vif = [ "mac=00:16:3e:46:e6:fb,bridge=br0" ]
+
BackupPC
  
disk = [ "file:/home/mohsen/Windows7.img,xvda,w" ]
+
abrt
  
vnc=”1”
+
accountsd
  
vnclisten=”172.30.9.20”
+
acct
  
on_poweroff = "destroy"
+
afs
  
on_reboot = "restart"
+
aiccu
  
on_crash = "restart"
+
aide
  
 +
ajaxterm
  
If you pay attention then you see a section with the name “ UUID” in the output of “ VboxManage” command. We must copy and paste it exactly in our Xen config file as above. The “Disk” option is like older config and you must specific your .img file. Finally, just run below command :
+
alsa
  
<nowiki># xl create /etc/xen/YourConfigName.cfg</nowiki>
+
amanda
  
Don't forget, Migration VMs between Virtualization Platforms is not a very good idea and you may got some problems. For example, Windows show your Blue Page or...
+
amtu
  
 +
anaconda
  
=== {{anchor|Toc476606928}} <span style="color:#00000a;">Selinux and Xen Project</span> ===
+
antivirus
  
The SElinux Project is a Linux Kernel module that provide a security mechanism for supporting mandatory access controls (MAC). It is a very good tool for enhanced security under Linux and added to various Linux Distros. The main sponsors of this project are NSA and Red Hat. We don't like cover All aspects of Selinux here because its need a Bible book but as NSA team said : The Selinux is a set of patches to Linux kernel that provide flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. The Selinux provide a mechanism that by help it malicious or flawed applications can't bypass security mechanisms. By default, Selinux provide a set of sample security policy configuration files for general-purpose security goals.
+
apache
  
We just want to show you some good options for use Selinux under your Xen Project. You can see your Selinux status via “sestatus” command :
+
...
 +
</syntaxhighlight>
  
[root@localhost ~]# sestatus
+
Selinux provide a Policy with the name “Booleans”. With “Booleans” you can change the policy without any knowledge about Selinux policy writing. Booleans provide a good feature and it is that you can change setting without reloading or recompiling SELinux policy.
  
SELinux status: enabled
+
For see a list of Booleans you can use below command :
  
SELinuxfs mount: /sys/fs/selinux
+
<syntaxhighlight lang="sh"># semanage boolean -l</syntaxhighlight>
  
SELinux root directory: /etc/selinux
+
For example :
  
Loaded policy name: targeted
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# semanage boolean -l | grep xen
  
Current mode: enforcing
+
xend_run_qemu (on , on) Allow xend to run qemu
  
Mode from config file: enforcing
+
xend_run_blktap (on , on) Allow xend to run blktap
  
Policy MLS status: enabled
+
xen_use_nfs (off , off) Allow xen to use nfs
 +
</syntaxhighlight>
  
Policy deny_unknown status: allowed
+
As you see, By default the Xen Project denied to use “nft” and you can enable it :
  
Max kernel policy version: 30
+
<syntaxhighlight lang="sh"># setsebool -P xen_use_nfs on</syntaxhighlight>
  
 +
and if you see the booleans again then :
  
The Selinux, provide three modes :* Enforcing : It is the default mode that enable and enforce the SELinux security policy on your system and based on Selinux policy rules denied your access.
+
<syntaxhighlight lang="sh">
* Permissive : In this mode, Selinux enabled but will not enforce the security policy and just show you warning messages and log actions. This mode is very good for troubleshooting SELinux problems.
+
[root@localhost ~]# semanage boolean -l | grep xen
* Disabled : Needless to say.
 
  
 +
xen_use_nfs (on , on) Allow xen to use nfs
  
 +
xend_run_blktap (on , on) Allow xend to run blktap
  
For change between modes you can use “setenforce” command :
+
xend_run_qemu (on , on) Allow xend to run qemu
 +
</syntaxhighlight>
  
[root@localhost ~]# setenforce
+
As you see, Options changed to “on”. This allow The Xen Project to use “nfs”. We used “-P” option because with this option our changes remain after reboot.
  
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
+
As we said, We don't like to dive into Selinux and just ant to show you how you can doing Virtualization with Selinux enabled. If you remember we setup LVM for our Xen Project VM :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# lvdisplay
  
Please note that when you use “setenforce” command, changes do not persist across reboots. To change Selinux to enforcing mode run “setenforce 1” and to change permissive mode just run “ setenforce 0”. the “1” mean “ Enforcing” and the “0” mean “ Permissive” :
+
--- Logical volume ---
  
setenforce 1 == setenforce Enforcing
+
LV Path /dev/Xen/OpenSUSE
  
Finally, To view the current SELinux mode just use “getenforce” command :
+
LV Name OpenSUSE
  
[root@localhost ~]# getenforce
+
VG Name Xen
  
Enforcing
+
LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u
  
For Disable Selinux you can edit “/etc/sysconfig/selinux” and change “SELINUX=permissive” to “SELINUX=disabled”.
+
LV Write Access read/write
  
<nowiki># This file controls the state of SELinux on the system.</nowiki>
+
LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400
  
<nowiki># SELINUX= can take one of these three values:</nowiki>
+
LV Status available
  
<nowiki># </nowiki>enforcing - SELinux security policy is enforced.
+
<nowiki># open </nowiki>0
  
<nowiki># </nowiki>permissive - SELinux prints warnings instead of enforcing.
+
LV Size 20.00 GiB
  
<nowiki># </nowiki>disabled - No SELinux policy is loaded.
+
Current LE 5120
  
SELINUX=enforcing
+
Segments 1
  
<nowiki># SELINUXTYPE= can take one of these three values:</nowiki>
+
Allocation inherit
  
<nowiki># </nowiki>targeted - Targeted processes are protected,
+
Read ahead sectors auto
  
<nowiki># </nowiki>minimum - Modification of targeted policy. Only selected processes are protected.
+
- currently set to 256
  
<nowiki># </nowiki>mls - Multi Level Security protection.
+
Block device 253:2
  
SELINUXTYPE=targeted
+
...
 +
</syntaxhighlight>
  
 +
With below command we can set the SELinux context for the underlying block device and volume group :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# semanage fcontext -a -t xen_image_t -f b /dev/Xen/OpenSUSE
 +
</syntaxhighlight>
  
 +
After it, When you run “semanage fcontext -l | grep 'OpenSUSE'” then :
  
You can see a list of Selinux modules by running “semodule -l” :
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# semanage fcontext -l | grep 'OpenSUSE'
  
[root@localhost ~]# semodule -l
+
/dev/Xen/OpenSUSE block device system_u:object_r:xen_image_t:s0
 +
</syntaxhighlight>
  
BackupPC
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# ls -Z /dev/Xen/OpenSUSE
  
abrt
+
system_u:object_r:device_t:s0 /dev/Xen/OpenSUSE
 +
</syntaxhighlight>
  
accountsd
+
You can use “restorecon” command to restore file(s) default SELinux security contexts :
  
acct
+
<syntaxhighlight lang="sh"># restorecon /dev/Xen/OpenSUSE</syntaxhighlight>
  
afs
+
After this Selinux protection, other process can't access to our device and just VM managers can access to our device. It is True that Selinux is not an Antivirus but it can protect the Linux system a lot. For example, A big Xen Vulnerability that released recently was “VENOM” (http://venom.crowdstrike.com/), It is fixed very soon in Xen and all new Xen versions are protected but you can use Selinux for protect your Xen too. For more information, Please see [http://danwalsh.livejournal.com/71489.html http://danwalsh.livejournal.com/71489.html] . For more information about Xen Project security and hardening it, Please look at [http://wiki.xenproject.org/wiki/Securing_Xen http://wiki.xenproject.org/wiki/Securing_Xen] .
  
aiccu
+
OK, Now a good time for speaking about Citrix XenServer.
  
aide
+
=== {{anchor|Toc476606929}} Citrix XenServer===
  
ajaxterm
+
If you remember, We spoke something about XenServer. The Citrix XenServer is the leader of open source virtualization platform that using for managing Cloud and Server Virtualization. Installing XenServer is so easy even easier than OS and just take some minutes. A company with XenServer can launch a Virtualization server in some minutes and XenServer will meet all your needs. XenServer is so fast and have a Good flexibility, performance and Most importantly have a low cost. If you used other products like VMWare ESXi then I recommend install the XenServer and test it. I bet you will surprise.
  
alsa
+
For download XenServer go to “http://xenserver.org/open-source-virtualization-download.html” and click on “XenServer Installation ISO” and a file about 633 MB in .iso format will be download. After it you should download “XenCenter” that is a Windows Management Console for XenServer. For download the XenCenter just click on “XenCenter Windows Management Console“ on above link. For other OS like Linux you can use “SSH” and other management tool like “OpenXenManager” (https://sourceforge.net/projects/openxenmanager/). The XenCenter is written in .Net programming language and it is true that Microsoft open sourced .Net programming language and this language can run in Linux too but The Citrix not produced XenCenter for Linux till now, But we hope to see it under linux very soon.
  
amanda
+
OK, I suppose that you downloaded XenServer and write it on a CD or make a bootable USB for install it. As I said, Install it is so easy and don't need any special knowledge. I just want to show some steps that you will see them :
  
amtu
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_42-_Main_screen_of_XenServer.png|top|613px|none|thumb|Figure 42 : Main screen of XenServer.]]</li>
 +
</ul></div>
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_43-_Select_your_Keymap.png|top|300px|none|thumb|Figure 43 : Select your Keymap.<br>&nbsp;]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_44-_Read_the_text_and_if_you_are_Agree_then_Click_OK.png|top|300px|none|thumb|Figure 44 : Read the text and if you are Agree then Click OK.]]</li>
 +
</ul></div>
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_45-_Accept_the_License.png|top|300px|none|thumb|Figure 45 : Accept the License.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_46-_Select_your_Storage_and_click_OK.png|top|300px|none|thumb|Figure 46 : Select your Storage and click OK.]]</li>
 +
</ul></div>
  
anaconda
+
Note : XenServer will remove all your data on HDD and create one partition as your storage. If you use RAID then you can tell XenServer to install on specific partition and not remove all of your data.
  
antivirus
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_47-_Select_your_Installation_Source.png|top|300px|none|thumb|Figure 47 : Select your Installation Source.<br>&nbsp;]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_48-_If_you_have_External_packages_then_Click_Yes_otherwise_click_No.png|top|300px|none|thumb|Figure 48 : If you have External packages then Click Yes otherwise click No.]]</li>
 +
</ul></div>
 +
<div><ul>
 +
<li style="display: inline-block;">
 +
[[Image:Figure_49-_Select_the_prepare_option.png|top|300px|none|thumb|Figure 49 : Select the prepare option.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_50_-_Set_“root”_password.png|top|300px|none|thumb|Figure 50 : Set “root” password.]]</li>
 +
</ul></div>
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_51_-_Select_the_prepare_option_for_obtain_the_IP_address.png|top|300px|none|thumb|Figure 51 : Select the prepare option for obtain the IP address.]]</li>
 +
</ul></div>
  
apache
+
Note : Server must have Static IP and select “DHCP” is not a good option.
  
...
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_52_-_Select_correct_Time_Zone.png|top|300px|none|thumb|Figure 52 : Select correct Time Zone.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_53_-_Select_“Install_XenSever”_to_start_installation.png|top|300px|none|thumb|Figure 53 : Select “Install XenSever” to start installation.]]</li>
 +
</ul></div>
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_54_-_XenSever_installation.png|top|300px|none|thumb|Figure 54 : XenSever installation.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_55_-_Select_prepare_option.png|top|300px|none|thumb|Figure 55 : Select prepare option.]]</li>
 +
</ul></div>
  
 +
Note : If you don't have “Supplemental Pack” then select “Skip”
  
Selinux provide a Policy with the name “Booleans”. With “Booleans” you can change the policy without any knowledge about Selinux policy writing. Booleans provide a good feature and it is that you can change setting without reloading or recompiling SELinux policy.
+
OK, You installed XenServer successfully. It was not hard, Is it ?
  
For see a list of Booleans you can use below command :
+
When you reboot you server then you will see something like below :
  
<nowiki># semanage boolean -l</nowiki>
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_56_-_Loading_XenServer.png|top|300px|none|thumb|Figure 56 : Loading XenServer.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_56-_XenServer_is_ready_to_use.png|top|300px|none|thumb|Figure 56 : XenServer is ready to use.]]</li>
 +
</ul></div>
  
For example :
+
I assume you installed “XenCenter” on Windows or “OpenXenManager” on Linux. Installing “XenCenter” is easy and just doing with some clicks but for install “ OpenXenManager” you should doing some steps :
 +
# Install “git” if your system not have it.
 +
# Install package dependencies. Packages are “python-gtk2 glade python-gtk-vnc python-glade2 python-configobj”.
 +
# Clone the repo from GitHub :
 +
#:<syntaxhighlight lang="sh"># git clone https://github.com/OpenXenManager/openxenmanager.git</syntaxhighlight>
 +
# Install “OpenXenManager” :
 +
#:<syntaxhighlight lang="sh"># cd openxenmanager</syntaxhighlight>
 +
#:<syntaxhighlight lang="sh"># sudo python setup.py install</syntaxhighlight>
 +
# Run the OpenXenManager
 +
#:<syntaxhighlight lang="sh">$ openxenmanager</syntaxhighlight>
  
[root@localhost ~]# semanage boolean -l | grep xen
+
You will then see:
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_57-_Open_XenManager.png|top|300px|none|thumb|Figure 57 : Open XenManager.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_58-_Citrix_XenCenter.png|top|300px|none|thumb|Figure 58 : Citrix XenCenter.]]</li>
 +
</ul></div>
  
xend_run_qemu (on , on) Allow xend to run qemu
+
Note that another great alternative is to use Xen Orchestra (see [https://xen-orchestra.com/ https://xen-orchestra.com/]). You can find plenty of information about Xen Orchestra on their website.
  
xend_run_blktap (on , on) Allow xend to run blktap
+
Once Everything is ready, you can connect to your XenServer via these tools.
  
xen_use_nfs (off , off) Allow xen to use nfs
+
We will show you how you can manage your XenServer but not deeply because it need another book. Firs of all, write “openxenmanager” in your terminal and press Enter key. The OpenXenManager window become apparent then select “Server” menu and then click on “add”. A window become apparent and you must fill the information that it needs:
  
 +
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_59-_Open_XenManager.png|top|300px|none|thumb|Figure 59 : Open XenManager.]]</li>
 +
</ul></div>
  
As you see, By default the Xen Project denied to use “nft” and you can enable it :
+
After it, Click on “Connect”. As you see, Your XenServer added.
  
<nowiki># setsebool -P xen_use_nfs on</nowiki>
+
In Citrix XenCenter you can do similar task. Open XenCenter then click on “Add New Server” and you will see a similar windows as below :
  
and if you see the booleans again then :
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_60-_XenCenter.png|top|300px|none|thumb|Figure 60 : XenCenter.]]</li>
 +
</ul></div>
  
[root@localhost ~]# semanage boolean -l | grep xen
+
Then click on “Add”. As you see, A windows show a security warning and you just click on “Accept”.
  
xen_use_nfs (on , on) Allow xen to use nfs
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_61-_XenCenter_security_warning.png|top|300px|none|thumb|Figure 61 : XenCenter security warning.]]</li>
 +
</ul></div>
  
xend_run_blktap (on , on) Allow xend to run blktap
+
After it, You can see your XenServer and can work with it :
  
xend_run_qemu (on , on) Allow xend to run qemu
+
<div><ul>
 +
<li style="display: inline-block;">[[Image:Figure_62-_OpenXenManager.png|top|300px|none|thumb|Figure 62 : OpenXenManager.]]</li>
 +
<li style="display: inline-block;">[[Image:Figure_63-_XenCenter.png|top|300px|none|thumb|Figure 63 : XenCenter.]]</li>
 +
</ul></div>
  
 +
You can see your XenServer in the left panel. Let's start and create our Vms. We will focus on “OpenXenManager” more because you can run it under Linux.
  
As you see, Options changed to “on”. This allow The Xen Project to use “nfs”. We used “-P” option because with this option our changes remain after reboot.
+
Open “OpenXenManager” and click on “New VM” or from “VM” menu click on “New”. You can see a Windows like below :
  
As we said, We don't like to dive into Selinux and just ant to show you how you can doing Virtualization with Selinux enabled. If you remember we setup LVM for our Xen Project VM :
+
<div><ul><li style="display: inline-block;">[[Image:Figure_64_-_New_VM_Window.png|top|615px|none|thumb|Figure 64 : New VM Window.]]</li></ul></div>
  
[root@localhost ~]# lvdisplay
+
As you see, Some OS templates are listed and you can select your OS that you want install it. If your OS not listed here then you can select “Other install media”. Select your “Template” and click “Next”. In the next window select a Name for your VM and you can write a description about it too. After it, Click “Next”. In the “Location” section you can select your method for installation OS. If you like install your OS via CD\DVD drive on Server then select “Physical DVD drive” and if you have .ISO file from your OS the select “ISO Image” option, But you must upload your .ISO file to your XenServer. In the Citrix XenCenter you can run “Windows File Sharing” for do it. Let me to upload my .ISO file to XenSever server. You can use “scp” command for do it.
  
--- Logical volume ---
+
I created a directory in “/var/opt/xen/ISO”. Then you must open your XenServer console. You can do it by click on “Console” tab or SSH to your XenServer. When you on Xenserver, doing below command :
  
LV Path /dev/Xen/OpenSUSE
+
<syntaxhighlight lang="sh"># mkdir /var/opt/xen/ISO
  
LV Name OpenSUSE
+
[root@xenserver home]# xe sr-create name-label=LocalISO type=iso device-config:location=/var/opt/xen/ISO device-config:legacy_mode=true content-type=iso
  
VG Name Xen
+
2cb6a58b-2c4f-21fa-f58b-a1fca665cc38
 +
</syntaxhighlight>
  
LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u
+
After it, You must put .ISO file in “/var/opt/xen/ISO”. After it in the main windows you can see the new SR :
  
LV Write Access read/write
+
<div><ul><li style="display: inline-block;">[[Image:Figure_65-_Local_ISO.png|top|300px|none|thumb|Figure 65 : Local ISO.]]</li></ul></div>
  
LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400
+
Lets see what happened in “Location” option:
  
LV Status available
+
<div><ul><li style="display: inline-block;">[[Image:Figure_66-__.ISO_file.png|top|300px|none|thumb|Figure 66 : .ISO file.]]</li></ul></div>
  
<nowiki># open </nowiki>0
+
As you see, Our .ISO file appear there.
  
LV Size 20.00 GiB
+
If you don't like command line then you can use “New Storage” option in the main window of “OpenXenManager”. Click on it and you see a Windows like below:
  
Current LE 5120
+
<div><ul><li style="display: inline-block;">[[Image:Figure_67-_New_Storage_Window.png|top|450px|none|thumb|Figure 67 : New Storage Window.]]</li></ul></div>
  
Segments 1
+
In this window, Select “Windows File Sharing (CIFS)” and click next. In the next windows, specific the folder patch that .ISO file is in it and if your network use domain then select “use different user name” and fill the fields with correct information. Don't forget, use “yourdomainname\username” :
  
Allocation inherit
+
<div><ul><li style="display: inline-block;">[[Image:Figure_68-_specific_the_correct_path.png|top|450px|none|thumb|Figure 68 : specific the correct path.]]</li></ul></div>
  
Read ahead sectors auto
+
Then click “Finish” and in the main Window you can see a new SR with the name “CIFS ISO library”. Click on it and select “storage” tab. In this tab you can see all .ISO file that exist in the path that you specified:
  
- currently set to 256
+
<div><ul><li style="display: inline-block;">[[Image:Figure_69-_Storage_tab.png|top|450px|none|thumb|Figure 69 : Storage tab.]]</li></ul></div>
  
Block device 253:2
+
In other pages you can select the number of CPU, Size of Memory and Disk. In “Virtual Interfaces” section you can add your NIC by click on “add” button. At the end, by click on “Finish” our VM will be created. If you like your VM started automatically after it created then click select “Start VM automatically”.
  
...
+
OK, After your VM created then in the main window you can see a Blue button with the name “Start” :
  
 +
<div><ul><li style="display: inline-block;">[[Image:Figure_70-_“Start”_button.png|top|800px|none|thumb|Figure 70 : “Start” button.]]</li></ul></div>
  
With below command we can set the SELinux context for the underlying block device and volume group :
+
click on it and at the end of main window you can see something like percent and when your VM launched completely then you can see that this strip show you a “completed” text like below :
  
[root@localhost ~]# semanage fcontext -a -t xen_image_t -f b /dev/Xen/OpenSUSE
+
<div><ul><li style="display: inline-block;">[[Image:Figure_71_-_main_window_strip.png|top|800px|none|thumb|Figure 71 : main window strip.]]</li></ul></div>
  
After it, When you run “semanage fcontext -l | grep 'OpenSUSE'” then :
+
Click on “Console” tab and you can start installation progress :
  
[root@localhost ~]# semanage fcontext -l | grep 'OpenSUSE'
+
<div><ul><li style="display: inline-block;">[[Image:Figure_72-_“Console”_tab.png|top|800px|none|thumb|Figure 72 : “Console” tab.]]</li></ul></div>
  
/dev/Xen/OpenSUSE block device system_u:object_r:xen_image_t:s0
+
When your OS installation started, Please click on “General” tab. What do you see? You can see some information about your VM that created but a read text flaunted :
  
 +
<div><ul><li style="display: inline-block;">[[Image:Figure_73-_General_tab.png|top|450px|none|thumb|Figure 73 : General tab.]]</li></ul></div>
  
[root@localhost ~]# ls -Z /dev/Xen/OpenSUSE
+
It tell you that “Tools not installed” and it is the first job that we must do it when OS installed. According to the XenServer documentation : “XenServer Tools provides high performance Windows drivers and a management agent, enhancing disk and network performance for XenServer Vms”. As you see, It is mandatory and help us to get a better performance. Other tab show you some useful information like Performance and…. We will speak about “Snapshots” later. OK, Our OS installed and we must install “XenServer Tools”. You can do it by click on “VM” menu and select “Install XenServer Tools” but first of all Please eject the previous CD\DVD (OS). For do it, Click on “Storage” tab and and select “<empty>” for “DVD drive:”. If you select “xs-tools.iso” instead of “<empty>” then you are ready for install XenServer Tools. When you select “ xs-tools.iso” and open “My computer” on Windows then you will see something like below:
  
system_u:object_r:device_t:s0 /dev/Xen/OpenSUSE
+
<div><ul><li style="display: inline-block;">[[Image:Figure_74-_Install_XenServer_Tools.png|top|450px|none|thumb|Figure 74 : Install XenServer Tools.]]</li></ul></div>
  
 +
Just click on “CD Drive” and install progress will start.
  
You can use “restorecon” command to restore file(s) default SELinux security contexts :
+
You can all of the stuff via “xe” command too. We never dive into this because it is very vast and need another book but will will cover something that you need it.
  
