xen 动态迁移错误

码农2号 发布于 2013/08/07 15:12
阅读 1K+
收藏 1
Xen
 xen 动态迁移遇到个问题:

xl migrate xen_node7  192.168.0.120
错误
libxl: error: libxl_utils.c:408:libxl_read_exactly file/stream truncated reading banner from migration receiver stream
libxl: info: libxl_exec.c:72:libxl_report_child_exitstatus migration target process [5252] exited with error status 2


哪位大牛遇到过? 

加载中
0
几点人
几点人

似乎是用户权限问题,建议使用下面命令,看看结果如何?

sudo xl migrate xen_node7  192.168.0.120

0
码农2号

引用来自“几点人”的答案

似乎是用户权限问题,建议使用下面命令,看看结果如何?

sudo xl migrate xen_node7  192.168.0.120

我用的就是root权限...
0
几点人
几点人
192.168.0.120的root权限你是通过方式进行的?
0
码农2号

引用来自“几点人”的答案

192.168.0.120的root权限你是通过方式进行的?
我不知道是不是和环境有关,我有两组环境,有一组不管是加不加sudo都可以迁移,另一组加不加sudo都报上面的错误。问题在于,报错的环境是真实的生产环境...
0
几点人
几点人
请把出现错误提示两台机器的 /etc/xend-config.sxp文件配置贴出来
0
码农2号

引用来自“几点人”的答案

请把出现错误提示两台机器的 /etc/xend-config.sxp文件配置贴出来
xl命令不依赖于xend的
0
几点人
几点人
这个牵扯到权限问题是否配置
0
码农2号

引用来自“几点人”的答案

这个牵扯到权限问题是否配置
# -*- sh -*-


#
# Xend configuration file.
#


# This example configuration is appropriate for an installation that 
# utilizes a bridged network configuration. Access to xend via http
# is disabled.  


# Commented out entries show the default for that entry, unless otherwise
# specified.


#(logfile /var/log/xen/xend.log)
#(loglevel DEBUG)


# Uncomment the line below.  Set the value to flask, acm, or dummy to 
# select a security module.


#(xsm_module_name dummy)


# The Xen-API server configuration.
#
# This value configures the ports, interfaces, and access controls for the
# Xen-API server.  Each entry in the list starts with either unix, a port
# number, or an address:port pair.  If this is "unix", then a UDP socket is
# opened, and this entry applies to that.  If it is a port, then Xend will
# listen on all interfaces on that TCP port, and if it is an address:port
# pair, then Xend will listen on the specified port, using the interface with
# the specified address.
#
# The subsequent string configures the user-based access control for the
# listener in question.  This can be one of "none" or "pam", indicating either
# that users should be allowed access unconditionally, or that the local
# Pluggable Authentication Modules configuration should be used.  If this
# string is missing or empty, then "pam" is used.
#
# The final string gives the host-based access control for that listener. If
# this is missing or empty, then all connections are accepted.  Otherwise,
# this should be a space-separated sequence of regular expressions; any host
# with a fully-qualified domain name or an IP address that matches one of
# these regular expressions will be accepted.
#
# Example: listen on TCP port 9363 on all interfaces, accepting connections
# only from machines in example.com or localhost, and allow access through
# the unix domain socket unconditionally:
#
#   (xen-api-server ((9363 pam '^localhost$ example\\.com$')
#                    (unix none)))
#
# Optionally, the TCP Xen-API server can use SSL by specifying the private
# key and certificate location:
#
#                    (9367 pam '' xen-api.key xen-api.crt)
#
# Default:
#   (xen-api-server ((unix)))




(xend-http-server no)
(xend-unix-server yes)
#(xend-tcp-xmlrpc-server no)
#(xend-unix-xmlrpc-server yes)
# Only enable xend-relocation-server on trusted networks as it lacks
# encryption and authentication.
(xend-relocation-server yes)
#(xend-relocation-ssl-server no)
#(xend-udev-event-server no)


#(xend-unix-path /var/lib/xend/xend-socket)




