The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
Note: also see https://www.slideshare.net/xen_com_mgr/ossna18-xen-beginners-training-exercise-script
The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
Hypervisors are becoming more and more widespread in embedded environments, from automotive to medical and avionics. Their use case is different from traditional server and desktop virtualization, and so are their requirements. This talk will explain why hypervisors are used in embedded, and the unique challenges posed by these environments to virtualization technologies.
Xen, a popular open source hypervisor, was born to virtualize x86 Linux systems for the data center. It is now the leading open source hypervisor for ARM embedded platforms. The presentation will show how the ARM port of Xen differs from its x86 counterpart. It will go through the fundamental design decisions that made Xen a good choice for ARM embedded virtualization. The talk will explain the implementation of key features such as device assignment and interrupt virtualization.
Xen Project is a static partitioning hypervisor for embedded deployments (industrial, medical, etc.) Xen enforces strong isolation between domains so that one cannot affect the execution of another. Features such as cache coloring reduce interference and improve interrupt latency and determinism. A real-time workload can run alongside a more complex guest. But can it be used in safety-critical environments? The Xen hypervisor has a microkernel design: services and tools are non-essential and run in unprivileged VMs, while the core is less than 50K LOC. This architecture lends itself well to safety-critical applications as only the core is critical and needs to go through the certification process. This presentation will describe the activities of the Xen FuSa SIG (Special Interest Group) to make Xen easier to safety-certify. It will go through the aspects of Xen that pertain safety and it will explain how to set up a mixed-criticality system with Xen. The talk will discuss the challenges of making an Open Source project safety-certifiable and the progress that the Xen community made so far in the areas of documentation and requirements, MISRA-C code compliance, and interference reduction.
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Stefano Stabellini
Static partitioning enables multiple domains to run alongside each other with no interference. They could be running Linux, an RTOS, or another OS, and all of them have direct access to different portions of the SoC. In the last five years, the Xen community introduced several new features to make Xen-based static partitioning possible. Dom0less to start multiple static domains in parallel at boot, and Cache Coloring to minimize cache interference effects are among them. Static inter-domain communications mechanisms were introduced this year, while "ImageBuilder" has been making system-wide configurations easier. An easy-to-use complete solution is within our grasp. This talk will show the progress made on Xen static partitioning. The audience will learn to configure a realistic reference design with multiple partitions: a LinuxRT partition, a Zephyr partition, and a larger Linux partition. The presentation will show how to set up communication channels and direct hardware access for the domains. It will explain how to measure interrupt latency and use cache coloring to zero cache interference effects. The talk will include a live demo of the reference design.
System Device Tree and Lopper: Concrete Examples - ELC NA 2022Stefano Stabellini
System Device Tree is an extension to Device Tree to describe all the hardware on an SoC, including heterogeneous CPU clusters and secure resources not typically visible to an Operating System like Linux. This full view allows the System Device Tree to be the "One true source" of the entire hardware description and helps to prevent the common (and hard-to-debug) problem of conflicting resources and system consistency. Lopper is an Open Source framework to parse and manipulate System Device Tree. With Lopper, it is possible to generate multiple traditional Device Trees from a single larger System Device Tree. This presentation will provide an overview of System Device Tree and will discuss the latest updates of the specification and tooling. The talk will illustrate multiple use-cases for System Device Tree with concrete examples, such as Linux running on the more powerful CPU cluster and Zephyr running on a smaller Cortex-R cluster. It will also show how to use Lopper to generate multiple traditional Device Trees targeting different OSes, not just Linux but also Zephyr/other RTOSes. Finally, an end-to-end demo based on Yocto to build a complete heterogeneous system with multiple OSes and RTOSes running on different clusters on a single reference board will be shown.
Adding support for you new shiny board in Xen on ARM is a simple task once you get a kernel running on bare metal.
This session will cover the different steps to port Xen on ARM from the firmware to the shell prompt in DOM0.
We will give you tips on the common pitfalls when you have your hypervisor, or your DOM0 kernel crashing. We will also provide suggestion on how to debug when the console is not working.
Static partitioning is becoming increasingly common in embedded. A static hypervisor, such as Xen dom0less, is employed to split the hardware resources into multiple domains and run a different OS in each domain. For instance, Linux and Zephyr. Only the simplest static partitioning configurations don't involve any data exchanges between the domains. Often, communication and data exchanges between two or more environments are required to complete the data processing pipeline that implements the target application. However, the VM-to-VM communication mechanisms available in static partitioning configurations are typically more limited compared to general-purpose hypervisors. For example, PV drivers are not available to Xen dom0less domains. This presentation will discuss the need for communication in static partitioning setups and it will present the technical challenges involved in getting traditional communication methods to work, including Xen PV drivers and VirtIO. The talk will also provide simpler alternatives based on shared memory and interrupt notifications to set up domain-to-domain data streams: simpler techniques that are easily exploitable both by Linux and by tiny baremetal applications as well.
Safety-Certifying Open Source Software: The Case of the Xen HypervisorStefano Stabellini
Safety is important to software everywhere human lives are at risk. In these environments often safety-certifications are required to ensure that the quality of the software is high enough to minimize the risk of harm to humans. Safety-certifications such as ISO 26262 come with a series of requirements and processes that sometimes clash with well-established Open Source software development practices. How do we reconcile safety-certifications with Open Source? This presentation will provide an answer to that question. Taking Xen as an example of an Open Source project with a rich 15+ years history, this presentation will explain the best way to match Open Source activities with safety-certification requirements. It will discuss the role of the upstream community and downstream vendors in achieving compliance with ISO 26262 and IEC 61508. It will go through the changes to Xen Project processes already underway and the ones planned for the future to align the Xen hypervisor with safety-certifications. The talk will cover MISRA, traceability, testing, etc., and the latest updates from the Xen FuSa working group.
Note: also see https://www.slideshare.net/xen_com_mgr/ossna18-xen-beginners-training-exercise-script
The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
Hypervisors are becoming more and more widespread in embedded environments, from automotive to medical and avionics. Their use case is different from traditional server and desktop virtualization, and so are their requirements. This talk will explain why hypervisors are used in embedded, and the unique challenges posed by these environments to virtualization technologies.
Xen, a popular open source hypervisor, was born to virtualize x86 Linux systems for the data center. It is now the leading open source hypervisor for ARM embedded platforms. The presentation will show how the ARM port of Xen differs from its x86 counterpart. It will go through the fundamental design decisions that made Xen a good choice for ARM embedded virtualization. The talk will explain the implementation of key features such as device assignment and interrupt virtualization.
Xen Project is a static partitioning hypervisor for embedded deployments (industrial, medical, etc.) Xen enforces strong isolation between domains so that one cannot affect the execution of another. Features such as cache coloring reduce interference and improve interrupt latency and determinism. A real-time workload can run alongside a more complex guest. But can it be used in safety-critical environments? The Xen hypervisor has a microkernel design: services and tools are non-essential and run in unprivileged VMs, while the core is less than 50K LOC. This architecture lends itself well to safety-critical applications as only the core is critical and needs to go through the certification process. This presentation will describe the activities of the Xen FuSa SIG (Special Interest Group) to make Xen easier to safety-certify. It will go through the aspects of Xen that pertain safety and it will explain how to set up a mixed-criticality system with Xen. The talk will discuss the challenges of making an Open Source project safety-certifiable and the progress that the Xen community made so far in the areas of documentation and requirements, MISRA-C code compliance, and interference reduction.
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Stefano Stabellini
Static partitioning enables multiple domains to run alongside each other with no interference. They could be running Linux, an RTOS, or another OS, and all of them have direct access to different portions of the SoC. In the last five years, the Xen community introduced several new features to make Xen-based static partitioning possible. Dom0less to start multiple static domains in parallel at boot, and Cache Coloring to minimize cache interference effects are among them. Static inter-domain communications mechanisms were introduced this year, while "ImageBuilder" has been making system-wide configurations easier. An easy-to-use complete solution is within our grasp. This talk will show the progress made on Xen static partitioning. The audience will learn to configure a realistic reference design with multiple partitions: a LinuxRT partition, a Zephyr partition, and a larger Linux partition. The presentation will show how to set up communication channels and direct hardware access for the domains. It will explain how to measure interrupt latency and use cache coloring to zero cache interference effects. The talk will include a live demo of the reference design.
