Citrix XenServer ® 7.5 Administrator's Guide Published May 2018 1.0 Edition Citrix XenServer ® 7.5 Administrator's Guide © 1999-2018 Citrix Systems, Inc. All Rights Reserved. Version: 7.5 Citrix Systems, Inc. 851 West Cypress Creek Road Fort Lauderdale, FL 33309 United States of America Disclaimers This document is furnished "AS IS." Citrix Systems, Inc. disclaims all warranties regarding the contents of this document, including, but not limited to, implied warranties of merchantability and fitness for any particular purpose. This document may contain technical or other inaccuracies or typographical errors. Citrix Systems, Inc. reserves the right to revise the information in this document at any time without notice. This document and the software described in this document constitute confidential information of Citrix Systems, Inc. and its licensors, and are furnished under a license from Citrix Systems, Inc. Citrix Systems, Inc., the Citrix logo, Citrix XenServer and Citrix XenCenter, are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners. Trademarks Citrix® XenServer ® XenCenter ® Contents 1. Document Overview ...................................................................................... 1 1.1. Introducing XenServer .................................................................................................. 1 1.1.1. Benefits of Using XenServer ............................................................................... 1 1.1.2. Administering XenServer .................................................................................... 2 1.2. XenServer Documentation ............................................................................................ 2 2. Managing Users ............................................................................................. 3 2.1. Authenticating Users With Active Directory (AD) ............................................................ 3 2.1.1. Configuring Active Directory Authentication ........................................................ 4 2.1.2. User Authentication ........................................................................................... 7 2.1.3. Removing Access for a User ............................................................................... 8 2.1.4. Leaving an AD Domain ....................................................................................... 9 2.2. Role Based Access Control ............................................................................................ 9 2.2.1. Roles ............................................................................................................... 10 2.2.2. Definitions of RBAC Roles and Permissions ........................................................ 11 2.2.3. Using RBAC with the CLI .................................................................................. 19 2.2.3.1. To List All the Available Defined Roles in XenServer ................................. 19 2.2.3.2. To Display a List of Current Subjects: ...................................................... 19 2.2.3.3. To Add a Subject to RBAC ...................................................................... 20 2.2.3.4. To Assign an RBAC Role to a Created subject .......................................... 20 2.2.3.5. To Change a Subject's RBAC Role: .......................................................... 20 2.2.4. Auditing ........................................................................................................... 21 2.2.4.1. Audit Log xe CLI Commands .................................................................. 21 2.2.4.2. To Obtain All Audit Records From the Pool ............................................. 21 2.2.4.3. To Obtain Audit Records of the Pool Since a Precise Millisecond Timestamp ........................................................................................................ 21 2.2.4.4. To Obtain Audit Records of the Pool Since a Precise Minute Timestamp ........................................................................................................ 21 2.2.5. How Does XenServer Compute the Roles for the Session? .................................. 21 3. XenServer Hosts and Resource Pools .......................................................... 23 3.1. Hosts and Resource Pools Overview ............................................................................ 23 iii 3.2. Requirements for Creating Resource Pools ................................................................... 23 3.3. Creating a Resource Pool ............................................................................................ 24 3.4. Creating Heterogeneous Resource Pools ...................................................................... 25 3.5. Adding Shared Storage ................................................................................................ 25 3.6. Removing XenServer Hosts from a Resource Pool ......................................................... 26 3.7. Preparing a Pool of XenServer hosts for Maintenance ................................................... 26 3.8. Export Resource Pool Data .......................................................................................... 27 3.8.1. To Export Resource Data .................................................................................. 29 3.9. High Availability .......................................................................................................... 29 3.9.1. HA Overview ................................................................................................... 29 3.9.1.1. Overcommitting .................................................................................... 30 3.9.1.2. Overcommitment Warning .................................................................... 30 3.9.1.3. Host Fencing ......................................................................................... 30 3.9.2. Configuration Requirements ............................................................................. 30 3.9.3. Restart configuration settings ........................................................................... 31 3.9.3.1. Start order ............................................................................................ 32 3.10. Enabling HA on your XenServer Pool ......................................................................... 32 3.10.1. Enabling HA Using the CLI .............................................................................. 32 3.10.2. Removing HA Protection from a VM using the CLI ............................................ 33 3.10.3. Recovering an Unreachable Host .................................................................... 33 3.10.4. Shutting Down a host When HA is Enabled ..................................................... 33 3.10.5. Shutting Down a VM When it is Protected by HA ............................................. 34 3.11. Host Power On ......................................................................................................... 