# Address and port xend should use for the legacy TCP XMLRPC interface, 
# if xend-tcp-xmlrpc-server is set.
#(xend-tcp-xmlrpc-server-address 'localhost')
#(xend-tcp-xmlrpc-server-port 8006)


# SSL key and certificate to use for the legacy TCP XMLRPC interface.
# Setting these will mean that this port serves only SSL connections as
# opposed to plaintext ones.
#(xend-tcp-xmlrpc-server-ssl-key-file  xmlrpc.key)
#(xend-tcp-xmlrpc-server-ssl-cert-file xmlrpc.crt)




# Port xend should use for the HTTP interface, if xend-http-server is set.
(xend-port            8000)


# Port xend should use for the relocation interface, if xend-relocation-server
# is set.
(xend-relocation-port 8002)


# Port xend should use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-ssl-port 8003)


# SSL key and certificate to use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-server-ssl-key-file   xmlrpc.key)
#(xend-relocation-server-ssl-cert-file  xmlrpc.crt)


# Whether to use ssl as default when relocating.
#(xend-relocation-ssl no)


# Address xend should listen on for HTTP connections, if xend-http-server is
# set.
# Specifying 'localhost' prevents remote connections.
# Specifying the empty string '' (the default) allows all connections.
#(xend-address '')
#(xend-address localhost)


# Address xend should listen on for relocation-socket connections, if
# xend-relocation-server is set.
# Meaning and default as for xend-address above.
# Also, interface name is allowed (e.g. eth0) there to get the
# relocation address to be bound on.
(xend-relocation-address '')


# The hosts allowed to talk to the relocation port.  If this is empty (the
# default), then all connections are allowed (assuming that the connection
# arrives on a port and interface on which we are listening; see
# xend-relocation-port and xend-relocation-address above).  Otherwise, this
# should be a space-separated sequence of regular expressions.  Any host with
# a fully-qualified domain name or an IP address that matches one of these
# regular expressions will be accepted.
#
# For example:
#  (xend-relocation-hosts-allow '^localhost$ ^.*\\.example\\.org$')
#
(xend-relocation-hosts-allow '')
#changed by yangzh
###(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')


# The limit (in kilobytes) on the size of the console buffer
#(console-limit 1024)


##
# To bridge network traffic, like this:
#
# dom0: ----------------- bridge -> real eth0 -> the network
#                            |
# domU: fake eth0 -> vifN.0 -+
#
# use
#
# (network-script network-bridge)
#
# Your default ethernet device is used as the outgoing interface, by default. 
# To use a different one (e.g. eth1) use
#
# (network-script 'network-bridge netdev=eth1')
#
# The bridge is named eth0, by default (yes, really!)
#


# It is normally much better to create the bridge yourself in
# /etc/network/interfaces.  network-bridge start does nothing if you
# already have a bridge, and network-bridge stop does nothing if the
# default bridge name (normally eth0) is not a bridge.  See
# bridge-utils-interfaces(5) for full information on the syntax in
# /etc/network/interfaces, but you probably want something like this:
#    iface xenbr0 inet static
#        address [etc]
#        netmask [etc]
#        [etc]
#        bridge_ports eth0
#
# To have network-bridge create a differently-named bridge, use:
# (network-script 'network-bridge bridge=<name>')
#
# It is possible to use the network-bridge script in more complicated
# scenarios, such as having two outgoing interfaces, with two bridges, and
# two fake interfaces per guest domain.  To do things like this, write
# yourself a wrapper script, and call network-bridge from it, as appropriate.
#
# SuSE users note:
# On openSUSE >= 11.1 and SLES >= 11, networks should be configured using
# native platform tool - YaST.  vif-bridge and qemu-ifup can be used to
# connect vifs to the YaST-managed networks.
#(network-script network-bridge)
(network-script )


# The script used to control virtual interfaces.  This can be overridden on a
# per-vif basis when creating a domain or a configuring a new vif.  The
# vif-bridge script is designed for use with the network-bridge script, or
# similar configurations.
#
# If you have overridden the bridge name using
# (network-script 'network-bridge bridge=<name>') then you may wish to do the
# same here.  The bridge name can also be set when creating a domain or
# configuring a new vif, but a value specified here would act as a default.
#
# If you are using only one bridge, the vif-bridge script will discover that,
# so there is no need to specify it explicitly.  The default is to use
# the bridge which is listed first in the output from brctl.
#
(vif-script vif-bridge)




## Use the following if network traffic is routed, as an alternative to the
# settings for bridged networking given above.
#(network-script network-route)
#(vif-script     vif-route)


# SuSE users note:
# If using a routed network configuration it is advised to NOT use
# network-route and vif-route scripts but instead use sysconfig scripts
# in dom0 and vif-route-ifup script to "connect" the domU vif to dom0.
# Since this configuration requires a vif sysconfig script in dom0, a static
# vif name must be used.  E.g. in dom0 the vif sysconfig script
# (/etc/sysconfig/network/ifcfg-xen1.0) may contain
#
#    NAME='XEN vm 1 virtual interface 0'
#    BOOTPROTO='static'
#    STARTMODE='hotplug'
#    ...
#
# The corresponding domain vif configuration would contain e.g.
# vif=[ 'mac=00:16:3e:aa:bb:cc,script=vif-route-ifup,vifname=xen1.0', ]
#
# If the vif-route-ifup script will be used for all domains, it can be
# set here as the default vif script, alleviating the need for
# 'script=' in domain vif configuration.
#(vif-script     vif-route-ifup)


## Use the following if network traffic is routed with NAT, as an alternative
# to the settings for bridged networking given above.
#(network-script network-nat)
#(vif-script     vif-nat)


# dom0-min-mem is the lowest permissible memory level (in MB) for dom0.
# This is a minimum both for auto-ballooning (as enabled by
# enable-dom0-ballooning below) and for xm mem-set when applied to dom0.
(dom0-min-mem 512)


# Whether to enable auto-ballooning of dom0 to allow domUs to be created.
# If enable-dom0-ballooning = no, dom0 will never balloon out.
(enable-dom0-ballooning yes)


# 32-bit paravirtual domains can only consume physical
# memory below 168GB. On systems with memory beyond that address,
# they'll be confined to memory below 128GB.
# Using total_available_memory (in GB) to specify the amount of memory reserved
# in the memory pool exclusively for 32-bit paravirtual domains.
# Additionally you should use dom0_mem = <-Value> as a parameter in 
# xen kernel to reserve the memory for 32-bit paravirtual domains, default 
# is "0" (0GB).  
(total_available_memory 0) 


# In SMP system, dom0 will use dom0-cpus # of CPUS
# If dom0-cpus = 0, dom0 will take all cpus available
(dom0-cpus 0)


# Whether to enable core-dumps when domains crash.
# This setting overrides the per-domain dump value 'on_crash' and causes a
# core dump on all crashed domains. For finer grain control, it is best to
# disable this setting (which is default) and use the per-domain controls.
#(enable-dump no)


# The tool used for initiating virtual TPM migration
#(external-migration-tool '')


# The interface for VNC servers to listen on. Defaults
# to 127.0.0.1  To restore old 'listen everywhere' behaviour
# set this to 0.0.0.0
#(vnc-listen '127.0.0.1')


# The default password for VNC console on HVM domain.
# Empty string is no authentication.
(vncpasswd '')


# The VNC server can be told to negotiate a TLS session
# to encryption all traffic, and provide x509 cert to
# clients enabling them to verify server identity. The
# GTK-VNC widget, virt-viewer, virt-manager and VeNCrypt
# all support the VNC extension for TLS used in QEMU. The
# TightVNC/RealVNC/UltraVNC clients do not.
#
# To enable this create x509 certificates / keys in the
# directory ${XEN_CONFIG_DIR} + vnc
#
#  ca-cert.pem       - The CA certificate
#  server-cert.pem   - The Server certificate signed by the CA
#  server-key.pem    - The server private key
#
# and then uncomment this next line
# (vnc-tls 1)


# The certificate dir can be pointed elsewhere..
#
# (vnc-x509-cert-dir vnc)


# The server can be told to request & validate an x509
# certificate from the client. Only clients with a cert
# signed by the trusted CA will be able to connect. This
# is more secure the password auth alone. Passwd auth can
# used at the same time if desired. To enable client cert
# checking uncomment this:
#
# (vnc-x509-verify 1)


# The default keymap to use for the VM's virtual keyboard
# when not specififed in VM's configuration
#(keymap 'en-us')


# Script to run when the label of a resource has changed.
#(resource-label-change-script '')


# Rotation count of qemu-dm log file.
#(qemu-dm-logrotate-count 10)


# Path where persistent domain configuration is stored.
# Default is /var/lib/xend/domains/
#(xend-domains-path /var/lib/xend/domains)


# Number of seconds xend will wait for device creation and
# destruction
#(device-create-timeout 100)
#(device-destroy-timeout 100)


# When assigning device to HVM guest, we use the strict check for HVM guest by
# default. (For PV guest, we use loose check automatically if necessary.)
# When we assign device to HVM guest, if we meet with the co-assignment
# issues or the ACS issue, we could try changing the option to 'no' -- however,
# we have to realize this may incur security issue and we can't make sure the
# device assignment could really work properly even after we do this.
#(pci-passthrough-strict-check yes)


# Domain Locking
# In a multihost environment, domain locking prevents simultaneously
# running a domain on more than one host.
#
# If enabled, xend will execute a external lock utility (defined below)
# on each domain start and stop event.  Disabled by default.  Set to yes
# to enable domain locking.
#
#(xend-domain-lock no)


# Path where domain lock is stored if xend-domain-lock is enabled.
# Note:  This path must be accessible to all VM Servers participating
#        in domain locking, e.g. by specifying a shared mount point.
#        Lock is placed in /<xend-domain-lock-path>/<domain-uuid>.
# Default is /var/lib/xen/images/vm_locks/
#
#(xend-domain-lock-path /var/lib/images/vm_locks)


# External locking utility called by xend for acquiring/releasing
# domain lock.  By default /etc/xen/scripts/domain-lock will be used
# if xend-domain-lock is set to yes.  Set to path of custom locking
# utility to override the default.
#
# Synopsis of lock-util:
# lock-util [-l|-u] -n <vm name> -i <vm uuid> -p <physical host> path"
# -l          Acquire (create) lock
# -u          Remove lock
# -n vm-name  Name of domain
# -i vm-id    Id or UUID of domain
# -p phy-host Name of physical host (dom0)
# path        /<xend-domain-lock-path>/<vm-uuid>
# Return 0 on success, non-zero on error.
#
# lock-util [-s] -i <vm uuid> path"
# -s          Lock status.  If lock is acquired, print any contents
#             on stdout and return 0.  Return non-zero if lock is
#             available.
# path        /<xend-domain-lock-path>/<vm-uuid>
# If lock is acquired, print any contents on stdout and return 0.
# Return non-zero if lock is available.
#
# Default lock-util behavior:
# On domain start event, domain-lock will create and flock(1)
# /<xend-domain-lock-path>/<vm-uuid>/lock.  Every two seconds it
# will write <vm-name>, <vm-id>, <vm-host>, and <tick> to the lock.
# <tick> is running counter.
# On domain stop event, domain-lock will unlock and remove
# /<xend-domain-lock-path>/<vm-uuid>/lock.
#
# Note: If xend-domain-lock-path is a cluster-unaware file system,
#       administrator intervention may be required to remove stale
#       locks.  Consider two hosts using NFS for xend-domain-lock-path
#       when HostA, running vm1, crashes.  HostB could not acquire a
#       lock for vm1 since the NFS server holds an exclusive lock
#       acquired by HostA.  The lock file must be manually removed
#       before starting vm1 on HostA.
#
#(xend-domain-lock-utility domain-lock)


# Some locking mechanism provide cluster wide locking service like sfex.
# And that requires a shared locking device.
#(xend-domain-lock-utility domain-lock-sfex)
#(xend-domain-lock-device "/dev/iwmvg/hbdevice")


# If we have a very big scsi device configuration, start of xend is slow,
# because xend scans all the device paths to build its internal PSCSI device
# list.  If we need only a few devices for assigning to a guest, we can reduce
# the scan to this device. Set list list of device paths in same syntax like in
# command lsscsi, e.g. ('16:0:0:0' '15:0') 
# (pscsi-device-mask ('*'))


0
几点人
几点人

上面是192.168.0.120的/etc/xend-config.sxp吗?


0
码农2号

引用来自“几点人”的答案

上面是192.168.0.120的/etc/xend-config.sxp吗?


这个是116的,不是120的

这个是120的配置:

# -*- sh -*-


#
# Xend configuration file.
#


# This example configuration is appropriate for an installation that 
# utilizes a bridged network configuration. Access to xend via http
# is disabled.  


# Commented out entries show the default for that entry, unless otherwise
# specified.


#(logfile /var/log/xen/xend.log)
#(loglevel DEBUG)


# Uncomment the line below.  Set the value to flask, acm, or dummy to 
# select a security module.


#(xsm_module_name dummy)


# The Xen-API server configuration.
#
# This value configures the ports, interfaces, and access controls for the
# Xen-API server.  Each entry in the list starts with either unix, a port
# number, or an address:port pair.  If this is "unix", then a UDP socket is
# opened, and this entry applies to that.  If it is a port, then Xend will
# listen on all interfaces on that TCP port, and if it is an address:port
# pair, then Xend will listen on the specified port, using the interface with
# the specified address.
#
# The subsequent string configures the user-based access control for the
# listener in question.  This can be one of "none" or "pam", indicating either
# that users should be allowed access unconditionally, or that the local
# Pluggable Authentication Modules configuration should be used.  If this
# string is missing or empty, then "pam" is used.
#
# The final string gives the host-based access control for that listener. If
# this is missing or empty, then all connections are accepted.  Otherwise,
# this should be a space-separated sequence of regular expressions; any host
# with a fully-qualified domain name or an IP address that matches one of
# these regular expressions will be accepted.
#
# Example: listen on TCP port 9363 on all interfaces, accepting connections
# only from machines in example.com or localhost, and allow access through
# the unix domain socket unconditionally:
#
#   (xen-api-server ((9363 pam '^localhost$ example\\.com$')
#                    (unix none)))
#
# Optionally, the TCP Xen-API server can use SSL by specifying the private
# key and certificate location:
#
#                    (9367 pam '' xen-api.key xen-api.crt)
#
# Default:
#   (xen-api-server ((unix)))




#(xend-http-server no)
(xend-unix-server yes)
#(xend-tcp-xmlrpc-server no)
#(xend-unix-xmlrpc-server yes)
# Only enable xend-relocation-server on trusted networks as it lacks
# encryption and authentication.
(xend-relocation-server yes)
#(xend-relocation-ssl-server no)
#(xend-udev-event-server no)


#(xend-unix-path /var/lib/xend/xend-socket)




# Address and port xend should use for the legacy TCP XMLRPC interface, 
# if xend-tcp-xmlrpc-server is set.
#(xend-tcp-xmlrpc-server-address 'localhost')
#(xend-tcp-xmlrpc-server-port 8006)


# SSL key and certificate to use for the legacy TCP XMLRPC interface.
# Setting these will mean that this port serves only SSL connections as
# opposed to plaintext ones.
#(xend-tcp-xmlrpc-server-ssl-key-file  xmlrpc.key)
#(xend-tcp-xmlrpc-server-ssl-cert-file xmlrpc.crt)




# Port xend should use for the HTTP interface, if xend-http-server is set.
#(xend-port            8000)


# Port xend should use for the relocation interface, if xend-relocation-server
# is set.
(xend-relocation-port 8002)


# Port xend should use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-ssl-port 8003)


# SSL key and certificate to use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-server-ssl-key-file   xmlrpc.key)
#(xend-relocation-server-ssl-cert-file  xmlrpc.crt)


