Setting up a NetBSD/XEN guest

Preliminary Note

The XEN host system here as well as the serving NFS are assumed to be a GNU/Linux, to be able to create sparse disks or partitions (dd seek option and underlying ext4 file-system). One could still imagine using a NetBSD dom0 as long as the guest virtual disk or partition are up and running. This setup could also be adapted to QCOW2 images instead of sparse RAW images or by means of using network block devices instead of vdisks on NFS.


Fetching the to-be-shared material,


mkdir -p /data/ISO-IMAGES/
cd /data/ISO-IMAGES/
wget -O -$rel/SHA512 | grep amd64.iso > NetBSD-$rel-amd64.iso.SHA512
rm netbsd.iso
ln -s NetBSD-$rel-amd64.iso netbsd.iso

cat *.SHA512
sha512sum *amd64.iso

mkdir -p /data/kernels/netbsd${rel%%\.*}/
cd /data/kernels/netbsd${rel%%\.*}/

grep XEN3_DOMU.gz SHA512
sha512sum *XEN3_DOMU.gz

For i386 PAE,

cd /data/kernels/

Brutal FFS or EXT2FS on a BSD Partition (THE RIGHT WAY)

Setting up NetBSD/XEN on EXT2FS vdisk image instead of FFS vdisk image is almost the same. The main difference is that the formating may be done from the dom0, and then BSD partition d should be used.

The FFS vdisk image will however be READ-ONLY by default on most GNU/Linux systems as the CONFIG_UFS_FS_WRITE kernel feature is not compiled in. Fortunately we use to have that additional kernel configuration enabled. It can otherwise be mounted read-write from a FreeBSD rescue system with no specific mount argument.


mkdir -p /data/guests/$guest
cd /data/guests/$guest
dd if=/dev/zero of=$guest.ffs bs=1024k count=0 seek=4096
#dd if=/dev/zero of=$ bs=1G count=0 seek=10  
#dd if=/dev/zero of=$guest.ext2 bs=1000k count=0 seek=4000
#mkfs.ext2 $guest.ext2
#mkfs.ext2 -O^dir_index,^ext_attr $guest.ext2
#tune2fs -l netbsdextfs.ext2

grep ^proc /proc/cpuinfo | tail -1
cat > $guest <<-EOF
kernel = "/data/kernels/netbsd${rel%%\.*}/netbsd-INSTALL_XEN3_DOMU.gz"
#kernel = "/data/kernels/netbsd${rel%%\.*}/netbsd-XEN3_DOMU.gz"
#root = "xbd0a"
#root = "xbd0d"
memory = 7168
name = "$guest"
vcpus = 16
disk = ['tap:tapdisk:aio:/data/guests/$guest/$guest.ffs,xvda,w',
#disk = ['tap:tapdisk:aio:/data/guests/$guest/$guest.ext2,xvda,w',
vif = [ 'bridge=pubbr0,vifname=$guest.0' ]

Note. providing the DOS partition xvda1 instead of xvda does not make any difference in contrary to linux guest setups. NetBSD fdisk xbd0 still shows no DOS partition at all and its size remains identical. So I simply stick with xvda.

xl create $guest -c

exit sysinst and proceed


#dhclient xennet0
#mount -t nfs x.x.x.x:/data/tftpboot /cdrom

dmesg | grep ^xbd
fdisk xbd0
disklabel xbd0
newfs /dev/rxbd0a
mount /dev/xbd0a /mnt
#mount -t ext2fs /dev/xbd0a /mnt
#mount -t ext2fs /dev/xbd0d /mnt

mkdir /cdrom
mount_cd9660 /dev/xbd1a /cdrom
cd /cdrom/amd64/binary/sets
#cd /cdrom/i386/binary/sets

all sets but x and kern

for set in `ls -1 *.tgz | sed -rn '/^[^xk]/p'`; do
    echo -n extracting $set to /mnt...
    tar xzphfe $set -C /mnt && echo done
done; unset set

chroot /mnt
cd /dev
ls -l pty* opty*
./MAKEDEV pty # ./MAKEDEV: pty: unknown device
./MAKEDEV opty

cd /etc
ls -l localtime
ls -l ../usr/share/zoneinfo/Europe/Moscow
ln -sf ../usr/share/zoneinfo/Europe/Moscow localtime
#ln -sf ../usr/share/zoneinfo/Europe/Paris localtime
cat > rc.conf <<EOF
. /etc/defaults/rc.conf

#xen guest

#no dump


cat /etc/ttys #fine already

vi /etc/fstab

/dev/xbd0a / ffs rw 0 1
#/dev/xbd0d / ext2fs rw 0 1
ptyfs /dev/pts ptyfs rw 0 0 
tmpfs /tmp tmpfs rw 0 0
#procfs /proc procfs ro,linux 0 0

chpass -s /bin/ksh root
useradd -D -s /bin/ksh

echo netbsdffs > /etc/myname
#echo netbsdextfs > /etc/myname

echo inet x.x.x.x/xx up > /etc/ifconfig.xennet0
echo x.x.x.x > /etc/mygate
vi /etc/hosts

x.x.x.x netbsdffs 
x.x.x.x gw

cat > /etc/resolv.conf <<-EOF
search sne.lan
nameserver x.x.x.x

umount /mnt
cd ~/
umount /cdrom
halt -p

You will then be able to mount the thing from the dom0 for templating or maintenance (you might avoid chrooting into it, though),

mkdir lala
mount -t ufs -o loop,rw,ufstype=44bsd $guest.ffs lala

If you get this error,

mount: /data/guests/ufs/lala: WARNING: device write-protected, mounted read-only.

==> you did not enable UFS writes in your Linux kernel, but you can still mount it as ro.

The full disk flavor (THE WRONG WAY)

mkdir -p /data/guests/$guest
cd /data/guests/$guest
dd if=/dev/zero of=$guest.disk bs=1024k count=1 seek=4096
#10GB -- seek=10240
grep ^proc /proc/cpuinfo 
cat > $guest <<-EOF
kernel = "/data/kernels/netbsd7/netbsd-INSTALL_XEN3_DOMU.gz"
#kernel = "/data/kernels/netbsd7/netbsd-XEN3_DOMU.gz"
#root = "xbd0a"
memory = 256
name = "$guest"
vcpus = 2
disk = ['tap:tapdisk:aio:/data/guests/$guest/$guest.disk,xvda,w',
vif = [ 'vifname=$guest.0' ]

Launch the installation,

cd /data/guests/$guest/
xl create $guest -c

then install NetBSD on xbd0 using cdrom at xbd1a.

When finished,

x: Exit Install System

halt -p

Ready to go

Then switch to the ending production kernel and eventually remove the ISO,

vi $guest

kernel = "/data/kernels/netbsd7/netbsd-XEN3_DOMU.gz"
root = "xbd0a"
#root = "xbd0d"

and eventually remove the vdisk pointing to the ISO.

Start the guest and check,

xl create $guest -c

dmesg | grep ^xbd

Full disk flavor XEN specific post-installation (THE WRONG WAY)

cp -pi /etc/rc.conf /etc/rc.conf.dist
vi /etc/rc.conf


cp -i /etc/ttys /etc/ttys.dist
vi /etc/ttys

console "/usr/libexec/getty Pc"         vt100   on secure
ttyE1   "/usr/libexec/getty Pc"         wsvt25  off secure
ttyE2   "/usr/libexec/getty Pc"         wsvt25  off secure
ttyE3   "/usr/libexec/getty Pc"         wsvt25  off secure


Rescuing a full disk flavored netbsd/xen guest (THE WRONG WAY)

from another guest, say rescue,

disk = ['tap:tapdisk:aio:/data/guests/rescue/rescue.disk,xvda,w',
        'tap:tapdisk:aio:/data/guests/netbsd71/NetBSD-7.1.2-amd64.iso,xvdc,r' ]

fsck /dev/rxbd1a 
mkdir /lala
mount /dev/xbd1a /lala


See Failover IP


An alternative is to use LVM instead of a sparse file, which makes even more sense on a NetBSD dom0 as the dd seek option is not available. However I am not sure LVM is stable enough on NetBSD and the true value-added pvmove is missing anyway. Maybe another means of managing block devices would be appropriate.

lvm pvcreate /dev/rsd1d
lvm vgcreate guestsvg "/dev/rsd1d"
lvm lvcreate -n netbsdguest1 -L 5G guestsvg



Nethence | Doc | Pub | Lab | Pbraun | SNE Russia | xhtml