34 3.11.1. Powering on Hosts Remotely .......................................................................... 34 3.11.2. Using the CLI to Manage Host Power On ......................................................... 34 3.11.2.1. To Enable Host Power On Using the CLI ................................................ 34 3.11.2.2. To Turn on Hosts Remotely Using the CLI .............................................. 35 3.11.3. Configuring a Custom Script for XenServer's Host Power On Feature ................. 35 3.11.3.1. Key/Value Pairs ................................................................................... 35 3.11.3.1.1. host.power_on_mode ............................................................... 35 3.11.3.1.2. host.power_on_config .............................................................. 36 iv 3.11.3.2. Sample Script ...................................................................................... 36 3.12. Communicating with XenServer hosts and Resource Pools .......................................... 36 3.13. Enabling IGMP Snooping on your XenServer Pool ....................................................... 37 4. Networking ................................................................................................... 38 4.1. Networking Support .................................................................................................... 38 4.2. vSwitch Networks ....................................................................................................... 38 4.3. XenServer Networking Overview ................................................................................. 39 4.3.1. Network Objects .............................................................................................. 40 4.3.2. Networks ......................................................................................................... 40 4.3.3. VLANs ............................................................................................................. 40 4.3.3.1. Using VLANs with Management Interfaces ............................................. 40 4.3.3.2. Using VLANs with Virtual Machines ........................................................ 40 4.3.3.3. Using VLANs with Dedicated Storage NICs .............................................. 41 4.3.3.4. Combining Management Interfaces and Guest VLANs on a Single Host NIC ................................................................................................................... 41 4.3.4. Jumbo frames .................................................................................................. 41 4.3.5. NIC Bonds ....................................................................................................... 41 4.3.5.1. Active-Active Bonding ............................................................................ 43 4.3.5.2. Active-Passive Bonding .......................................................................... 45 4.3.5.3. LACP Link Aggregation Control Protocol Bonding ..................................... 46 4.3.5.4. Switch Configuration ............................................................................. 48 4.3.5.4.1. Switch Configuration for LACP Bonds ........................................... 49 4.3.6. Initial Networking Configuration after Setup ...................................................... 49 4.3.7. Changing Networking Configuration .................................................................. 50 4.3.7.1. Modifying the Network Object ............................................................... 50 4.3.8. Changing the Up Delay for Bonds ..................................................................... 51 4.4. Managing Networking Configuration ........................................................................... 51 4.4.1. Cross-Server Private Networks .......................................................................... 51 4.4.2. Creating Networks in a Standalone Server ......................................................... 52 4.4.3. Creating Networks in Resource Pools ................................................................ 52 4.4.4. Creating VLANs ................................................................................................ 52 v 4.4.5. Creating NIC Bonds on a Standalone Host ......................................................... 53 4.4.5.1. Creating a NIC Bond .............................................................................. 53 4.4.5.2. Controlling the MAC Address of the Bond .............................................. 54 4.4.5.3. Reverting NIC Bonds .............................................................................. 54 4.4.6. Creating NIC Bonds in Resource Pools ............................................................... 54 4.4.6.1. Adding NIC Bonds to New Resource Pools .............................................. 55 4.4.6.2. Adding NIC Bonds to an Existing Pool ..................................................... 55 4.4.7. Configuring a Dedicated Storage NIC ................................................................. 55 4.4.8. Using SR-IOV Enabled NICs ............................................................................... 56 4.4.8.1. Benefits of SR-IOV ................................................................................. 57 4.4.8.2. System Configuration ............................................................................ 57 4.4.8.3. Enabling an SR-IOV Network on a NIC .................................................... 57 4.4.8.4. Assigning an SR-IOV network to the Virtual Interface (VM level) ............... 57 4.4.8.5. Supported NICs and Guests ................................................................... 57 4.4.8.6. Limitations ............................................................................................ 57 4.4.8.7. Configuring SR-IOV VFs for legacy drivers ............................................... 58 4.4.8.8. CLI ........................................................................................................ 58 4.4.9. Controlling the Rate of Outgoing Data (QoS) ..................................................... 58 4.4.10. Changing Networking Configuration Options ................................................... 59 4.4.10.1. Hostname ........................................................................................... 59 4.4.10.2. DNS Servers ........................................................................................ 60 4.4.10.3. Changing IP Address Configuration for a Standalone Host ...................... 60 4.4.10.4. Changing IP Address Configuration in Resource Pools ............................ 60 4.4.10.5. Management Interface ........................................................................ 61 4.4.10.6. Disabling Management Access ............................................................. 61 4.4.10.7. Adding a New Physical NIC .................................................................. 