From Fedora Project Wiki

(→‎QEMU Updated to 0.10.0: update to 0.10.4, Supports DDIM option ROMs)
(very preliminary start on f12 content)
Line 2: Line 2:
[[Category:Release Notes]]
[[Category:Release Notes]]
[[Category:Virtualization]]
[[Category:Virtualization]]
{{Admon/note|Under Construction|Work to update this page for F12 has only just begun. You can see a copy of the F11 page [[User:Dale/Drafts/F11_Virtualization_Release_Notes|here]].}}


== Virtualization ==
== Virtualization ==


Virtualization in Fedora 11 includes major changes, and new features, that continue to support KVM, Xen, and many other virtual machine platforms.
Virtualization in Fedora 12 includes major changes, and new features, that continue to support KVM, Xen, and many other virtual machine platforms.
    
    
=== Improved VNC Authentication for Virtual Machine Management ===
'''The final list of virt features for Fedora 12<ref>[[:Category:F12_Virt_Features]]</ref> looks like:'''
Fedora 11 introduces the ability to use the <code>SASL</code> protocol
for authenticating <code>VNC</code> connection to <code>KVM</code>
and <code>QEMU</code> virtual machines. <code>SASL</code> is a pluggable
system, allowing many different authentication mechanisms to be configured
without changing the application code. The use of <code>SASL</code>, in
combination with existing <code>TLS</code> encryption support, will allow clients like
<code>vinagre</code>, <code>virt-viewer</code> and <code>virt-manager</code>
to securely connect to remote virtual machine consoles hosted on Fedora
servers. In environments where Kerberos is deployed, this further allows for
secure single sign on to the <code>VNC</code> server. This new authentication
capability obsoletes the traditional <code>VNC</code> password scheme which
is not sufficiently secure.
 
For further details refer to the [[Features/VirtVNCAuth|Virtualization VNC Authentication]] wiki page.
 
=== Improved Graphical Console for Virtual Machines ===
Previous Fedora virtual guest consoles were limited to a screen
resolution of 800x600, and the <code>PS2</code> mouse pointer operated in
relative coordinate mode. This prevented the guest pointer from tracking
the local client pointer one for one.
 
Fedora 11 provides more accurate mouse pointer positioning and higher
screen resolutions for virtual machine consoles.
Fedora 11 guests default to a screen resolution of at least 1024x768,
and are provided with a <code>USB</code> tablet in absolute coordinate
mode. This results in a mouse pointer which tracks the local client pointer one
for one.
 
For further details refer to the [[Features/VirtImprovedConsole|Improved Graphical Console for Virtual Guests]] wiki page.
 
=== KVM PCI Device Assignment ===
Fedora 11 expands its virtualization capabilities to include <code>KVM</code> PCI device assignment support. <code>KVM</code> users can now give virtual machines exclusive access to physical PCI devices using Fedora's virtualization tools, including the Virtual Machine Manager application.
 
{{Admon/note|Hardware requirements|Intel <code>VT-d</code> or AMD <code>IOMMU</code> hardware platform support is required in order for this feature to be available.}}
 
For further details refer to the [[Features/KVM_PCI_Device_Assignment|KVM PCI Device Assignment]] wiki page.
 
=== KVM and QEMU merge ===
QEMU provides a processor and system emulator which enables users to launch guest virtual machines of the same architecture as the host machine or of a dramatically different architecture. KVM provides kernel level support for running guests of the same architecture as the host.
 
QEMU takes advantage of KVM to run guests directly on the hardware without any translation needed by the host, allowing much higher levels of performance.
 
Fedora 11 includes a merge of the <code>qemu</code> and <code>kvm</code> RPMs. The <code>kvm</code> package is now obsoleted by the <code>qemu-system-x86</code> subpackage of {{package|qemu}}. The merging of the two code bases continues upstream, but the Fedora package maintainers have chosen to merge the packages now in order reduce the maintenance burden and provide better support.
 
For further details refer to the [[Features/KVM_and_QEMU_merge|KVM and QEMU merge]] wiki page.
 
=== sVirt Mandatory Access Control ===
Fedora 11 integrates SELinux's Mandatory Access Control with virtualization. Virtual machines can now be much more effectively isolated from the host and one another, giving the increased assurance that security flaws cannot be exploited by malicious guests.
 