<nowiki># restorecon /dev/Xen/OpenSUSE</nowiki>
+
For create a new vm via command line do below steps :
  
 +
<syntaxhighlight lang="sh"># xe template-list</syntaxhighlight>
  
After this Selinux protection, other process can't access to our device and just VM managers can access to our device. It is True that Selinux is not an Antivirus but it can protect the Linux system a lot. For example, A big Xen Vulnerability that released recently was “VENOM” (http://venom.crowdstrike.com/), It is fixed very soon in Xen and all new Xen versions are protected but you can use Selinux for protect your Xen too. For more information, Please see [http://danwalsh.livejournal.com/71489.html http://danwalsh.livejournal.com/71489.html] . For more information about Xen Project security and hardening it, Please look at [http://wiki.xenproject.org/wiki/Securing_Xen http://wiki.xenproject.org/wiki/Securing_Xen] .
+
then select your template name and :
  
OK, Now a good time for speaking about Citrix XenServer.
+
<syntaxhighlight lang="sh"># xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid= Your SR UUID</syntaxhighlight>
  
 +
For find SR UUID use below command :
  
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe sr-list
  
 +
uuid ( RO) : 30f0541d-eb20-ab50-ba41-94eeb92eb104
  
=== {{anchor|Toc476606929}} <span style="color:#00000a;">Citrix XenServer</span> ===
+
name-label ( RW): Removable storage
  
If you remember, We spoke something about XenServer. The Citrix XenServer is the leader of open source virtualization platform that using for managing Cloud and Server Virtualization. Installing XenServer is so easy even easier than OS and just take some minutes. A company with XenServer can launch a Virtualization server in some minutes and XenServer will meet all your needs. XenServer is so fast and have a Good flexibility, performance and Most importantly have a low cost. If you used other products like VMWare ESXi then I recommend install the XenServer and test it. I bet you will surprise.
+
name-description ( RW):
  
For download XenServer go to “http://xenserver.org/open-source-virtualization-download.html” and click on “XenServer Installation ISO” and a file about 633 MB in .iso format will be download. After it you should download “XenCenter” that is a Windows Management Console for XenServer. For download the XenCenter just click on “XenCenter Windows Management Console“ on above link. For other OS like Linux you can use “SSH” and other management tool like “OpenXenManager” (https://sourceforge.net/projects/openxenmanager/). The XenCenter is written in .Net programming language and it is true that Microsoft open sourced .Net programming language and this language can run in Linux too but The Citrix not produced XenCenter for Linux till now, But we hope to see it under linux very soon.
+
host ( RO): xenserver
  
OK, I suppose that you downloaded XenServer and write it on a CD or make a bootable USB for install it. As I said, Install it is so easy and don't need any special knowledge. I just want to show some steps that you will see them :
+
type ( RO): udev
  
[[Image:Figure_42-_Main_screen_of_XenServer.png|top|600px|none|thumb]]</div>
+
content-type ( RO): disk
  
===== <span style="color:#00000a;">Figure 42 : Main screen of XenServer.=====
+
uuid ( RO) : 09b22fe6-df17-2fc3-333f-43f559f7a2e5
  
[[Image:Figure_43-_Select_your_Keymap.png|top|600px|none|thumb]]
+
name-label ( RW): CIFS ISO library
  
===== <span style="color:#00000a;">Figure 43 : Select your Keymap.=====
+
name-description ( RW): CIFS ISO Library [\\172.30.9.3\programs\os]
  
 +
host ( RO): xenserver
  
[[Image:Figure_44-_Read_the_text_and_if_you_are_Agree_then_Click_OK.png|top|600px|none|thumb]]
+
type ( RO): iso
  
===== <span style="color:#00000a;">Figure 44 : Read the text and if you are Agree then Click OK.=====
+
content-type ( RO): iso
  
[[Image:Figure_45-_Accept_the_License.png|top|600px|none|thumb]]
+
uuid ( RO): f6bc99a1-070a-2470-c091-ee89fe2bae7e
  
===== <span style="color:#00000a;">Figure 45 : Accept the License.=====
+
name-label ( RW): DVD drives
  
[[Image:Figure_46-_Select_your_Storage_and_click_OK.png|top|600px|none|thumb]]
+
name-description ( RW): Physical DVD drives
  
===== <span style="color:#00000a;">Figure 46 : Select your Storage and click OK.=====
+
host ( RO): xenserver
  
Note : XenServer will remove all your data on HDD and create one partition as your storage. If you use RAID then you can tell XenServer to install on specific partition and not remove all of your data.
+
type ( RO): udev
  
[[Image:Figure_47-_Select_your_Installation_Source.png|top|600px|none|thumb]]
+
content-type ( RO): iso
  
===== <span style="color:#00000a;">Figure 47 : Select your Installation Source.=====
+
uuid ( RO): dc2d6d43-b60b-097d-22c6-5275d185d8e7
  
[[Image:Figure_48-_If_you_have_External_packages_then_Click_Yes_otherwise_click_No.png|top|600px|none|thumb]]
+
name-label ( RW): Local storage
  
===== <span style="color:#00000a;">Figure 48 : If you have External packages then Click Yes otherwise click No.=====
+
name-description ( RW):
  
 +
host ( RO): xenserver
  
[[Image:Figure_49-_Select_the_prepare_option.png|top|600px|none|thumb]]
+
type ( RO): ext
  
===== <span style="color:#00000a;">Figure 49 : Select the prepare option.=====
+
content-type ( RO): user
  
 +
uuid ( RO): 6972a5fc-f265-d32c-52ff-47bf96221309
  
[[Image:Figure_50_-_Set_“root”_password.png|top|600px|none|thumb]]
+
name-label ( RW): XenServer Tools
  
===== <span style="color:#00000a;">Figure 50 : Set “root” password.=====
+
name-description ( RW): XenServer Tools ISOs
  
 +
host ( RO): xenserver
  
[[Image:Figure_51_-_Select_the_prepare_option_for_obtain_the_IP_address.png|top|600px|none|thumb]]
+
type ( RO): iso
  
===== <span style="color:#00000a;">Figure 51 : Select the prepare option for obtain the IP address.=====
+
content-type ( RO): iso
 +
</syntaxhighlight>
  
 +
You must use your “Local Storage” ID thus our full command is :
  
Note : Server must have Static IP and select “DHCP” is not a good option.
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid=dc2d6d43-b60b-097d-22c6-5275d185d8e7
  
 +
e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
 +
</syntaxhighlight>
  
[[Image:Figure_52_-_Select_correct_Time_Zone.png|top|600px|none|thumb]]
+
After it, If you check your “OpenXenManager” then you will see a new VM with the name “My Debian”.
  
===== <span style="color:#00000a;">Figure 52 : Select correct Time Zone.=====
+
You can change your VM setting via “xe” too. For example, By default, XenServer assigned 1 CPU to our VM and we want change it to 4 CPUs :
  
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-list
  
[[Image:Figure_53_-_Select_“Install_XenSever”_to_start_installation.png|top|600px|none|thumb]]
+
uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
===== <span style="color:#00000a;">Figure 53 : Select “Install XenSever” to start installation.=====
+
name-label ( RW): My Debian
  
 +
power-state ( RO): halted
  
[[Image:Figure_54_-_XenSever_installation.png|top|600px|none|thumb]]
 
  
===== <span style="color:#00000a;">Figure 54 : XenSever installation.=====
+
uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027
  
[[Image:Figure_55_-_Select_prepare_option.png|top|600px|none|thumb]]
+
name-label ( RW): Windows 7 (32-bit) (2016-08-13)
  
===== <span style="color:#00000a;">Figure 55 : Select prepare option.=====
+
power-state ( RO): halted
  
  
Note : If you don't have “Supplemental Pack” then select “Skip”
+
uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474
  
OK, You installed XenServer successfully. It was not hard, Is it ?
+
name-label ( RW): Control domain on host: xenserver
  
When you reboot you server then you will see something like below :
+
power-state ( RO): running
 +
</syntaxhighlight>
  
 +
Then :
  
[[Image:Figure_56_-_Loading_XenServer.png|top|600px|none|thumb]]
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]#  xe vm-param-set VCPUs-max=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
 +
</syntaxhighlight>
  
===== <span style="color:#00000a;">Figure 56 : Loading XenServer.=====
+
Then :
  
[[Image:Figure_56-_XenServer_is_ready_to_use.png|top|600px|none|thumb]]
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]#  xe vm-param-set VCPUs-at-startup=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
 +
</syntaxhighlight>
  
===== <span style="color:#00000a;">Figure 56 : XenServer is ready to use.=====
+
After it, If you see the VM properties then you can see that our VCPU changed :
  
I assume you installed “XenCenter” on Windows or “OpenXenManager” on Linux. Installing “XenCenter” is easy and just doing with some clicks but for install “ OpenXenManager” you should doing some steps :# Install “git” if your system not have it.
+
[[Image:Figure_75_-_Change_VCPU.png|top|300px|none|thumb|Figure 75 : Change VCPU.]]
# Install package dependencies. Packages are “python-gtk2 glade python-gtk-vnc python-glade2 python-configobj”.
 
# Clone the repo from GitHub :
 
  
 +
You can change memory setting too. The commands that you must use are :
 +
<syntaxhighlight lang="sh">
 +
# xe vm-param-set memory-static-max=”Maximum size for static memory” uuid=replace_with_uuid
 +
# xe vm-param-set memory-dynamic-max=”Maximum size for dynamic memory” uuid=replace_with_uuid
 +
# xe vm-param-set memory-dynamic-min=”Minimum size for dynamic memory” uuid=replace_with_uuid
 +
# xe vm-param-set memory-static-min=”Minimum size for static memory” uuid=replace_with_uuid
 +
</syntaxhighlight>
  
 +
For example :
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-param-set memory-static-max=
  
<div style="margin-left:0in;margin-right:0in;"><nowiki># git clone https://github.com/OpenXenManager/openxenmanager.git</nowiki></div># Install “OpenXenManager” :
+
2147483648 268435456 788529152
  
 +
[root@xenserver ~]# xe vm-param-set memory-static-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
 +
[root@xenserver ~]# xe vm-param-set memory-dynamic-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
<div style="margin-left:0in;margin-right:0in;"><nowiki># cd openxenmanager</nowiki></div>
+
[root@xenserver ~]# xe vm-param-set memory-dynamic-min=
  
<div style="margin-left:0in;margin-right:0in;"><nowiki># sudo python setup.py install</nowiki></div># Run the OpenXenManager
+
2147483648 268435456 788529152
  
 +
[root@xenserver ~]# xe vm-param-set memory-dynamic-min=268435456 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
 +
[root@xenserver ~]# xe vm-param-set memory-static-min= uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
<div style="margin-left:0in;margin-right:0in;">$ openxenmanager</div>
+
1024 1073741824 306184192
[[Image:Figure_57-_Open_XenManager.png|top|600px|none|thumb]]
 
  
===== <span style="color:#00000a;">Figure 57 : Open XenManager.=====
+
[root@xenserver ~]# xe vm-param-set memory-static-min=1024 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
 +
</syntaxhighlight>
  
 +
After it you can see that your memory setting changed :
  
[[Image:Figure_58-_Citrix_XenCenter.png|top|600px|none|thumb]]
+
[[Image:Figure_76_-_Memory_setting..png|top|600px|none|thumb|Figure 76 : Memory setting.]]
  
===== <span style="color:#00000a;">Figure 58 : Citrix XenCenter.=====
+
Sometimes you need to attach your removable storage to your VM and We will show you how you can do it. Please Plug your removable storage to your server, I suppose it is a Pen Drive. After it, SSH to your XenServer :
  
 +
<syntaxhighlight lang="sh">
 +
$ ssh root@XenServer IP
  
Once Everything is ready, you can connect to your XenServer via these tools.
+
mohsen@Keep-calm-and-use-Linux:~$ ssh root@172.30.9.20
  
We will show you how you can manage your XenServer but not deeply because it need another book. Firs of all, write “openxenmanager” in your terminal and press Enter key. The OpenXenManager window become apparent then select “Server” menu and then click on “add”. A window become apparent and you must fill the information that it needs:
+
root@172.30.9.20's password:
  
 +
Last login: Sat Aug 13 14:31:34 2016 from 172.30.10.18
  
[[Image:Figure_59-_Open_XenManager.png|top|600px|none|thumb]]
+
XenServer dom0 configuration is tuned for maximum performance and reliability.
  
===== <span style="color:#00000a;">Figure 59 : Open XenManager.=====
+
Configuration changes which are not explicitly documented or approved by Citrix
 +
Technical Support, may not have been tested and are therefore not supported. In
 +
addition, configuration changes may not persist after installation of a hotfix
 +
or upgrade, and could also cause a hotfix or upgrade to fail.
  
After it, Click on “Connect”. As you see, Your XenServer added.
+
Third party tools, which require modification to dom0 configuration, or
 +
installation into dom0, may cease to function correctly after upgrade or hotfix
 +
installation. Please consult Citrix Technical Support for advice regarding
 +
specific tools.
  
In Citrix XenCenter you can do similar task. Open XenCenter then click on “Add New Server” and you will see a similar windows as below :
+
Type "xsconsole" for access to the management console.
  
 +
[root@xenserver ~]#
 +
</syntaxhighlight>
  
[[Image:Figure_60-_XenCenter.png|top|600px|none|thumb]]
+
Then, Execute “dmesg” command. The output of this command is long but at the end of output you can see something about your removable storage that plugged :
  
===== <span style="color:#00000a;">Figure 60 : XenCenter.=====
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# dmesg
  
Then click on “Add”. As you see, A windows show a security warning and you just click on “Accept”.
+
[75290.601990] usb 2-1.5: new high-speed USB device number 3 using ehci-pci
  
 +
[75290.853090] usb-storage 2-1.5:1.0: USB Mass Storage device detected
  
 +
[75290.853174] scsi4 : usb-storage 2-1.5:1.0
  
 +
[75290.853228] usbcore: registered new interface driver usb-storage
  
[[Image:Figure_61-_XenCenter_security_warning.png|top|600px|none|thumb]]
+
[75292.355579] scsi 4:0:0:0: Direct-Access HP v210w 1100 PQ: 0 ANSI: 0 CCS
  
===== <span style="color:#00000a;">Figure 61 : XenCenter security warning.=====
+
[75292.355791] scsi 4:0:0:0: alua: supports implicit and explicit TPGS
  
 +
[75292.356368] scsi 4:0:0:0: alua: No target port descriptors found
  
After it, You can see your XenServer and can work with it :
+
[75292.356371] scsi 4:0:0:0: alua: not attached
  
 +
[75292.356473] sd 4:0:0:0: Attached scsi generic sg2 type 0
  
[[Image:Figure_62-_OpenXenManager.png|top|600px|none|thumb]]
+
[75292.357107] sd 4:0:0:0: [sdb] 31703040 512-byte logical blocks: (16.2 GB/15.1 GiB)
  
===== <span style="color:#00000a;">Figure 62 : OpenXenManager.=====
+
[75292.357944] sd 4:0:0:0: [sdb] Write Protect is off
  
 +
[75292.357946] sd 4:0:0:0: [sdb] Mode Sense: 43 00 00 00
  
 +
[75292.358813] sd 4:0:0:0: [sdb] No Caching mode page found
  
[[Image:Figure_63-_XenCenter.png|top|600px|none|thumb]]</div>
+
[75292.358817] sd 4:0:0:0: [sdb] Assuming drive cache: write through
  
===== <span style="color:#00000a;">Figure 63 : XenCenter.=====
+
[75292.361987] sd 4:0:0:0: [sdb] No Caching mode page found
  
 +
[75292.361992] sd 4:0:0:0: [sdb] Assuming drive cache: write through
  
You can see your XenServer in the left panel. Let's start and create our Vms. We will focus on “OpenXenManager” more because you can run it under Linux.
+
[75292.363072] sdb: sdb1 sdb2
  
Open “OpenXenManager” and click on “New VM” or from “VM” menu click on “New”. You can see a Windows like below :
+
[75292.365816] sd 4:0:0:0: [sdb] No Caching mode page found
  
[[Image:Figure_64_-_New_VM_Window.png|top|600px|none|thumb]]
+
[75292.365819] sd 4:0:0:0: [sdb] Assuming drive cache: write through
  
===== <span style="color:#00000a;">Figure 64 : New VM Window.=====
+
[75292.365823] sd 4:0:0:0: [sdb] Attached SCSI removable disk
 +
</syntaxhighlight>
  
 +
It this example, Our Pen Drive model is “HP v210w”. The Removable storage passtrought is so easy in XenServer and Citrix do it for your automatically and no command need. If you open “OpenXenManager” program and click on “Storage” tab in the main page then you can see that XenServer did it for you automatically :
  
As you see, Some OS templates are listed and you can select your OS that you want install it. If your OS not listed here then you can select “Other install media”. Select your “Template” and click “Next”. In the next window select a Name for your VM and you can write a description about it too. After it, Click “Next”. In the “Location” section you can select your method for installation OS. If you like install your OS via CD\DVD drive on Server then select “Physical DVD drive” and if you have .ISO file from your OS the select “ISO Image” option, But you must upload your .ISO file to your XenServer. In the Citrix XenCenter you can run “Windows File Sharing” for do it. Let me to upload my .ISO file to XenSever server. You can use “scp” command for do it.
+
[[Image:Figure_77_-_Removable_storage.png|top|600px|none|thumb|Figure 77 : Removable storage.]]
  
I created a directory in “/var/opt/xen/ISO”. Then you must open your XenServer console. You can do it by click on “Console” tab or SSH to your XenServer. When you on Xenserver, doing below command :
+
For add it to your VM just click on your VM name on the main window then click on “Storage” tab and click on “Attach” button and select “Removable Storage” and click on “Attach” button :
  
<nowiki># mkdir /var/opt/xen/ISO</nowiki>
+
[[Image:Figure_78_-_USB_Pass-through.png|top|600px|none|thumb|Figure 78 : USB Pass-through.]]
  
<nowiki># xe sr-create name-label=LocalISO type=iso device-config:location=/var/opt/xen/ISO device-config:legacy_mode=true content-type=iso</nowiki>
+
After it, If you go to your VM then you can see that you Pen Drive mounted.
  
[root@xenserver home]# xe sr-create name-label=LocalISO type=iso device-config:location=/var/opt/xen/ISO device-config:legacy_mode=true content-type=iso
+
For unplug a Removable storage you can select it and click on “Detach” button.
  
2cb6a58b-2c4f-21fa-f58b-a1fca665cc38
+
You can do it by command line too. Do below steps :
  
 +
'''1-''' fdisk -l
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# fdisk -l
  
After it, You must put .ISO file in “/var/opt/xen/ISO”. After it in the main windows you can see the new SR :
+
WARNING: GPT (GUID Partition Table) detected on '/dev/sda'! The util fdisk doesn't support GPT. Use GNU Parted.
  
  
[[Image:Figure_65-_Local_ISO.png|top|600px|none|thumb]]
+
Disk /dev/sda: 1000.2 GB, 1000204886016 bytes
  
===== <span style="color:#00000a;">Figure 65 : Local ISO.=====
+
256 heads, 63 sectors/track, 121126 cylinders
  
Lets see what happened in “Location” option:
+
Units = cylinders of 16128 * 512 = 8257536 bytes
  
  
[[Image:Figure_66-__.ISO_file.png|top|600px|none|thumb]]
+
Device Boot Start End Blocks Id System
  
===== <span style="color:#00000a;">Figure 66 : .ISO file.=====
+
/dev/sda1 <nowiki>* </nowiki>1 121127 976762583+ ee EFI GPT
  
  
As you see, Our .ISO file appear there.
+
Disk /dev/sdc: 16.2 GB, 16231956480 bytes
  
If you don't like command line then you can use “New Storage” option in the main window of “OpenXenManager”. Click on it and you see a Windows like below:
+
255 heads, 63 sectors/track, 1973 cylinders
  
[[Image:Figure_67-_New_Storage_Window.png|top|600px|none|thumb]]</div>
+
Units = cylinders of 16065 * 512 = 8225280 bytes
  
===== <span style="color:#00000a;">Figure 67 : New Storage Window.=====
 
  
In this window, Select “Windows File Sharing (CIFS)” and click next. In the next windows, specific the folder patch that .ISO file is in it and if your network use domain then select “use different user name” and fill the fields with correct information. Don't forget, use “yourdomainname\username” :
+
Device Boot Start End Blocks Id System
  
 +
/dev/sdc1 1 1974 15850496 b W95 FAT32
 +
</syntaxhighlight>
 +
As you see, “/dev/sdc1” is my Pen Drive.
  
[[Image:Figure_68-_specific_the_correct_path.png|top|600px|none|thumb]]</div>
+
'''2-''' cd /dev/disk/by-id/
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# cd /dev/disk/by-id/
 +
</syntaxhighlight>
  
===== <span style="color:#00000a;">Figure 68 : specific the correct path.=====
+
'''3-''' ls
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver by-id]# ls
  
Then click “Finish” and in the main Window you can see a new SR with the name “CIFS ISO library”. Click on it and select “storage” tab. In this tab you can see all .ISO file that exist in the path that you specified:
+
scsi-SATA_ST1000DL002-9TT_W1V0RX1H scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part3
  
 +
scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238
  
[[Image:Figure_69-_Storage_tab.png|top|600px|none|thumb]]
+
scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part2 usb-HP_v210w_AA00000000000238-part1
  
===== <span style="color:#00000a;">Figure 69 : Storage tab.=====
+
[root@xenserver by-id]#
 +
</syntaxhighlight>
  
In other pages you can select the number of CPU, Size of Memory and Disk. In “Virtual Interfaces” section you can add your NIC by click on “add” button. At the end, by click on “Finish” our VM will be created. If you like your VM started automatically after it created then click select “Start VM automatically”.
+
'''4-''' doing below command :
 +
<syntaxhighlight lang="sh">
 +
xe sr-create type=lvm content-type=user device-config:device=/dev/disk/by-id/scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238 name-label=”Local USB Storage”
 +
</syntaxhighlight>
  
OK, After your VM created then in the main window you can see a Blue button with the name “Start” :
+
'''5-''' After it you can see that it appear in your main window of “OpenXenManager” as “ Local USB Storage”.
  
 +
==== {{anchor|Toc476606930}} Snapshots ====
  
[[Image:Figure_70-_“Start”_button.png|top|600px|none|thumb]]
+
Sometimes you need test a software of update packages but it may harm your VM and you don't like to reinstall and configure your OS. The Snapshot is a good option for you and you can back to the previous state. Let me to show you that how you can do it.
  
===== <span style="color:#00000a;">Figure 70 : “Start” button.=====
+
In the main window on “OpenXenManager” click your VM that you like create a snapshot of it, Then click on “Snapshots” tab. After it, click on “Take Snapshot” button and you can see a window that asked you to write a name for your snapshot :
  
 +
[[Image:Figure_79-_VM_Snapshot.png|top|400px|none|thumb|Figure 79 : VM Snapshot.]]
  
click on it and at the end of main window you can see something like percent and when your VM launched completely then you can see that this strip show you a “completed” text like below :
+
After it, You can see that a Snapshot is created :
  
[[Image:Figure_71_-_main_window_strip.png|top|600px|none|thumb]]
+
[[Image:Figure_80-_Snapshot_created.png|top|600px|none|thumb|Figure 80 : Snapshot created.]]
  
===== <span style="color:#00000a;">Figure 71 : main window strip.=====
+
You can see it in Citrix XenCenter too and XenCenter show it more understandable:
  
Click on “Console” tab and you can start installation progress :
+
[[Image:Figure_81-_Snapshot_Diagram.png|top|600px|none|thumb|Figure 81 : Snapshot Diagram.]]
  
[[Image:Figure_72-_“Console”_tab.png|top|600px|none|thumb]]
+
As you see, XenCenter show it in a good diagram and you can select your snapshot and right click on it and the Select “Revert To” for back to the previous state. When you select “Revert To” the XenCenter show you a message like below :
  
===== <span style="color:#00000a;">Figure 72 : “Console” tab.=====
+
[[Image:Figure_82-_Warning_Message.png|top|400px|none|thumb|Figure 82 : Warning Message.]]
  
When your OS installation started, Please click on “General” tab. What do you see? You can see some information about your VM that created but a read text flaunted :
+
XenCenter ask you that are you sure to back to this Snapshot or not, If you are sure then click “Yes”. After it, XenCenter show you a window like below:
  
[[Image:Figure_73-_General_tab.png|top|600px|none|thumb]]
+
[[Image:Figure_83-_Take_Snapshot_Window.png|top|400px|none|thumb|Figure 83 : Take Snapshot Window.]]
  
===== <span style="color:#00000a;">Figure 73 : General tab.=====
+
The XenCenter like to create another Snapshot and Enter a name for your Snapshot, For example, I enter “My snapshot”. After it our diagram is something like below :
  
 +
[[Image:Figure_84_-_XenCenter_Snapshots_tab.png|top|600px|none|thumb|Figure 84 : XenCenter Snapshots tab.]]
  
It tell you that “Tools not installed” and it is the first job that we must do it when OS installed. According to the XenServer documentation : “XenServer Tools provides high performance Windows drivers and a management agent, enhancing disk and network performance for XenServer Vms”. As you see, It is mandatory and help us to get a better performance. Other tab show you some useful information like Performance and…. We will speak about “Snapshots” later. OK, Our OS installed and we must install “XenServer Tools”. You can do it by click on “VM” menu and select “Install XenServer Tools” but first of all Please eject the previous CD\DVD (OS). For do it, Click on “Storage” tab and and select “<empty>” for “DVD drive:”. If you select “xs-tools.iso” instead of “<empty>” then you are ready for install XenServer Tools. When you select “ xs-tools.iso” and open “My computer” on Windows then you will see something like below:
+
After it, My VM back to the previous state and as you can see in the diagram, the Green arrow point to the “Now”. If I right click on “My snapshot” and select “Revert To” then The XenCenter show me a same window like “Figure 82” but I deselect “Take a snapshot of...” and click yes because I don't like to create another snapshot of my current state. After it, You can see that your VM back to the state that you did change to your VM. The current Diagram is something like below :
  
 +
[[Image:Figure_85-_Back_to_“My_snapshot”.png|top|600px|none|thumb|Figure 85 : Back to “My snapshot”.]]
  
[[Image:Figure_74-_Install_XenServer_Tools.png|top|600px|none|thumb]]
+
You can do all of these via “xe” too.
  
===== <span style="color:#00000a;">Figure 74 : Install XenServer Tools.=====
+
SSH to your XenServer and do below steps :
  
 +
<code>xe vm-snapshot vm=Your VM name new-name-label="Your Label"</code>
  
Just click on “CD Drive” and install progress will start.
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-snapshot vm=Windows\ 7\ \(32-bit\)\ \(2016-08-13\) new-name-label="My Snapshot"
  
You can all of the stuff via “xe” command too. We never dive into this because it is very vast and need another book but will will cover something that you need it.
+
7f562a5f-7614-9991-5952-d8106cb10433
 +
</syntaxhighlight>
  
For create a new vm via command line do below steps :
+
In “vm” parameter select the name of your VM that you want create a Snapshot from it.
  
<nowiki># xe template-list</nowiki>
+
After it, You can see that a Snapshot created for you and you can doing changes. For Revert to your Snapshot use below command :
  
then select your template name and :
+
<code>xe snapshot-revert snapshot-uuid=UUID</code>
  
<nowiki># xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid= Your SR UUID</nowiki>
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe snapshot-revert snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433
 +
</syntaxhighlight>
  
For find SR UUID use below command :
+
After it, You can see that your VM back to the previous state. For list the snapshot you can use below command :
  
<nowiki># xe sr-list</nowiki>
+
<code>xe snapshot-list</code>
  
[root@xenserver ~]# xe sr-list
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe snapshot-list
  
uuid ( RO) : 30f0541d-eb20-ab50-ba41-94eeb92eb104
+
uuid ( RO) : 7f562a5f-7614-9991-5952-d8106cb10433
  
name-label ( RW): Removable storage
+
name-label ( RW): My Snapshot
  
 
name-description ( RW):
 
name-description ( RW):
 +
</syntaxhighlight>
  
host ( RO): xenserver
+
For remove a snapshot use below command :
  
type ( RO): udev
+
<code>xe snapshot-uninstall snapshot-uuid=UUID</code>
  
content-type ( RO): disk
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe snapshot-uninstall snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433
  
 +
The following items are about to be destroyed
  
uuid ( RO) : 09b22fe6-df17-2fc3-333f-43f559f7a2e5
+
VM : 7f562a5f-7614-9991-5952-d8106cb10433 (My Snapshot)
  
name-label ( RW): CIFS ISO library
+
VDI: f0ad2781-5c8b-4202-898c-44f9cde4e9e1 (0)
  
name-description ( RW): CIFS ISO Library [\\172.30.9.3\programs\os]
+
Type 'yes' to continue
  
host ( RO): xenserver
+
yes
  
type ( RO): iso
+
All objects destroyed
 +
</syntaxhighlight>
  
content-type ( RO): iso
+
'''''Join your Citrix XenServer to Windows Domain'''''
  
uuid ( RO): f6bc99a1-070a-2470-c091-ee89fe2bae7e
+
You can join your XenServer to the Windows Domain and use Active Directory accounts for work with XenServer. For do it, In the main window of “OpenXenManager” click on “Users” tab and then click on “Join Domain” button. In the Citrix XenCenter you can do it with the same steps but let us explain it via CLI.
  
name-label ( RW): DVD drives
+
SSH to your XenServer and execute below command :
  
name-description ( RW): Physical DVD drives
+
<code>xe pool-enable-external-auth auth-type=AD service-name=”Your Domain name” config:user=”Your Active Directory User name” config:pass=”Your Active Directory Password”</code>
  
host ( RO): xenserver
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe pool-enable-external-auth auth-type=AD service-name=mydomain.com config:user=mohsen config:pass=XenServer
 +
</syntaxhighlight>
  
type ( RO): udev
+
After it, You can see that “Join Domain” button in “Users” tab is disabled and “Leave Domain” enabled.
  
content-type ( RO): iso
+
After it, You must give access to your AD users or Groups :
  
uuid ( RO): dc2d6d43-b60b-097d-22c6-5275d185d8e7
+
<code>xe subject-add subject-name=”Your AD user name or group name”</code>
  
name-label ( RW): Local storage
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe subject-add subject-name=jokar
  
name-description ( RW):
+
fc21d498-1a35-b24c-9d27-c6f2153dde56
 +
</syntaxhighlight>
  
host ( RO): xenserver
+
For remove a User access use below command :
  
type ( RO): ext
+
<code>xe subject-remove subject-uuid=”User UUID”</code>
  
content-type ( RO): user
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe subject-remove subject-uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56
 +
</syntaxhighlight>
  
uuid ( RO): 6972a5fc-f265-d32c-52ff-47bf96221309
+
For see your current list you can use below command :
  
name-label ( RW): XenServer Tools
+
<code>xe subject-list</code>
  
name-description ( RW): XenServer Tools ISOs
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe subject-list
  
host ( RO): xenserver
+
uuid ( RO) : fc21d498-1a35-b24c-9d27-c6f2153dde56
  
type ( RO): iso
+
subject-identifier ( RO): S-1-5-21-3570103376-2371597222-4282842042-1303
  
content-type ( RO): iso
+
other-config (MRO): subject-name: MYDOMAINN\jokar; subject-upn: JOKAR@MYDOMAIN.COM; subject-uid: 128451863; subject-gid: 128451073; subject-sid: S-1-5-21-3570103376-2371597222-4282842042-1303; subject-gecos: MOHSEN JOKAR; subject-displayname: MOHSEN JOKAR; subject-is-group: false; subject-account-disabled: false; subject-account-expired: false; subject-account-locked: false; subject-password-expired: false
  
 +
roles (SRO): pool-admin
 +
</syntaxhighlight>
  
You must use your “Local Storage” ID thus our full command is :
+
But, When you add a user you can't do anything with the user in XenServer. Why? It is because you must give a role to the user. In below table, You can see the permissions for each role :
  
<nowiki># </nowiki>xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid=dc2d6d43-b60b-097d-22c6-5275d185d8e7
 
  
[root@xenserver ~]# xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid=dc2d6d43-b60b-097d-22c6-5275d185d8e7
+
{| class="prettytable"
 
+
|-
e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
! '''Role permissions'''
 
+
! '''Pool Admin'''
 
+
! '''Pool Operator'''
After it, If you check your “OpenXenManager” then you will see a new VM with the name “My Debian”.
+
! '''VM Power Admin'''
 
+
! '''VM Admin'''
You can change your VM setting via “xe” too. For example, By default, XenServer assigned 1 CPU to our VM and we want change it to 4 CPUs :
+
! '''VM Operator'''
 +
! '''Read Only'''
 +
|-
 +
| '''Assign/modify roles'''
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Log in to (physical) server consoles (through SSH and XenCenter)'''
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Server backup/restore'''
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Import/export OVF/OVA packages and disk images'''
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Convert virtual <span style="color:#000000;">machines using XenServer Conversion Manager'''
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Log out active user connections'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Create and dismiss alerts'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Cancel task of any user'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Pool management'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''Switch port locking'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| '''VM advanced operations'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|
 +
|-
 +
| '''VM create/destroy operations'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|
 +
|-
 +
| '''VM change CD media'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|-
 +
| '''View VM consoles'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|-
 +
| '''XenCenter view mgmt ops'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|
 +
|-
 +
| '''Cancel own tasks'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|-
 +
| '''Read audit logs'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|-
 +
| '''Connect to pool and read all pool metadata'''
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
| {{Tick}}
 +
|-
 +
|}
  
<nowiki># xe vm-list</nowiki>
+
For give a role to a user name or group do below step :
  
[root@xenserver ~]# xe vm-list
+
xe subject-role-add uuid=”User name or Group UUID” role-name=
  
uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
role-name is :
 +
* pool-admin
 +
* pool-operator
 +
* vm-power-admin
 +
* vm-admin
 +
* vm-operator
 +
* read-only
  
name-label ( RW): My Debian
+
For example :
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe subject-role-add uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56 role-name=pool-admin
 +
</syntaxhighlight>
  
power-state ( RO): halted
+
After it, Your user become a “Pool admin” and according to the above table can do anything with your XenServer.
  
 +
For use the user name that you grant it access just use the user name instead of “root”.
  
 +
==== {{anchor|Toc476606931}} Backup and Restore ====
  
 +
For create a Backup from your VM in XenServer. You can use command line and Third party. We just show you CLI but if you like an automate system that Backup your VM then you can look at “http://www.acronis.com/en-us/business/backup-advanced/citrix/” , “http://www.xenserver-backup.com/” , “https://xen-orchestra.com/” and “https://www.veritas.com/support/en_US/article.TECH74309”. Some free Scripts are exist too : “https://github.com/NAUbackup/VmBackup” and “https://github.com/aviadra/Xen-pocalypse”.
  
uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027
+
OK, For create a Backup from a VM you must Shutdown your VM by default but some of third party let you to create a backup without shutdown. Let's start!
  
name-label ( RW): Windows 7 (32-bit) (2016-08-13)
+
SSH to your XenServer or use “Console” tab in the main window of “OpenXenManager” or “Citrix XenCenter” :
  
power-state ( RO): halted
+
xe vm-list
  
 +
After it, You can see a list of your Vms. For example :
  
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-list
  
 +
uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
  
uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474
+
name-label ( RW): My Debian
  
name-label ( RW): Control domain on host: xenserver
+
power-state ( RO): halted
  
power-state ( RO): running
 
  
 +
uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027
  
Then :
+
name-label ( RW): Windows 7 (32-bit) (2016-08-13)
  
<nowiki># xe vm-param-set VCPUs-max=4 uuid= Your VM UUID</nowiki>
+
power-state ( RO): running
  
xe vm-param-set VCPUs-max=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
 
  
 +
uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474
  
Then :
+
name-label ( RW): Control domain on host: xenserver
  
<nowiki># </nowiki>xe vm-param-set VCPUs-at-startup=4 uuid= Your VM UUID
+
power-state ( RO): running
 +
</syntaxhighlight>
  
xe vm-param-set VCPUs-at-startup=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
In this example, I want create a backup from my “Windows 7” VM. First of all, I must shutdown the VM :
  
 +
<code>xe vm-shutdown uuid=”UUID of your VM”</code>
  
After it, If you see the VM properties then you can see that our VCPU changed :
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# xe vm-shutdown uuid=35462d0b-938d-7658-5878-496f180b2027
  
[[Image:Figure_75_-_Change_VCPU.png|top|600px|none|thumb]]
+
[root@xenserver ~]#
 +
</syntaxhighlight>
  
===== <span style="color:#00000a;">Figure 75 : Change VCPU.=====
+
Then, You should use below command with a path. Don't forget, Never use “/” of your XenServer for copy files and… Because if “/” become full then it cause your XenServer crashed.
  
You can change memory setting too. The commands that you must use are :# xe vm-param-set memory-static-max=”Maximum size for static memory” uuid=replace_with_uuid
+
If you like mount a directory via a remote IP the you must use “mount” command. First of all, Share the folder on remote computer and then execute below command on your XenServer :
# xe vm-param-set memory-dynamic-max=”Maximum size for dynamic memory” uuid=replace_with_uuid
 
# xe vm-param-set memory-dynamic-min=”Minimum size for dynamic memory” uuid=replace_with_uuid
 
# xe vm-param-set memory-static-min=”Minimum size for static memory” uuid=replace_with_uuid
 
  
 +
<syntaxhighlight lang="sh"># mkdir /home/share
  
 +
# mount -t cifs //”IP Address of remote computer” -o username=”Username”,password=”Password” /home/share/</syntaxhighlight>
  
 
For example :
 
For example :
  
[root@xenserver ~]# xe vm-param-set memory-static-max=
+
<syntaxhighlight lang="sh"># mount -t cifs //192.168.1.1/MyDIR -o username=”Username”,password=”Password” /home/share/</syntaxhighlight>
  
2147483648 268435456 788529152
+
Now, I can create a backup and export my VM to “/home/share/” directory :
  
[root@xenserver ~]# xe vm-param-set memory-static-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
<code>xe vm-export uuid=”UUID of your vm” filename=”Path and file name with .xva”</code>
  
[root@xenserver ~]# xe vm-param-set memory-dynamic-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]#xe vm-export uuid=35462d0b-938d-7658-5878-496f180b2027 filename=/home/share/myback.xva
 +
</syntaxhighlight>
  
[root@xenserver ~]# xe vm-param-set memory-dynamic-min=
+
For Restoring a backup you can use below command :
  
2147483648 268435456 788529152
+
<code>xe vm-import filename=”Path and file name with .xva”</code>
  
[root@xenserver ~]# xe vm-param-set memory-dynamic-min=268435456 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]#xe vm-import filename=/home/share/myback.xva
 +
</syntaxhighlight>
  
[root@xenserver ~]# xe vm-param-set memory-static-min= uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
==== {{anchor|Toc476606932}} <span style="color:#00000a;">Hotfix</span> ====
  
1024 1073741824 306184192
+
It is an important part of XenServer and via Hotfixes you can solve security holes and other XenServer problems.
  
[root@xenserver ~]# xe vm-param-set memory-static-min=1024 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
When a security hole or bug found in XenServer then Citrix company provide patch for solve it. We want to show you that how you can patch your XenServe.
  
 +
Firs of all, Go to “http://support.citrix.com/article/CTX138115” and select your XenServer Version. After it you can find some patches that started with “CTX” words. When you click on a Hotfix then Citrix show you some information about the hotfix and tell you that which problems solved by this hotfix.
  
After it you can see that your memory setting changed :
+
Download the Hotfix and it is a .zip file. When download completed, You must extract this .zip file and move update file to your XenServer. You can extract it on your client or move it to XenServer and extract there. When you unzip the file then you have two files. A file with .xsupdate and a file with .tar.bz2. The .xsupdate file is your update file and another file that is compressed(.tar.bz2) is the source code of the update file. Don't forget, Citrix open sourced XenServer in 2013 and must provide the source code. For more information you can read “https://www.citrix.com/blogs/2013/06/25/xenserver-6-2-is-now-fully-open-source/”. I move the file via “scp” command to my XenServer and extracted it there.
  
[[Image:Figure_76_-_Memory_setting..png|top|600px|none|thumb]]
+
For update your XenServer you must use below command :
  
===== <span style="color:#00000a;">Figure 76 : Memory setting.=====
+
<code>xe patch-upload file-name=”The file with .xsupdate”</code>
  
Sometimes you need to attach your removable storage to your VM and We will show you how you can do it. Please Plug your removable storage to your server, I suppose it is a Pen Drive. After it, SSH to your XenServer :
+
<syntaxhighlight lang="sh">
 +
[root@xenserver home]# xe patch-upload file-name=XS65ESP1.xsupdate
  
 +
7f2e4a3a-4098-4a71-84ff-b0ba919723c7
  
$ ssh root@XenServer IP
+
[root@xenserver home]#
 +
</syntaxhighlight>
  
mohsen@Keep-calm-and-use-Linux:~$ ssh root@172.30.9.20
+
Then :
  
root@172.30.9.20's password:
+
xe patch-apply uuid=<UUID of the patch> host-uuid=<UUID of the host>
  
Last login: Sat Aug 13 14:31:34 2016 from 172.30.10.18
+
<syntaxhighlight lang="sh">
 +
[root@xenserver home]# xe patch-apply uuid=7f2e4a3a-4098-4a71-84ff-b0ba919723c7 host-uuid=638b5767-3ef5-4fed-9553-06f1c2f61f52
  
 +
6972a5fc-f265-d32c-52ff-47bf96221309 is the local tools SR: scanning
  
XenServer dom0 configuration is tuned for maximum performance and reliability.
+
Done
  
 +
Preparing... ##################################################
  
Configuration changes which are not explicitly documented or approved by Citrix
+
xen-device-model ##################################################
  
Technical Support, may not have been tested and are therefore not supported. In
+
Preparing... ##################################################
  
addition, configuration changes may not persist after installation of a hotfix
+
xen-hypervisor ##################################################
  
or upgrade, and could also cause a hotfix or upgrade to fail.
+
Preparing... ##################################################
  
 +
xen-tools ##################################################
  
Third party tools, which require modification to dom0 configuration, or
+
Preparing... ##################################################
  
installation into dom0, may cease to function correctly after upgrade or hotfix
+
xen-libs ##################################################
  
installation. Please consult Citrix Technical Support for advice regarding
+
Preparing... ##################################################
  
specific tools.
+
xen-dom0-tools ##################################################
  
 +
Preparing... ##################################################
  
Type "xsconsole" for access to the management console.
+
xen-dom0-libs ##################################################
  
[root@xenserver ~]#
+
Preparing... ##################################################
  
 +
xen-ocaml-libs ##################################################
  
Then, Execute “dmesg” command. The output of this command is long but at the end of output you can see something about your removable storage that plugged :
+
Preparing... ##################################################
  
[root@xenserver ~]# dmesg
+
guest-templates ##################################################
  
[75290.601990] usb 2-1.5: new high-speed USB device number 3 using ehci-pci
+
Preparing... ##################################################
  
[75290.853090] usb-storage 2-1.5:1.0: USB Mass Storage device detected
+
lvm2 ##################################################
  
[75290.853174] scsi4 : usb-storage 2-1.5:1.0
+
Preparing... ##################################################
  
[75290.853228] usbcore: registered new interface driver usb-storage
+
upgrade-plugin ##################################################
  
[75292.355579] scsi 4:0:0:0: Direct-Access HP v210w 1100 PQ: 0 ANSI: 0 CCS
+
Preparing... ##################################################
  
[75292.355791] scsi 4:0:0:0: alua: supports implicit and explicit TPGS
+
xapi-core ##################################################
  
[75292.356368] scsi 4:0:0:0: alua: No target port descriptors found
+
Preparing... ##################################################
  
[75292.356371] scsi 4:0:0:0: alua: not attached
+
xapi-xenopsd ##################################################
  
[75292.356473] sd 4:0:0:0: Attached scsi generic sg2 type 0
+
Preparing... ##################################################
  
[75292.357107] sd 4:0:0:0: [sdb] 31703040 512-byte logical blocks: (16.2 GB/15.1 GiB)
+
xapi-rrdd ##################################################
  
[75292.357944] sd 4:0:0:0: [sdb] Write Protect is off
+
Preparing... ##################################################
  
[75292.357946] sd 4:0:0:0: [sdb] Mode Sense: 43 00 00 00
+
Stopping XCP RRDD plugin xcp-rrdd-iostat: [ OK ]
  
[75292.358813] sd 4:0:0:0: [sdb] No Caching mode page found
+
Stopping XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]
  
[75292.358817] sd 4:0:0:0: [sdb] Assuming drive cache: write through
+
Stopping XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]
  
[75292.361987] sd 4:0:0:0: [sdb] No Caching mode page found
+
rrdd-plugins ##################################################
  
[75292.361992] sd 4:0:0:0: [sdb] Assuming drive cache: write through
+
Starting XCP RRDD plugin xcp-rrdd-iostat: [ OK ]
  
[75292.363072] sdb: sdb1 sdb2
+
Starting XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]
  
[75292.365816] sd 4:0:0:0: [sdb] No Caching mode page found
+
Starting XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]
  
[75292.365819] sd 4:0:0:0: [sdb] Assuming drive cache: write through
+
Preparing... ##################################################
  
[75292.365823] sd 4:0:0:0: [sdb] Attached SCSI removable disk
+
blktap ##################################################
  
 +
Preparing... ##################################################
  
It this example, Our Pen Drive model is “HP v210w”. The Removable storage passtrought is so easy in XenServer and Citrix do it for your automatically and no command need. If you open “OpenXenManager” program and click on “Storage” tab in the main page then you can see that XenServer did it for you automatically :
+
sm ##################################################
  
[[Image:Figure_77_-_Removable_storage.png|top|600px|none|thumb]]
+
Preparing... ##################################################
  
===== <span style="color:#00000a;">Figure 77 : Removable storage.=====
+
tzdata ##################################################
  
 +
Preparing... ##################################################
  
For add it to your VM just click on your VM name on the main window then click on “Storage” tab and click on “Attach” button and select “Removable Storage” and click on “Attach” button :
+
kernel ##################################################
  
[[Image:Figure_78_-_USB_Pass-through.png|top|600px|none|thumb]]
+
unable to stat /sys/class/block//var/swap/swap.001: No such file or directory
  
===== <span style="color:#00000a;">Figure 78 : USB Pass-through.=====
+
Preparing... ##################################################
  
After it, If you go to your VM then you can see that you Pen Drive mounted.
+
vgpu ##################################################
  
For unplug a Removable storage you can select it and click on “Detach” button.
+
Preparing... ##################################################
  
You can do it by command line too. Do below steps :
+
linux-guest-loader-data ##################################################
  
1- fdisk -l
+
Preparing... ##################################################
  
[root@xenserver ~]# fdisk -l
+
hwdata ##################################################
  
 +
Preparing... ##################################################
  
WARNING: GPT (GUID Partition Table) detected on '/dev/sda'! The util fdisk doesn't support GPT. Use GNU Parted.
+
xenserver-transfer-vm ##################################################
  
 +
Preparing... ##################################################
  
Disk /dev/sda: 1000.2 GB, 1000204886016 bytes
+
openvswitch ##################################################
  
256 heads, 63 sectors/track, 121126 cylinders
+
Preparing... ##################################################
  
Units = cylinders of 16128 * 512 = 8257536 bytes
+
v6d ##################################################
  
 +
Preparing... ##################################################
  
Device Boot Start End Blocks Id System
+
glibc ##################################################
  
/dev/sda1 <nowiki>* </nowiki>1 121127 976762583+ ee EFI GPT
+
Preparing... ##################################################
  
 +
glibc-common ##################################################
  
Disk /dev/sdc: 16.2 GB, 16231956480 bytes
+
Waiting for xapi to signal init complete
  
255 heads, 63 sectors/track, 1973 cylinders
+
Removing any existing built-in templates
  
Units = cylinders of 16065 * 512 = 8225280 bytes
+
Regenerating built-in templates
  
 +
[root@xenserver home]#
 +
</syntaxhighlight>
  
Device Boot Start End Blocks Id System
+
After it, You can use “xe patch-list” for see a list of patches :
  
/dev/sdc1 1 1974 15850496 b W95 FAT32
+
<syntaxhighlight lang="sh">
 +
[root@xenserver home]# xe patch-list
  
 +
uuid ( RO) : 5200911d-5f79-4149-abca-0556af77b14d
  
As you see, “/dev/sdc1” is my Pen Drive.
+
name-label ( RO): XS65E003
  
2- cd /dev/disk/by-id/
+
name-description ( RO): Public Availability: security fixes to glibc
  
3- ls
+
size ( RO): 0
  
[root@xenserver ~]# cd /dev/disk/by-id/
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
[root@xenserver by-id]# ls
+
after-apply-guidance (SRO): restartHost
  
scsi-SATA_ST1000DL002-9TT_W1V0RX1H scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part3
 
  
scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238
+
uuid ( RO) : 30d3992b-ac0a-45e8-9e93-d4b2e9bb235f
  
scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part2 usb-HP_v210w_AA00000000000238-part1
+
name-label ( RO): XS65E006
  
[root@xenserver by-id]#
+
name-description ( RO): Public Availability: security fixes to Xen
  
 +
size ( RO): 0
  
4- doing below command :
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
xe sr-create type=lvm content-type=user device-config:device=/dev/disk/by-id/scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238 name-label=”Local USB Storage”
+
after-apply-guidance (SRO): restartHost
  
  
5- After it you can see that it appear in your main window of “OpenXenManager” as “ Local USB Storage”.
+
uuid ( RO) : 9f9d57ff-3a04-4385-9744-f961b44a1db4
  
 +
name-label ( RO): XS65E001
  
 +
name-description ( RO): Public Availability: XenCenter fixes for XS 6.5
  
 +
size ( RO): 0
  
=== {{anchor|Toc476606930}} <span style="color:#00000a;">Snapshots</span> ===
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
Sometimes you need test a software of update packages but it may harm your VM and you don't like to reinstall and configure your OS. The Snapshot is a good option for you and you can back to the previous state. Let me to show you that how you can do it.
+
after-apply-guidance (SRO):
  
In the main window on “OpenXenManager” click your VM that you like create a snapshot of it, Then click on “Snapshots” tab. After it, click on “Take Snapshot” button and you can see a window that asked you to write a name for your snapshot :
 
  
 +
uuid ( RO) : 7f2e4a3a-4098-4a71-84ff-b0ba919723c7
  
[[Image:Figure_79-_VM_Snapshot.png|top|600px|none|thumb]]
+
name-label ( RO): XS65ESP1
  
===== <span style="color:#00000a;">Figure 79 : VM Snapshot.=====
+
name-description ( RO): Public Availability: XenServer 6.5 Service Pack 1 (SP1)
  
 +
size ( RO): 254832812
  
After it, You can see that a Snapshot is created :
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
[[Image:Figure_80-_Snapshot_created.png|top|600px|none|thumb]]
+
after-apply-guidance (SRO): restartHost
  
===== <span style="color:#00000a;">Figure 80 : Snapshot created.=====
 
  
 +
uuid ( RO) : 0fedb090-7d7a-4dce-afac-34d56d4c9aff
  
You can see it in Citrix XenCenter too and XenCenter show it more understandable:
+
name-label ( RO): XS65E002
  
[[Image:Figure_81-_Snapshot_Diagram.png|top|600px|none|thumb]]
+
name-description ( RO): Public Availability: XenTools fixes
  
===== <span style="color:#00000a;">Figure 81 : Snapshot Diagram.=====
+
size ( RO): 0
  
 +
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
As you see, XenCenter show it in a good diagram and you can select your snapshot and right click on it and the Select “Revert To” for back to the previous state. When you select “Revert To” the XenCenter show you a message like below :
+
after-apply-guidance (SRO): restartXAPI
  
  
[[Image:Figure_82-_Warning_Message.png|top|600px|none|thumb]]
+
uuid ( RO) : 70ef547a-125c-44fc-9cc3-1b709c9b7431
  
===== <span style="color:#00000a;">Figure 82 : Warning Message.=====
+
name-label ( RO): XS65E007
  
 +
name-description ( RO): Public Availability: Security fixes for Xen Device Model
  
XenCenter ask you that are you sure to back to this Snapshot or not, If you are sure then click “Yes”. After it, XenCenter show you a window like below:
+
size ( RO): 0
  
 +
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
[[Image:Figure_83-_Take_Snapshot_Window.png|top|600px|none|thumb]]
+
after-apply-guidance (SRO): restartHost
  
===== <span style="color:#00000a;">Figure 83 : Take Snapshot Window.=====
 
  
The XenCenter like to create another Snapshot and Enter a name for your Snapshot, For example, I enter “My snapshot”. After it our diagram is something like below :
+
uuid ( RO) : d3c08fcb-daa0-4410-bdb2-c298109e88ad
  
[[Image:Figure_84_-_XenCenter_Snapshots_tab.png|top|600px|none|thumb]]
+
name-label ( RO): XS65E008
  
===== <span style="color:#00000a;">Figure 84 : XenCenter Snapshots tab.=====
+
name-description ( RO): Public Availability: Fix for Dom0 kernel
  
 +
size ( RO): 0
  
After it, My VM back to the previous state and as you can see in the diagram, the Green arrow point to the “Now”. If I right click on “My snapshot” and select “Revert To” then The XenCenter show me a same window like “Figure 82” but I deselect “Take a snapshot of...” and click yes because I don't like to create another snapshot of my current state. After it, You can see that your VM back to the state that you did change to your VM. The current Diagram is something like below :
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
[[Image:Figure_85-_Back_to_“My_snapshot”.png|top|600px|none|thumb]]
+
after-apply-guidance (SRO): restartHost
  
===== <span style="color:#00000a;">Figure 85 : Back to “My snapshot”.=====
 
  
 +
uuid ( RO) : 492ca007-bf7b-454f-8e5c-63a991a52449
  
You can do all of these via “xe” too.
+
name-label ( RO): XS65E005
  
SSH to your XenServer and do below steps :
+
name-description ( RO): Storage fixes to prevent disk corruption
  
xe vm-snapshot vm=Your VM name new-name-label="Your Label"
+
size ( RO): 0
  
[root@xenserver ~]# xe vm-snapshot vm=Windows\ 7\ \(32-bit\)\ \(2016-08-13\) new-name-label="My Snapshot"
+
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
  
7f562a5f-7614-9991-5952-d8106cb10433
+
after-apply-guidance (SRO):
  
  
In “vm” parameter select the name of your VM that you want create a Snapshot from it.
+
[root@xenserver home]#
 +
</syntaxhighlight>
  
After it, You can see that a Snapshot created for you and you can doing changes. For Revert to your Snapshot use below command :
+
Done.
  
xe snapshot-revert snapshot-uuid=UUID
+
When the update completed, Don't forget to remove the Hotfix files. The “/” must not full.
  
xe snapshot-revert snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433
+
You can use Citrix XenCenter for do it too. Open XenCenter and from the left side click on “Notifications” then click on “Update” and after it click on “Check for Update Now” :
  
 +
[[Image:Figure_86-_Update.png|top|600px|none|thumb|Figure 86 : Update.]]
  
After it, You can see that your VM back to the previous state. For list the snapshot you can use below command :
 
  
xe snapshot-list
+
After it, If any update exist then a list of updates show:
  
[root@xenserver ~]# xe snapshot-list
+
[[Image:Figure_87-_List_of_updates.png|top|600px|none|thumb|Figure 87 : List of updates.]]
  
uuid ( RO) : 7f562a5f-7614-9991-5952-d8106cb10433
 
  
name-label ( RW): My Snapshot
+
Select a update and from “Actions” section click on Down arrow and then click on “Download and Install”. XenCenter Detect your XenServer(s) and when you select your XenServer Download start :
  
name-description ( RW):
+
[[Image:Figure_88-_Download_completed.png|top|600px|none|thumb|Figure 88 : Download completed.]]
  
 +
When Download completed, Click on “Next” and XenServer check the server for apply update :
  
For remove a snapshot use below command :
+
[[Image:Figure_89-_Checking_Server.png|top|600px|none|thumb|Figure 89 : Checking Server.]]
  
xe snapshot-uninstall snapshot-uuid=UUID
+
When everything is OK, Click on “Next”:
  
[root@xenserver ~]# xe snapshot-uninstall snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433
+
[[Image:Figure_90-_Ready_for_install_the_update.png|top|600px|none|thumb|Figure 90 : Ready for install the update.]]
  
The following items are about to be destroyed
+
Click on “Install update” For start installing :
  
VM : 7f562a5f-7614-9991-5952-d8106cb10433 (My Snapshot)
+
[[Image:Figure_91-_Installing_update.png|top|600px|none|thumb|Figure 91 : Installing update.]]
  
VDI: f0ad2781-5c8b-4202-898c-44f9cde4e9e1 (0)
 
  
Type 'yes' to continue
+
When installing done then XenCenter rebooted XenServer automatically and waiting for XenServer to become ready(Go up) :
  
yes
+
[[Image:Figure_92-_Update_applied.png|top|600px|none|thumb|Figure 92 : Update applied.]]
  
All objects destroyed
+
Everything is OK, Click on “Finish” and do these steps for other updates too.
  
 +
==== {{anchor|Toc476606933}} Citrix XenConvert ====
  
 +
According to the Citrix website : Citrix® XenConvert™ is a physical-to-virtual (P2V) conversion tool for converting a Windows operating system, applications, and data from a physical machine to a XenServer virtual machine, Provisioning Services vDisk, virtual appliance in the Open Virtualization Format (OVF), or disk image in the Virtual Hard Disk format.
  
 +
We want to show you that how you can use this tool. First of all, Download the XenConvert from “https://www.citrix.com/go/products/xenserver/xenserver-xenconvert-free.html” and install it on a Machine that you want convert it. XenConvert need .NET Framework 4. If it a VM that exist on VMWare or VirtualBox then Please remove additional tools on your VM : “Guest Additions” for VirtualBox, “Integration Services” for Microsoft Hyper-V and “VMWare Tools” for ESXi . After it, Execute XenConvert. You will see a window like below :
  
'''''Join your Citrix XenServer to Windows Domain'''''
 
  
You can join your XenServer to the Windows Domain and use Active Directory accounts for work with XenServer. For do it, In the main window of “OpenXenManager” click on “Users” tab and then click on “Join Domain” button. In the Citrix XenCenter you can do it with the same steps but let us explain it via CLI.
 
  
SSH to your XenServer and execute below command :
 
  
xe pool-enable-external-auth auth-type=AD service-name=”Your Domain name” config:user=”Your Active Directory User name” config:pass=”Your Active Directory Password”
+
[[Image:Figure_93-_XenConvert.png|top|600px|none|thumb|Figure 93 : XenConvert.]]
  
[root@xenserver ~]# xe pool-enable-external-auth auth-type=AD service-name=mydomain.com config:user=mohsen config:pass=XenServer
 
  
 +
As you see, The “From” option is selected as “This Machine” and in “To” option you can select the destination of conversation. If you like your Machine moved to the XenServer directly then select “XenServer” and if you like your VM convert to a package then select OVF. The Citrix XenConvert provide other options too :
  
After it, You can see that “Join Domain” button in “Users” tab is disabled and “Leave Domain” enabled.
 
  
After it, You must give access to your AD users or Groups :
+
[[Image:Figure_94-_“To”_options.png|top|600px|none|thumb|Figure 94 : “To” options.]]
  
xe subject-add subject-name=”Your AD user name or group name”
+
For more information about “OVF” format you can read “https://en.wikipedia.org/wiki/Open_Virtualization_Format”.
  
[root@xenserver ~]# xe subject-add subject-name=jokar
+
After it, Click “Next”.
  
fc21d498-1a35-b24c-9d27-c6f2153dde56
+
In the next windows, You must select the the Volume(Partition) that you want converted to the VM. We just like Drive C converted thus selected “C:” in the “Source Volume”.
  
 +
[[Image:Figure_95-_Select_the_Volume.png|top|600px|none|thumb|Figure 95 : Select the Volume.]]
  
For remove a User access use below command :
 
  
xe subject-remove subject-uuid=”User UUID”
+
In the next window, You must enter your XenServer information like the Citrix XenServer IP address, User name that have properly privilege(root) and Password for User name. In the “Workspace” you must specify a location that XenConvert store the OS on it and then move it to the Citrix XenServer. Click on “Browse...” button and specify a location. For example, We selected drive D.
  
[root@xenserver ~]# xe subject-remove subject-uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56
+
[[Image:Figure_96_-_provide_XenServer_information.png|top|600px|none|thumb|Figure 96 : provide XenServer information.]]
  
 +
After it, Click on “Next” button and XenConvert check the User name and password that you entered. If the User name and Password are correct then you see another window like below :
  
For see your current list you can use below command :
+
[[Image:Figure_97_-_Select_“VM_Name”_and_“Storage_Repository”.png|top|600px|none|thumb|Figure 97 : Select “VM Name” and “Storage Repository”.]]
  
xe subject-list
+
By default, XenConvert select your Computer name as “VM Name” but you can modify it. In “Storage Repository” you can select your XenServer storage that you like the machine store on it.
  
 +
Click on “Next” button. You can see a window like below :
  
[root@xenserver ~]# xe subject-list
+
[[Image:Figure_97_-_Select_“VM_Name”_and_“Storage_Repository”.png|top|600px|none|thumb|Figure 98 : Information about our job.]]
  
uuid ( RO) : fc21d498-1a35-b24c-9d27-c6f2153dde56
+
If you like XenConvert save the result of the convert then select “Log names of...” option. Click on “Convert” button.
  
subject-identifier ( RO): S-1-5-21-3570103376-2371597222-4282842042-1303
+
After a few seconds, A message like below showing and Citrix wants to create a Virtual partition and you must format this Virtual Partition :
  
other-config (MRO): subject-name: MYDOMAINN\jokar; subject-upn: JOKAR@MYDOMAIN.COM; subject-uid: 128451863; subject-gid: 128451073; subject-sid: S-1-5-21-3570103376-2371597222-4282842042-1303; subject-gecos: MOHSEN JOKAR; subject-displayname: MOHSEN JOKAR; subject-is-group: false; subject-account-disabled: false; subject-account-expired: false; subject-account-locked: false; subject-password-expired: false
+
[[Image:Figure_99_-_Format_Virtual_Partition.png|top|600px|none|thumb|Figure 99 : Format Virtual Partition.]]
  
roles (SRO): pool-admin
+
After it, Converting started.
  
 +
[[Image:Figure_100-_Converting_started..png|top|600px|none|thumb|Figure 100 : Converting started.]]
  
But, When you add a user you can't do anything with the user in XenServer. Why? It is because you must give a role to the user. In below table, You can see the permissions for each role :
+
The Virtual partition that XenConvert created has the same size of partition that you selected in Figure 96 as “Workspace”.
  
 +
==== {{anchor|Toc476606934}} <span style="color:#00000a;">Install other packages in XenServer</span> ====
  
 +
Sometimes you need to install other package on your XenServer that not exist in XenServer repository. For example, Some users like “traceroute” but if you use “yum install traceroute” then you got an error like below :
 +
<syntaxhighlight lang="sh">
 +
[root@xenserver ~]# yum install traceroute
  
{| style="border-spacing:0;width:6.9271in;"
+
Loaded plugins: fastestmirror
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
| align=center| <span style="color:#000000;">'''Role permissions'''</span>
 
| align=center| <span style="color:#000000;">'''Pool Admin'''</span>
 
| align=center| <span style="color:#000000;">'''Pool Operator'''</span>
 
| align=center| <span style="color:#000000;">'''VM Power Admin'''</span>
 
| align=center| <span style="color:#000000;">'''VM Admin'''</span>
 
| align=center| <span style="color:#000000;">'''VM Operator'''</span>
 
| align=center| <span style="color:#000000;">'''Read Only'''</span>
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Assign/modify roles</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Determining fastest mirrors
  
| align=center style="color:#000000;" |
+
citrix | 951 B 00:00
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Log in to (physical) server consoles (through SSH and XenCenter)</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Setting up Install Process
  
| align=center style="color:#000000;" |
+
No package traceroute available.
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Server backup/restore</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Nothing to do
 +
</syntaxhighlight>
  
| align=center style="color:#000000;" |
+
How you can install other packages in XenServer? We will show you.
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Import/export OVF/OVA packages and disk images</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
XenServer use Citrix yum repository by default :
  
| align=center style="color:#000000;" |
+
<syntaxhighlight lang="sh">
| align=center style="color:#000000;" |
+
[root@xenserver ~]# yum repolist enabled
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Convert virtual </span><span style="color:#000000;">machines using XenServer Conversion Manager</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Loaded plugins: fastestmirror
  
| align=center style="color:#000000;" |
+
Loading mirror speeds from cached hostfile
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Log out active user connections</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
repo id repo name status
  
|| * <div style="text-align:center;color:#000000;"></div>
+
citrix XenServer 6.5.0 updates 0
  
 +
repolist: 0
 +
</syntaxhighlight>
  
| align=center style="color:#000000;" |
+
We must disable it but you have two ways : 1- Disable it temporary 2- Disable it permanently
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Create and dismiss alerts</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
For disable it temporary you can use below command :
  
|| * <div style="text-align:center;color:#000000;"></div>
+
<syntaxhighlight lang="sh">#yum --enablerepo=base --disablerepo=citrix install “Your Package name”</syntaxhighlight>
  
  
| align=center style="color:#000000;" |
+
For example :
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Cancel task of any user</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
<syntaxhighlight lang="sh">#yum --enablerepo=base --disablerepo=citrix install traceroute</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
For disable it permanently you can use below command :
  
| align=center style="color:#000000;" |
+
<syntaxhighlight lang="sh">#sed -i -e "s/enabled=0/enabled=1/" /etc/yum.repos.d/CentOS-Base.repo</syntaxhighlight>
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Pool management</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Then install your package :
  
 +
<syntaxhighlight lang="sh">#yum install traceroute</syntaxhighlight>
  
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Switch port locking</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Don't forget, It is not a normal way and you must not install third party on your XenServer.
  
|| * <div style="text-align:center;color:#000000;"></div>
 
  
  
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">VM advanced operations</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
  
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
'''''Clone VM'''''
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Fortunately, Clone a Xen VM is so easy and with “dd” command you can do it in one step. We use “dd” command if our VM use “LVM” and if our VM is a file (.img) then it is so easy and just copy your image to other place.
  
 +
I hope you can remember our “LVM” scheme but don't worry if you can't remember it. Just use “lvdisplay” command :
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# lvdisplay
  
| align=center style="color:#000000;" |
+
--- Logical volume ---
| align=center style="color:#000000;" |
 
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">VM create/destroy operations</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
LV Path /dev/Xen/OpenSUSE
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV Name OpenSUSE
  
 +
VG Name Xen
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u
  
 +
LV Write Access read/write
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400
  
 +
LV Status available
  
| align=center style="color:#000000;" |
+
<nowiki># open </nowiki>0
| align=center style="color:#000000;" |
 
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">VM change CD media</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
LV Size 20.00 GiB
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Current LE 5120
  
 +
Segments 1
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Allocation inherit
  
 +
Read ahead sectors auto
  
|| * <div style="text-align:center;color:#000000;"></div>
+
- currently set to 256
  
 +
Block device 253:2
  
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
--- Logical volume ---
  
| align=center style="color:#000000;" |
+
LV Path /dev/Xen/linux
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">View VM consoles</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
LV Name linux
  
|| * <div style="text-align:center;color:#000000;"></div>
+
VG Name Xen
  
 +
LV UUID ryXghI-gXCq-S4qp-FIhF-q9Fx-GgM3-1Sfe2N
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV Write Access read/write
  
 +
LV Creation host, time localhost.localdomain, 2016-05-10 09:11:19 -0400
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV Status available
  
 +
<nowiki># open </nowiki>0
  
|| * <div style="text-align:center;color:#000000;"></div>
+
LV Size 20.00 GiB
  
 +
Current LE 5120
  
| align=center style="color:#000000;" |
+
Segments 1
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">XenCenter view mgmt ops</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
Allocation inherit
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Read ahead sectors auto
  
 +
- currently set to 256
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Block device 253:3
 +
</syntaxhighlight>
  
 +
In this example, I like to create a clone of “/dev/Xen/linux” and as you it is about 20.00 GiB :
  
|| * <div style="text-align:center;color:#000000;"></div>
+
“dd” Syntax is : dd if=<source file name> of=<target file name> [Options]
  
 +
<syntaxhighlight lang="sh"># dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K
  
 +
20971520+0 records in
  
| align=center style="color:#000000;" |
+
20971520+0 records out
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
 
|| <span style="color:#000000;">Cancel own tasks</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
21474836480 bytes (21 GB) copied, 381.062 s, 56.4 MB/s
 +
</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
+
OK, Command finished and on other server that you like clone your VM on it you should create a “LVM” similar to current server. If you look at “Storage and Networking” part then you will find the instruction of it via “pvcreate” , “vgcreate” and “lvcreate” commands.
  
 +
I assume that you copy your .img file from current server to other server via “scp” command and create your Volume Group and everything is ready for run “ lvcreate” command :
  
|| * <div style="text-align:center;color:#000000;"></div>
+
<syntaxhighlight lang="sh"># lvcreate -L 20G -v -n linux Xen</syntaxhighlight>
  
  
|| * <div style="text-align:center;color:#000000;"></div>
+
After it, You must use “dd” command for clone it on your new Volume on your new server :
  
 +
<syntaxhighlight lang="sh"># dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k</syntaxhighlight>
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k
  
|| * <div style="text-align:center;color:#000000;"></div>
+
20971520+0 records in
  
 +
20971520+0 records out
  
|| * <div style="text-align:center;color:#000000;"></div>
+
21474836480 bytes (21 GB) copied, 2004.95 s, 10.7 MB/s
 +
</syntaxhighlight>
  
 +
Everything is OK and you can config your Xen VM to use this “LVM”.
  
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
+
=== {{anchor|Toc476606935}} <span style="color:#00000a;">Recovery</span> ===
|| <span style="color:#000000;">Read audit logs</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
We spoke something about cloning a VM and I guess you thinking about how you can Fix or recover a VM when it is corrupted. To be honest, The best way for it is make a backup from your VM. If your VM use .img then you can copy it to other place as a backup if your VM use LVM then you can cloning and keep it as a backup.
  
|| * <div style="text-align:center;color:#000000;"></div>
+
In Linux, You can use “testdisk” utility that it is a free and open source data recovery tool for recovery .img files or partitions. It is installed by default but if your Dom0 not have it then you can install it manually. Our Dom0 is Fedora and we use below command :
  
 +
<syntaxhighlight lang="sh"># dnf install testdisk</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
+
OK, When installing complete then you can use “testdisk” command. According to “http://www.cgsecurity.org/” the full syntax is :
  
 +
<syntaxhighlight lang="sh"># testdisk [/debug] [/log] [/logname file.log] /cmd [file.dd|file.e01|device] cmd</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
+
For example, I like to recovery my VM image and I use below command :
  
 +
<syntaxhighlight lang="sh"># testdisk /home/mohsen/Windows7.img</syntaxhighlight>
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Work with this tool is easy. “testdisk” will show you the number of partition that your VM has and you can select your Intended partition and after it select suitable options and recovery will start :
  
 +
[[Image:Figure_101_-_TestDisk.png|top|600px|none|thumb|Figure 101 : TestDisk.]]
  
|| * <div style="text-align:center;color:#000000;"></div>
+
=== {{anchor|Toc476606936}} <span style="color:#00000a;">How to auto start XEN VMs after reboot of DOM0</span> ===
  
 +
A good option for your Xen server is auto start. Sometimes your Server crashed or you have Power problem or for any reason your server rebooted or powered off. Suppose, You have a lot of Vms on your Dom0 and all of your Vms must be start immediately. What you should do? A system administrator answer this question with a Script that start all Xen Vms or specific Vms after each reboot but Xen Project provide a good option for your in this conditions.
  
|- style="background-color:#ffffff;border:none;padding:0.0382in;"
+
It is so easy and Let me to explain it.
|| <span style="color:#000000;">Connect to pool and read all pool metadata</span>
 
|| * <div style="text-align:center;color:#000000;"></div>
 
  
 +
If you look at “/etc/xen/” directory then you will find a directory with the name “auto”. If you put a link of your VM configuration file in this photo then your VM started automatically any time that your Dom0 rebooted. We use “ln” command in Linux for create a Link :
  
|| * <div style="text-align:center;color:#000000;"></div>
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# cd /etc/xen/auto/
 +
[root@localhost ~]# ln -s /etc/xen/windows.cfg
 +
</syntaxhighlight>
  
 +
In this example, I created a Link of “windows.cfg” and this VM started automatically any time that my Dom0 rebooted.
  
|| * <div style="text-align:center;color:#000000;"></div>
+
OK, I rebooted Dom0 intentional and after it my DomU started automatically :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# xl list
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Name ID Mem VCPUsStateTime(s)
  
 +
Domain-0 0 3659 8 r----- 53.4
  
|| * <div style="text-align:center;color:#000000;"></div>
+
Windows10 2 4096 4 -b---- 48.7
 +
</syntaxhighlight>
  
 +
As you see, My VM with the name “Windows10 “ started.
  
|| * <div style="text-align:center;color:#000000;"></div>
+
=== {{anchor|Toc476606937}} <span style="color:#00000a;">Monitoring Via Nagios</span> ===
  
 +
Nagios is a free and open source software that help system administrators for monitoring Systems, Networks, services and… Nagios now known as “Nagios Core”. It is true that The Xen project provide a monitoring tool by default and you can install other Linux monitoring tools too but a product like Nagios can help you in some situations.
  
 +
We want to show you that how you can install Nagios from source code.
  
 +
First of all, You should install some packages. We use Fedora server and Dom0 so :
  
|-
+
<syntaxhighlight lang="sh">
|}
+
[root@localhost ~]# dnf install -y httpd php gcc glibc glibc-common gd gd-devel make net-snmp
 +
</syntaxhighlight>
  
 +
After it, We should create a user with the name “nagios” and a group with the name “nagcmd” :
  
For give a role to a user name or group do below step :
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# useradd nagios
 +
[root@localhost ~]# groupadd nagcmd
 +
</syntaxhighlight>
  
xe subject-role-add uuid=”User name or Group UUID” role-name=
+
Then :
  
role-name is :
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# usermod -G nagcmd nagios
 +
[root@localhost ~]# usermod -G nagcmd apache
 +
</syntaxhighlight>
  
✔pool-admin
+
After it, We create a directory for download “Nagios core” source code :
  
✔pool-operator
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# mkdir /root/nagios
 +
</syntaxhighlight>
  
✔vm-power-admin
+
Then, use “cd” command for change directory as below :
  
✔vm-admin
+
<syntaxhighlight lang="sh">
 +
[root@localhost ~]# cd /root/nagios/
 +
</syntaxhighlight>
  
✔vm-operator
+
After it, We use “wget” tool for download “Nagios core” and “Nagios Plugins” source code. At the time of writing this book, the Nagios version was 4.0.1 and the URL to download it was as below :
  
✔read-only
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.1.tar.gz
 +
[root@localhost nagios]# wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz
 +
</syntaxhighlight>
  
 +
OK,When download finished,we use “gunzip” and “tar -xf” commands for extract the packages. When packages extracted, we use “cd” command for change to the “nagios-4.0.1” directory and issue below commands :
  
For example :
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# ./configure –with-command-group=nagcmd
 +
[root@localhost nagios]# make all
 +
[root@localhost nagios]# make install
 +
[root@localhost nagios]# make install-init
 +
[root@localhost nagios]# make install-commandmode
 +
[root@localhost nagios]# make install-config
 +
</syntaxhighlight>
  
[root@xenserver ~]# xe subject-role-add uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56 role-name=pool-admin
+
If you like receiving email alerts then open below file via an editor like “nano” and set the “email address” with the correct email address :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# nano /usr/local/nagios/etc/objects/contacts.cfg
 +
</syntaxhighlight>
  
After it, Your user become a “Pool admin” and according to the above table can do anything with your XenServer.
+
When everything is done the we use below command for configure web interface for nagios :
  
For use the user name that you grant it access just use the user name instead of “root”.
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# make install-webconf
 +
</syntaxhighlight>
  
 +
After it, we use below command for Create password for “nagiosadmin” account :
  
 +
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# htpasswd -s -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
 +
</syntaxhighlight>
  
 +
Now, We must start “httpd” service :
  
=== {{anchor|Toc476606931}} <span style="color:#00000a;">Backup and Restore</span> ===
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# systemctl start httpd.service
 +
</syntaxhighlight>
  
For create a Backup from your VM in XenServer. You can use command line and Third party. We just show you CLI but if you like an automate system that Backup your VM then you can look at “http://www.acronis.com/en-us/business/backup-advanced/citrix/” , “http://www.xenserver-backup.com/” , “https://xen-orchestra.com/” and “https://www.veritas.com/support/en_US/article.TECH74309”. Some free Scripts are exist too : “https://github.com/NAUbackup/VmBackup” and “https://github.com/aviadra/Xen-pocalypse”.
+
OK, “Nagios Core” installed successfully and we must install “Plugins”. I hope you extracted “nagios-plugins-1.5” package in the first step and we are ready to install it. Use “cd” command for change to “nagios-plugins-1.5” directory and issue below commands :
  
OK, For create a Backup from a VM you must Shutdown your VM by default but some of third party let you to create a backup without shutdown. Let's start!
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
 +
[root@localhost nagios]# make && make install
 +
</syntaxhighlight>
  
SSH to your XenServer or use “Console” tab in the main window of “OpenXenManager” or “Citrix XenCenter” :
+
OK, Everything is done and we must check our configuration file :
  
xe vm-list
+
<syntaxhighlight lang="sh">
 +
[root@localhost nagios]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
 +
</syntaxhighlight>
  
After it, You can see a list of your Vms. For example :
+
<syntaxhighlight lang="sh">
 +
Nagios Core 4.0.1
  
[root@xenserver ~]# xe vm-list
+
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
  
uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50
+
Copyright (c) 1999-2009 Ethan Galstad
  
name-label ( RW): My Debian
+
Last Modified: 10-15-2013
  
power-state ( RO): halted
+
License: GPL
  
  
 +
Website: http://www.nagios.org
  
 +
Reading configuration data...
  
uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027
+
Read main config file okay...
  
name-label ( RW): Windows 7 (32-bit) (2016-08-13)
+
Read object config files okay...
  
power-state ( RO): running
 
  
 +
Running pre-flight check on configuration data...
  
  
 +
Checking objects...
  
uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474
+
Checked 9 services.
  
name-label ( RW): Control domain on host: xenserver
+
Checked 2 hosts.
  
power-state ( RO): running
+
Checked 1 host groups.
  
 +
Checked 0 service groups.
  
In this example, I want create a backup from my “Windows 7” VM. First of all, I must shutdown the VM :
+
Checked 1 contacts.
  
xe vm-shutdown uuid=”UUID of your VM”
+
Checked 1 contact groups.
  
[root@xenserver ~]# xe vm-shutdown uuid=35462d0b-938d-7658-5878-496f180b2027
+
Checked 25 commands.
  
[root@xenserver ~]#
+
Checked 5 time periods.
  
 +
Checked 0 host escalations.
  
Then, You should use below command with a path. Don't forget, Never use “/” of your XenServer for copy files and… Because if “/” become full then it cause your XenServer crashed.
+
Checked 0 service escalations.
  
If you like mount a directory via a remote IP the you must use “mount” command. First of all, Share the folder on remote computer and then execute below command on your XenServer :
+
Checking for circular paths...
  
<nowiki># mkdir /home/share</nowiki>
+
Checked 2 hosts
  
<nowiki># mount -t cifs //”IP Address of remote computer” -o username=”Username”,password=”Password” /home/share/</nowiki>
+
Checked 0 service dependencies
  
For example :
+
Checked 0 host dependencies
  
<nowiki># mount -t cifs //192.168.1.1/MyDIR -o username=”Username”,password=”Password” /home/share/</nowiki>
+
Checked 5 timeperiods
  
 +
Checking global event handlers...
  
Now, I can create a backup and export my VM to “/home/share/” directory :
+
Checking obsessive compulsive processor commands...
  
xe vm-export uuid=”UUID of your vm” filename=”Path and file name with .xva”
+
Checking misc settings...
  
xe vm-export uuid=35462d0b-938d-7658-5878-496f180b2027 filename=/home/share/myback.xva
 
  
 +
Total Warnings: 0
  
For Restoring a backup you can use below command :
+
Total Errors: 0
 +
</syntaxhighlight>
  
xe vm-import filename=”Path and file name with .xva”
+
Things look okay - No serious problems were detected during the pre-flight check
  
xe vm-import filename=/home/share/myback.xva
 
  
 +
As use see, “Things look okay - No serious problems were detected during the pre-flight check”, Then :
  
 +
<syntaxhighlight lang="sh">
 +
# chkconfig --add nagios
 +
# chkconfig --level 35 nagios on
 +
# systemctl enable httpd.service
 +
# systemctl start httpd
 +
# systemctl start nagios
 +
</syntaxhighlight>
  
 +
The “Nagios Core” use port “5666” and we must open this port via “iptables” for remote control :
  
 +
<syntaxhighlight lang="sh">
 +
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5666 -j ACCEPT
 +
# iptables-save
 +
</syntaxhighlight>
  
 +
If you remember, We spoke about “Selinux” and told you that you must not disable it, But the Selinux can cause problems and show you an error message like “Internal Server Error” when you attempt to access the Nagios CGIs. You can put Selinux in Enforcing mode :
  
 +
<syntaxhighlight lang="sh">
 +
# getenforce
 +
</syntaxhighlight>
  
 +
But Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:
  
=== {{anchor|Toc476606932}} <span style="color:#00000a;">Hotfix</span> ===
+
<syntaxhighlight lang="sh">
 +
# chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
 +
# chcon -R -t httpd_sys_content_t /usr/local/nagios/share/
 +
</syntaxhighlight>
  
It is an important part of XenServer and via Hotfixes you can solve security holes and other XenServer problems.
+
OK, All steps finished and we are ready for logging to the “Nagios”. Open a web browser and write your server IP address in URL as below :
  
When a security hole or bug found in XenServer then Citrix company provide patch for solve it. We want to show you that how you can patch your XenServe.
+
<syntaxhighlight lang="sh">
 +
http://172.30.9.20/nagios
 +
</syntaxhighlight>
  
Firs of all, Go to “http://support.citrix.com/article/CTX138115” and select your XenServer Version. After it you can find some patches that started with “CTX” words. When you click on a Hotfix then Citrix show you some information about the hotfix and tell you that which problems solved by this hotfix.
+
In this example, Our server IP address is “172.30.9.20”.
  
Download the Hotfix and it is a .zip file. When download completed, You must extract this .zip file and move update file to your XenServer. You can extract it on your client or move it to XenServer and extract there. When you unzip the file then you have two files. A file with .xsupdate and a file with .tar.bz2. The .xsupdate file is your update file and another file that is compressed(.tar.bz2) is the source code of the update file. Don't forget, Citrix open sourced XenServer in 2013 and must provide the source code. For more information you can read “https://www.citrix.com/blogs/2013/06/25/xenserver-6-2-is-now-fully-open-source/”. I move the file via “scp” command to my XenServer and extracted it there.
+
[[Image:Figure_102_-_Nagios_logging.png|top|300px|none|thumb|Figure 102 : Nagios logging.]]
  
For update your XenServer you must use below command :
 
  
xe patch-upload file-name=”The file with .xsupdate”
+
In “User Name” write “nagiosadmin” and in “Password” write a password that you choice. After it, We will see the “Nagios Core” page as below :
  
[root@xenserver home]# xe patch-upload file-name=XS65ESP1.xsupdate
+
[[Image:Figure_103_-_Nagios.png|top|800px|none|thumb|Figure 103 : Nagios.]]
  
7f2e4a3a-4098-4a71-84ff-b0ba919723c7
+
OK, If you click on “Hosts” and “Services” then you can see the current situation of your machine.
  
[root@xenserver home]#
+
For some reasons, You don't like to install Nagios on your Xen Project machine and like to dedicate a server for it and just like to monitor your Xen Project. In this situation, You must install “Nagios Core” and “Nagios Plugin” on a server as we learned and install NRPE on your Xen Project server as below :
  
 +
First of all, Install necessary packages :
  
Then :
+
<syntaxhighlight lang="sh">
 +
# yum install -y gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel perl
 +
# yum install xinetd
 +
</syntaxhighlight>
  
xe patch-apply uuid=<UUID of the patch> host-uuid=<UUID of the host>
+
Then, Create a directory as below and download necessary packages :
  
[root@xenserver home]# xe patch-apply uuid=7f2e4a3a-4098-4a71-84ff-b0ba919723c7 host-uuid=638b5767-3ef5-4fed-9553-06f1c2f61f52
+
<syntaxhighlight lang="sh">
 +
# mkdir /root/nagios
 +
# wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz
 +
</syntaxhighlight>
  
6972a5fc-f265-d32c-52ff-47bf96221309 is the local tools SR: scanning
+
Download NRPE from below URL :
  
Done
+
https://sourceforge.net/projects/nagios/files/nrpe-2.x/
  
Preparing... <nowiki>##################################################</nowiki>
+
When download complete, You must create a “nagios” user :
  
xen-device-model <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# useradd nagios
 +
# passwd nagios
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
Now, We must compile and install downloaded packages :
  
xen-hypervisor <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# tar xvfz nagios-plugins-1.4.11.tar.gz
 +
# cd nagios-plugins-1.4.11
 +
# ./configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
 +
# make
 +
# make install
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
Then, Change directory permission via below commands :
  
xen-tools <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# chown nagios.nagios /usr/local/nagios
 +
# chown -R nagios.nagios /usr/local/nagios/libexec/
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
Nagios Plugins installed and now we must install NRPE package. Extract package and do below steps :
  
xen-libs <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# cd nrpe-2.12
 +
# ./configure --enable-command-args
 +
# make all
 +
# make install
 +
# make install-config
 +
# echo >> /etc/services
 +
# echo '# Nagios services' >> /etc/services
 +
# echo 'nrpe 5666/tcp' >> /etc/services
 +
# make install-init
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
You can see the output of commands here :
  
xen-dom0-tools <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
[root@localhost nrpe-3.0]# make all
  
Preparing... <nowiki>##################################################</nowiki>
+
cd ./src/; make
  
xen-dom0-libs <nowiki>##################################################</nowiki>
+
make[1]: Entering directory `/root/nagios/nrpe-3.0/src'
  
Preparing... <nowiki>##################################################</nowiki>
+
gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o nrpe ./nrpe.c ./utils.c ./acl.c -lssl -lcrypto -lnsl
  
xen-ocaml-libs <nowiki>##################################################</nowiki>
+
gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o check_nrpe ./check_nrpe.c ./utils.c -lssl -lcrypto -lnsl
  
Preparing... <nowiki>##################################################</nowiki>
+
make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'
  
guest-templates <nowiki>##################################################</nowiki>
 
  
Preparing... <nowiki>##################################################</nowiki>
+
*** Compile finished ***
 +
</syntaxhighlight>
  
lvm2 <nowiki>##################################################</nowiki>
+
You can now continue with the installation or upgrade process.
  
Preparing... <nowiki>##################################################</nowiki>
+
Read the PDF documentation (NRPE.pdf) for information on the next steps you should take to complete the installation or upgrade.
  
upgrade-plugin <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
[root@localhost nrpe-3.0]# make install
  
Preparing... <nowiki>##################################################</nowiki>
+
cd ./src/; make install
  
xapi-core <nowiki>##################################################</nowiki>
+
make[1]: Entering directory `/root/nagios/nrpe-3.0/src'
  
Preparing... <nowiki>##################################################</nowiki>
+
make install-plugin
  
xapi-xenopsd <nowiki>##################################################</nowiki>
+
make[2]: Entering directory `/root/nagios/nrpe-3.0/src'
  
Preparing... <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 755 -d /usr/local/nagios/bin
  
xapi-rrdd <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall
  
Preparing... <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
  
Stopping XCP RRDD plugin xcp-rrdd-iostat: [ OK ]
+
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
  
Stopping XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]
+
/usr/bin/install -c -m 775 -o nagios -g nagios check_nrpe /usr/local/nagios/libexec
  
Stopping XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]
+
make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'
  
rrdd-plugins <nowiki>##################################################</nowiki>
+
make install-daemon
  
Starting XCP RRDD plugin xcp-rrdd-iostat: [ OK ]
+
make[2]: Entering directory `/root/nagios/nrpe-3.0/src'
  
Starting XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]
+
/usr/bin/install -c -m 755 -d /usr/local/nagios/bin
  
Starting XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]
+
/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall
  
Preparing... <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 755 nrpe /usr/local/nagios/bin
  
blktap <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 644 ../startup/tmpfile.conf /usr/lib/tmpfiles.d/nrpe.conf
  
Preparing... <nowiki>##################################################</nowiki>
+
make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'
  
sm <nowiki>##################################################</nowiki>
+
make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
[root@localhost nrpe-3.0]# make install-config
  
tzdata <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
  
Preparing... <nowiki>##################################################</nowiki>
+
/usr/bin/install -c -m 644 -o nagios -g nagios sample-config/nrpe.cfg /usr/local/nagios/etc
 +
</syntaxhighlight>
  
kernel <nowiki>##################################################</nowiki>
+
After it, We must enable nrpe service :
  
unable to stat /sys/class/block//var/swap/swap.001: No such file or directory
+
<syntaxhighlight lang="sh">
 +
# systemctl enable nrpe.service
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
I'm sure, for some security reasons you don't like to disable iptables then for this reason you must let Nagios core and NRPE Communicate with each other :
  
vgpu <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT
 +
# iptables-save
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
OK. The next is step is edit “nrpe.cfg” file via an editor like “nano” :
  
linux-guest-loader-data <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# nano /usr/local/nagios/etc/nrpe.cfg
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
Then , find below lines and add your nagios server IP address and change value from “0” to “1” :
  
hwdata <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
allowed_hosts=127.0.0.1,NAGIOS SERVER IP ADDRESS
  
Preparing... <nowiki>##################################################</nowiki>
+
dont_blame_nrpe=1
 +
</syntaxhighlight>
  
xenserver-transfer-vm <nowiki>##################################################</nowiki>
+
Then :
  
Preparing... <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# systemctl start nrpe.service
 +
</syntaxhighlight>
  
openvswitch <nowiki>##################################################</nowiki>
+
Now, It's time to do the test :
  
Preparing... <nowiki>##################################################</nowiki>
 
  
v6d <nowiki>##################################################</nowiki>
+
# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
  
Preparing... <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
[root@localhost nrpe-3.0]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
  
glibc <nowiki>##################################################</nowiki>
+
NRPE vnrpe-3.0
 +
</syntaxhighlight>
  
Preparing... <nowiki>##################################################</nowiki>
+
OK, After it we must introduce our client to our Nagios server, So On Nagios server do below steps :
  
glibc-common <nowiki>##################################################</nowiki>
+
<syntaxhighlight lang="sh">
 +
# touch /usr/local/nagios/etc/hosts.cfg
  
Waiting for xapi to signal init complete
+
# touch /usr/local/nagios/etc/services.cfg
 +
</syntaxhighlight>
  
Removing any existing built-in templates
+
Open “hosts.cfg” file with nano editor and write below lines to it :
  
Regenerating built-in templates
+
<syntaxhighlight lang="sh">
 +
# nano hosts.cfg
  
 +
define host{
  
[root@xenserver home]#
+
name linux-box ; Name of this template
  
 +
use generic-host ; Inherit default values
  
After it, You can use “xe patch-list” for see a list of patches :
+
check_period 24x7
  
[root@xenserver home]# xe patch-list
+
check_interval 5
  
uuid ( RO) : 5200911d-5f79-4149-abca-0556af77b14d
+
retry_interval 1
  
name-label ( RO): XS65E003
+
max_check_attempts 10
  
name-description ( RO): Public Availability: security fixes to glibc
+
check_command check-host-alive
  
size ( RO): 0
+
notification_period 24x7
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
notification_interval 30
  
after-apply-guidance (SRO): restartHost
+
notification_options d,r
  
 +
contact_groups admins
  
 +
register 0 ; DONT REGISTER THIS - ITS A TEMPLATE
  
 +
}
  
uuid ( RO) : 30d3992b-ac0a-45e8-9e93-d4b2e9bb235f
+
## Default
  
name-label ( RO): XS65E006
+
define host{
  
name-description ( RO): Public Availability: security fixes to Xen
+
use linux-box ; Inherit default values from a template
  
size ( RO): 0
+
host_name our-boy ; The name we're giving to this server
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
alias CentOS 7 ; A longer name for the server
  
after-apply-guidance (SRO): restartHost
+
address IP ADDRESS ; IP address of Remote Linux host
  
 +
}
  
  
 +
Open “services.cfg” file with nano editor and write below lines to it :
  
uuid ( RO) : 9f9d57ff-3a04-4385-9744-f961b44a1db4
+
# nano services.cfg
  
name-label ( RO): XS65E001
+
define service{
  
name-description ( RO): Public Availability: XenCenter fixes for XS 6.5
+
use generic-service
  
size ( RO): 0
+
host_name our-boy
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
service_description CPU Load
  
after-apply-guidance (SRO):
+
check_command check_nrpe!check_load
  
 +
}
  
 +
define service{
  
 +
use generic-service
  
uuid ( RO) : 7f2e4a3a-4098-4a71-84ff-b0ba919723c7
+
host_name our-boy
  
name-label ( RO): XS65ESP1
+
service_description SSH Monitoring
  
name-description ( RO): Public Availability: XenServer 6.5 Service Pack 1 (SP1)
+
check_command check_nrpe!check_ssh
  
size ( RO): 254832812
+
}
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
define service{
  
after-apply-guidance (SRO): restartHost
+
use generic-service
  
 +
host_name our-boy
  
 +
service_description FTP Monitoring
  
 +
check_command check_nrpe!check_ftp
  
uuid ( RO) : 0fedb090-7d7a-4dce-afac-34d56d4c9aff
+
}
 +
</syntaxhighlight>
  
name-label ( RO): XS65E002
+
Then, Open “nagios.cfg” and add below line to it :
  
name-description ( RO): Public Availability: XenTools fixes
+
<syntaxhighlight lang="sh">
 +
cfg_file=/usr/local/nagios/etc/hosts.cfg
  
size ( RO): 0
+
cfg_file=/usr/local/nagios/etc/services.cfg
 +
</syntaxhighlight>
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
After it :
  
after-apply-guidance (SRO): restartXAPI
+
<syntaxhighlight lang="sh">
 +
# nano /usr/local/nagios/etc/objects/commands.cfg
  
 +
define command{
  
 +
command_name check_nrpe
  
 +
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
  
uuid ( RO) : 70ef547a-125c-44fc-9cc3-1b709c9b7431
+
}
 +
</syntaxhighlight>
  
name-label ( RO): XS65E007
+
You can install NRPE package on your Nagios Core too and check the connection between Nagios core and your client. For example :
  
name-description ( RO): Public Availability: Security fixes for Xen Device Model
+
<syntaxhighlight lang="sh">
 +
[root@localhost nrpe-3.0]# /root/nagios/nrpe-3.0/src/check_nrpe -H “CLIENT IP ADDRESS”
  
size ( RO): 0
+
NRPE vnrpe-3.0
 +
</syntaxhighlight>
  
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
+
Now, if you restart nagios service on Nagios core server then you can see your client on “Hosts” section.
 
 
after-apply-guidance (SRO): restartHost
 
 
 
 
 
 
 
 
 
uuid ( RO) : d3c08fcb-daa0-4410-bdb2-c298109e88ad
 
  
name-label ( RO): XS65E008
+
[[Category:Users]] [[Category:HelloXenProjectBook]]
 
 
name-description ( RO): Public Availability: Fix for Dom0 kernel
 
 
 
size ( RO): 0
 
 
 
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
 
 
 
after-apply-guidance (SRO): restartHost
 
 
 
 
 
 
 
 
 
uuid ( RO) : 492ca007-bf7b-454f-8e5c-63a991a52449
 
 
 
name-label ( RO): XS65E005
 
 
 
name-description ( RO): Storage fixes to prevent disk corruption
 
 
 
size ( RO): 0
 
 
 
hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52
 
 
 
after-apply-guidance (SRO):
 
 
 
 
 
 
 
 
 
[root@xenserver home]#
 
 
 
 
 
Done.
 
 
 
When the update completed, Don't forget to remove the Hotfix files. The “/” must not full.
 
 
 
You can use Citrix XenCenter for do it too. Open XenCenter and from the left side click on “Notifications” then click on “Update” and after it click on “Check for Update Now” :
 
 
 
[[Image:Figure_86-_Update.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 86 : Update.=====
 
 
 
 
 
After it, If any update exist then a list of updates show:
 
 
 
[[Image:Figure_87-_List_of_updates.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 87 : List of updates.=====
 
 
 
 
 
Select a update and from “Actions” section click on Down arrow and then click on “Download and Install”. XenCenter Detect your XenServer(s) and when you select your XenServer Download start :
 
 
 
[[Image:Figure_88-_Download_completed.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 88 : Download completed.=====
 
 
 
When Download completed, Click on “Next” and XenServer check the server for apply update :
 
 
 
[[Image:Figure_89-_Checking_Server.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 89 : Checking Server.=====
 
 
 
When everything is OK, Click on “Next”:
 
 
 
[[Image:Figure_90-_Ready_for_install_the_update.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 90 : Ready for install the update.=====
 
 
 
Click on “Install update” For start installing :
 
 
 
[[Image:Figure_91-_Installing_update.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 91 : Installing update.=====
 
 
 
 
 
When installing done then XenCenter rebooted XenServer automatically and waiting for XenServer to become ready(Go up) :
 
 
 
[[Image:Figure_92-_Update_applied.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 92 : Update applied.=====
 
 
 
Everything is OK, Click on “Finish” and do these steps for other updates too.
 
 
 
 
 
 
 
 
 
=== {{anchor|Toc476606933}} <span style="color:#00000a;">Citrix XenConvert</span> ===
 
 
 
According to the Citrix website : Citrix® XenConvert™ is a physical-to-virtual (P2V) conversion tool for converting a Windows operating system, applications, and data from a physical machine to a XenServer virtual machine, Provisioning Services vDisk, virtual appliance in the Open Virtualization Format (OVF), or disk image in the Virtual Hard Disk format.
 
 
 
We want to show you that how you can use this tool. First of all, Download the XenConvert from “https://www.citrix.com/go/products/xenserver/xenserver-xenconvert-free.html” and install it on a Machine that you want convert it. XenConvert need .NET Framework 4. If it a VM that exist on VMWare or VirtualBox then Please remove additional tools on your VM : “Guest Additions” for VirtualBox, “Integration Services” for Microsoft Hyper-V and “VMWare Tools” for ESXi . After it, Execute XenConvert. You will see a window like below :
 
 
 
 
 
 
 
 
 
[[Image:Figure_93-_XenConvert.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 93 : XenConvert.=====
 
 
 
 
 
As you see, The “From” option is selected as “This Machine” and in “To” option you can select the destination of conversation. If you like your Machine moved to the XenServer directly then select “XenServer” and if you like your VM convert to a package then select OVF. The Citrix XenConvert provide other options too :
 
 
 
 
 
[[Image:Figure_94-_“To”_options.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 94 : “To” options.=====
 
 
 
For more information about “OVF” format you can read “https://en.wikipedia.org/wiki/Open_Virtualization_Format”.
 
 
 
After it, Click “Next”.
 
 
 
In the next windows, You must select the the Volume(Partition) that you want converted to the VM. We just like Drive C converted thus selected “C:” in the “Source Volume”.
 
 
 
[[Image:Figure_95-_Select_the_Volume.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 95 : Select the Volume.=====
 
 
 
 
 
In the next window, You must enter your XenServer information like the Citrix XenServer IP address, User name that have properly privilege(root) and Password for User name. In the “Workspace” you must specify a location that XenConvert store the OS on it and then move it to the Citrix XenServer. Click on “Browse...” button and specify a location. For example, We selected drive D.
 
 
 
[[Image:Figure_96_-_provide_XenServer_information.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 96 : provide XenServer information.=====
 
 
 
After it, Click on “Next” button and XenConvert check the User name and password that you entered. If the User name and Password are correct then you see another window like below :
 
 
 
[[Image:Figure_97_-_Select_“VM_Name”_and_“Storage_Repository”.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 97 : Select “VM Name” and “Storage Repository”.=====
 
 
 
By default, XenConvert select your Computer name as “VM Name” but you can modify it. In “Storage Repository” you can select your XenServer storage that you like the machine store on it.
 
 
 
Click on “Next” button. You can see a window like below :
 
 
 
[[Image:Figure_97_-_Select_“VM_Name”_and_“Storage_Repository”.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 98 : Information about our job.=====
 
 
 
If you like XenConvert save the result of the convert then select “Log names of...” option. Click on “Convert” button.
 
 
 
After a few seconds, A message like below showing and Citrix wants to create a Virtual partition and you must format this Virtual Partition :
 
 
 
[[Image:Figure_99_-_Format_Virtual_Partition.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 99 : Format Virtual Partition.=====
 
 
 
After it, Converting started.
 
 
 
[[Image:Figure_100-_Converting_started..png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 100 : Converting started.=====
 
 
 
The Virtual partition that XenConvert created has the same size of partition that you selected in Figure 96 as “Workspace”.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
=== {{anchor|Toc476606934}} <span style="color:#00000a;">Install other packages in XenServer</span> ===
 
 
 
Sometimes you need to install other package on your XenServer that not exist in XenServer repository. For example, Some users like “traceroute” but if you use “yum install traceroute” then you got an error like below :
 
 
 
[root@xenserver ~]# yum install traceroute
 
 
 
Loaded plugins: fastestmirror
 
 
 
Determining fastest mirrors
 
 
 
citrix | 951 B 00:00
 
 
 
Setting up Install Process
 
 
 
No package traceroute available.
 
 
 
Nothing to do
 
 
 
 
 
How you can install other packages in XenServer? We will show you.
 
 
 
XenServer use Citrix yum repository by default :
 
 
 
[root@xenserver ~]# yum repolist enabled
 
 
 
Loaded plugins: fastestmirror
 
 
 
Loading mirror speeds from cached hostfile
 
 
 
repo id repo name status
 
 
 
citrix XenServer 6.5.0 updates 0
 
 
 
repolist: 0
 
 
 
 
 
We must disable it but you have two ways : 1- Disable it temporary 2- Disable it permanently
 
 
 
For disable it temporary you can use below command :
 
 
 
yum --enablerepo=base --disablerepo=citrix install “Your Package name”
 
 
 
 
 
For example :
 
 
 
yum --enablerepo=base --disablerepo=citrix install traceroute
 
 
 
 
 
For disable it permanently you can use below command :
 
 
 
sed -i -e "s/enabled=0/enabled=1/" /etc/yum.repos.d/CentOS-Base.repo
 
 
 
 
 
Then install your package :
 
 
 
Yum install traceroute
 
 
 
 
 
Don't forget, It is not a normal way and you must not install third party on your XenServer.
 
 
 
 
 
 
 
 
 
 
 
 
 
'''''Clone VM'''''
 
 
 
Fortunately, Clone a Xen VM is so easy and with “dd” command you can do it in one step. We use “dd” command if our VM use “LVM” and if our VM is a file (.img) then it is so easy and just copy your image to other place.
 
 
 
I hope you can remember our “LVM” scheme but don't worry if you can't remember it. Just use “lvdisplay” command :
 
 
 
[root@localhost ~]# lvdisplay
 
 
 
--- Logical volume ---
 
 
 
LV Path /dev/Xen/OpenSUSE
 
 
 
LV Name OpenSUSE
 
 
 
VG Name Xen
 
 
 
LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u
 
 
 
LV Write Access read/write
 
 
 
LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400
 
 
 
LV Status available
 
 
 
<nowiki># open </nowiki>0
 
 
 
LV Size 20.00 GiB
 
 
 
Current LE 5120
 
 
 
Segments 1
 
 
 
Allocation inherit
 
 
 
Read ahead sectors auto
 
 
 
- currently set to 256
 
 
 
Block device 253:2
 
 
 
 
 
--- Logical volume ---
 
 
 
LV Path /dev/Xen/linux
 
 
 
LV Name linux
 
 
 
VG Name Xen
 
 
 
LV UUID ryXghI-gXCq-S4qp-FIhF-q9Fx-GgM3-1Sfe2N
 
 
 
LV Write Access read/write
 
 
 
LV Creation host, time localhost.localdomain, 2016-05-10 09:11:19 -0400
 
 
 
LV Status available
 
 
 
<nowiki># open </nowiki>0
 
 
 
LV Size 20.00 GiB
 
 
 
Current LE 5120
 
 
 
Segments 1
 
 
 
Allocation inherit
 
 
 
Read ahead sectors auto
 
 
 
- currently set to 256
 
 
 
Block device 253:3
 
 
 
 
 
In this example, I like to create a clone of “/dev/Xen/linux” and as you it is about 20.00 GiB :
 
 
 
“dd” Syntax is : dd if=<source file name> of=<target file name> [Options]
 
 
 
<nowiki># dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K</nowiki>
 
 
 
 
 
[root@localhost ~]# dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K
 
 
 
20971520+0 records in
 
 
 
20971520+0 records out
 
 
 
21474836480 bytes (21 GB) copied, 381.062 s, 56.4 MB/s
 
 
 
 
 
OK, Command finished and on other server that you like clone your VM on it you should create a “LVM” similar to current server. If you look at “Storage and Networking” part then you will find the instruction of it via “pvcreate” , “vgcreate” and “lvcreate” commands.
 
 
 
I assume that you copy your .img file from current server to other server via “scp” command and create your Volume Group and everything is ready for run “ lvcreate” command :
 
 
 
<nowiki># lvcreate -L 20G -v -n linux Xen</nowiki>
 
 
 
 
 
After it, You must use “dd” command for clone it on your new Volume on your new server :
 
 
 
<nowiki># dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k</nowiki>
 
 
 
[root@localhost ~]# dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k
 
 
 
20971520+0 records in
 
 
 
20971520+0 records out
 
 
 
21474836480 bytes (21 GB) copied, 2004.95 s, 10.7 MB/s
 
 
 
 
 
Everything is OK and you can config your Xen VM to use this “LVM”.
 
 
 
 
 
 
 
 
 
 
 
 
 
=== {{anchor|Toc476606935}} <span style="color:#00000a;">Recovery</span> ===
 
 
 
We spoke something about cloning a VM and I guess you thinking about how you can Fix or recover a VM when it is corrupted. To be honest, The best way for it is make a backup from your VM. If your VM use .img then you can copy it to other place as a backup if your VM use LVM then you can cloning and keep it as a backup.
 
 
 
In Linux, You can use “testdisk” utility that it is a free and open source data recovery tool for recovery .img files or partitions. It is installed by default but if your Dom0 not have it then you can install it manually. Our Dom0 is Fedora and we use below command :
 
 
 
<nowiki># dnf install testdisk</nowiki>
 
 
 
OK, When installing complete then you can use “testdisk” command. According to “http://www.cgsecurity.org/” the full syntax is :
 
 
 
<nowiki># testdisk [/debug] [/log] [/logname file.log] /cmd [file.dd|file.e01|device] cmd</nowiki>
 
 
 
For example, I like to recovery my VM image and I use below command :
 
 
 
<nowiki># testdisk /home/mohsen/Windows7.img</nowiki>
 
 
 
Work with this tool is easy. “testdisk” will show you the number of partition that your VM has and you can select your Intended partition and after it select suitable options and recovery will start :
 
 
 
[[Image:Figure_101_-_TestDisk.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 101 : TestDisk.=====
 
 
 
 
 
=== {{anchor|Toc476606936}} <span style="color:#00000a;">How to auto start XEN VMs after reboot of DOM0</span> ===
 
 
 
A good option for your Xen server is auto start. Sometimes your Server crashed or you have Power problem or for any reason your server rebooted or powered off. Suppose, You have a lot of Vms on your Dom0 and all of your Vms must be start immediately. What you should do? A system administrator answer this question with a Script that start all Xen Vms or specific Vms after each reboot but Xen Project provide a good option for your in this conditions.
 
 
 
It is so easy and Let me to explain it.
 
 
 
If you look at “/etc/xen/” directory then you will find a directory with the name “auto”. If you put a link of your VM configuration file in this photo then your VM started automatically any time that your Dom0 rebooted. We use “ln” command in Linux for create a Link :
 
 
 
<nowiki># cd /etc/xen/auto/</nowiki>
 
 
 
<nowiki># ln -s /etc/xen/windows.cfg</nowiki>
 
 
 
In this example, I created a Link of “windows.cfg” and this VM started automatically any time that my Dom0 rebooted.
 
 
 
OK, I rebooted Dom0 intentional and after it my DomU started automatically :
 
 
 
[root@localhost ~]# xl list
 
 
 
Name ID Mem VCPUsStateTime(s)
 
 
 
Domain-0 0 3659 8 r----- 53.4
 
 
 
Windows10 2 4096 4 -b---- 48.7
 
 
 
 
 
As you see, My VM with the name “Windows10 “ started.
 
 
 
 
 
 
 
 
 
=== {{anchor|Toc476606937}} <span style="color:#00000a;">Monitoring Via Nagios</span> ===
 
 
 
Nagios is a free and open source software that help system administrators for monitoring Systems, Networks, services and… Nagios now known as “Nagios Core”. It is true that The Xen project provide a monitoring tool by default and you can install other Linux monitoring tools too but a product like Nagios can help you in some situations.
 
 
 
We want to show you that how you can install Nagios from source code.
 
 
 
First of all, You should install some packages. We use Fedora server and Dom0 so :
 
 
 
<nowiki># dnf install -y httpd php gcc glibc glibc-common gd gd-devel make net-snmp</nowiki>
 
 
 
 
 
After it, We should create a user with the name “nagios” and a group with the name “nagcmd” :
 
 
 
<nowiki># useradd nagios</nowiki>
 
 
 
<nowiki># groupadd nagcmd</nowiki>
 
 
 
 
 
Then :
 
 
 
<nowiki># usermod -G nagcmd nagios</nowiki>
 
 
 
<nowiki># usermod -G nagcmd apache</nowiki>
 
 
 
After it, We create a directory for download “Nagios core” source code :
 
 
 
<nowiki># mkdir /root/nagios</nowiki>
 
 
 
 
 
Then, use “cd” command for change directory as below :
 
 
 
<nowiki># cd /root/nagios/</nowiki>
 
 
 
After it, We use “wget” tool for download “Nagios core” and “Nagios Plugins” source code. At the time of writing this book, the Nagios version was 4.0.1 and the URL to download it was as below :
 
 
 
<nowiki># wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.1.tar.gz</nowiki>
 
 
 
<nowiki># wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz</nowiki>
 
 
 
 
 
 
 
 
 
OK,When download finished,we use “gunzip” and “tar -xf” commands for extract the packages. When packages extracted, we use “cd” command for change to the “nagios-4.0.1” directory and issue below commands :
 
 
 
 
 
 
 
 
 
<nowiki># ./configure –with-command-group=nagcmd</nowiki>
 
 
 
<nowiki># make all</nowiki>
 
 
 
<nowiki># make install</nowiki>
 
 
 
<nowiki># make install-init</nowiki>
 
 
 
<nowiki># make install-commandmode</nowiki>
 
 
 
<nowiki># make install-config</nowiki>
 
 
 
 
 
If you like receiving email alerts then open below file via an editor like “nano” and set the “email address” with the correct email address :
 
 
 
<nowiki># nano /usr/local/nagios/etc/objects/contacts.cfg</nowiki>
 
 
 
When everything is done the we use below command for configure web interface for nagios :
 
 
 
<nowiki># make install-webconf</nowiki>
 
 
 
 
 
After it, we use below command for Create password for “nagiosadmin” account :
 
 
 
<nowiki># htpasswd -s -c /usr/local/nagios/etc/htpasswd.users nagiosadmin</nowiki>
 
 
 
 
 
Now, We must start “httpd” service :
 
 
 
<nowiki># systemctl start httpd.service</nowiki>
 
 
 
 
 
OK, “Nagios Core” installed successfully and we must install “Plugins”. I hope you extracted “nagios-plugins-1.5” package in the first step and we are ready to install it. Use “cd” command for change to “nagios-plugins-1.5” directory and issue below commands :
 
 
 
 
 
<nowiki># ./configure --with-nagios-user=nagios --with-nagios-group=nagios</nowiki>
 
 
 
<nowiki># make && make install</nowiki>
 
 
 
 
 
OK, Everything is done and we must check our configuration file :
 
 
 
<nowiki># /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg</nowiki>
 
 
 
[root@localhost nagios]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
 
 
 
 
 
=== {{anchor|Toc476606938}} Nagios Core 4.0.1 ===
 
 
 
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
 
 
 
Copyright (c) 1999-2009 Ethan Galstad
 
 
 
Last Modified: 10-15-2013
 
 
 
License: GPL
 
 
 
 
 
Website: http://www.nagios.org
 
 
 
Reading configuration data...
 
 
 
Read main config file okay...
 
 
 
Read object config files okay...
 
 
 
 
 
Running pre-flight check on configuration data...
 
 
 
 
 
Checking objects...
 
 
 
Checked 9 services.
 
 
 
Checked 2 hosts.
 
 
 
Checked 1 host groups.
 
 
 
Checked 0 service groups.
 
 
 
Checked 1 contacts.
 
 
 
Checked 1 contact groups.
 
 
 
Checked 25 commands.
 
 
 
Checked 5 time periods.
 
 
 
Checked 0 host escalations.
 
 
 
Checked 0 service escalations.
 
 
 
Checking for circular paths...
 
 
 
Checked 2 hosts
 
 
 
Checked 0 service dependencies
 
 
 
Checked 0 host dependencies
 
 
 
Checked 5 timeperiods
 
 
 
Checking global event handlers...
 
 
 
Checking obsessive compulsive processor commands...
 
 
 
Checking misc settings...
 
 
 
 
 
Total Warnings: 0
 
 
 
Total Errors: 0
 
 
 
 
 
Things look okay - No serious problems were detected during the pre-flight check
 
 
 
 
 
As use see, “Things look okay - No serious problems were detected during the pre-flight check”, Then :
 
 
 
<nowiki># chkconfig --add nagios</nowiki>
 
 
 
<nowiki># chkconfig --level 35 nagios on</nowiki>
 
 
 
<nowiki># systemctl enable httpd.service</nowiki>
 
 
 
<nowiki># systemctl start httpd</nowiki>
 
 
 
<nowiki># systemctl start nagios</nowiki>
 
 
 
 
 
The “Nagios Core” use port “5666” and we must open this port via “iptables” for remote control :
 
 
 
<nowiki># iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5666 -j ACCEPT</nowiki>
 
 
 
<nowiki># iptables-save</nowiki>
 
 
 
 
 
If you remember, We spoke about “Selinux” and told you that you must not disable it, But the Selinux can cause problems and show you an error message like “Internal Server Error” when you attempt to access the Nagios CGIs. You can put Selinux in Enforcing mode :
 
 
 
<nowiki># getenforce</nowiki>
 
 
 
But Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:
 
 
 
<nowiki># chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/</nowiki>
 
 
 
<nowiki># chcon -R -t httpd_sys_content_t /usr/local/nagios/share/</nowiki>
 
 
 
OK, All steps finished and we are ready for logging to the “Nagios”. Open a web browser and write your server IP address in URL as below :
 
 
 
http://172.30.9.20/nagios
 
 
 
 
 
In this example, Our server IP address is “172.30.9.20”.
 
 
 
 
 
 
 
 
 
[[Image:Figure_102_-_Nagios_logging.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 102 : Nagios logging.=====
 
 
 
 
 
In “User Name” write “nagiosadmin” and in “Password” write a password that you choice. After it, We will see the “Nagios Core” page as below :
 
 
 
[[Image:Figure__103_-_Nagios.png|top|600px|none|thumb]]
 
 
 
===== <span style="color:#00000a;">Figure 103 : Nagios.=====
 
 
 
 
 
OK, If you click on “Hosts” and “Services” then you can see the current situation of your machine.
 
 
 
For some reasons, You don't like to install Nagios on your Xen Project machine and like to dedicate a server for it and just like to monitor your Xen Project. In this situation, You must install “Nagios Core” and “Nagios Plugin” on a server as we learned and install NRPE on your Xen Project server as below :
 
 
 
First of all, Install necessary packages :
 
 
 
 
 
<nowiki># yum install -y gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel perl</nowiki>
 
 
 
<nowiki># yum install xinetd</nowiki>
 
 
 
 
 
Then, Create a directory as below and download necessary packages :
 
 
 
 
 
<nowiki># mkdir /root/nagios</nowiki>
 
 
 
<nowiki># wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz</nowiki>
 
 
 
 
 
Download NRPE from below URL :
 
 
 
https://sourceforge.net/projects/nagios/files/nrpe-2.x/
 
 
 
 
 
When download complete, You must create a “nagios” user :
 
 
 
<nowiki># useradd nagios</nowiki>
 
 
 
<nowiki># passwd nagios</nowiki>
 
 
 
 
 
Now, We must compile and install downloaded packages :
 
 
 
 
 
<nowiki># tar xvfz nagios-plugins-1.4.11.tar.gz</nowiki>
 
 
 
<nowiki># cd nagios-plugins-1.4.11</nowiki>
 
 
 
<nowiki># ./configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu</nowiki>
 
 
 
<nowiki># make</nowiki>
 
 
 
<nowiki># make install</nowiki>
 
 
 
 
 
Then, Change directory permission via below commands :
 
 
 
 
 
<nowiki># chown nagios.nagios /usr/local/nagios</nowiki>
 
 
 
<nowiki># chown -R nagios.nagios /usr/local/nagios/libexec/</nowiki>
 
 
 
 
 
Nagios Plugins installed and now we must install NRPE package. Extract package and do below steps :
 
 
 
<nowiki># cd nrpe-2.12</nowiki>
 
 
 
<nowiki># ./configure --enable-command-args</nowiki>
 
 
 
<nowiki># make all</nowiki>
 
 
 
<nowiki># make install</nowiki>
 
 
 
<nowiki># make install-config</nowiki>
 
 
 
<nowiki># echo >> /etc/services</nowiki>
 
 
 
<nowiki># echo '# Nagios services' >> /etc/services</nowiki>
 
 
 
<nowiki># echo 'nrpe </nowiki>5666/tcp' >> /etc/services
 
 
 
<nowiki># make install-init</nowiki>
 
 
 
 
 
You can see the output of commands here :
 
 
 
 
 
[root@localhost nrpe-3.0]# make all
 
 
 
cd ./src/; make
 
 
 
make[1]: Entering directory `/root/nagios/nrpe-3.0/src'
 
 
 
gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o nrpe ./nrpe.c ./utils.c ./acl.c -lssl -lcrypto -lnsl
 
 
 
gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o check_nrpe ./check_nrpe.c ./utils.c -lssl -lcrypto -lnsl
 
 
 
make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'
 
 
 
 
 
<nowiki>*** Compile finished ***</nowiki>
 
 
 
 
 
You can now continue with the installation or upgrade process.
 
 
 
 
 
Read the PDF documentation (NRPE.pdf) for information on the next
 
 
 
steps you should take to complete the installation or upgrade.
 
 
 
 
 
 
 
 
 
[root@localhost nrpe-3.0]# make install
 
 
 
cd ./src/; make install
 
 
 
make[1]: Entering directory `/root/nagios/nrpe-3.0/src'
 
 
 
make install-plugin
 
 
 
make[2]: Entering directory `/root/nagios/nrpe-3.0/src'
 
 
 
/usr/bin/install -c -m 755 -d /usr/local/nagios/bin
 
 
 
/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall
 
 
 
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
 
 
 
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
 
 
 
/usr/bin/install -c -m 775 -o nagios -g nagios check_nrpe /usr/local/nagios/libexec
 
 
 
make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'
 
 
 
make install-daemon
 
 
 
make[2]: Entering directory `/root/nagios/nrpe-3.0/src'
 
 
 
/usr/bin/install -c -m 755 -d /usr/local/nagios/bin
 
 
 
/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall
 
 
 
/usr/bin/install -c -m 755 nrpe /usr/local/nagios/bin
 
 
 
/usr/bin/install -c -m 644 ../startup/tmpfile.conf /usr/lib/tmpfiles.d/nrpe.conf
 
 
 
make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'
 
 
 
make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'
 
 
 
 
 
[root@localhost nrpe-3.0]# make install-config
 
 
 
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
 
 
 
/usr/bin/install -c -m 644 -o nagios -g nagios sample-config/nrpe.cfg /usr/local/nagios/etc
 
 
 
 
 
After it, We must enable nrpe service :
 
 
 
 
 
<nowiki># systemctl enable nrpe.service</nowiki>
 
 
 
 
 
I'm sure, for some security reasons you don't like to disable iptables then for this reason you must let Nagios core and NRPE Communicate with each other :
 
 
 
 
 
<nowiki># iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT</nowiki>
 
 
 
<nowiki># iptables-save</nowiki>
 
 
 
 
 
OK. The next is step is edit “nrpe.cfg” file via an editor like “nano” :
 
 
 
<nowiki># nano /usr/local/nagios/etc/nrpe.cfg</nowiki>
 
 
 
 
 
Then , find below lines and add your nagios server IP address and change value from “0” to “1” :
 
 
 
 
 
allowed_hosts=127.0.0.1,NAGIOS SERVER IP ADDRESS
 
 
 
dont_blame_nrpe=1
 
 
 
 
 
Then :
 
 
 
<nowiki># systemctl start nrpe.service</nowiki>
 
 
 
 
 
Now, It's time to do the test :
 
 
 
 
 
<nowiki># /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1</nowiki>
 
 
 
 
 
[root@localhost nrpe-3.0]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
 
 
 
NRPE vnrpe-3.0
 
 
 
 
 
 
 
 
 
OK, After it we must introduce our client to our Nagios server, So On Nagios server do below steps :
 
 
 
<nowiki># touch /usr/local/nagios/etc/hosts.cfg</nowiki>
 
 
 
<nowiki># touch /usr/local/nagios/etc/services.cfg</nowiki>
 
 
 
Open “hosts.cfg” file with nano editor and write below lines to it :
 
 
 
<nowiki># nano hosts.cfg</nowiki>
 
 
 
define host{
 
 
 
name linux-box <nowiki>; Name of this template</nowiki>
 
 
 
use generic-host <nowiki>; Inherit default values</nowiki>
 
 
 
check_period 24x7
 
 
 
check_interval 5
 
 
 
retry_interval 1
 
 
 
max_check_attempts 10
 
 
 
check_command check-host-alive
 
 
 
notification_period 24x7
 
 
 
notification_interval 30
 
 
 
notification_options d,r
 
 
 
contact_groups admins
 
 
 
register 0 <nowiki>; DONT REGISTER THIS - ITS A TEMPLATE</nowiki>
 
 
 
}
 
 
 
<nowiki>## Default</nowiki>
 
 
 
define host{
 
 
 
use linux-box <nowiki>; Inherit default values from a template</nowiki>
 
 
 
host_name our-boy <nowiki>; The name we're giving to this server</nowiki>
 
 
 
alias CentOS 7 <nowiki>; A longer name for the server</nowiki>
 
 
 
address IP ADDRESS <nowiki>; IP address of Remote Linux host</nowiki>
 
 
 
}
 
 
 
 
 
Open “services.cfg” file with nano editor and write below lines to it :
 
 
 
<nowiki># nano services.cfg</nowiki>
 
 
 
define service{
 
 
 
use generic-service
 
 
 
host_name our-boy
 
 
 
service_description CPU Load
 
 
 
check_command check_nrpe!check_load
 
 
 
}
 
 
 
define service{
 
 
 
use generic-service
 
 
 
host_name our-boy
 
 
 
service_description SSH Monitoring
 
 
 
check_command check_nrpe!check_ssh
 
 
 
}
 
 
 
define service{
 
 
 
use generic-service
 
 
 
host_name our-boy
 
 
 
service_description FTP Monitoring
 
 
 
check_command check_nrpe!check_ftp
 
 
 
}
 
 
 
 
 
Then, Open “nagios.cfg” and add below line to it :
 
 
 
cfg_file=/usr/local/nagios/etc/hosts.cfg
 
 
 
cfg_file=/usr/local/nagios/etc/services.cfg
 
 
 
 
 
After it :
 
 
 
<nowiki># nano /usr/local/nagios/etc/objects/commands.cfg</nowiki>
 
 
 
define command{
 
 
 
command_name check_nrpe
 
 
 
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
 
 
 
}
 
 
 
 
 
You can install NRPE package on your Nagios Core too and check the connection between Nagios core and your client. For example :
 
 
 
[root@localhost nrpe-3.0]# /root/nagios/nrpe-3.0/src/check_nrpe -H “CLIENT IP ADDRESS”
 
 
 
NRPE vnrpe-3.0
 
 
 
 
 
Now, if you restart nagios service on Nagios core server then you can see your client on “Hosts” section.
 

Latest revision as of 06:20, 6 June 2017

Chapter 5: Have fun with The Xen Project

Welcome to the final chapter of our book. In this chapter, we want show you some extra works that you can doing with the Xen Project.

Converting VirtualBox VM to The Xen Project

Open the VirtualBox and select your VM in VB. Right click on your VM and select “Settings...”. The Settings windows opened and after it click on “Storage” :

Figure 41 : Settings Window.

In “Controller” section you can see your Virtual HDD name and in the right panel you can see its location. For example, My Virtual HDD name is “Windows 7.vdi” and location is “/home/mohsen/VirtualBox VMs/Windows 7”. You have two options : 1) Install VirtualBox on your Xen Server and then convert your VM on your Xen 2) Convert file locally and move it to your Xen Server. OK, If you like the first options then Navigate to the location and copy *.vdi file to your Xen Server via “scp” command or any tools that you are being comfortable with it. Your .vdi file maybe large so it is better to compress it via “zip” command. After copying then you must doing steps that we introduced below :

We assume you installed VirtualBox on your local computer or Xen Server and everything is OK. We will show you how you can convert your VM. The VB provide a command with the name “VboxManage” and we will use it for Clone our HDD. Use below command :

# VBoxManage clonehd YourVDIName.vdi OutPut.img -format RAW

For example :

mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$ VBoxManage clonehd Windows7.vdi Windows7.img --format RAW

0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

Clone medium created in format 'RAW'. UUID: df5344f3-4756-4d04-9395-90a88431c0d3

mohsen@Keep-calm-and-use-Linux:~/VirtualBox VMs/Windows$

As you see, Converting Done and we must move it to our Xen Server (I choice option 2).

We assume you moved it your Xen Server and everything is OK. After it, We must create a config file for our new VM. I used “touch” command for create a config file as below :

# touch /etc/xen/windows.via.virtualbox.cfg

Open your config file via an editor like “nano” and fill it :

name = "Windows Converted"

builder = "hvm"

uuid = "df5344f3-4756-4d04-9395-90a88431c0d3"

memory = 1024

vcpus = 2

interface=['br0']

vif = [ "mac=00:16:3e:46:e6:fb,bridge=br0" ]

disk = [ "file:/home/mohsen/Windows7.img,xvda,w" ]

vnc=”1”

vnclisten=”172.30.9.20”

on_poweroff = "destroy"

on_reboot = "restart"

on_crash = "restart"

If you pay attention then you see a section with the name “ UUID” in the output of “ VboxManage” command. We must copy and paste it exactly in our Xen config file as above. The “Disk” option is like older config and you must specific your .img file. Finally, just run below command :

# xl create /etc/xen/YourConfigName.cfg

Don't forget, Migration VMs between Virtualization Platforms is not a very good idea and you may got some problems. For example, Windows show your Blue Page or...

Selinux and Xen Project

The SElinux Project is a Linux Kernel module that provide a security mechanism for supporting mandatory access controls (MAC). It is a very good tool for enhanced security under Linux and added to various Linux Distros. The main sponsors of this project are NSA and Red Hat. We don't like cover All aspects of Selinux here because its need a Bible book but as NSA team said : The Selinux is a set of patches to Linux kernel that provide flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. The Selinux provide a mechanism that by help it malicious or flawed applications can't bypass security mechanisms. By default, Selinux provide a set of sample security policy configuration files for general-purpose security goals.

We just want to show you some good options for use Selinux under your Xen Project. You can see your Selinux status via “sestatus” command :

 
[root@localhost ~]# sestatus

SELinux status: enabled

SELinuxfs mount: /sys/fs/selinux

SELinux root directory: /etc/selinux

Loaded policy name: targeted

Current mode: enforcing

Mode from config file: enforcing

Policy MLS status: enabled

Policy deny_unknown status: allowed

Max kernel policy version: 30

The Selinux, provide three modes :* Enforcing : It is the default mode that enable and enforce the SELinux security policy on your system and based on Selinux policy rules denied your access.

  • Permissive : In this mode, Selinux enabled but will not enforce the security policy and just show you warning messages and log actions. This mode is very good for troubleshooting SELinux problems.
  • Disabled : Needless to say.

For change between modes you can use “setenforce” command :

 
[root@localhost ~]# setenforce

usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

Please note that when you use “setenforce” command, changes do not persist across reboots. To change Selinux to enforcing mode run “setenforce 1” and to change permissive mode just run “ setenforce 0”. the “1” mean “ Enforcing” and the “0” mean “ Permissive” :

 
setenforce 1 == setenforce Enforcing

Finally, To view the current SELinux mode just use “getenforce” command :

 
[root@localhost ~]# getenforce

Enforcing

For Disable Selinux you can edit “/etc/sysconfig/selinux” and change “SELINUX=permissive” to “SELINUX=disabled”.

 
# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=enforcing

# SELINUXTYPE= can take one of these three values:

# targeted - Targeted processes are protected,

# minimum - Modification of targeted policy. Only selected processes are protected.

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

You can see a list of Selinux modules by running “semodule -l” :

 
[root@localhost ~]# semodule -l

BackupPC

abrt

accountsd

acct

afs

aiccu

aide

ajaxterm

alsa

amanda

amtu

anaconda

antivirus

apache

...

Selinux provide a Policy with the name “Booleans”. With “Booleans” you can change the policy without any knowledge about Selinux policy writing. Booleans provide a good feature and it is that you can change setting without reloading or recompiling SELinux policy.

For see a list of Booleans you can use below command :

# semanage boolean -l

For example :

[root@localhost ~]# semanage boolean -l | grep xen

xend_run_qemu (on , on) Allow xend to run qemu

xend_run_blktap (on , on) Allow xend to run blktap

xen_use_nfs (off , off) Allow xen to use nfs

As you see, By default the Xen Project denied to use “nft” and you can enable it :

# setsebool -P xen_use_nfs on

and if you see the booleans again then :

[root@localhost ~]# semanage boolean -l | grep xen

xen_use_nfs (on , on) Allow xen to use nfs

xend_run_blktap (on , on) Allow xend to run blktap

xend_run_qemu (on , on) Allow xend to run qemu

As you see, Options changed to “on”. This allow The Xen Project to use “nfs”. We used “-P” option because with this option our changes remain after reboot.

As we said, We don't like to dive into Selinux and just ant to show you how you can doing Virtualization with Selinux enabled. If you remember we setup LVM for our Xen Project VM :

[root@localhost ~]# lvdisplay

--- Logical volume ---

LV Path /dev/Xen/OpenSUSE

LV Name OpenSUSE

VG Name Xen

LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u

LV Write Access read/write

LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400

LV Status available

<nowiki># open </nowiki>0

LV Size 20.00 GiB

Current LE 5120

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:2

...

With below command we can set the SELinux context for the underlying block device and volume group :

[root@localhost ~]# semanage fcontext -a -t xen_image_t -f b /dev/Xen/OpenSUSE

After it, When you run “semanage fcontext -l | grep 'OpenSUSE'” then :

[root@localhost ~]# semanage fcontext -l | grep 'OpenSUSE'

/dev/Xen/OpenSUSE block device system_u:object_r:xen_image_t:s0
[root@localhost ~]# ls -Z /dev/Xen/OpenSUSE

system_u:object_r:device_t:s0 /dev/Xen/OpenSUSE

You can use “restorecon” command to restore file(s) default SELinux security contexts :

# restorecon /dev/Xen/OpenSUSE

After this Selinux protection, other process can't access to our device and just VM managers can access to our device. It is True that Selinux is not an Antivirus but it can protect the Linux system a lot. For example, A big Xen Vulnerability that released recently was “VENOM” (http://venom.crowdstrike.com/), It is fixed very soon in Xen and all new Xen versions are protected but you can use Selinux for protect your Xen too. For more information, Please see http://danwalsh.livejournal.com/71489.html . For more information about Xen Project security and hardening it, Please look at http://wiki.xenproject.org/wiki/Securing_Xen .

OK, Now a good time for speaking about Citrix XenServer.

Citrix XenServer

If you remember, We spoke something about XenServer. The Citrix XenServer is the leader of open source virtualization platform that using for managing Cloud and Server Virtualization. Installing XenServer is so easy even easier than OS and just take some minutes. A company with XenServer can launch a Virtualization server in some minutes and XenServer will meet all your needs. XenServer is so fast and have a Good flexibility, performance and Most importantly have a low cost. If you used other products like VMWare ESXi then I recommend install the XenServer and test it. I bet you will surprise.

For download XenServer go to “http://xenserver.org/open-source-virtualization-download.html” and click on “XenServer Installation ISO” and a file about 633 MB in .iso format will be download. After it you should download “XenCenter” that is a Windows Management Console for XenServer. For download the XenCenter just click on “XenCenter Windows Management Console“ on above link. For other OS like Linux you can use “SSH” and other management tool like “OpenXenManager” (https://sourceforge.net/projects/openxenmanager/). The XenCenter is written in .Net programming language and it is true that Microsoft open sourced .Net programming language and this language can run in Linux too but The Citrix not produced XenCenter for Linux till now, But we hope to see it under linux very soon.

OK, I suppose that you downloaded XenServer and write it on a CD or make a bootable USB for install it. As I said, Install it is so easy and don't need any special knowledge. I just want to show some steps that you will see them :

  • Figure 42 : Main screen of XenServer.
  • Figure 43 : Select your Keymap.
     
  • Figure 44 : Read the text and if you are Agree then Click OK.
  • Figure 45 : Accept the License.
  • Figure 46 : Select your Storage and click OK.

Note : XenServer will remove all your data on HDD and create one partition as your storage. If you use RAID then you can tell XenServer to install on specific partition and not remove all of your data.

  • Figure 47 : Select your Installation Source.
     
  • Figure 48 : If you have External packages then Click Yes otherwise click No.
  • Figure 49 : Select the prepare option.
  • Figure 50 : Set “root” password.
  • Figure 51 : Select the prepare option for obtain the IP address.

Note : Server must have Static IP and select “DHCP” is not a good option.

  • Figure 52 : Select correct Time Zone.
  • Figure 53 : Select “Install XenSever” to start installation.
  • Figure 54 : XenSever installation.
  • Figure 55 : Select prepare option.

Note : If you don't have “Supplemental Pack” then select “Skip”

OK, You installed XenServer successfully. It was not hard, Is it ?

When you reboot you server then you will see something like below :

  • Figure 56 : Loading XenServer.
  • Figure 56 : XenServer is ready to use.

I assume you installed “XenCenter” on Windows or “OpenXenManager” on Linux. Installing “XenCenter” is easy and just doing with some clicks but for install “ OpenXenManager” you should doing some steps :

  1. Install “git” if your system not have it.
  2. Install package dependencies. Packages are “python-gtk2 glade python-gtk-vnc python-glade2 python-configobj”.
  3. Clone the repo from GitHub :
    # git clone https://github.com/OpenXenManager/openxenmanager.git
    
  4. Install “OpenXenManager” :
    # cd openxenmanager
    
    # sudo python setup.py install
    
  5. Run the OpenXenManager
    $ openxenmanager
    

You will then see:

  • Figure 57 : Open XenManager.
  • Figure 58 : Citrix XenCenter.

Note that another great alternative is to use Xen Orchestra (see https://xen-orchestra.com/). You can find plenty of information about Xen Orchestra on their website.

Once Everything is ready, you can connect to your XenServer via these tools.

We will show you how you can manage your XenServer but not deeply because it need another book. Firs of all, write “openxenmanager” in your terminal and press Enter key. The OpenXenManager window become apparent then select “Server” menu and then click on “add”. A window become apparent and you must fill the information that it needs:

  • Figure 59 : Open XenManager.

After it, Click on “Connect”. As you see, Your XenServer added.

In Citrix XenCenter you can do similar task. Open XenCenter then click on “Add New Server” and you will see a similar windows as below :

  • Figure 60 : XenCenter.

Then click on “Add”. As you see, A windows show a security warning and you just click on “Accept”.

  • Figure 61 : XenCenter security warning.

After it, You can see your XenServer and can work with it :

  • Figure 62 : OpenXenManager.
  • Figure 63 : XenCenter.

You can see your XenServer in the left panel. Let's start and create our Vms. We will focus on “OpenXenManager” more because you can run it under Linux.

Open “OpenXenManager” and click on “New VM” or from “VM” menu click on “New”. You can see a Windows like below :

  • Figure 64 : New VM Window.

As you see, Some OS templates are listed and you can select your OS that you want install it. If your OS not listed here then you can select “Other install media”. Select your “Template” and click “Next”. In the next window select a Name for your VM and you can write a description about it too. After it, Click “Next”. In the “Location” section you can select your method for installation OS. If you like install your OS via CD\DVD drive on Server then select “Physical DVD drive” and if you have .ISO file from your OS the select “ISO Image” option, But you must upload your .ISO file to your XenServer. In the Citrix XenCenter you can run “Windows File Sharing” for do it. Let me to upload my .ISO file to XenSever server. You can use “scp” command for do it.

I created a directory in “/var/opt/xen/ISO”. Then you must open your XenServer console. You can do it by click on “Console” tab or SSH to your XenServer. When you on Xenserver, doing below command :

# mkdir /var/opt/xen/ISO

[root@xenserver home]# xe sr-create name-label=LocalISO type=iso device-config:location=/var/opt/xen/ISO device-config:legacy_mode=true content-type=iso

2cb6a58b-2c4f-21fa-f58b-a1fca665cc38

After it, You must put .ISO file in “/var/opt/xen/ISO”. After it in the main windows you can see the new SR :

  • Figure 65 : Local ISO.

Lets see what happened in “Location” option:

  • Figure 66 : .ISO file.

As you see, Our .ISO file appear there.

If you don't like command line then you can use “New Storage” option in the main window of “OpenXenManager”. Click on it and you see a Windows like below:

  • Figure 67 : New Storage Window.

In this window, Select “Windows File Sharing (CIFS)” and click next. In the next windows, specific the folder patch that .ISO file is in it and if your network use domain then select “use different user name” and fill the fields with correct information. Don't forget, use “yourdomainname\username” :

  • Figure 68 : specific the correct path.

Then click “Finish” and in the main Window you can see a new SR with the name “CIFS ISO library”. Click on it and select “storage” tab. In this tab you can see all .ISO file that exist in the path that you specified:

  • Figure 69 : Storage tab.

In other pages you can select the number of CPU, Size of Memory and Disk. In “Virtual Interfaces” section you can add your NIC by click on “add” button. At the end, by click on “Finish” our VM will be created. If you like your VM started automatically after it created then click select “Start VM automatically”.

OK, After your VM created then in the main window you can see a Blue button with the name “Start” :

  • Figure 70 : “Start” button.

click on it and at the end of main window you can see something like percent and when your VM launched completely then you can see that this strip show you a “completed” text like below :

  • Figure 71 : main window strip.

Click on “Console” tab and you can start installation progress :

  • Figure 72 : “Console” tab.

When your OS installation started, Please click on “General” tab. What do you see? You can see some information about your VM that created but a read text flaunted :

  • Figure 73 : General tab.

It tell you that “Tools not installed” and it is the first job that we must do it when OS installed. According to the XenServer documentation : “XenServer Tools provides high performance Windows drivers and a management agent, enhancing disk and network performance for XenServer Vms”. As you see, It is mandatory and help us to get a better performance. Other tab show you some useful information like Performance and…. We will speak about “Snapshots” later. OK, Our OS installed and we must install “XenServer Tools”. You can do it by click on “VM” menu and select “Install XenServer Tools” but first of all Please eject the previous CD\DVD (OS). For do it, Click on “Storage” tab and and select “<empty>” for “DVD drive:”. If you select “xs-tools.iso” instead of “<empty>” then you are ready for install XenServer Tools. When you select “ xs-tools.iso” and open “My computer” on Windows then you will see something like below:

  • Figure 74 : Install XenServer Tools.

Just click on “CD Drive” and install progress will start.

You can all of the stuff via “xe” command too. We never dive into this because it is very vast and need another book but will will cover something that you need it.

For create a new vm via command line do below steps :

# xe template-list

then select your template name and :

# xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid= Your SR UUID

For find SR UUID use below command :

[root@xenserver ~]# xe sr-list

uuid ( RO) : 30f0541d-eb20-ab50-ba41-94eeb92eb104

name-label ( RW): Removable storage

name-description ( RW):

host ( RO): xenserver

type ( RO): udev

content-type ( RO): disk

uuid ( RO) : 09b22fe6-df17-2fc3-333f-43f559f7a2e5

name-label ( RW): CIFS ISO library

name-description ( RW): CIFS ISO Library [\\172.30.9.3\programs\os]

host ( RO): xenserver

type ( RO): iso

content-type ( RO): iso

uuid ( RO): f6bc99a1-070a-2470-c091-ee89fe2bae7e

name-label ( RW): DVD drives

name-description ( RW): Physical DVD drives

host ( RO): xenserver

type ( RO): udev

content-type ( RO): iso

uuid ( RO): dc2d6d43-b60b-097d-22c6-5275d185d8e7

name-label ( RW): Local storage

name-description ( RW):

host ( RO): xenserver

type ( RO): ext

content-type ( RO): user

uuid ( RO): 6972a5fc-f265-d32c-52ff-47bf96221309

name-label ( RW): XenServer Tools

name-description ( RW): XenServer Tools ISOs

host ( RO): xenserver

type ( RO): iso

content-type ( RO): iso

You must use your “Local Storage” ID thus our full command is :

[root@xenserver ~]# xe vm-install template="Debian Squeeze 6.0 (32-bit)" new-name-label="My Debian" sr-uuid=dc2d6d43-b60b-097d-22c6-5275d185d8e7

e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

After it, If you check your “OpenXenManager” then you will see a new VM with the name “My Debian”.

You can change your VM setting via “xe” too. For example, By default, XenServer assigned 1 CPU to our VM and we want change it to 4 CPUs :

[root@xenserver ~]# xe vm-list

uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

name-label ( RW): My Debian

power-state ( RO): halted


uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027

name-label ( RW): Windows 7 (32-bit) (2016-08-13)

power-state ( RO): halted


uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474

name-label ( RW): Control domain on host: xenserver

power-state ( RO): running

Then :

[root@xenserver ~]#  xe vm-param-set VCPUs-max=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

Then :

[root@xenserver ~]#  xe vm-param-set VCPUs-at-startup=4 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

After it, If you see the VM properties then you can see that our VCPU changed :

Figure 75 : Change VCPU.

You can change memory setting too. The commands that you must use are :

# xe vm-param-set memory-static-max=”Maximum size for static memory” uuid=replace_with_uuid
# xe vm-param-set memory-dynamic-max=”Maximum size for dynamic memory” uuid=replace_with_uuid
# xe vm-param-set memory-dynamic-min=”Minimum size for dynamic memory” uuid=replace_with_uuid
# xe vm-param-set memory-static-min=”Minimum size for static memory” uuid=replace_with_uuid

For example :

[root@xenserver ~]# xe vm-param-set memory-static-max=

2147483648 268435456 788529152 

[root@xenserver ~]# xe vm-param-set memory-static-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

[root@xenserver ~]# xe vm-param-set memory-dynamic-max=788529152 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

[root@xenserver ~]# xe vm-param-set memory-dynamic-min=

2147483648 268435456 788529152 

[root@xenserver ~]# xe vm-param-set memory-dynamic-min=268435456 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

[root@xenserver ~]# xe vm-param-set memory-static-min= uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

1024 1073741824 306184192 

[root@xenserver ~]# xe vm-param-set memory-static-min=1024 uuid=e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

After it you can see that your memory setting changed :

Figure 76 : Memory setting.

Sometimes you need to attach your removable storage to your VM and We will show you how you can do it. Please Plug your removable storage to your server, I suppose it is a Pen Drive. After it, SSH to your XenServer :

$ ssh root@XenServer IP

mohsen@Keep-calm-and-use-Linux:~$ ssh root@172.30.9.20

root@172.30.9.20's password:

Last login: Sat Aug 13 14:31:34 2016 from 172.30.10.18

XenServer dom0 configuration is tuned for maximum performance and reliability.

Configuration changes which are not explicitly documented or approved by Citrix
Technical Support, may not have been tested and are therefore not supported. In
addition, configuration changes may not persist after installation of a hotfix
or upgrade, and could also cause a hotfix or upgrade to fail.

Third party tools, which require modification to dom0 configuration, or
installation into dom0, may cease to function correctly after upgrade or hotfix
installation. Please consult Citrix Technical Support for advice regarding
specific tools.

Type "xsconsole" for access to the management console.

[root@xenserver ~]#

Then, Execute “dmesg” command. The output of this command is long but at the end of output you can see something about your removable storage that plugged :

[root@xenserver ~]# dmesg

[75290.601990] usb 2-1.5: new high-speed USB device number 3 using ehci-pci

[75290.853090] usb-storage 2-1.5:1.0: USB Mass Storage device detected

[75290.853174] scsi4 : usb-storage 2-1.5:1.0

[75290.853228] usbcore: registered new interface driver usb-storage

[75292.355579] scsi 4:0:0:0: Direct-Access HP v210w 1100 PQ: 0 ANSI: 0 CCS

[75292.355791] scsi 4:0:0:0: alua: supports implicit and explicit TPGS

[75292.356368] scsi 4:0:0:0: alua: No target port descriptors found

[75292.356371] scsi 4:0:0:0: alua: not attached

[75292.356473] sd 4:0:0:0: Attached scsi generic sg2 type 0

[75292.357107] sd 4:0:0:0: [sdb] 31703040 512-byte logical blocks: (16.2 GB/15.1 GiB)

[75292.357944] sd 4:0:0:0: [sdb] Write Protect is off

[75292.357946] sd 4:0:0:0: [sdb] Mode Sense: 43 00 00 00

[75292.358813] sd 4:0:0:0: [sdb] No Caching mode page found

[75292.358817] sd 4:0:0:0: [sdb] Assuming drive cache: write through

[75292.361987] sd 4:0:0:0: [sdb] No Caching mode page found

[75292.361992] sd 4:0:0:0: [sdb] Assuming drive cache: write through

[75292.363072] sdb: sdb1 sdb2

[75292.365816] sd 4:0:0:0: [sdb] No Caching mode page found

[75292.365819] sd 4:0:0:0: [sdb] Assuming drive cache: write through

[75292.365823] sd 4:0:0:0: [sdb] Attached SCSI removable disk

It this example, Our Pen Drive model is “HP v210w”. The Removable storage passtrought is so easy in XenServer and Citrix do it for your automatically and no command need. If you open “OpenXenManager” program and click on “Storage” tab in the main page then you can see that XenServer did it for you automatically :

Figure 77 : Removable storage.

For add it to your VM just click on your VM name on the main window then click on “Storage” tab and click on “Attach” button and select “Removable Storage” and click on “Attach” button :

Figure 78 : USB Pass-through.

After it, If you go to your VM then you can see that you Pen Drive mounted.

For unplug a Removable storage you can select it and click on “Detach” button.

You can do it by command line too. Do below steps :

1- fdisk -l

[root@xenserver ~]# fdisk -l

WARNING: GPT (GUID Partition Table) detected on '/dev/sda'! The util fdisk doesn't support GPT. Use GNU Parted.


Disk /dev/sda: 1000.2 GB, 1000204886016 bytes

256 heads, 63 sectors/track, 121126 cylinders

Units = cylinders of 16128 * 512 = 8257536 bytes


Device Boot Start End Blocks Id System

/dev/sda1 <nowiki>* </nowiki>1 121127 976762583+ ee EFI GPT


Disk /dev/sdc: 16.2 GB, 16231956480 bytes

255 heads, 63 sectors/track, 1973 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes


Device Boot Start End Blocks Id System

/dev/sdc1 1 1974 15850496 b W95 FAT32

As you see, “/dev/sdc1” is my Pen Drive.

2- cd /dev/disk/by-id/

[root@xenserver ~]# cd /dev/disk/by-id/

3- ls

[root@xenserver by-id]# ls

scsi-SATA_ST1000DL002-9TT_W1V0RX1H scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part3

scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238

scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part2 usb-HP_v210w_AA00000000000238-part1

[root@xenserver by-id]#

4- doing below command :

xe sr-create type=lvm content-type=user device-config:device=/dev/disk/by-id/scsi-SATA_ST1000DL002-9TT_W1V0RX1H-part1 usb-HP_v210w_AA00000000000238 name-label=”Local USB Storage”

5- After it you can see that it appear in your main window of “OpenXenManager” as “ Local USB Storage”.

Snapshots

Sometimes you need test a software of update packages but it may harm your VM and you don't like to reinstall and configure your OS. The Snapshot is a good option for you and you can back to the previous state. Let me to show you that how you can do it.

In the main window on “OpenXenManager” click your VM that you like create a snapshot of it, Then click on “Snapshots” tab. After it, click on “Take Snapshot” button and you can see a window that asked you to write a name for your snapshot :

Figure 79 : VM Snapshot.

After it, You can see that a Snapshot is created :

Figure 80 : Snapshot created.

You can see it in Citrix XenCenter too and XenCenter show it more understandable:

Figure 81 : Snapshot Diagram.

As you see, XenCenter show it in a good diagram and you can select your snapshot and right click on it and the Select “Revert To” for back to the previous state. When you select “Revert To” the XenCenter show you a message like below :

Figure 82 : Warning Message.

XenCenter ask you that are you sure to back to this Snapshot or not, If you are sure then click “Yes”. After it, XenCenter show you a window like below:

Figure 83 : Take Snapshot Window.

The XenCenter like to create another Snapshot and Enter a name for your Snapshot, For example, I enter “My snapshot”. After it our diagram is something like below :

Figure 84 : XenCenter Snapshots tab.

After it, My VM back to the previous state and as you can see in the diagram, the Green arrow point to the “Now”. If I right click on “My snapshot” and select “Revert To” then The XenCenter show me a same window like “Figure 82” but I deselect “Take a snapshot of...” and click yes because I don't like to create another snapshot of my current state. After it, You can see that your VM back to the state that you did change to your VM. The current Diagram is something like below :

Figure 85 : Back to “My snapshot”.

You can do all of these via “xe” too.

SSH to your XenServer and do below steps :

xe vm-snapshot vm=Your VM name new-name-label="Your Label"

[root@xenserver ~]# xe vm-snapshot vm=Windows\ 7\ \(32-bit\)\ \(2016-08-13\) new-name-label="My Snapshot"

7f562a5f-7614-9991-5952-d8106cb10433

In “vm” parameter select the name of your VM that you want create a Snapshot from it.

After it, You can see that a Snapshot created for you and you can doing changes. For Revert to your Snapshot use below command :

xe snapshot-revert snapshot-uuid=UUID

[root@xenserver ~]# xe snapshot-revert snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433

After it, You can see that your VM back to the previous state. For list the snapshot you can use below command :

xe snapshot-list

[root@xenserver ~]# xe snapshot-list

uuid ( RO) : 7f562a5f-7614-9991-5952-d8106cb10433

name-label ( RW): My Snapshot

name-description ( RW):

For remove a snapshot use below command :

xe snapshot-uninstall snapshot-uuid=UUID

[root@xenserver ~]# xe snapshot-uninstall snapshot-uuid=7f562a5f-7614-9991-5952-d8106cb10433

The following items are about to be destroyed

VM : 7f562a5f-7614-9991-5952-d8106cb10433 (My Snapshot)

VDI: f0ad2781-5c8b-4202-898c-44f9cde4e9e1 (0)

Type 'yes' to continue

yes

All objects destroyed

Join your Citrix XenServer to Windows Domain

You can join your XenServer to the Windows Domain and use Active Directory accounts for work with XenServer. For do it, In the main window of “OpenXenManager” click on “Users” tab and then click on “Join Domain” button. In the Citrix XenCenter you can do it with the same steps but let us explain it via CLI.

SSH to your XenServer and execute below command :

xe pool-enable-external-auth auth-type=AD service-name=”Your Domain name” config:user=”Your Active Directory User name” config:pass=”Your Active Directory Password”

[root@xenserver ~]# xe pool-enable-external-auth auth-type=AD service-name=mydomain.com config:user=mohsen config:pass=XenServer

After it, You can see that “Join Domain” button in “Users” tab is disabled and “Leave Domain” enabled.

After it, You must give access to your AD users or Groups :

xe subject-add subject-name=”Your AD user name or group name”

[root@xenserver ~]# xe subject-add subject-name=jokar

fc21d498-1a35-b24c-9d27-c6f2153dde56

For remove a User access use below command :

xe subject-remove subject-uuid=”User UUID”

[root@xenserver ~]# xe subject-remove subject-uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56

For see your current list you can use below command :

xe subject-list

[root@xenserver ~]# xe subject-list

uuid ( RO) : fc21d498-1a35-b24c-9d27-c6f2153dde56

subject-identifier ( RO): S-1-5-21-3570103376-2371597222-4282842042-1303

other-config (MRO): subject-name: MYDOMAINN\jokar; subject-upn: JOKAR@MYDOMAIN.COM; subject-uid: 128451863; subject-gid: 128451073; subject-sid: S-1-5-21-3570103376-2371597222-4282842042-1303; subject-gecos: MOHSEN JOKAR; subject-displayname: MOHSEN JOKAR; subject-is-group: false; subject-account-disabled: false; subject-account-expired: false; subject-account-locked: false; subject-password-expired: false

roles (SRO): pool-admin

But, When you add a user you can't do anything with the user in XenServer. Why? It is because you must give a role to the user. In below table, You can see the permissions for each role :


Role permissions Pool Admin Pool Operator VM Power Admin VM Admin VM Operator Read Only
Assign/modify roles
Log in to (physical) server consoles (through SSH and XenCenter)
Server backup/restore
Import/export OVF/OVA packages and disk images
Convert virtual machines using XenServer Conversion Manager
Log out active user connections
Create and dismiss alerts
Cancel task of any user
Pool management
Switch port locking
VM advanced operations
VM create/destroy operations
VM change CD media
View VM consoles
XenCenter view mgmt ops
Cancel own tasks
Read audit logs
Connect to pool and read all pool metadata

For give a role to a user name or group do below step :

xe subject-role-add uuid=”User name or Group UUID” role-name=

role-name is :

  • pool-admin
  • pool-operator
  • vm-power-admin
  • vm-admin
  • vm-operator
  • read-only

For example :

[root@xenserver ~]# xe subject-role-add uuid=fc21d498-1a35-b24c-9d27-c6f2153dde56 role-name=pool-admin

After it, Your user become a “Pool admin” and according to the above table can do anything with your XenServer.

For use the user name that you grant it access just use the user name instead of “root”.

Backup and Restore

For create a Backup from your VM in XenServer. You can use command line and Third party. We just show you CLI but if you like an automate system that Backup your VM then you can look at “http://www.acronis.com/en-us/business/backup-advanced/citrix/” , “http://www.xenserver-backup.com/” , “https://xen-orchestra.com/” and “https://www.veritas.com/support/en_US/article.TECH74309”. Some free Scripts are exist too : “https://github.com/NAUbackup/VmBackup” and “https://github.com/aviadra/Xen-pocalypse”.

OK, For create a Backup from a VM you must Shutdown your VM by default but some of third party let you to create a backup without shutdown. Let's start!

SSH to your XenServer or use “Console” tab in the main window of “OpenXenManager” or “Citrix XenCenter” :

xe vm-list

After it, You can see a list of your Vms. For example :

[root@xenserver ~]# xe vm-list

uuid ( RO) : e3ac9c9f-07be-96ca-ebb7-b5304cd45f50

name-label ( RW): My Debian

power-state ( RO): halted


uuid ( RO) : 35462d0b-938d-7658-5878-496f180b2027

name-label ( RW): Windows 7 (32-bit) (2016-08-13)

power-state ( RO): running


uuid ( RO) : 51c9e0e0-f2b0-4bec-806d-1f632437c474

name-label ( RW): Control domain on host: xenserver

power-state ( RO): running

In this example, I want create a backup from my “Windows 7” VM. First of all, I must shutdown the VM :

xe vm-shutdown uuid=”UUID of your VM”

[root@xenserver ~]# xe vm-shutdown uuid=35462d0b-938d-7658-5878-496f180b2027

[root@xenserver ~]#

Then, You should use below command with a path. Don't forget, Never use “/” of your XenServer for copy files and… Because if “/” become full then it cause your XenServer crashed.

If you like mount a directory via a remote IP the you must use “mount” command. First of all, Share the folder on remote computer and then execute below command on your XenServer :

# mkdir /home/share

# mount -t cifs //”IP Address of remote computer” -o username=”Username”,password=”Password” /home/share/

For example :

# mount -t cifs //192.168.1.1/MyDIR -o username=”Username”,password=”Password” /home/share/

Now, I can create a backup and export my VM to “/home/share/” directory :

xe vm-export uuid=”UUID of your vm” filename=”Path and file name with .xva”

[root@xenserver ~]#xe vm-export uuid=35462d0b-938d-7658-5878-496f180b2027 filename=/home/share/myback.xva

For Restoring a backup you can use below command :

xe vm-import filename=”Path and file name with .xva”

[root@xenserver ~]#xe vm-import filename=/home/share/myback.xva

Hotfix

It is an important part of XenServer and via Hotfixes you can solve security holes and other XenServer problems.

When a security hole or bug found in XenServer then Citrix company provide patch for solve it. We want to show you that how you can patch your XenServe.

Firs of all, Go to “http://support.citrix.com/article/CTX138115” and select your XenServer Version. After it you can find some patches that started with “CTX” words. When you click on a Hotfix then Citrix show you some information about the hotfix and tell you that which problems solved by this hotfix.

Download the Hotfix and it is a .zip file. When download completed, You must extract this .zip file and move update file to your XenServer. You can extract it on your client or move it to XenServer and extract there. When you unzip the file then you have two files. A file with .xsupdate and a file with .tar.bz2. The .xsupdate file is your update file and another file that is compressed(.tar.bz2) is the source code of the update file. Don't forget, Citrix open sourced XenServer in 2013 and must provide the source code. For more information you can read “https://www.citrix.com/blogs/2013/06/25/xenserver-6-2-is-now-fully-open-source/”. I move the file via “scp” command to my XenServer and extracted it there.

For update your XenServer you must use below command :

xe patch-upload file-name=”The file with .xsupdate”

[root@xenserver home]# xe patch-upload file-name=XS65ESP1.xsupdate

7f2e4a3a-4098-4a71-84ff-b0ba919723c7

[root@xenserver home]#

Then :

xe patch-apply uuid=<UUID of the patch> host-uuid=<UUID of the host>

[root@xenserver home]# xe patch-apply uuid=7f2e4a3a-4098-4a71-84ff-b0ba919723c7 host-uuid=638b5767-3ef5-4fed-9553-06f1c2f61f52

6972a5fc-f265-d32c-52ff-47bf96221309 is the local tools SR: scanning

Done

Preparing... ##################################################

xen-device-model ##################################################

Preparing... ##################################################

xen-hypervisor ##################################################

Preparing... ##################################################

xen-tools ##################################################

Preparing... ##################################################

xen-libs ##################################################

Preparing... ##################################################

xen-dom0-tools ##################################################

Preparing... ##################################################

xen-dom0-libs ##################################################

Preparing... ##################################################

xen-ocaml-libs ##################################################

Preparing... ##################################################

guest-templates ##################################################

Preparing... ##################################################

lvm2 ##################################################

Preparing... ##################################################

upgrade-plugin ##################################################

Preparing... ##################################################

xapi-core ##################################################

Preparing... ##################################################

xapi-xenopsd ##################################################

Preparing... ##################################################

xapi-rrdd ##################################################

Preparing... ##################################################

Stopping XCP RRDD plugin xcp-rrdd-iostat: [ OK ]

Stopping XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]

Stopping XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]

rrdd-plugins ##################################################

Starting XCP RRDD plugin xcp-rrdd-iostat: [ OK ]

Starting XCP RRDD plugin xcp-rrdd-squeezed: [ OK ]

Starting XCP RRDD plugin xcp-rrdd-xenpm: [ OK ]

Preparing... ##################################################

blktap ##################################################

Preparing... ##################################################

sm ##################################################

Preparing... ##################################################

tzdata ##################################################

Preparing... ##################################################

kernel ##################################################

unable to stat /sys/class/block//var/swap/swap.001: No such file or directory

Preparing... ##################################################

vgpu ##################################################

Preparing... ##################################################

linux-guest-loader-data ##################################################

Preparing... ##################################################

hwdata ##################################################

Preparing... ##################################################

xenserver-transfer-vm ##################################################

Preparing... ##################################################

openvswitch ##################################################

Preparing... ##################################################

v6d ##################################################

Preparing... ##################################################

glibc ##################################################

Preparing... ##################################################

glibc-common ##################################################

Waiting for xapi to signal init complete

Removing any existing built-in templates

Regenerating built-in templates

[root@xenserver home]#

After it, You can use “xe patch-list” for see a list of patches :

[root@xenserver home]# xe patch-list

uuid ( RO) : 5200911d-5f79-4149-abca-0556af77b14d

name-label ( RO): XS65E003

name-description ( RO): Public Availability: security fixes to glibc

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartHost


uuid ( RO) : 30d3992b-ac0a-45e8-9e93-d4b2e9bb235f

name-label ( RO): XS65E006

name-description ( RO): Public Availability: security fixes to Xen

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartHost


uuid ( RO) : 9f9d57ff-3a04-4385-9744-f961b44a1db4

name-label ( RO): XS65E001

name-description ( RO): Public Availability: XenCenter fixes for XS 6.5

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO):


uuid ( RO) : 7f2e4a3a-4098-4a71-84ff-b0ba919723c7

name-label ( RO): XS65ESP1

name-description ( RO): Public Availability: XenServer 6.5 Service Pack 1 (SP1)

size ( RO): 254832812

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartHost


uuid ( RO) : 0fedb090-7d7a-4dce-afac-34d56d4c9aff

name-label ( RO): XS65E002

name-description ( RO): Public Availability: XenTools fixes

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartXAPI


uuid ( RO) : 70ef547a-125c-44fc-9cc3-1b709c9b7431

name-label ( RO): XS65E007

name-description ( RO): Public Availability: Security fixes for Xen Device Model

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartHost


uuid ( RO) : d3c08fcb-daa0-4410-bdb2-c298109e88ad

name-label ( RO): XS65E008

name-description ( RO): Public Availability: Fix for Dom0 kernel

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO): restartHost


uuid ( RO) : 492ca007-bf7b-454f-8e5c-63a991a52449

name-label ( RO): XS65E005

name-description ( RO): Storage fixes to prevent disk corruption

size ( RO): 0

hosts (SRO): 638b5767-3ef5-4fed-9553-06f1c2f61f52

after-apply-guidance (SRO):


[root@xenserver home]#

Done.

When the update completed, Don't forget to remove the Hotfix files. The “/” must not full.

You can use Citrix XenCenter for do it too. Open XenCenter and from the left side click on “Notifications” then click on “Update” and after it click on “Check for Update Now” :

Figure 86 : Update.


After it, If any update exist then a list of updates show:

Figure 87 : List of updates.


Select a update and from “Actions” section click on Down arrow and then click on “Download and Install”. XenCenter Detect your XenServer(s) and when you select your XenServer Download start :

Figure 88 : Download completed.

When Download completed, Click on “Next” and XenServer check the server for apply update :

Figure 89 : Checking Server.

When everything is OK, Click on “Next”:

Figure 90 : Ready for install the update.

Click on “Install update” For start installing :

Figure 91 : Installing update.


When installing done then XenCenter rebooted XenServer automatically and waiting for XenServer to become ready(Go up) :

Figure 92 : Update applied.

Everything is OK, Click on “Finish” and do these steps for other updates too.

Citrix XenConvert

According to the Citrix website : Citrix® XenConvert™ is a physical-to-virtual (P2V) conversion tool for converting a Windows operating system, applications, and data from a physical machine to a XenServer virtual machine, Provisioning Services vDisk, virtual appliance in the Open Virtualization Format (OVF), or disk image in the Virtual Hard Disk format.

We want to show you that how you can use this tool. First of all, Download the XenConvert from “https://www.citrix.com/go/products/xenserver/xenserver-xenconvert-free.html” and install it on a Machine that you want convert it. XenConvert need .NET Framework 4. If it a VM that exist on VMWare or VirtualBox then Please remove additional tools on your VM : “Guest Additions” for VirtualBox, “Integration Services” for Microsoft Hyper-V and “VMWare Tools” for ESXi . After it, Execute XenConvert. You will see a window like below :



Figure 93 : XenConvert.


As you see, The “From” option is selected as “This Machine” and in “To” option you can select the destination of conversation. If you like your Machine moved to the XenServer directly then select “XenServer” and if you like your VM convert to a package then select OVF. The Citrix XenConvert provide other options too :


Figure 94 : “To” options.

For more information about “OVF” format you can read “https://en.wikipedia.org/wiki/Open_Virtualization_Format”.

After it, Click “Next”.

In the next windows, You must select the the Volume(Partition) that you want converted to the VM. We just like Drive C converted thus selected “C:” in the “Source Volume”.

Figure 95 : Select the Volume.


In the next window, You must enter your XenServer information like the Citrix XenServer IP address, User name that have properly privilege(root) and Password for User name. In the “Workspace” you must specify a location that XenConvert store the OS on it and then move it to the Citrix XenServer. Click on “Browse...” button and specify a location. For example, We selected drive D.

Figure 96 : provide XenServer information.

After it, Click on “Next” button and XenConvert check the User name and password that you entered. If the User name and Password are correct then you see another window like below :

Figure 97 : Select “VM Name” and “Storage Repository”.

By default, XenConvert select your Computer name as “VM Name” but you can modify it. In “Storage Repository” you can select your XenServer storage that you like the machine store on it.

Click on “Next” button. You can see a window like below :

Figure 98 : Information about our job.

If you like XenConvert save the result of the convert then select “Log names of...” option. Click on “Convert” button.

After a few seconds, A message like below showing and Citrix wants to create a Virtual partition and you must format this Virtual Partition :

Figure 99 : Format Virtual Partition.

After it, Converting started.

Figure 100 : Converting started.

The Virtual partition that XenConvert created has the same size of partition that you selected in Figure 96 as “Workspace”.

Install other packages in XenServer

Sometimes you need to install other package on your XenServer that not exist in XenServer repository. For example, Some users like “traceroute” but if you use “yum install traceroute” then you got an error like below :

[root@xenserver ~]# yum install traceroute

Loaded plugins: fastestmirror

Determining fastest mirrors

citrix | 951 B 00:00 

Setting up Install Process

No package traceroute available.

Nothing to do

How you can install other packages in XenServer? We will show you.

XenServer use Citrix yum repository by default :

[root@xenserver ~]# yum repolist enabled

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

repo id repo name status

citrix XenServer 6.5.0 updates 0

repolist: 0

We must disable it but you have two ways : 1- Disable it temporary 2- Disable it permanently

For disable it temporary you can use below command :

#yum --enablerepo=base --disablerepo=citrix install “Your Package name”


For example :

#yum --enablerepo=base --disablerepo=citrix install traceroute


For disable it permanently you can use below command :

#sed -i -e "s/enabled=0/enabled=1/" /etc/yum.repos.d/CentOS-Base.repo


Then install your package :

#yum install traceroute


Don't forget, It is not a normal way and you must not install third party on your XenServer.




Clone VM

Fortunately, Clone a Xen VM is so easy and with “dd” command you can do it in one step. We use “dd” command if our VM use “LVM” and if our VM is a file (.img) then it is so easy and just copy your image to other place.

I hope you can remember our “LVM” scheme but don't worry if you can't remember it. Just use “lvdisplay” command :

[root@localhost ~]# lvdisplay

--- Logical volume ---

LV Path /dev/Xen/OpenSUSE

LV Name OpenSUSE

VG Name Xen

LV UUID dt4UiA-66k5-dd51-2AQ9-CLob-PyR3-Uvcy7u

LV Write Access read/write

LV Creation host, time localhost.localdomain, 2016-05-08 04:33:19 -0400

LV Status available

<nowiki># open </nowiki>0

LV Size 20.00 GiB

Current LE 5120

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:2


--- Logical volume ---

LV Path /dev/Xen/linux

LV Name linux

VG Name Xen

LV UUID ryXghI-gXCq-S4qp-FIhF-q9Fx-GgM3-1Sfe2N

LV Write Access read/write

LV Creation host, time localhost.localdomain, 2016-05-10 09:11:19 -0400

LV Status available

<nowiki># open </nowiki>0

LV Size 20.00 GiB

Current LE 5120

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:3

In this example, I like to create a clone of “/dev/Xen/linux” and as you it is about 20.00 GiB :

“dd” Syntax is : dd if=<source file name> of=<target file name> [Options]

# dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K
[root@localhost ~]# dd if=/dev/Xen/linux of=/home/mohsen/myclone.img bs=1K

20971520+0 records in

20971520+0 records out

21474836480 bytes (21 GB) copied, 381.062 s, 56.4 MB/s

OK, Command finished and on other server that you like clone your VM on it you should create a “LVM” similar to current server. If you look at “Storage and Networking” part then you will find the instruction of it via “pvcreate” , “vgcreate” and “lvcreate” commands.

I assume that you copy your .img file from current server to other server via “scp” command and create your Volume Group and everything is ready for run “ lvcreate” command :

# lvcreate -L 20G -v -n linux Xen


After it, You must use “dd” command for clone it on your new Volume on your new server :

# dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k
[root@localhost ~]# dd if=/home/mohsen/myclone.img of=/dev/Xen/linux bs=1k

20971520+0 records in

20971520+0 records out

21474836480 bytes (21 GB) copied, 2004.95 s, 10.7 MB/s

Everything is OK and you can config your Xen VM to use this “LVM”.

Recovery

We spoke something about cloning a VM and I guess you thinking about how you can Fix or recover a VM when it is corrupted. To be honest, The best way for it is make a backup from your VM. If your VM use .img then you can copy it to other place as a backup if your VM use LVM then you can cloning and keep it as a backup.

In Linux, You can use “testdisk” utility that it is a free and open source data recovery tool for recovery .img files or partitions. It is installed by default but if your Dom0 not have it then you can install it manually. Our Dom0 is Fedora and we use below command :

# dnf install testdisk

OK, When installing complete then you can use “testdisk” command. According to “http://www.cgsecurity.org/” the full syntax is :

# testdisk [/debug] [/log] [/logname file.log] /cmd [file.dd|file.e01|device] cmd

For example, I like to recovery my VM image and I use below command :

# testdisk /home/mohsen/Windows7.img

Work with this tool is easy. “testdisk” will show you the number of partition that your VM has and you can select your Intended partition and after it select suitable options and recovery will start :

Figure 101 : TestDisk.

How to auto start XEN VMs after reboot of DOM0

A good option for your Xen server is auto start. Sometimes your Server crashed or you have Power problem or for any reason your server rebooted or powered off. Suppose, You have a lot of Vms on your Dom0 and all of your Vms must be start immediately. What you should do? A system administrator answer this question with a Script that start all Xen Vms or specific Vms after each reboot but Xen Project provide a good option for your in this conditions.

It is so easy and Let me to explain it.

If you look at “/etc/xen/” directory then you will find a directory with the name “auto”. If you put a link of your VM configuration file in this photo then your VM started automatically any time that your Dom0 rebooted. We use “ln” command in Linux for create a Link :

[root@localhost ~]# cd /etc/xen/auto/
[root@localhost ~]# ln -s /etc/xen/windows.cfg

In this example, I created a Link of “windows.cfg” and this VM started automatically any time that my Dom0 rebooted.

OK, I rebooted Dom0 intentional and after it my DomU started automatically :

[root@localhost ~]# xl list

Name ID Mem VCPUsStateTime(s)

Domain-0 0 3659 8 r----- 53.4

Windows10 2 4096 4 -b---- 48.7

As you see, My VM with the name “Windows10 “ started.

Monitoring Via Nagios

Nagios is a free and open source software that help system administrators for monitoring Systems, Networks, services and… Nagios now known as “Nagios Core”. It is true that The Xen project provide a monitoring tool by default and you can install other Linux monitoring tools too but a product like Nagios can help you in some situations.

We want to show you that how you can install Nagios from source code.

First of all, You should install some packages. We use Fedora server and Dom0 so :

[root@localhost ~]# dnf install -y httpd php gcc glibc glibc-common gd gd-devel make net-snmp

After it, We should create a user with the name “nagios” and a group with the name “nagcmd” :

[root@localhost ~]# useradd nagios
[root@localhost ~]# groupadd nagcmd

Then :

[root@localhost ~]# usermod -G nagcmd nagios
[root@localhost ~]# usermod -G nagcmd apache

After it, We create a directory for download “Nagios core” source code :

[root@localhost ~]# mkdir /root/nagios

Then, use “cd” command for change directory as below :

[root@localhost ~]# cd /root/nagios/

After it, We use “wget” tool for download “Nagios core” and “Nagios Plugins” source code. At the time of writing this book, the Nagios version was 4.0.1 and the URL to download it was as below :

[root@localhost nagios]# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.1.tar.gz
[root@localhost nagios]# wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz

OK,When download finished,we use “gunzip” and “tar -xf” commands for extract the packages. When packages extracted, we use “cd” command for change to the “nagios-4.0.1” directory and issue below commands :

[root@localhost nagios]# ./configure –with-command-group=nagcmd
[root@localhost nagios]# make all
[root@localhost nagios]# make install
[root@localhost nagios]# make install-init
[root@localhost nagios]# make install-commandmode
[root@localhost nagios]# make install-config

If you like receiving email alerts then open below file via an editor like “nano” and set the “email address” with the correct email address :

[root@localhost nagios]# nano /usr/local/nagios/etc/objects/contacts.cfg

When everything is done the we use below command for configure web interface for nagios :

[root@localhost nagios]# make install-webconf

After it, we use below command for Create password for “nagiosadmin” account :

[root@localhost nagios]# htpasswd -s -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Now, We must start “httpd” service :

[root@localhost nagios]# systemctl start httpd.service

OK, “Nagios Core” installed successfully and we must install “Plugins”. I hope you extracted “nagios-plugins-1.5” package in the first step and we are ready to install it. Use “cd” command for change to “nagios-plugins-1.5” directory and issue below commands :

[root@localhost nagios]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
[root@localhost nagios]# make && make install

OK, Everything is done and we must check our configuration file :

[root@localhost nagios]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Nagios Core 4.0.1 

Copyright (c) 2009-present Nagios Core Development Team and Community Contributors

Copyright (c) 1999-2009 Ethan Galstad

Last Modified: 10-15-2013

License: GPL


Website: http://www.nagios.org

Reading configuration data...

Read main config file okay...

Read object config files okay...


Running pre-flight check on configuration data...


Checking objects...

Checked 9 services.

Checked 2 hosts.

Checked 1 host groups.

Checked 0 service groups.

Checked 1 contacts.

Checked 1 contact groups.

Checked 25 commands.

Checked 5 time periods.

Checked 0 host escalations.

Checked 0 service escalations.

Checking for circular paths...

Checked 2 hosts

Checked 0 service dependencies

Checked 0 host dependencies

Checked 5 timeperiods

Checking global event handlers...

Checking obsessive compulsive processor commands...

Checking misc settings...


Total Warnings: 0

Total Errors: 0

Things look okay - No serious problems were detected during the pre-flight check


As use see, “Things look okay - No serious problems were detected during the pre-flight check”, Then :

# chkconfig --add nagios
# chkconfig --level 35 nagios on
# systemctl enable httpd.service
# systemctl start httpd
# systemctl start nagios

The “Nagios Core” use port “5666” and we must open this port via “iptables” for remote control :

# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5666 -j ACCEPT
# iptables-save

If you remember, We spoke about “Selinux” and told you that you must not disable it, But the Selinux can cause problems and show you an error message like “Internal Server Error” when you attempt to access the Nagios CGIs. You can put Selinux in Enforcing mode :

# getenforce

But Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:

# chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
# chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

OK, All steps finished and we are ready for logging to the “Nagios”. Open a web browser and write your server IP address in URL as below :

http://172.30.9.20/nagios

In this example, Our server IP address is “172.30.9.20”.

Figure 102 : Nagios logging.


In “User Name” write “nagiosadmin” and in “Password” write a password that you choice. After it, We will see the “Nagios Core” page as below :

Figure 103 : Nagios.

OK, If you click on “Hosts” and “Services” then you can see the current situation of your machine.

For some reasons, You don't like to install Nagios on your Xen Project machine and like to dedicate a server for it and just like to monitor your Xen Project. In this situation, You must install “Nagios Core” and “Nagios Plugin” on a server as we learned and install NRPE on your Xen Project server as below :

First of all, Install necessary packages :

# yum install -y gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel perl
# yum install xinetd

Then, Create a directory as below and download necessary packages :

# mkdir /root/nagios
# wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz

Download NRPE from below URL :

https://sourceforge.net/projects/nagios/files/nrpe-2.x/

When download complete, You must create a “nagios” user :

# useradd nagios
# passwd nagios

Now, We must compile and install downloaded packages :

# tar xvfz nagios-plugins-1.4.11.tar.gz
# cd nagios-plugins-1.4.11
# ./configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
# make
# make install

Then, Change directory permission via below commands :

# chown nagios.nagios /usr/local/nagios
# chown -R nagios.nagios /usr/local/nagios/libexec/

Nagios Plugins installed and now we must install NRPE package. Extract package and do below steps :

# cd nrpe-2.12
# ./configure --enable-command-args
# make all
# make install
# make install-config
# echo >> /etc/services
# echo '# Nagios services' >> /etc/services
# echo 'nrpe 5666/tcp' >> /etc/services
# make install-init

You can see the output of commands here :

[root@localhost nrpe-3.0]# make all

cd ./src/; make

make[1]: Entering directory `/root/nagios/nrpe-3.0/src'

gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o nrpe ./nrpe.c ./utils.c ./acl.c -lssl -lcrypto -lnsl 

gcc -g -O2 -I/usr/include/krb5 -DHAVE_CONFIG_H -I ../include -I ./../include -o check_nrpe ./check_nrpe.c ./utils.c -lssl -lcrypto -lnsl 

make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'


*** Compile finished ***

You can now continue with the installation or upgrade process.

Read the PDF documentation (NRPE.pdf) for information on the next steps you should take to complete the installation or upgrade.

[root@localhost nrpe-3.0]# make install

cd ./src/; make install

make[1]: Entering directory `/root/nagios/nrpe-3.0/src'

make install-plugin

make[2]: Entering directory `/root/nagios/nrpe-3.0/src'

/usr/bin/install -c -m 755 -d /usr/local/nagios/bin

/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall

/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec

/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec

/usr/bin/install -c -m 775 -o nagios -g nagios check_nrpe /usr/local/nagios/libexec

make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'

make install-daemon

make[2]: Entering directory `/root/nagios/nrpe-3.0/src'

/usr/bin/install -c -m 755 -d /usr/local/nagios/bin

/usr/bin/install -c -m 755 ../uninstall /usr/local/nagios/bin/nrpe-uninstall

/usr/bin/install -c -m 755 nrpe /usr/local/nagios/bin

/usr/bin/install -c -m 644 ../startup/tmpfile.conf /usr/lib/tmpfiles.d/nrpe.conf

make[2]: Leaving directory `/root/nagios/nrpe-3.0/src'

make[1]: Leaving directory `/root/nagios/nrpe-3.0/src'
[root@localhost nrpe-3.0]# make install-config

/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc

/usr/bin/install -c -m 644 -o nagios -g nagios sample-config/nrpe.cfg /usr/local/nagios/etc

After it, We must enable nrpe service :

# systemctl enable nrpe.service

I'm sure, for some security reasons you don't like to disable iptables then for this reason you must let Nagios core and NRPE Communicate with each other :

# iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT
# iptables-save

OK. The next is step is edit “nrpe.cfg” file via an editor like “nano” :

# nano /usr/local/nagios/etc/nrpe.cfg

Then , find below lines and add your nagios server IP address and change value from “0” to “1” :

allowed_hosts=127.0.0.1,NAGIOS SERVER IP ADDRESS

dont_blame_nrpe=1

Then :

# systemctl start nrpe.service

Now, It's time to do the test :


  1. /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
[root@localhost nrpe-3.0]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1

NRPE vnrpe-3.0

OK, After it we must introduce our client to our Nagios server, So On Nagios server do below steps :

# touch /usr/local/nagios/etc/hosts.cfg

# touch /usr/local/nagios/etc/services.cfg

Open “hosts.cfg” file with nano editor and write below lines to it :

# nano hosts.cfg

define host{

name linux-box ; Name of this template

use generic-host ; Inherit default values

check_period 24x7 

check_interval 5 

retry_interval 1 

max_check_attempts 10 

check_command check-host-alive

notification_period 24x7 

notification_interval 30 

notification_options d,r 

contact_groups admins 

register 0 ; DONT REGISTER THIS - ITS A TEMPLATE

}

## Default

define host{

use linux-box ; Inherit default values from a template

host_name our-boy ; The name we're giving to this server

alias CentOS 7 ; A longer name for the server

address IP ADDRESS ; IP address of Remote Linux host

}


Open “services.cfg” file with nano editor and write below lines to it :

# nano services.cfg

define service{

use generic-service

host_name our-boy

service_description CPU Load

check_command check_nrpe!check_load

}

define service{

use generic-service

host_name our-boy

service_description SSH Monitoring

check_command check_nrpe!check_ssh

}

define service{

use generic-service

host_name our-boy

service_description FTP Monitoring

check_command check_nrpe!check_ftp

}

Then, Open “nagios.cfg” and add below line to it :

cfg_file=/usr/local/nagios/etc/hosts.cfg

cfg_file=/usr/local/nagios/etc/services.cfg

After it :

# nano /usr/local/nagios/etc/objects/commands.cfg

define command{

command_name check_nrpe

command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

}

You can install NRPE package on your Nagios Core too and check the connection between Nagios core and your client. For example :

[root@localhost nrpe-3.0]# /root/nagios/nrpe-3.0/src/check_nrpe -H “CLIENT IP ADDRESS”

NRPE vnrpe-3.0

Now, if you restart nagios service on Nagios core server then you can see your client on “Hosts” section.