61 4.4.10.8. Adding a Purpose to a Network ........................................................... 62 4.4.10.9. Using Switch Port Locking .................................................................... 62 4.4.10.9.1. Requirements ........................................................................... 62 4.4.10.9.2. Notes ....................................................................................... 62 4.4.10.9.3. Implementation Notes .............................................................. 63 vi 4.4.10.9.4. Examples .................................................................................. 63 4.4.10.9.5. How Switch-port Locking Works ................................................ 64 4.4.10.9.6. VIF Locking-Mode States ........................................................... 64 4.4.10.9.7. Configuring Switch Port Locking ................................................ 65 4.4.10.9.8. Preventing a Virtual Machine from Sending or Receiving Traffic from a Specific Network ............................................................................ 66 4.4.10.9.9. Removing a VIF's Restriction to an IP Address ............................. 67 4.4.10.9.10. Simplifying VIF Locking Mode Configuration in the Cloud ........... 67 4.4.10.9.11. Using Network Settings for VIF Traffic Filtering ......................... 68 4.5. Networking Troubleshooting ....................................................................................... 68 4.5.1. Diagnosing Network Corruption ........................................................................ 68 4.5.2. Emergency Network Reset ............................................................................... 69 4.5.2.1. Verifying the Network Reset .................................................................. 69 4.5.2.2. Using the CLI for Network Reset ............................................................ 70 4.5.2.2.1. Pool Master Command Line Examples ......................................... 71 4.5.2.2.2. Pool Member Command Line Examples ....................................... 72 5. Storage ......................................................................................................... 73 5.1. Storage Overview ....................................................................................................... 73 5.1.1. Storage Repositories (SRs) ................................................................................ 73 5.1.2. Virtual Disk Image (VDI) ................................................................................... 73 5.1.3. Physical Block Devices (PBDs) ........................................................................... 73 5.1.4. Virtual Block Devices (VBDs) ............................................................................. 73 5.1.5. Summary of Storage objects ............................................................................. 74 5.1.6. Virtual Disk Data Formats ................................................................................. 74 5.1.6.1. VDI Types ............................................................................................. 74 5.1.6.2. Creating a Raw Virtual Disk Using the xe CLI ........................................... 74 5.1.6.3. Converting Between VDI Formats ........................................................... 75 5.1.6.4. VHD-based VDIs .................................................................................... 75 5.2. Storage Repository Formats ........................................................................................ 76 5.2.1. Local LVM ........................................................................................................ 76 5.2.1.1. LVM Performance Considerations ........................................................... 76 vii 5.2.1.2. Creating a Local LVM SR (lvm) ................................................................ 77 5.2.2. Local EXT3 ....................................................................................................... 77 5.2.2.1. Creating a Local EXT3 SR (ext) ................................................................ 77 5.2.3. udev ................................................................................................................ 77 5.2.4. ISO .................................................................................................................. 78 5.2.5. Software iSCSI Support ..................................................................................... 78 5.2.5.1. XenServer host iSCSI configuration ......................................................... 78 5.2.6. Software FCoE Storage ..................................................................................... 79 5.2.6.1. Creating a Software FCoE SR .................................................................. 79 5.2.7. Hardware Host Bus Adapters (HBAs) ................................................................. 79 5.2.7.1. Sample QLogic iSCSI HBA setup ............................................................. 79 5.2.7.2. Removing HBA-based SAS, FC or iSCSI Device Entries .............................. 80 5.2.8. Shared LVM Storage ......................................................................................... 80 5.2.8.1. Creating a Shared LVM Over iSCSI SR Using the Software iSCSI Initiator (lvmoiscsi) ......................................................................................................... 80 5.2.8.2. Creating a Shared LVM over Fibre Channel / Fibre Channel over Ethernet / iSCSI HBA or SAS SR (lvmohba) .......................................................... 81 5.2.9. NFS and SMB ................................................................................................... 83 5.2.9.1. Creating a Shared NFS SR (NFS) ............................................................. 83 5.2.9.2. Creating a Shared SMB SR (SMB) ........................................................... 84 5.2.10. LVM over Hardware HBA ................................................................................ 85 5.3. Storage Configuration ................................................................................................. 85 5.3.1. Creating Storage Repositories ........................................................................... 85 5.3.2. Probing an SR .................................................................................................. 86 5.4. Storage Multipathing .................................................................................................. 88 5.5. XenServer and IntelliCache .......................................................................................... 89 5.5.1. IntelliCache Deployment .................................................................................. 89 5.5.1.1. Enabling on Host Installation ................................................................. 90 5.5.1.2. Converting an Existing Host to Use Thin Provisioning ............................... 