For further details refer to the [[Features/SVirt_Mandatory_Access_Control|sVirt Mandatory Access Control]] wiki page.
 
=== Offline Manipulation of Virtual Machines ===
<code>libguestfs</code> is a new library for accessing and modifying guest disk images. Using Linux <code>kernel</code> and <code>QEMU</code> code, <code>libguestfs</code> can access any type of guest filesystem that Linux and <code>QEMU</code> can
 
The following tools are provided by <code>libguestfs</code>:
* <code>guestfish</code> - Provides an interactive shell for editing virtual machine filesystems and executing commands in the context of the guest.
* <code>virt-inspector</code> - Displays OS version, kernel, drivers, mount points, applications, etc. in a virtual machine.
* Bindings for OCaml, Perl, Python, Ruby, and Java programming languages.
 
For further details refer to:
* http://et.redhat.com/~rjones/libguestfs/ -- Project page
* http://et.redhat.com/~rjones/libguestfs/recipes.html -- Examples of <code>guestfish</code> usage
 
=== Other Improvements ===
 
Fedora also includes the following virtualization improvements:
 
==== QEMU Updated to 0.10.4 ====
QEMU is a generic and open source machine emulator and virtualizer.
 
When used as a machine emulator, QEMU can run OSes and programs made for one machine (e.g. an ARM board) on a different machine (e.g. your own PC). By using dynamic translation, it achieves very good performance.
 
When used as a virtualizer, QEMU achieves near native performance by executing the guest code directly on the host CPU. A host driver called the QEMU accelerator (also known as KQEMU) is needed in this case. The virtualizer mode requires that both the host and guest machine use x86 compatible processors.
 
'''New features and improvements since 0.9.1:'''
* TCG support - No longer requires GCC 3.x
* Kernel Virtual Machine acceleration support
* BSD userspace emulation
* Bluetooth emulation and host passthrough support
* GDB XML register description support
* Intel e1000 emulation
* HPET emulation
* VirtIO paravirtual device support
* Marvell 88w8618 / MusicPal emulation
* Nokia N-series tablet emulation / OMAP2 processor emulation
* PCI hotplug support
* Live migration and new save/restore formats
* Curses display support
* <code>qemu-nbd</code> utility to mount supported block formats
* Altivec support in PPC emulation and new firmware (OpenBIOS)
* Multiple VNC clients are now supported
* TLS encryption is now supported in VNC
* Supports DDIM option ROMs
* Many, many, bug fixes and new features
 
For further details refer to:
 
http://www.nongnu.org/qemu/about.html
 
==== KVM Updated to 84 ====
KVM (for Kernel-based Virtual Machine) is a full virtualization solution
for Linux on x86 hardware.
 
Using KVM, one can run multiple virtual machines running unmodified Linux
or Windows images. Each virtual machine has private virtualized hardware:
a network card, disk, graphics adapter, etc.
 
'''New features and improvements since 74:'''
 
For further details refer to:
 
http://www.linux-kvm.org/page/ChangeLog
 
==== libvirt Updated to 0.6.2 ====
 
The <code>libvirt</code> package provides an API and tools to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The <code>libvirt</code> software is designed to be a common denominator among all virtualization technologies with support for the following:
 
* The Xen hypervisor on Linux and Solaris hosts
* The QEMU emulator
* The KVM Linux hypervisor
* The LXC Linux container system
* The OpenVZ Linux container system
* Storage on IDE/SCSI/USB disks, FibreChannel, LVM, iSCSI, and NFS
 
'''New features and improvements since 0.4.6:'''
* support SASL auth for VNC server
* memory ballooning in QEMU
* SCSI HBA storage pool support
* PCI passthrough for Xen and KVM drivers
* new APIs for node device detach reattach and reset
* sVirt mandatory access control support
* thread safety of the API and event handling
* allow QEMU domains to survive daemon restart
* extended logging capabilities
* support copy-on-write storage volumes
* support of storage cache control options for QEMU/KVM
* test driver infrastructure
* parallelism in the daemon and associated configuration
* virsh help cleanups
* QEMU SDL graphics
* memory consumption cleanup
* QEMU pid file and XML states for daemon restart
* generic internal thread API
* save domain state as string in status file
* add locking to all API entry points
* new ref counting APIs
* IP address for Xen bridges
* driver format for disk file types
* improve QEMU/KVM tun/tap performances
* enable floppies for Xen fully virt
* support VNC password settings for QEMU/KVM
* QEMU driver version reporting
 
