Manual:Xen
Virtualization Overview
Virtualization techonogies enable single physical device to execute multiple different operating systems and applications. Virtualization support in RouterOS allows to run multiple copies of RouterOS sofware and even other supported operating systems. Note that virtualization support depends on system architecture, not all architectures that RouterOS supports allow virtualization.
x86 Virtualization Support
Virtualization support on x86 architecture systems is implemented using Xen hypervisor (http://www.xen.org). This enables RouterOS to run other operating systems that support Xen paravirtualization in "virtual machines" (guests), controlled by RouterOS software (host).
Support for virtualization for x86 architecture systems is included in RouterOS software versions starting with 3.11. To enable virtualization support "xen" package must be installed.
Host RouterOS software sets up virtual machines such that they use file in RouterOS host file system as disk image(s). Additionally host RouterOS can set up virtual ethernet network interfaces between itself and virtual machine. This enables virtual machines to participate in network under control of host RouterOS software.
In order to execute operating system in virtual machine, you need:
- OS kernel that supports Xen paravirtualization
- OS disk image
- (optionally) initial ram disk to use while booting OS in VM
If RouterOS image is used for booting in VM, OS kernel and initial ram disk are not necessary - specifying RouterOS disk image is sufficient. RouterOS images for use by VMs can be created in 2 ways:
- either by taking image from existing RouterOS x86 installation that supports virtualization (version >= 3.11)
- or by using special RouterOS functions to create RouterOS image to use in VM (note that these functions do not produce RouterOS image that can be copied and successfully run from physical media!).
The latter approach is more flexible because allows user to specify disk image size.
Note that one disk image at the same time can only be used by one VM.
Creating RouterOS image to use in VM
To create RouterOS image to use in VM use "/xen make-routeros-image" command:
[admin@MikroTik] /xen> make-routeros-image file-name=ros1.img file-size=32 [admin@MikroTik] /xen> /file print # NAME TYPE SIZE CREATION-TIME 0 ros1.img .img file 33554432 jun/06/2008 14:47:23
This produces 32MB RouterOS image that is ready to use in VM. New RouterOS image is based on host system sofware and therefore contains all sofware packages that are installed on host system, but does not contain host configuration.
VM Configuration
All virtualization for x86 architecture related functions are configured under "/xen" menu.
Memory Available to Host RouterOS
By default all the memory is available to host system, for example for system with 1GB of memory:
[admin@MikroTik] > /system resource print
uptime: 2m4s
version: "3.9"
free-memory: 934116kB
total-memory: 963780kB
cpu: "Intel(R)"
cpu-count: 2
cpu-frequency: 2813MHz
cpu-load: 0
free-hdd-space: 77728884kB
total-hdd-space: 79134596kB
write-sect-since-reboot: 989
write-sect-total: 989
architecture-name: "x86"
board-name: "x86"
[admin@MikroTik] > /xen global-settings print
memory-for-main: unlimited
In some cases this may limit ability to allocate necessary memory for running guest VMs, because host system may have used memory for e.g. filesystem caching purposes. Therefore it is advised to configure limit of memory available to host system (exact value for limit depends on what sofware features are used on host system - in general, the same rules as for choosing amount of physical memory for regular RouterOS installation apply):
[admin@MikroTik] > /system resource print
uptime: 2m4s
version: "3.9"
free-memory: 934116kB
total-memory: 963780kB
cpu: "Intel(R)"
cpu-count: 2
cpu-frequency: 2813MHz
cpu-load: 0
free-hdd-space: 77728884kB
total-hdd-space: 79134596kB
write-sect-since-reboot: 989
write-sect-total: 989
architecture-name: "x86"
board-name: "x86"
[admin@MikroTik] > /xen global-settings print
memory-for-main: unlimited
[admin@MikroTik] > /xen global-settings set memory-for-main=128
[admin@MikroTik] > /system reboot
Reboot, yes? [y/N]:
y
system will reboot shortly
....
[admin@MikroTik] > /system resource print
uptime: 1m5s
version: "3.11"
free-memory: 114440kB
total-memory: 131272kB
cpu: "Intel(R)"
cpu-count: 2
cpu-frequency: 2813MHz
cpu-load: 0
free-hdd-space: 77728884kB
total-hdd-space: 79134596kB
write-sect-since-reboot: 794
write-sect-total: 794
architecture-name: "x86"
board-name: "x86"
Creating RouterOS VM
Assuming that RouterOS image "ros1.img" is previously made, new VM to run RouterOS can be created:
[admin@MikroTik] /xen> add name=ros1 disk=hda disk-image=ros1.img memory=64 console-telnet-port=64000
[admin@MikroTik] /xen> print detail
Flags: X - disabled
0 X name="ros1" disk=hda disk-image="ros1.img" initrd="" kernel="" kernel-cmdline="" cpu-count=1 memory=64 weight=256
console-telnet-port=64000 state=disabled
The following parameters were passed to "add" command:
- disk=hda & disk-image=ros1.img - these parameters specify that file "ros1.img" in host filesystem will be set up as disk "hda" (IDE Primary Master) in guest system;
- memory=64 - this specifies amount of memory for guest VM;
- console-telnet-port=64000 - specifies that host system will listen on port 64000 and once telnetted to, will forward guests console output to telnet client and accept console input from telnet client.
There are few other settings:
- kernel & initrd - VM kernel file to boot and initial ram disk file to use (if specified), as noted before, specifying these is not necessary when booting RouterOS image;
- kernel-cmdline - command line to pass to Linux kernel
- cpu-count - how many CPUs should be made available to VM;
- weight - proportional "importance" of this VM when scheduling multiple VMs for execution. Taking into account that host operating system shares CPUs with all running guest VMs, weight parameter specifies proportional share of CPU(s) that guest operating system will get when multiple operating systems start competing for CPU resource. "Weight" of host operating system is 256. So, for example, if guest VM is also configured with weight 256, if both OSes will be running at 100% CPU usage, both will get equal share of CPU. If guest VM will be configured with weight 128, it will get only 1/3 of CPU.
Starting, Stopping and Connecting to RouterOS VM
To start booting guest VM, enable it:
[admin@MikroTik] /xen> enable ros1 [admin@MikroTik] /xen> print Flags: X - disabled # NAME MEMORY WEIGHT STATE 0 ros1 64 256 running
There are 2 (mutually exclusive, because there is just one virtual console provided for guest VM) ways to connect to console of running VM:
- by using "/xen console <VM name>" command, or
- by using telnet program and connecting to port specified in "console-telnet-port" parameter.
There are multiple ways to stop running VM:
- preferred way is to shut down from guest VM (e.g. by connecting, logging and typing "/system shutdown").
- force shutdown from host RouterOS by using "/xen/shutdown <VM name>" command;
- simply by disabling VM entry in "/xen" menu, note that this is the most dangerous way of stopping running VM, because guest VM can leave its filesystem in corrupt state (disabling VM entry for VM is the same as unplugging power for physical device).
VM shutdown state can be confirmed in "/xen" menu:
[admin@MikroTik] /xen> shutdown ros1 [admin@MikroTik] /xen> print Flags: X - disabled # NAME MEMORY WEIGHT STATE 0 ros1 64 256 shutdown