90 5.5.1.3. VM Boot Behavior ................................................................................. 91 5.5.1.3.1. VM Caching Behavior Settings ..................................................... 91 5.5.1.4. Implementation Details and Troubleshooting .......................................... 91 viii 5.6. Storage Read Caching ................................................................................................. 92 5.6.1. Enabling and Disabling ..................................................................................... 92 5.6.2. Limitations ....................................................................................................... 93 5.6.3. Comparison with IntelliCache ........................................................................... 93 5.6.4. To Set the Read Cache Size .............................................................................. 93 5.6.4.1. How to View the Current dom0 Memory Allocation ................................ 93 5.6.4.2. XenCenter Display Notes ....................................................................... 94 5.7. PVS-Accelerator .......................................................................................................... 94 5.7.1. How PVS-Accelerator Works ............................................................................. 95 5.7.2. Enabling PVS-Accelerator .................................................................................. 95 5.7.2.1. Configuring PVS-Accelerator in XenServer using the CLI ........................... 95 5.7.2.2. Completing the Cache Configuration in PVS ............................................ 96 5.7.3. Caching Operation ........................................................................................... 97 5.7.4. PVS-Accelerator CLI Operations ........................................................................ 98 5.7.4.1. Viewing PVS Server addresses and ports configured by PVS ..................... 98 5.7.4.2. Configuring a VM for caching ................................................................. 98 5.7.4.3. Disabling caching for a VM .................................................................... 98 5.7.4.4. Removing the PVS-Accelerator storage for a host or a site ....................... 98 5.7.4.5. Forgetting the PVS-Accelerator configuration for a site ............................ 99 5.8. Managing Storage Repositories ................................................................................... 99 5.8.1. Removing SRs .................................................................................................. 99 5.8.2. Introducing an SR ............................................................................................ 99 5.8.3. Live LUN Expansion ........................................................................................ 100 5.8.4. Live VDI Migration ......................................................................................... 100 5.8.4.1. Limitations and Caveats ....................................................................... 101 5.8.4.2. To Move Virtual Disks using XenCenter ................................................. 101 5.8.5. Cold VDI Migration between SRs (Offline Migration) ........................................ 101 5.8.5.1. Copying All of a VMs VDIs to a Different SR .......................................... 101 5.8.5.2. Copying Individual VDIs to a Different SR .............................................. 101 5.8.6. Converting Local Fibre Channel SRs to Shared SRs ............................................ 102 5.8.7. Reclaiming Space for Block-Based Storage on the Backing Array Using Discard ... 102 ix 5.8.8. Automatically Reclaiming Space When Deleting Snapshots ............................... 103 5.8.8.1. Reclaiming Space Using the Off Line Coalesce Tool ................................ 103 5.8.9. Adjusting the Disk IO Scheduler ...................................................................... 104 5.8.10. Virtual Disk QoS Settings .............................................................................. 104 6. Configuring VM Memory ........................................................................... 106 6.1. What is Dynamic Memory Control (DMC)? ................................................................. 106 6.1.1. The Concept of Dynamic Range ...................................................................... 106 6.1.2. The Concept of Static Range ........................................................................... 106 6.1.3. DMC Behavior ................................................................................................ 107 6.1.4. How Does DMC Work? ................................................................................... 107 6.1.5. Memory Constraints ....................................................................................... 107 6.2. xe CLI Commands ..................................................................................................... 108 6.2.1. Display the Static Memory Properties of a VM ................................................. 108 6.2.2. Display the Dynamic Memory Properties of a VM ............................................ 108 6.2.3. Updating Memory Properties ......................................................................... 109 6.2.4. Update Individual Memory Properties ............................................................. 109 6.3. Upgrade Issues ......................................................................................................... 110 7. XenServer Memory Usage ......................................................................... 111 7.1. Control Domain Memory .......................................................................................... 111 7.1.1. Changing the Amount of Memory Allocated to the Control Domain .................. 111 7.1.2. How Much Memory is Available to VMs .......................................................... 112 8. Disaster Recovery and Backup ................................................................... 113 8.1. Understanding XenServer DR ..................................................................................... 113 8.2. DR Infrastructure Requirements ................................................................................ 113 8.3. Deployment Considerations ....................................................................................... 114 8.3.1. Steps to Take Before a Disaster ....................................................................... 114 8.3.2. Steps to Take After a Disaster ......................................................................... 114 8.3.3. Steps to Take After a Recovery ....................................................................... 114 8.4. Enabling Disaster Recovery in XenCenter ................................................................... 115 8.5. Recovering VMs and vApps in the Event of Disaster (Failover) ..................................... 115 x