System Device Tree and Lopper: Concrete Examples - ELC NA 2022Stefano Stabellini
System Device Tree is an extension to Device Tree to describe all the hardware on an SoC, including heterogeneous CPU clusters and secure resources not typically visible to an Operating System like Linux. This full view allows the System Device Tree to be the "One true source" of the entire hardware description and helps to prevent the common (and hard-to-debug) problem of conflicting resources and system consistency. Lopper is an Open Source framework to parse and manipulate System Device Tree. With Lopper, it is possible to generate multiple traditional Device Trees from a single larger System Device Tree. This presentation will provide an overview of System Device Tree and will discuss the latest updates of the specification and tooling. The talk will illustrate multiple use-cases for System Device Tree with concrete examples, such as Linux running on the more powerful CPU cluster and Zephyr running on a smaller Cortex-R cluster. It will also show how to use Lopper to generate multiple traditional Device Trees targeting different OSes, not just Linux but also Zephyr/other RTOSes. Finally, an end-to-end demo based on Yocto to build a complete heterogeneous system with multiple OSes and RTOSes running on different clusters on a single reference board will be shown.
Adding support for you new shiny board in Xen on ARM is a simple task once you get a kernel running on bare metal.
This session will cover the different steps to port Xen on ARM from the firmware to the shell prompt in DOM0.
We will give you tips on the common pitfalls when you have your hypervisor, or your DOM0 kernel crashing. We will also provide suggestion on how to debug when the console is not working.
Static partitioning is becoming increasingly common in embedded. A static hypervisor, such as Xen dom0less, is employed to split the hardware resources into multiple domains and run a different OS in each domain. For instance, Linux and Zephyr. Only the simplest static partitioning configurations don't involve any data exchanges between the domains. Often, communication and data exchanges between two or more environments are required to complete the data processing pipeline that implements the target application. However, the VM-to-VM communication mechanisms available in static partitioning configurations are typically more limited compared to general-purpose hypervisors. For example, PV drivers are not available to Xen dom0less domains. This presentation will discuss the need for communication in static partitioning setups and it will present the technical challenges involved in getting traditional communication methods to work, including Xen PV drivers and VirtIO. The talk will also provide simpler alternatives based on shared memory and interrupt notifications to set up domain-to-domain data streams: simpler techniques that are easily exploitable both by Linux and by tiny baremetal applications as well.
Safety-Certifying Open Source Software: The Case of the Xen HypervisorStefano Stabellini
Safety is important to software everywhere human lives are at risk. In these environments often safety-certifications are required to ensure that the quality of the software is high enough to minimize the risk of harm to humans. Safety-certifications such as ISO 26262 come with a series of requirements and processes that sometimes clash with well-established Open Source software development practices. How do we reconcile safety-certifications with Open Source? This presentation will provide an answer to that question. Taking Xen as an example of an Open Source project with a rich 15+ years history, this presentation will explain the best way to match Open Source activities with safety-certification requirements. It will discuss the role of the upstream community and downstream vendors in achieving compliance with ISO 26262 and IEC 61508. It will go through the changes to Xen Project processes already underway and the ones planned for the future to align the Xen hypervisor with safety-certifications. The talk will cover MISRA, traceability, testing, etc., and the latest updates from the Xen FuSa working group.
This document discusses Xen Dom0-less, an approach to running Xen virtual machines without a privileged Domain 0. Traditionally Xen uses a Dom0 to perform boot and configuration tasks, but this adds complexity. Dom0-less allows VMs to boot directly on the hardware using the device tree protocol. This reduces boot time and complexity while enabling safer configurations. Challenges include lack of VM monitoring and PV device support without Dom0. The status is that basic Dom0-less booting is implemented in Xen but more work is needed for true Dom0-less and PV device drivers.
The document summarizes the render thread process for drawing frames in HWUI on Android. It shows that on Android 4.0, UI operations occurred solely on the main thread, while on Android 5.0, UI operations are split between the main thread and a dedicated render thread. The render thread handles drawing frames in parallel to the main thread by syncing frame state, preparing the view tree, and performing the actual draw calls to improve performance.
The document discusses Linux memory management, describing how physical memory is divided into page frames and virtual memory allows processes to have a virtual view of memory mapped to physical memory using page tables, and covers topics like memory overcommit, page cache, swap space, and tools for monitoring memory usage.
This document discusses Linux memory management. It outlines the buddy system, zone allocation, and slab allocator used by Linux to manage physical memory. It describes how pages are allocated and initialized at boot using the memory map. The slab allocator is used to optimize allocation of kernel objects and is implemented as caches of fixed-size slabs and objects. Per-CPU allocation improves performance by reducing locking and cache invalidations.
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsThe Linux Foundation
The motivation of hypervisor based CPUFreq is to enable the one of the main PM use-cases (Dynamic voltage and frequency scaling) in virtualized system powered by Xen hypervisor. Rationale behind this activity is that CPU virtualization is done by hypervisor and the guest OS doesn't actually know anything about physical CPUs because it is running on virtual CPUs.
In this talk Oleksandr will briefly describe the possible approach of generic CPUFreq in Xen on ARM, the advantages and disadvantages of having DVFS support on ARM boards powered by Xen hypervisor and share results of his CPUFreq PoC which implies power consumption measurements with and without CPUFreq enabled on R-Car Gen3 based board as an example.
This document discusses Xen cache coloring and real-time performance in embedded systems. It introduces cache interference between virtual machines and the hypervisor solution of cache partitioning via cache coloring. Each VM is allocated its own portion of cache entries to prevent interference. Benchmark results show that with cache coloring, a motor control application execution time and interrupt response time remain stable even under high interference, whereas without coloring performance degrades significantly. Cache coloring effectively isolates workloads and enables mixed criticality systems on the same device.
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...The Linux Foundation
This talk presents a production-ready automotive virtualization solution with Xen. The key requirements that we focus are super-fast startup and recovery from failure, static virtual machine creation with dedicated resources, and performance effective graphics rendering. To reduce the boot time, we optimize the Xen startup procedure by effectively initializing Xen heap and VM memory, and booting multiple VMs concurrently. We provide fast recovery mechanism by re-implementing the VM reset feature. We also develop a highly optimized graphics APIs-forwarding mechanism supporting OpenGLES APIs up to v3.2. The pass rate of Khronos CTS in a guest OS is comparable to the Domain0’s. Our experiment shows that our virtualization solution provides reasonable performance for ARM-based automotive systems (hypervisor booting: less than 70ms, graphics performance: about 96% of Domain0).
Kernel Recipes 2015 - Kernel dump analysisAnne Nicolas
Kernel dump analysis
Cloud this, cloud that…It’s making everything easier, especially for web hosted services. But what about the servers that are not supposed to crash ? For applications making the assumption the OS won’t do any fault or go down, what can you write in your post-mortem once the server froze and has been restarted ? How to track down the bug that lead to service unavailability ?
In this talk, we’ll see how to setup kdump and how to panic a server to generate a coredump. Once you have the vmcore file, how to track the issue with “crash” tool to find why your OS went down. Last but not least : with “crash” you can also modify your live kernel, the same way you would do with gdb.
Adrien Mahieux – System administrator obsessed with performance and uptime, tracking down microseconds from hardware to software since 2011. The application must be seen as a whole to provide efficiently the requested service. This includes searching for bottlenecks and tradeoffs, design issues or hardware optimization.
This document discusses memory management techniques in Xen virtualization. It covers:
1) Xen uses a buddy allocator to hand out frames to guests and tracks memory usage and types with reference counts and a frametable.
2) For paravirtualized guests, Xen uses PV pagetables where the guest manages a PFN to MFN table and Xen provides a shared MFN to PFN table and checks guest pagetable contents.
3) For hardware-assisted guests, Xen supplies a second set of pagetables describing the PFN to MFN translation and access restrictions, which the CPU applies along with the guest's pagetables.