There were also dozens of cleanups, documentation enhancements, portability and bug fixes. For further details refer to: http://www.libvirt.org/news.html
 
==== virt-manager Updated to 0.7.0 ====
The <code>virt-manager</code> package provides a GUI implementation of <code>virtinst</code> and <code>libvirt</code> functionality.
 
'''New features and improvements since 0.6.0:'''
* Redesigned 'New Virtual Machine' wizard
* Option to remove storage when deleting a virtual machine
* File browser for libvirt storage pools and volumes, for use when attaching storage to a new or existing guest
* Physical device assignment (PCI, USB) for existing virtual machines.
* VM disk and network stats reporting
* VM Migration support
* Support for adding sound devices to an existing VM
* Enumerate host devices attached to an existing VM
* Allow specifying a device model when adding a network device to an existing VM
* Combine the serial console view with the VM Details window
* Allow connection to multiple VM serial consoles
* Bug fixes and many minor improvements.
 
For further details refer to:
 
http://www.virt-manager.org/
 
==== virtinst Updated to 0.400.3 ====
The <code>python-virtinst</code> package contains tools for installing and manipulating multiple VM guest image formats.
 
'''New features and improvements since 0.400.0:'''
* New <code>virt-clone</code> option <code>--original-xml</code>, allows cloning a guest from an xml file, rather than require an existing, defined guest
* New <code>virt-install</code> option <code>--import</code>, allows creating a guest from an existing disk image, bypassing any OS install phase
* New <code>virt-install</code> option <code>--host-device</code>, for connecting a physical host device to the guest
* Allow specifying <code>cache</code> value via <code>virt-install</code> <code>--disk</code> options
* New <code>virt-install</code> option <code>--nonetworks</code>
* Add <code>virt-image</code> to <code>vmx</code> format support to <code>virt-convert</code>, replacing <code>virt-pack</code>
* Add disk checksum support to <code>virt-image</code>
* Enhanced URL install support: Debian Xen paravirt, Ubuntu kernel and boot.iso, Mandriva kernel, and Solaris Xen paravirt
* Expanded test suite
* Numerous bug fixes, cleanups, and improvements
 
For further details refer to:
 
* http://www.virt-manager.org/
 
==== Xen Updated to 3.3.1 ====
Fedora 11 supports booting as a domU guest, but will not function as a dom0 host until such support is provided in the upstream kernel. Support for a <code>pv_ops</code> dom0 is targeted for Xen 3.4.
 
'''Changes since 3.3.0:'''
* Xen 3.3.1 is a maintenance release in the 3.3 series.
 
For further details refer to:


* http://www.xen.org/download/roadmap.html -- Xen roadmap
* [[Features/KSM|KSM]] - Allow KVM guest virtual machines to share identical memory pages. This is especially useful when running multiple guests from the same or similar base operating system image. Because memory is shared, the combined memory usage of the guests is reduced.
* http://xenbits.xen.org/paravirt_ops/patches.hg/ -- paravirt_ops patch queue
* [[Features/KVM_Huge_Page_Backed_Memory | KVM Huge Page Backed Memory]] - Enable KVM guests to use huge page backed memory in order to reduce memory consumption and improve performance by reducing CPU cache pressure.
* [[Features/KVM_NIC_Hotplug|KVM NIC Hotplug]] - Allow the addition of a guest network interface (NIC) a guest virtual machine without needing to restart the guest.
* [[Features/KVM qcow2 Performance | KVM qcow2 Performance]] - Improve the I/O performance of virtual machines using disk images in the qcow2 image format.
* [[Features/KVM_Stable_Guest_ABI|KVM Stable Guest ABI]] - Allow guest virtual machines to be presented with the same application binary interface across QEMU upgrades.
* [[Features/libguestfs | libguestfs ]] - A library for accessing and modifying virtual machine disk images.  guestfish is an interactive shell tool for editing virtual machine disk images. Technically, this actually launched in F11, but not as a "Feature"<ref>http://docs.fedoraproject.org/release-notes/f11/en-US/sect-Release_Notes-Virtualization.html</ref>.
* [[Features/Network_Interface_Management|Network Interface Management]] - Provide tools to easily set up commonly used network configurations, like bridges, bonds, vlan's and sensible combinations thereof, in particular for virtualized hosts.
* [[Features/SR-IOV | SR-IOV]] - Single Root I/O Virtualization (SR-IOV) is a PCI feature which allows virtual functions (VF) to be created that share the resources of a physical function (PF).
* [[Features/VirtgPXE | VirtgPXE]] - Replace the deprecated etherboot pxe booting infrastructure with the more modern and currently upstream supported gpxe.
* [[Features/VirtPrivileges|Virt Privileges]] - Improve security by adjusting the privileges of QEMU processes managed by libvirt. Also, allow KVM to be used by unprivileged users.
* [[Features/VirtStorageManagement|Virt Storage Management]] - Enable VM hosts to discover new SAN storage and issue NPIV operations.  
* [[Features/VirtTCK|Libvirt Technology Compatibility Kit]] - Provide a functional test suite for virtualization and report on hypervisor compatability. "Note, FESCo didn't approve TCK as a feature, but that should't stop us pimping it :-)"


=== Xen Kernel Support ===
=== Xen Kernel Support ===

Revision as of 16:06, 30 August 2009


Note.png
Under Construction
Work to update this page for F12 has only just begun. You can see a copy of the F11 page here.

Virtualization

Virtualization in Fedora 12 includes major changes, and new features, that continue to support KVM, Xen, and many other virtual machine platforms.

The final list of virt features for Fedora 12[1] looks like:

  • KSM - Allow KVM guest virtual machines to share identical memory pages. This is especially useful when running multiple guests from the same or similar base operating system image. Because memory is shared, the combined memory usage of the guests is reduced.
  • KVM Huge Page Backed Memory - Enable KVM guests to use huge page backed memory in order to reduce memory consumption and improve performance by reducing CPU cache pressure.
  • KVM NIC Hotplug - Allow the addition of a guest network interface (NIC) a guest virtual machine without needing to restart the guest.
  • KVM qcow2 Performance - Improve the I/O performance of virtual machines using disk images in the qcow2 image format.
  • KVM Stable Guest ABI - Allow guest virtual machines to be presented with the same application binary interface across QEMU upgrades.
  • libguestfs - A library for accessing and modifying virtual machine disk images. guestfish is an interactive shell tool for editing virtual machine disk images. Technically, this actually launched in F11, but not as a "Feature"[2].
  • Network Interface Management - Provide tools to easily set up commonly used network configurations, like bridges, bonds, vlan's and sensible combinations thereof, in particular for virtualized hosts.
  • SR-IOV - Single Root I/O Virtualization (SR-IOV) is a PCI feature which allows virtual functions (VF) to be created that share the resources of a physical function (PF).
  • VirtgPXE - Replace the deprecated etherboot pxe booting infrastructure with the more modern and currently upstream supported gpxe.
  • Virt Privileges - Improve security by adjusting the privileges of QEMU processes managed by libvirt. Also, allow KVM to be used by unprivileged users.
  • Virt Storage Management - Enable VM hosts to discover new SAN storage and issue NPIV operations.
  • Libvirt Technology Compatibility Kit - Provide a functional test suite for virtualization and report on hypervisor compatability. "Note, FESCo didn't approve TCK as a feature, but that should't stop us pimping it :-)"

Xen Kernel Support

The kernel package in Fedora 11 supports booting as a guest domU, but will not function as a dom0 until such support is provided upstream. Work is ongoing and hopes are high that support will be included in kernel 2.6.30 and Fedora 12.

The most recent Fedora release with dom0 support is Fedora 8.

Booting a Xen domU guest within a Fedora 11 host requires the KVM based xenner. Xenner runs the guest kernel and a small Xen emulator together as a KVM guest.

Important.png
KVM requires hardware virtualization features in the host system.
Systems lacking hardware virtualization do not support Xen guests at this time.


For more information refer to: