After being challenged several times during the process of installing Windows Server 2003 into a fully virtualized Xen environment on Red Hat Enterprise Linux 5 (RHEL 5 or CentOS 5) I decided that a quick tutorial for those of you who wish to install in exactly the same way would be helpful. There are several potential road blocks that must be addressed including issues with accessing the graphical console (necessary for a normal Windows installation process) if you are not working from a local Linux workstation with a graphical environment installed.
I like to start a Xen installation using the very handy virt-install command. Virt-install, available by default, makes creating a new virtual machine very simple. I will assume that you are familiar with this part of the process and already have Xen installed and working. If you are not sure if your environment is set up properly, I suggest that you start by paravirtualizing a very simple, bare-bones Red Hat Linux server using the virt-install process to test out your setup before challenging yourself with a much more lengthy Windows install that has many potential pitfalls.
The first potential problem that many users face is a lack of support for full virtualization. This is becoming less common of a problem as time goes on. Full virtualization must be supported at the hardware level in both the processor and in the BIOS/firmware. (I personally recommend the AMD Opteron platform for virtualization but be sure to get a processor revision, like Barcelona or later, that supports this.)
Using virt-install to kick off our install process is great but, most likely, you will do this and, if all goes well, you will begin to format your hard drive and then you will find that your Xen machine (xm) simply dies leaving you with nothing. Do not be concerned. This is a known issue that can be fixed with a simple tweak to the Xen configuration file.
CD Drive Configuration Issues
In some cases, you may have problems with your CD / DVD drive not being recognized correctly. This can be fixed by adding a phy designation in the Xen configuration file to point to the CD-Rom drive. This is only appropriate for people who are installing directly from CD or DVD. Most people prefer to install from an ISO image. Using an ISO does not have this problem.
In Red Hat, your Xen configuration files should be stored, by default, in /etc/xen. Look in this directory and open the configuration file for the Windows Server 2003 virtual machine which you just created using virt-install. There should be a “disk =” configuration line. This line should contain, at a minimum, configuration details about your virtual hard drive and about the CD ROM device from which you will be installing.
The configuration for the CD ROM device should look something like:
disk = [ “file:/dev/to-w2k3-ww1,hda,w”, “,hdc:cdrom,r” ]
You should change this file to add in a phy section for the cdrom device to point the system to the correct hardware device. On my machine the cdrom device is mapped to /dev/cdrom which makes this very simple.
disk = [ “tap:aio:/xen/to-w2k3-ww1,hda,w”, “phy:/dev/cdrom,hdc:cdrom,r” ]
Accessing the Xen Graphical Console Remotely via VNC
If you are like me you do not install anything unnecessary on your virtualization servers. I find it very inappropriate for there to be any additional libraries, tools, utilities, packages, etc. located on the virtualization platform. These are unnecessary and each one risks bloat and, worse yet, potential security holes. Since all of the guest machines running on the host machine all all vulnerable to any security concerns on the host it is very important that the host be kept as secure and lean as possible. To this end I have no graphical utilities of any kind available on the host (Dom0) environment. Windows installations, however, generally require a graphical console in order to proceed. This can cause any number of issues.
The simplest means of working around this problem is to use SSH forwarding to bring the remote frame buffer protocol (a.k.a. VNC or RFB) to your local workstation which, I will assume, has a graphical environment. This solution is practical for almost any situation, is very secure, rather simple and is a good way to access emergency graphical consoles for any maintenance emergency. Importantly, this solution works on Linux, Mac OSX, Windows or pretty much any operating system from which you may be working.
Before we begin attempting to open a connection we need to know on which port the VNC server is listening for connections on the Xen host (Dom0). You can discover this, if you don’t know already from your settings, by running:
netstat -a | grep LISTEN | grep tcp
On Linux, Mac OSX or any UNIX or UNIX-like environment utilizing a command-line SSH client (OpenSSH on Windows, CygWin, etc. will also work on Windows in this way) we can easily establish a connection with a tunnel bring the VNC connection to our local machine. Here is a sample command:
ssh -L 5900:localhost:5900 [email protected]
If you are a normal Windows desktop user you do not have a command-line integrated SSH option already installed. I suggest PuTTY. It is the best SSH client for Windows. In PuTTY you simply enter the name or IP address of the server which is your Dom0 as usual. Then, before opening the connection, you can go into the PuTTY configuration menu and under Connection -> SSH -> Tunnels you can specify the Source Port (5900, by default for VNC but check your particular machine) and the Destination (localhost:5900.) Then, just open your SSH connection, log in as root and we are ready to connect with TightVNC Viewer to our remote, graphical console session.
If you are connecting on a UNIX platform, such as Linux, and have vncviewer installed then you can easily connect to your session using:
vncviewer localhost::5900
Notice that there are two colons between localhost and the port number. If you only use one colon then vncviewer thinks that you are entering a display number rather than a port number.
If you are on Windows you can download the viewer from the TightVNC project, for free, without any need to install. Just unzip the download and run TightVNC Viewer. You will enter localhost::5900 and voila, you have remote, secure access to the graphical console of your Windows server running on Xen on Linux.