Building Embedded Linux Systems IntroductionSherif Mousa
This document provides an introduction to embedded Linux. It defines embedded Linux as using the Linux kernel and customizing user-space libraries and utilities for applications in consumer electronics, military, medical, and other industries. Creating an embedded Linux system involves selecting the right components to build the final system. A cross-compiler is used to build code for the target platform on the host development machine. Key components of an embedded Linux system include the bootloader, Linux kernel, filesystem, configuration files, C library, commands, and user applications.
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingBrent Muir
This presentation follows on from some research I conducted earlier this year in relation to the encryption software utilised by SanDisk USB thumb drives. The presentation details how to best process this data forensically. The presentation also explains how to flash USB thumb drives as part of this process to mimic SanDisk devices.
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...Akihiro Suda
nerdctl is a Docker-compatible CLI for containerd that provides the same UI/UX as Docker and Docker Compose. It supports features like lazy pulling via Stargz and encrypted images via OCIcrypt that are not yet available in Docker. While containerd includes ctr and crictl for debugging, nerdctl aims to be a full-featured CLI for container and image management with Docker-like usability. It can run on Linux, macOS via Lima virtual machines, and is working on native Windows support.
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsThe Linux Foundation
The document discusses hardware accelerated virtualization capabilities in ARM Cortex processors including the Cortex-A15. It describes new features like large physical addressing, virtualization extensions, and a virtual interrupt controller that allow multiple operating system instances and work environments to run simultaneously in isolation on ARM devices.
This document discusses Device Tree, which is a data structure used to describe hardware platforms in Linux. It consists of a series of named nodes and properties. Device Tree is compiled from a Device Tree Source file (.dts) into a binary blob (.dtb) by a Device Tree Compiler. It allows hardware information to be passed to the operating system at boot time without needing to be encoded in code. The format and common uses of Device Tree are explained along with how drivers can probe for devices based on Device Tree properties and nodes.
The presentation will cover Xen Automotive. We will elaborate technical solutions for the identified gaps:
1. ARM architecture - support HW virtualization extensions for embedded systems
2. Stability requirements
3. RT Scheduler
4. Rich virtualized peripheral support (WiFi, Gfx, MM, USB, etc.)
5. Performance benchmarking
6. Security
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsStefano Stabellini
This document discusses Xen for embedded and IoT applications. It proposes ViryaOS, a new Xen Project sub-project that would provide a secure Xen-based container runtime and build system for embedded and IoT use cases. ViryaOS would allow building and deploying multiple VMs and secure containers on embedded targets more easily than current methods. It aims to support real-time requirements, hardware access from containers, and dynamic deployment of workloads.
This document discusses using paravirtualized devices in Linux guests running on Xen in HVM (hardware virtual machine) mode. It offers the benefits of HVM like installing the same as native while also providing access to fast paravirtualized devices. Initial support added xenbus and grant table support while later enhancements added ballooning, spinlocks, and interrupt/MSI remapping. Benchmarks show PV on HVM performs close to PV guests for PV-favored workloads and far ahead for nested paging workloads. PV on HVM provides a spectrum of performance between HVM and PV guests.
This document describes how to set up a thin client deployment using PXE boot in a Microsoft-dominated network environment. Key steps include:
1. Configuring the DHCP server to provide PXE boot options and boot file information.
2. Preparing the RIS server by creating a PXE directory structure and boot images using the PXES tool.
3. Addressing bugs in PXES related to USB support, Samba password changes, and keyboard mappings to allow booting into a Linux environment and connecting to Windows terminal servers.
Installation of VMWare Workstation,Creation of VM image of base operating system,Installation of QEMU on Ubuntu 12.10,KVM on Ubuntu 12.10 and managing a VM on it,KVM and guest operating system on CentOS 6.3,Installing Guest OS in KVM using Command Line,Installation of VMware ESX Server,
This document discusses Xen Dom0-less, an approach to running Xen virtual machines without a privileged Domain 0. Traditionally Xen uses a Dom0 to perform boot and configuration tasks, but this adds complexity. Dom0-less allows VMs to boot directly on the hardware using the device tree protocol. This reduces boot time and complexity while enabling safer configurations. Challenges include lack of VM monitoring and PV device support without Dom0. The status is that basic Dom0-less booting is implemented in Xen but more work is needed for true Dom0-less and PV device drivers.
The document summarizes the render thread process for drawing frames in HWUI on Android. It shows that on Android 4.0, UI operations occurred solely on the main thread, while on Android 5.0, UI operations are split between the main thread and a dedicated render thread. The render thread handles drawing frames in parallel to the main thread by syncing frame state, preparing the view tree, and performing the actual draw calls to improve performance.
The document discusses Linux memory management, describing how physical memory is divided into page frames and virtual memory allows processes to have a virtual view of memory mapped to physical memory using page tables, and covers topics like memory overcommit, page cache, swap space, and tools for monitoring memory usage.
This document discusses Linux memory management. It outlines the buddy system, zone allocation, and slab allocator used by Linux to manage physical memory. It describes how pages are allocated and initialized at boot using the memory map. The slab allocator is used to optimize allocation of kernel objects and is implemented as caches of fixed-size slabs and objects. Per-CPU allocation improves performance by reducing locking and cache invalidations.
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsThe Linux Foundation
The motivation of hypervisor based CPUFreq is to enable the one of the main PM use-cases (Dynamic voltage and frequency scaling) in virtualized system powered by Xen hypervisor. Rationale behind this activity is that CPU virtualization is done by hypervisor and the guest OS doesn't actually know anything about physical CPUs because it is running on virtual CPUs.
In this talk Oleksandr will briefly describe the possible approach of generic CPUFreq in Xen on ARM, the advantages and disadvantages of having DVFS support on ARM boards powered by Xen hypervisor and share results of his CPUFreq PoC which implies power consumption measurements with and without CPUFreq enabled on R-Car Gen3 based board as an example.
This document discusses Xen cache coloring and real-time performance in embedded systems. It introduces cache interference between virtual machines and the hypervisor solution of cache partitioning via cache coloring. Each VM is allocated its own portion of cache entries to prevent interference. Benchmark results show that with cache coloring, a motor control application execution time and interrupt response time remain stable even under high interference, whereas without coloring performance degrades significantly. Cache coloring effectively isolates workloads and enables mixed criticality systems on the same device.
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...The Linux Foundation
This talk presents a production-ready automotive virtualization solution with Xen. The key requirements that we focus are super-fast startup and recovery from failure, static virtual machine creation with dedicated resources, and performance effective graphics rendering. To reduce the boot time, we optimize the Xen startup procedure by effectively initializing Xen heap and VM memory, and booting multiple VMs concurrently. We provide fast recovery mechanism by re-implementing the VM reset feature. We also develop a highly optimized graphics APIs-forwarding mechanism supporting OpenGLES APIs up to v3.2. The pass rate of Khronos CTS in a guest OS is comparable to the Domain0’s. Our experiment shows that our virtualization solution provides reasonable performance for ARM-based automotive systems (hypervisor booting: less than 70ms, graphics performance: about 96% of Domain0).
Kernel Recipes 2015 - Kernel dump analysisAnne Nicolas
Kernel dump analysis
Cloud this, cloud that…It’s making everything easier, especially for web hosted services. But what about the servers that are not supposed to crash ? For applications making the assumption the OS won’t do any fault or go down, what can you write in your post-mortem once the server froze and has been restarted ? How to track down the bug that lead to service unavailability ?
In this talk, we’ll see how to setup kdump and how to panic a server to generate a coredump. Once you have the vmcore file, how to track the issue with “crash” tool to find why your OS went down. Last but not least : with “crash” you can also modify your live kernel, the same way you would do with gdb.
Adrien Mahieux – System administrator obsessed with performance and uptime, tracking down microseconds from hardware to software since 2011. The application must be seen as a whole to provide efficiently the requested service. This includes searching for bottlenecks and tradeoffs, design issues or hardware optimization.
This document discusses memory management techniques in Xen virtualization. It covers:
1) Xen uses a buddy allocator to hand out frames to guests and tracks memory usage and types with reference counts and a frametable.
2) For paravirtualized guests, Xen uses PV pagetables where the guest manages a PFN to MFN table and Xen provides a shared MFN to PFN table and checks guest pagetable contents.
3) For hardware-assisted guests, Xen supplies a second set of pagetables describing the PFN to MFN translation and access restrictions, which the CPU applies along with the guest's pagetables.
