Manualshelf

XenServer Software Development Kit Guide 4.1.0

ManualsBrandsHP ManualsServerHP ProLiant BL680c G5 Server
28293031323334353637
XenServer API extensions
27
The network retrieval enables users to install the upstream Red Hat vendor kernel directly from their network
repository. An updated XenServer kernel is also provided on the xs-tools.iso built-in ISO image which
fixes various Xen-related bugs.
5.2.3. SUSE Enterprise Linux 10 SP1
This requires a two-round boot process. The first round downloads the kernel and ramdisk from the net-
work repository and boots them. The second round then inspects the disks to find the installed kernel and
ramdisk, and sets the PV-bootloader-args to reflect these paths within the guest filesystem. This pro-
cess emulates the domUloader which SUSE use as an alternative to pygrub. Finally, the bootloader is set
to pygrub and is executed to begin a normal boot.
The SLES 10 installation method means that the path for the kernel and ramdisk is stored in the VM record
rather than in the guest menu.lst, but this is the only way it would ever work since the YAST package
manager doesn't write a valid menu.lst.
5.2.4. CentOS 4.5/5.0
The CentOS installation mechanism is similar to that of the Red Hat installation notes above, save that
some MD5 checksums are different which eliloader recognizes.
5.3. Adding Xenstore entries to VMs
Developers may wish to install guest agents into VMs which take special action based on the type of the
VM. In order to communicate this information into the guest, a special Xenstore name-space known as vm-
data is available which is populated at VM creation time. It is populated via the xenstore_data map in
the VM record.
Procedure 5.3. To populate a Xenstore node foo in a VM
1. Set the xenstore_data parameter in the VM record:
xe vm-param-set uuid=vm-uuid xenstore_data:vm-data/foo=bar
2. Start the VM.
3. If it is a Linux-based VM, install the guest tools and use the xenstore-read to verify that the node exists
in Xenstore.
Note that only prefixes beginning with vm-data are permitted, and anything not in this name-space will be
silently ignored when starting the VM.
5.4. Security enhancements
The control domain in XenServer 4.1.0 and above has various security enhancements in order to harden it
against attack from malicious guests. Developers should never notice any loss of correct functionality as a
result of these changes, but they are documented here as variations of behaviour from other distributions.
The control domain privileged user-space interfaces can now be restricted to only work for certain do-
mains. There are three interface affected by this change:
The xenstored socket interface, access via libxenstore. Interfaces are restricted via
xs_restrict().