Building Embedded Linux Systems IntroductionSherif Mousa
This document provides an introduction to embedded Linux. It defines embedded Linux as using the Linux kernel and customizing user-space libraries and utilities for applications in consumer electronics, military, medical, and other industries. Creating an embedded Linux system involves selecting the right components to build the final system. A cross-compiler is used to build code for the target platform on the host development machine. Key components of an embedded Linux system include the bootloader, Linux kernel, filesystem, configuration files, C library, commands, and user applications.
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingBrent Muir
This presentation follows on from some research I conducted earlier this year in relation to the encryption software utilised by SanDisk USB thumb drives. The presentation details how to best process this data forensically. The presentation also explains how to flash USB thumb drives as part of this process to mimic SanDisk devices.
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...Akihiro Suda
nerdctl is a Docker-compatible CLI for containerd that provides the same UI/UX as Docker and Docker Compose. It supports features like lazy pulling via Stargz and encrypted images via OCIcrypt that are not yet available in Docker. While containerd includes ctr and crictl for debugging, nerdctl aims to be a full-featured CLI for container and image management with Docker-like usability. It can run on Linux, macOS via Lima virtual machines, and is working on native Windows support.
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsThe Linux Foundation
The document discusses hardware accelerated virtualization capabilities in ARM Cortex processors including the Cortex-A15. It describes new features like large physical addressing, virtualization extensions, and a virtual interrupt controller that allow multiple operating system instances and work environments to run simultaneously in isolation on ARM devices.
This document discusses Device Tree, which is a data structure used to describe hardware platforms in Linux. It consists of a series of named nodes and properties. Device Tree is compiled from a Device Tree Source file (.dts) into a binary blob (.dtb) by a Device Tree Compiler. It allows hardware information to be passed to the operating system at boot time without needing to be encoded in code. The format and common uses of Device Tree are explained along with how drivers can probe for devices based on Device Tree properties and nodes.
The presentation will cover Xen Automotive. We will elaborate technical solutions for the identified gaps:
1. ARM architecture - support HW virtualization extensions for embedded systems
2. Stability requirements
3. RT Scheduler
4. Rich virtualized peripheral support (WiFi, Gfx, MM, USB, etc.)
5. Performance benchmarking
6. Security
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsStefano Stabellini
This document discusses Xen for embedded and IoT applications. It proposes ViryaOS, a new Xen Project sub-project that would provide a secure Xen-based container runtime and build system for embedded and IoT use cases. ViryaOS would allow building and deploying multiple VMs and secure containers on embedded targets more easily than current methods. It aims to support real-time requirements, hardware access from containers, and dynamic deployment of workloads.
This document discusses using paravirtualized devices in Linux guests running on Xen in HVM (hardware virtual machine) mode. It offers the benefits of HVM like installing the same as native while also providing access to fast paravirtualized devices. Initial support added xenbus and grant table support while later enhancements added ballooning, spinlocks, and interrupt/MSI remapping. Benchmarks show PV on HVM performs close to PV guests for PV-favored workloads and far ahead for nested paging workloads. PV on HVM provides a spectrum of performance between HVM and PV guests.
This document describes how to set up a thin client deployment using PXE boot in a Microsoft-dominated network environment. Key steps include:
1. Configuring the DHCP server to provide PXE boot options and boot file information.
2. Preparing the RIS server by creating a PXE directory structure and boot images using the PXES tool.
3. Addressing bugs in PXES related to USB support, Samba password changes, and keyboard mappings to allow booting into a Linux environment and connecting to Windows terminal servers.
Installation of VMWare Workstation,Creation of VM image of base operating system,Installation of QEMU on Ubuntu 12.10,KVM on Ubuntu 12.10 and managing a VM on it,KVM and guest operating system on CentOS 6.3,Installing Guest OS in KVM using Command Line,Installation of VMware ESX Server,
Fedora Atomic Workshop handout for Fudcon Pune 2015rranjithrajaram
This document provides instructions for deploying and using Fedora Atomic Host, an operating system designed for containers. It includes steps to:
1) Configure Fedora Atomic images using cloud-init files to set usernames, passwords, and hostnames.
2) Upgrade and rollback the Atomic host using rpm-ostree commands.
3) Understand how OSTree manages operating system updates and deployments.
4) Deploy Docker containers on the Atomic host and use Cockpit to manage containers.
VirtualBox allows installing and running virtual machines on Linux. This document provides step-by-step instructions for installing VirtualBox on Fedora Linux, creating a Ubuntu 10.10 virtual machine, configuring networking and storage, installing an Ubuntu ISO, and accessing the virtual machine over RDP. It also describes troubleshooting a warning during boot and disabling the module causing the warning.
The document provides instructions for installing CentOS minimal on a Hyper-V virtual machine. It describes downloading the CentOS minimal ISO, creating a VM in Hyper-V, booting from the ISO to install CentOS, then installing the Linux integration components ISO to enable features like time sync. It also explains configuring networking on the virtual machine by editing configuration files and restarting the network service.
Here's the complete guide, how to add a system call to kernel on linux
You can contact me on Gmai
bilal.professional786@gmail.com
You can also contact me on Facebook
https://www.facebook.com/bilalbakhtawar
1. The document describes the steps to install and configure a DHCP server in CentOS to assign IP addresses to clients on the network. It involves installing the DHCP package, configuring the DHCP daemon to start on a specific interface, creating and editing the dhcpd.conf configuration file to define DHCP options and IP pools, assigning static IPs to specific clients, starting the DHCP service, and configuring clients to receive IPs via DHCP.
2. DHCP clients can be configured by editing the network interface configuration files to set the boot protocol to DHCP and restarting network services. Static IP addresses can be assigned to clients by defining their MAC addresses and fixed IPs in the dhcpd.conf file.
3. Firewall rules
This document provides steps to set up a private Ethereum network on AWS using Geth. It describes launching two EC2 instances and installing Geth on each, configuring security groups to allow communication between nodes, initializing each node with a custom genesis file, and connecting the nodes to synchronize the blockchain. Specifically, it details how to launch an EC2 instance and install Geth, configure security groups to allow port 30000-30999, set up key pairs to SSH into instances, initialize each node with a custom genesis.json file, and use the admin.addPeer() command to connect one node to the other for synchronization.
The document discusses how to install, configure and uninstall Linux operating systems, covering topics such as partitioning disks, installing software packages, setting up user accounts, basic and advanced command line instructions, and configuring hardware settings during the Linux installation process. It also provides instructions for removing Linux from a system by overwriting the master boot record with zeros using DD or DEBUG commands to restore the hard drive to a virgin state.
With the rapid increase in enterprise adoption of Linux, automation of deployment becomes very important.
In most cases, the configuration of the individual applications and the look and feel also need customization.
Target Audience:
Students
IT Managers
Architects
Academicians
CXOs
System Administrators
1. This document provides instructions for creating a headless Ubuntu/XFCE container using Docker and Dockerfish.
2. It shows how to install Dockerfish, pull the Ubuntu image, create and run a container, install XFCE and VNC, and export the container configuration to a new reusable image.
3. Key steps include cloning the Dockerfish repo, pulling the Ubuntu image, running the container with XFCE and VNC installed, checking the container IP, and using Dockerfish to commit the container configuration to a new image called devel/headless-ubuntu-vnc.
NML is a project for out-of-band server management that allows for extremely configurable OS installation with minimal human intervention. It aims to build an open-source matrix of server hardware and OS distribution combinations. The current status is that it is hosted on GitHub and has two main members. NML encapsulates intelligence in HTTP and uses technologies like iPXE, DHCP, and preseeding/kickstarting to remotely install and configure operating systems on servers. It focuses on flexibility and independence from specific OSes or hardware.
Setup Kubernetes with flannel on ubuntu platformAjeet Singh
This document provides instructions for setting up Kubernetes with 2 nodes using kubeadm and flannel on Ubuntu. It describes installing Docker and Kubernetes, initializing the master node with kubeadm init, joining the worker node with the kubeadm join command, installing and configuring flannel as the pod network, and deploying and exposing the Kubernetes dashboard for management. Specific steps include installing Docker, initializing the master, saving the join command, installing flannel on all nodes, joining the worker, installing the dashboard and changing its service type to NodePort for external access.
The document provides instructions for installing and configuring a Document Management System using Alfresco on an Ubuntu server. It describes how to set the server hostname and configure a static IP address. It then explains how to install Alfresco via an interactive wizard, log into the Alfresco Share interface, and start/stop the Alfresco server. Finally, it outlines the steps to uninstall Alfresco.
1. The document provides instructions for installing CentOS and setting up a DNS server on the installed CentOS system.
2. It describes downloading and burning the CentOS ISO, installing it on a computer, and configuring the network interfaces and other installation options.
3. It also explains how to generate an rndc key for bind, edit the rndc.conf and named.conf files, and enable DNS services on the new CentOS server.
1. Docker allows creating lightweight virtual environments called containers that package code and dependencies together. Containers are more portable than virtual machines.
2. Docker uses images to build containers. Images are immutable templates and containers are instances of images that can be run. The Dockerfile defines how to build images.
3. Common Docker commands include docker pull to download images, docker run to create and start containers, docker exec to run commands in running containers, and docker commit to save container changes as new images.
1. The document describes how to set up a PXE kickstart server to automatically install CentOS 5.3 over the network using DHCP and TFTP. It provides instructions for configuring the TFTP, DHCP and NFS servers, creating a kickstart installation tree and kickstart files.
2. Additional clients can be added by modifying the DHCP configuration to assign them a static IP, creating a customized kickstart file, and PXE booting the client to initiate the network installation.
3. Example configurations are provided for the /etc/dhcpd.conf DHCP configuration file and a sample kickstart file.
This document provides instructions on installing and configuring the LAMP stack on Linux. It discusses downloading and installing Linux, Apache, MySQL, and PHP. It explains how to partition disks for installation, set up virtual hosts, and configure Apache's configuration files and ports. The key steps are downloading Linux distributions, burning ISO images, partitioning disks, selecting packages during installation, configuring Apache's files, ports, and virtual hosts.
Similar to OSSNA18: Xen Beginners Training (exercise script) (20)
Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other.
This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary.
This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
Daniel Smith discusses TrenchBoot, a project aiming to establish a unified approach to harnessing boot integrity technologies across open source platforms. TrenchBoot will enable establishing hardware-rooted integrity during platform boot (first launch inspection), runtime (runtime inspection), and other states. For runtime inspection, TrenchBoot will develop a way to securely re-establish the integrity of Xen at any time without rebooting by dynamically launching an integrity kernel to inspect and verify Xen. The talk outlines the initial and future work of TrenchBoot to integrate these capabilities with Linux, Xen and other open source projects.
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
Artem will briefly cover what has been done since the first talk on Xen in Automotive domain back in 2013, what is going on now and what is still missing for broad adaptation of Xen in vehicles. The following topics will be covered:
Embedded/automotive features of Xen
Collaboration with AGL and GENIVI organizations for standardization
Efforts on Functional Safety compliance
Artem will also go over typical automotive use scenarios for Xen which may not be the same as generic computing use of hypervisor.
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
In this keynote talk, we will give an overview of the state of the Xen Project, trends that impact the project, see whether challenges that surfaced last year have been addressed and how we did it, and highlight new challenges and solutions for the coming year.
In recent years unikernels have shown immense performance potential (e.g., boot times of only a few ms, image sizes of only hundreds of KBs).The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS, needing both expert work and often considerable amount of time.
The Unikraft project provides a unikernel code base and build system that significantly simplifies the building of unikernels. In addition to support for a number CPU architectures, languages and frameworks, Unikraft provides debugging and tracing features that are generally sorely missing from unikernel projects. In this talk we will talk about these features, show a set of preliminary performance numbers, and provide a roadmap for the project's future.
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
The idea of making Xen secret-free has been floating since Spectre and Meltdown came into light. In this talk we will discuss what is being done and what needs to be done next.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However, ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion?
This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.
This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 611508) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project.
In this session, we will lay out some challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the Xen Project has followed thus far and highlight lessons learned along the way. The talk will primarily focus on necessary process, tooling changes and community challenges that can prevent progress. We will be offering an in-depth review of how Xen Project is approaching this challenging goal and try to derive lessons for other projects and contributors.
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
This document summarizes a discussion around enabling functional safety certification for the Xen open source hypervisor project. Key points discussed include:
- Establishing a split development model with open and closed parts to balance community needs and safety requirements.
- Developing reference implementations and stacks supported by multiple vendors to demonstrate safety certification feasibility.
- Creating plans and processes around requirements, documentation, verification testing, and tooling integration to begin filling gaps for certification.
- Addressing challenges around funding, resources, expertise, and maintaining contributions to ensure any initial work is sustainable long-term.
- Taking an iterative, agile approach to make early progress while further securing necessary funding and support from interested parties.
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
2018 saw fundamental shifts in security boundaries which were previously taken for granted. A lot of work has been done in the past 2 years, and largely in secret under embargo, but there is plenty more work to be done to strengthen the existing mitigations and to try to recover some performance without reopening security holes.
This talk will look at speculative execution sidechannels, the work which has already been done to mitigate the security holes, and future work which hopes to bring some improvements.
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
The Arm architecture provides a set of guidelines that any software should abide by when accessing the memory with MMU off and update page-tables. Failing to do so may result in getting TLB conflicts or breaking coherency.
In a previous talk ("Keeping coherency on Arm"), we focused on updating safely the stage-2 (aka P2M) page-tables. This talk will focus on the boot code and Xen memory management.
During this session, we will introduce some of the guidelines and when they should be used. We will also discuss how Xen boot sequence needs to be reworked to avoid breaking the guidelines.
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
For many years the QEMU codebase has contained PV backends for Xen guests, giving them paravirtual access to storage, network, keyboard, mouse, etc. however these backends have not been configurable as QEMU devices as their implementation did not fully adhere to the QEMU Object Model (QOM).
Particularly the PV storage backend not using proper QOM devices, or qdevs, meant that the QEMU block layer needed to maintain legacy code that was cluttering up the source. This was causing push-back from the maintainers who did not want to accept any patches relating to that Xen backend until it was 'qdevified'.
In this talk, I'll explain the modifications I made to QEMU to achieve 'qdevification' of the PV storage backend, how compatibility with the libxl toolstack was maintained, and what the next steps in both QEMU and libxl development should be.
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
PCI is a local computer bus for attaching hardware devices in a computer, and is the main peripheral bus on modern x86 systems. As such, having a proper way to emulate it is crucial for Xen to be able to expose both fully emulated devices or passthrough devices to guests.
This talk will focus on the current status of PCI emulation in Xen, how and where it is used, what are its main limitations and future plans to improve it in order to be more robust and modular.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
Xen is a very powerful hypervisor with a talented and diverse developers community. Despite the fact it's almost everywhere (from the Cloud to the embedded world), it can be difficult to set up and manage as a system administrator. General purpose distros have Xen packages, but that's just a start in your Xen journey: you need some tooling and knowledge to have a working and scalable platform.
XCP-ng was built to overcome those issues: by bringing Xen to the masses with a fully turnkey distro with Xen as its core. It's the logical sequel to the XCP project, with a community focus from the start. We'll see how it happened, what we did, and what's next. Finally, we'll see the impact of XCP-ng on the Xen Project.
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
Doug has long advocated for more CI/CD (Continuous Integration / Continuous Delivery) processes to be adopted by the Xen Project from the use of Travis CI and now GitLab CI. This talk aims to propose ideas for building upon the existing process and transforming the development process to provide users a higher quality with each release by the Xen Project.
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.
Today Xen is scheduling guest virtual cpus on all available physical cpus independently from each other. Recent security issues on modern processors (e.g. L1TF) require to turn off hyperthreading for best security in order to avoid leaking information from one hyperthread to the other. One way to avoid having to turn off hyperthreading is to only ever schedule virtual cpus of the same guest on one physical core at the same time. This is called core scheduling.
This presentation shows results from the effort to implement core scheduling in the Xen hypervisor. The basic modifications in Xen are presented and performance numbers with core scheduling active are shown.
Takashi Kobayashi and Hironori Washizaki, "SWEBOK Guide and Future of SE Education," First International Symposium on the Future of Software Engineering (FUSE), June 3-6, 2024, Okinawa, Japan
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesQuickdice ERP
Explore the seamless transition to e-invoicing with this comprehensive guide tailored for Saudi Arabian businesses. Navigate the process effortlessly with step-by-step instructions designed to streamline implementation and enhance efficiency.
8 Best Automated Android App Testing Tool and Framework in 2024.pdfkalichargn70th171
Regarding mobile operating systems, two major players dominate our thoughts: Android and iPhone. With Android leading the market, software development companies are focused on delivering apps compatible with this OS. Ensuring an app's functionality across various Android devices, OS versions, and hardware specifications is critical, making Android app testing essential.
Transform Your Communication with Cloud-Based IVR SolutionsTheSMSPoint
Discover the power of Cloud-Based IVR Solutions to streamline communication processes. Embrace scalability and cost-efficiency while enhancing customer experiences with features like automated call routing and voice recognition. Accessible from anywhere, these solutions integrate seamlessly with existing systems, providing real-time analytics for continuous improvement. Revolutionize your communication strategy today with Cloud-Based IVR Solutions. Learn more at: https://thesmspoint.com/channel/cloud-telephony
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeAftab Hussain
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
What is Augmented Reality Image Trackingpavan998932
Augmented Reality (AR) Image Tracking is a technology that enables AR applications to recognize and track images in the real world, overlaying digital content onto them. This enhances the user's interaction with their environment by providing additional information and interactive elements directly tied to physical images.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
DDS Security Version 1.2 was adopted in 2024. This revision strengthens support for long runnings systems adding new cryptographic algorithms, certificate revocation, and hardness against DoS attacks.
Odoo ERP software
Odoo ERP software, a leading open-source software for Enterprise Resource Planning (ERP) and business management, has recently launched its latest version, Odoo 17 Community Edition. This update introduces a range of new features and enhancements designed to streamline business operations and support growth.
The Odoo Community serves as a cost-free edition within the Odoo suite of ERP systems. Tailored to accommodate the standard needs of business operations, it provides a robust platform suitable for organisations of different sizes and business sectors. Within the Odoo Community Edition, users can access a variety of essential features and services essential for managing day-to-day tasks efficiently.
This blog presents a detailed overview of the features available within the Odoo 17 Community edition, and the differences between Odoo 17 community and enterprise editions, aiming to equip you with the necessary information to make an informed decision about its suitability for your business.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Graspan: A Big Data System for Big Code AnalysisAftab Hussain
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
OSSNA18: Xen Beginners Training (exercise script)
1. 1: Setting up Xen (<10minutes)
1.1: Install and configure Virtual Box (<2 minutes)
If you have not followed the instructions in xenbits.xen.org/people/larsk/xenexercise-
ossna18-prep.pdf and downloaded the ZIP file to $XenExercise (note: this is a shortcut for
the location where you zipped your downloaded files into) and pre-installed Virtual Box, you
can get images from a USB drive with a number of common virtual box install images. Copy
the files into your hard drive (again we will call the target location $XenExercise).
You should see:
If you have downloaded the files, but not installed them, $XenExercise will contain:
Then:
• Install Virtualbox (going through the install process)
• Double click on the Extension pack to install it
2. Before you start, go to File Host Network Manager. If it does not show vboxnet0, press
create, after which you should see:
1.2: Import Virtual Box Image
Start VirtualBox and install the XenExercise.ova VirtualBox image by going to File
Import Appliance in the menu bar.
Click the Open Appliance menu to select our OVA file. Once you have selected the file, click
Next.
The next window will show you the configuration of virtual appliance we use for the
exercise. You can scroll through the configuration list and double click on any item (or
check/uncheck the box) to make changes to it, but we set up everything for the demo.
Lastly, click Import.
Virtualbox will proceed to import the virtual machine into your library. The import should
take 1-2 minutes. Once the process is completed, you should be able to see the new VM in
your list.
3. 1.2.1: Number of CPUs
Now we change the number of CPUs that Virtual Box will expose to the VM we just created:
we need 2 for the demo. Go to Settings System Processor and you will see
Put the slider to 2 CPUs (as long as it is in the green area) and press OK.
Background Note: The image has been set up to use two network configurations. You can
see these by going to Settings and the Network tab: and check and see whether
• Adaptor 1 is set to NAT.
• Adaptor 2 is attached to Host-only Adapter: under Advanced, Promiscuous Mode
should be set to Allow All. If this isn't set you won't be able to ssh into Xen Guests.
The VirtualBox network set-up is relatively unusual: normally we would set up a single
bridged network to allow for the ability of guests to connect to the internet while also
being able to ssh into guests from your laptop. However, for wifi networks bridging does
not work reliably. To work around this, we set up NAT – which allows internet access but
no ssh access, while Host-only allows ssh access. By setting up two adaptors, we can get
both.
4. Press Start on the newly created VM, which will start the exercise VM in Virtual Box, your
system will look like this:
At this point, we have a virtual environment that is equivalent to a dedicated machine with
CentOS 7 installed, on which you can then install the Xen Hypervisor.
You can now log into the host via root and xenroot from within the XenExercise window.
1.2.2: Keyboard Settings
Make sure you have your preferred keyboard set up: the default should be us: you can use
Dom0# localectl set-keymap <map>
to change this permanently.
1.2.3: Get your hosts IP address and open Terminal
Within the XenExercise window execute
Dom0# ip addr | grep 192.168
and write down the IP address. The one you can `ssh` to from a terminal will start with
`192.168`.
Open your favourite terminal and ssh in:
Dom0# ssh root@192.168.56.101
and write down the IP address. At this point you can hide the VirtualBox and XenExercise
window, as we will not need it anymore.
5. Note: Instead of writing down the IP addresses you can also edit the /etc/hosts file on
Linux and mac using. You can use the same approach with other guests that we create
$ sudo vi /etc/hosts
Adding, and then saving
## XenExercise
192.168.56.101 dom0
On windows the file is in c:WindowsSystem32Driversetchosts and can be edited with
Notepad run as administrator.
1.2.4: Demo Directory
The image contains a few pre-downloaded files in
Dom0# ls -a /demo
• scripts: contains CentOS 7 networking scripts and other utility scripts
• images: this will be the location where we store demo related files
• master-images: pre-downloaded files for different types of guests
• mersienne-prime.py: a little compute intensive python workload
6. 1.3: Installing Xen
Now install the packages that enable Xen. These are developed and maintained by the
CentOS Virt SIG:
Dom0# yum install -y centos-release-xen-48
Update to a Dom0 capable Linux Kernel:
Dom0# yum update -y kernel
Now install Xen
Dom0# yum install -y xen
Configure the Network – aka we enable Configure the Network – aka we enable host bridge
mode:
Dom0# /demo/scripts/bridge-setup.sh
and verify that it worked
Dom0# nmcli con
NAME UUID TYPE DEVICE
eth0 e21723e8-8149-4b15-aa48-cf0072a30621 ethernet eth0
eth1 6646618b-2e6c-4b58-aecd-f4213f83a067 ethernet eth1
xenbr0 6c0345ae-a1c8-4016-adcc-dbd18759d0d7 bridge xenbr0
xenbr1 e9091911-fc8d-4ff3-9c8a-2ac47da0f348 bridge xenbr1
In the example, xenbr0 is connected to eth0 and xenbr1 to eth1. In a standard set-up, you
would only have one bridge.
Then reboot: you may want to unhide the XenExercise window, such that you can see what
is happening to the system:
Dom0# reboot
When the VM boots, you should see the following bootloader menu:
Reconnect your console via ssh (see 1.2.3) after the reboot.
7. Note: We created an OVA image of the VM, called XenExercises-from2.ova, in case the
internet connection is poor. You should have downloaded this, or get it from the USB
drive that we have handed out. The file is in the OVA/Sections directory. Follow the
relevant steps in section 1.2 of this document.
2: Verifying the Xen Install & Start a Guest (<10minutes)
2.1: Exploring the Install Locations and Services
First, we are going to explore some file system locations post the Xen install
Dom0# ls /etc/xen
Contains example configuration file examples for VMs:
• xl.conf: global Xen configuration file
• xlexample.hvm, xlexample.pvlinux: examples for HVM and PV guests
• auto: autostart VMs after restart when the xendomains service is enabled, e.g.
ln -s /etc/xen/MY_DOMU_GUEST_1.cfg /etc/xen/auto/
• scripts: example scripts for networking, storage, …
Note that configuration files for Xen guests do not need to be stored in this directory, but
usually are.
Dom0# ls /usr/lib64/xen
• bin: contains binaries for System Services such as the Device Model (QEMU), that
run in Dom0. Note that this is not the only location for such services (you will also
find some in /proc/xen and other locations)
• boot: contains binaries related to booting guests
Note that on CentOS you can check which services are running via
Dom0# systemctl list-units --all | grep xen
While services are stopped or started via systemctl start|stop [service_name]
2.2: Exploring the System
The following command shows you Xen system information
Dom0# xl info
The following command shows the Virtual Machines that you are running
Dom0# xl list
8. 2.3: Create a Guest from a prepared image
Note: We created CentOS 7 QCOW2 image which contains an installed guest OS, such
that we do not have to go through the full OS install process during the exercise. You can
find the image in /demo/master-images
A number of services (free and paid for) are available to download pre-prepared Xen
guest images for various operating systems.
To create a guest from it, copy the master image
Dom0# cd /demo
Dom0# cp master-images/centos7/c7-master.qcow2 images/c7-01.qcow2
Then make a copy of PV example
Dom0# cp master-images/centos7/c7-master.cfg images/c7-01.cfg
Generate a unique mac addresses for each outward connection of your VM
Dom0# /demo/scripts/make-mac.sh c7-01
5a:27:56:fa:05:0b
Dom0# /demo/scripts/make-mac.sh c7-01 xenbr1
5a:27:7f:22:1e:0b
Now cd into /demo/images and edit the config file (lines that need to change are
highlighted in bold)
name="c7-01"
type="pv"
bootloader="pygrub"
memory=512
maxmem = 1024
vcpus = 1
vif = ['mac=5a:27:56:fa:05:0b', 'bridge=xenbr1,mac=5a:27:7f:22:1e:0b']
disk = ['vdev=xvda,format=qcow2,target=/demo/images/c7-01.qcow2']
Then start the guest
Dom0# xl create c7-01.cfg -c
The -c option will attach a console to the guest after start. You will then see the bootloader
menu, in this case pygrub. Wait or select the default and do nothing:
The guest will boot and after a few seconds ask for the login prompt.
9. 2.3.1: Connect to the guest, get the guest IP address, copy example workload
In the previous exercise we attached the console when we started the guest. Now we exit
the console by pressing Ctrl+] and reset the screen using clear.
Then connect to the guest using xl console
Dom0# xl console c7-01
and log in via root and xenroot. Note that this has the same effect as the -c option when we
created the guest. As in step 1.2.3, get the IP address and connect to the guest via ssh in a
second shell window. You may also want to exit the first console via Ctrl+].
Now we are going to copy an example workload from Dom0 to the guest
c7-01# scp root@192.168.56.101:/demo/mersienne-prime.py .
and log in via root and xenroot. As in step 1.2.3, get the IP address and connect to the guest
via ssh in a second shell window. You may also want to exit the first console via Ctrl+].
2.3.2: xl top
Within the c7-01 terminal, execute the just downloaded workload
c7-01# python mersienne-prime.py
and in the Dom0 terminal, execute
c7-01# xl top
10. Note: For this section to work you need to have set up VirtualBox with 2 CPUs. If you have
not done so earlier, please shut down your Xen VM, then the VirtualBox host and follow
the steps in section 1.2.1. Then restart the host. Note that when you shut down the host
(aka VirtualBox) your system will only start with Dom0.
Your terminal windows will lose the ssh connection: keep the Dom0 terminal window
open. Then ssh in again.
3: VCPUs, Memory, … (<15minutes)
As we have previously created a number of VM’s we will shut these down
Dom0# xl shutdown -a
Then perform
Dom0# xl list
Name ID Mem VCPUs State Time(s)
Domain-0 0 1024 4 r----- 27.8
We are now going to create a clone of the c7-01 VM (which already has our test app
mersienne-prime.py installed in it) by making copies of the qcow and cfg files in the
demo/images directory
Dom0# cp c7-01.cfg c7-02.cfg
Dom0# cp c7-01.qcow2 c7-02.qcow2
Generate a unique mac addresses for each outward connection of your VM
Dom0# /demo/scripts/make-mac.sh c7-02
5a:27:56:fa:05:ab
Dom0# /demo/scripts/make-mac.sh c7-02 xenbr1
5a:27:7f:22:1e:ab
Now edit the highlighted entries in c7-02.cfg
name="c7-02"
vcpu=2
vif = [ 'mac=5a:27:56:fa:05:ab', 'bridge=xenbr1,mac=5a:27:7f:22:1e:ab']
disk= [ 'vdev=xvda,format=qcow2,target=/demo/images/c7-02.qcow2']
Now start both VMs
Dom0# xl create c7-01.cfg
Now create the second guest, get the IP address and exit.
Dom0# xl create c7-02.cfg -c
11. 3.1: VCPUs
To show the effect of VCPUs on performance, we have created the second guest with 2
VCPUs:
Dom0# xl list
Name ID Mem VCPUs State Time(s)
Domain-0 0 1024 2 r----- 69.9
c7-01 3 512 1 -b---- 11.1
c7-02 5 512 2 -b---- 16.0
We then create two more terminal windows, arrange them as in the picture below, using
ssh two log into the two VMs as per the picture.
Then we execute xl top in Dom0 and python mersienne-prime.py in terminal 1 & 2.
Note: Because the python script is a single process, the larger number of VCPUs does not
make a difference in performance.
Setup 1: Let’s see what happens when we do the following: exit the scripts in all VMs. Then
execute python mersienne-prime.py in terminal 1 & 2 & 4.
We execute python mersienne-prime.py in each terminal window: essentially, we are
doubling the compute load in c7-02.
Xentop shows the following:
12. To get the performance of each Mersienne Prime process look for
M<M-number>(<timestamp>): <number>) in the output!
Looking at xl top and the time stamps
• shows c7-01 getting 50% of the CPU time of c7-02
• each run of mersienne-prime.py takes a similar complete time
Setup 2: Now let’s try the same in terminal 1 & 2 & 3.
Looking at xl top and the time stamps
• shows c7-01 and c7-02 getting near 100% of CPU time
• each run of mersienne-prime.py on c7-01 is 50% of that of c7-02
3.1.1: CPU Pinning
Setup 3: Now we use pinning to pin the single VCPU of c7-01 and the two VCPUs of c7-02 to
CPU 1.
To do this we first list VCPU information
Dom0# xl vcpu-list
Name ID VCPU CPU State Time(s) Affinity (Hard / Soft)
Domain-0 0 0 0 -b- 41.4 all / all
Domain-0 0 1 1 r-- 39.3 all / all
c7-01 1 0 0 -b- 173.0 all / all
c7-02 2 0 0 -b- 165.1 all / all
c7-02 2 1 0 -b- 152.0 all / all
We then pin the CPUs: note that the command requires using the Domain ID (not the
domain name), which in the example above is 1 for c7-01 and 2 for c7-02
Dom0# xl vcpu-pin 1 0 1; xl vcpu-pin 2 0 1; xl vcpu-pin 2 1 1
We then make sure that Dom0 runs only on other VCPUs but 1
Dom0# xl vcpu-pin 0 0 0; xl vcpu-pin 0 1 0
We then make sure that Dom0 runs only on other VCPUs but 1, do another xl vcpu-list and
check if everything is fine run xl top in Dom0.
Dom0# xl vcpu-list
Name ID VCPU CPU State Time(s) Affinity (Hard / Soft)
Domain-0 0 0 0 -b- 41.4 0 / all
Domain-0 0 1 0 r-- 39.3 0 / all
c7-01 1 0 1 -b- 173.0 0 / all
c7-02 2 0 1 -b- 165.1 1 / all
c7-02 2 1 1 -b- 152.0 1 / all
We now execute python mersienne-prime.py in terminal 1 & 2 & 4.
13. Looking at xl top and the time stamps of each Mersienne Prime process in different
windows (timestamps are at M<M-number>(<timestamp>): <number>), you will see that:
• shows c7-01 getting 33% of CPU while c7-02 is getting 66%
• each run of mersienne-prime.py takes a similar complete time
This is what we would expect in this case.
Final Note: Using pinning and scheduling can be used to optimise system performance –
in particular when you have heavy workloads. In particular when you have very different
workloads running in an identical VM.
It is also useful when using NUMA architectures. For more information see
• https://wiki.xenproject.org/wiki/Tuning_Xen_for_Performance
• https://wiki.xenproject.org/wiki/Category:NUMA
In addition, you can also change schedulers, as well as control the behaviour of individual
schedulers.
• See https://wiki.xenproject.org/wiki/Category:Scheduler
Cleanup: Now close terminals 2 – 4
3.2: Memory
Now we look at a number of commands and config options to manipulate the memory
available to a host: for c7-01 we the maximum amount of memory available is 1G.
Dom0# xl list
Name ID Mem VCPUs State Time(s)
Domain-0 0 1024 2 r----- 209.8
c7-01 1 512 1 -b---- 469.3
c7-02 2 512 1 -b---- 324.4
Perform free
c7-01# free
total used free shared buff/cache available
Mem: 488484 90420 273072 4344 124992 359864
Swap: 419836 0 419836
Now we change the domains memory by executing
Dom0# xl mem-set c7-01 1024m
And check the memory again
c7-01# free
total used free shared buff/cache available
Mem: 1012772 90528 797248 4344 124996 884060
Swap: 419836 0 419836
14. 4: Save and Restore (<5minutes)
In this exercise we will use the save and restore functionality, which are building blocks of
live migration. We will simulate what happens during live migration on a single host. We will
do this with c7-01. To save some space on our very small exercise disk, we will shut-down
c7-01 and delete its disk (but keep the config file)
Dom0# xl shutdown c7-02
Dom0# rm -f c7-02.qcow2
Now we type in (without pressing return such that we get a heavy workload with interesting
output saved)
Dom0# xl save c7-01 c7-01.cpt <DO NOT YET PRESS ENTER>
and start the Mersienne script in c7-01. Note that this time we will
c7-01# python mersienne-prime.py 2> mersienne.log
Then very quickly press return in the Dom0 terminal
Dom0# xl save c7-01 c7-01.cpt
xc: info: Saving domain 3, type x86 PV
xc: Frames: 262144/262144 100%
xc: End of stream: 0/0 0%
The c7-01 terminal managed to compute numbers up to in my test run. You should see
something similar:
M15(0.3505): 10407932194664399081925240327364085538615262247266704805319112
350403608059673360298012239441732324184842421613954281007791383566248323464
908139906605677320762924129509389220345773183349661583550472959420547689811
211693677147548478866962501384438260291732348885311160828538416585028255604
666224831890918801847068222203140521026698435488732958028878050869736186900
714720710555703168729087
The c7-01 VM has been destroyed which you can check via xl list.
Now we restore c7-01 from the just created c7-01.cpt file, which contains the VMs memory
and CPU state.
Dom0# xl restore c7-01.cpt
Loading new save file c7-01.cpt (new xl fmt info 0x3/0x0/1123)
Savefile contains xl domain config in JSON format
Parsing config from <saved>
xc: info: Found x86 PV domain from Xen 4.8
xc: info: Restoring domain
xc: info: Restore successful
xc: info: XenStore: mfn 0xc000f, dom 0, evt 1
xc: info: Console: mfn 0xc000e, dom 0, evt 2
Note that configuration file was embedded into the configuration file. Also note that the ssh
terminal connection to c7-01 should not yet have been lost and output should continue to
15. be directed to it from now. Of course, in a real-life scenario we would have migrated the
VM to another host, where this does not apply.
However, if you lost your terminal connection, first execute xl top: you should see that c7-
01 is running at 100%. Reconnect to c7-01 via ssh and perform a ps -aux |grep mersienne
and look at mersienne.log, which should have entries newer than M15(0.3505).
Final Note: when migrating a guest from one host to another in essence the following
steps are performed:
• Host 1: Save
• Host 2: Restore
• Both hosts see the same filesystem and thus have access to disk images,
checkpoint files as well as config files (if needed)
The xl migrate command ensures coordinates the execution of save and restore on both
hosts. Also, some commercial solutions based on Xen, implement additional functionality
that do not require a shared host filesystem.
Cleanup: Delete the just created c7-01.cpt file, such that we have enough disk space for the
next exercise.
16. 5: Creating Guests from Scratch (<10 minutes)
Note: This exercise will require a fast and reliable internet connection as the Debian
install will want to fetch packages from the internet. With reasonable bandwidth the
install will take 10-20 minutes. To be able to focus on the key steps, we will
• follow the exercise up to the installer
• then we will get and use the file $XenExercise/IMG/d8-01.img
This ensures that we can focus on the key steps, rather than the install.
First ,we create an empty disk via
# dd if=/dev/zero of=/demo/images/d8-01.img bs=1M count=1500
As before we create unique mac addresses:
# /demo/scripts/make-mac.sh d8-01
5a:27:48:e0:4e:fb
# /demo/scripts/make-mac.sh d8-01 xenbr1
5a:27:74:08:46:fb
Now we copy and edit the config file and change the portions marked in red: in many cases,
you simply have to uncomment the relevant portions of the file
# cp /demo/master-images/debian8/debian.cfg d8-01.cfg
# vi d8-01.cfg
kernel = "/demo/master-images/debian8/vmlinuz"
ramdisk = "/demo/master-images/debian8/initrd.gz"
…
extra = "debian-installer/exit/always_halt=true -- quiet console=hvc0"
…
memory = 512
…
name = "d8-01"
…
vcpus = 1
…
vif = [ 'mac=5a:27:48:e0:4e:fb','bridge=xenbr1,mac=5a:27:74:08:46:fb' ]
…
disk= [ 'vdev=xvda,format=raw,target=/demo/images/d8-01.img' ]
We then create the guest, attaching the console
# xl create d8-01.cfg -c
17. At this point you will see:
Instead of going through the install, we abort it and shut down the VM in a Dom0 terminal
by executing
Dom0# xl shutdown d8-01
In the Laptop terminal shell go to the $XenExercise/IMG directory:
$ cd ~/Desktop/XenExercise/IMG
$ scp ./d8-01.img root@192.168.56.101:/demo/images
This provides the Debian image immediately after the install
Note: the install was performed with default settings, with the exception of
Primary internet adaptor: eth0
Hostname: d8-01
Password: xenroot
User: yourname
Password: yourpw
Also note that – although the default – we want to
Install Grub as bootloader: yes, /dev/xvda
In the Dom0 terminal we have to change the guest’s config file and change the portions
marked in red: in many cases, you simply have to comment out the relevant portions of the
file. The reason for this is that we want to boot from the disk (now as the disk image has a
Debian install in it), and not from the network
Dom0# vi d8-01.cfg
…
#kernel = "/demo/master-images/debian8/vmlinuz"
#ramdisk = "/demo/master-images/debian8/initrd.gz"
…
#extra = "debian-installer/exit/always_halt=true – quiet
…
18. #========================================================================
# TO BOOT INSTALLED SYSTEM
#
# Comment all of the above installation options and uncomment the
# below instead
#========================================================================
bootloader="pygrub"
Now start the guest in the Dom0 terminal:
Dom0# xl create d8-01.cfg -c
and log in as root.
The Debian installer has not set up eth1, nor does it allow ssh’ing into the guest without
the use of ssh keys. To fix this we need to edit /etc/network/interfaces and add the
portions marked in red:
Dom0# vi /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
# The secondary network interface
allow-hotplug eth1
iface eth1 inet dhcp
and perform:
Dom0# /etc/init.d/networking restart
Now we need to edit /etc/ssh/sshd_config and modify the portions marked in red:
Dom0# vi /etc/ssh/sshd_config
…
# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
…
and perform:
Dom0# /etc/init.d/ssh restart
19. Now we get the IP address in the usual way and write it down, leave the terminal via Ctrl+]
and re-attach from a new terminal window via ssh.