# Whether to use ssl as default when relocating.
#(xend-relocation-ssl no)


# Address xend should listen on for HTTP connections, if xend-http-server is
# set.
# Specifying 'localhost' prevents remote connections.
# Specifying the empty string '' (the default) allows all connections.
#(xend-address '')
#(xend-address localhost)


# Address xend should listen on for relocation-socket connections, if
# xend-relocation-server is set.
# Meaning and default as for xend-address above.
# Also, interface name is allowed (e.g. eth0) there to get the
# relocation address to be bound on.
(xend-relocation-address '')


# The hosts allowed to talk to the relocation port.  If this is empty (the
# default), then all connections are allowed (assuming that the connection
# arrives on a port and interface on which we are listening; see
# xend-relocation-port and xend-relocation-address above).  Otherwise, this
# should be a space-separated sequence of regular expressions.  Any host with
# a fully-qualified domain name or an IP address that matches one of these
# regular expressions will be accepted.
#
# For example:
#  (xend-relocation-hosts-allow '^localhost$ ^.*\\.example\\.org$')
#
(xend-relocation-hosts-allow '')
###(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')


# The limit (in kilobytes) on the size of the console buffer
#(console-limit 1024)


##
# To bridge network traffic, like this:
#
# dom0: ----------------- bridge -> real eth0 -> the network
#                            |
# domU: fake eth0 -> vifN.0 -+
#
# use
#
# (network-script network-bridge)
#
# Your default ethernet device is used as the outgoing interface, by default. 
# To use a different one (e.g. eth1) use
#
# (network-script 'network-bridge netdev=eth1')
#
# The bridge is named eth0, by default (yes, really!)
#


# It is normally much better to create the bridge yourself in
# /etc/network/interfaces.  network-bridge start does nothing if you
# already have a bridge, and network-bridge stop does nothing if the
# default bridge name (normally eth0) is not a bridge.  See
# bridge-utils-interfaces(5) for full information on the syntax in
# /etc/network/interfaces, but you probably want something like this:
#    iface xenbr0 inet static
#        address [etc]
#        netmask [etc]
#        [etc]
#        bridge_ports eth0
#
# To have network-bridge create a differently-named bridge, use:
# (network-script 'network-bridge bridge=<name>')
#
# It is possible to use the network-bridge script in more complicated
# scenarios, such as having two outgoing interfaces, with two bridges, and
# two fake interfaces per guest domain.  To do things like this, write
# yourself a wrapper script, and call network-bridge from it, as appropriate.
#
# SuSE users note:
# On openSUSE >= 11.1 and SLES >= 11, networks should be configured using
# native platform tool - YaST.  vif-bridge and qemu-ifup can be used to
# connect vifs to the YaST-managed networks.
#(network-script network-bridge)
(network-script )


# The script used to control virtual interfaces.  This can be overridden on a
# per-vif basis when creating a domain or a configuring a new vif.  The
# vif-bridge script is designed for use with the network-bridge script, or
# similar configurations.
#
# If you have overridden the bridge name using
# (network-script 'network-bridge bridge=<name>') then you may wish to do the
# same here.  The bridge name can also be set when creating a domain or
# configuring a new vif, but a value specified here would act as a default.
#
# If you are using only one bridge, the vif-bridge script will discover that,
# so there is no need to specify it explicitly.  The default is to use
# the bridge which is listed first in the output from brctl.
#
(vif-script vif-bridge)




## Use the following if network traffic is routed, as an alternative to the
# settings for bridged networking given above.
#(network-script network-route)
#(vif-script     vif-route)


# SuSE users note:
# If using a routed network configuration it is advised to NOT use
# network-route and vif-route scripts but instead use sysconfig scripts
# in dom0 and vif-route-ifup script to "connect" the domU vif to dom0.
# Since this configuration requires a vif sysconfig script in dom0, a static
# vif name must be used.  E.g. in dom0 the vif sysconfig script
# (/etc/sysconfig/network/ifcfg-xen1.0) may contain
#
#    NAME='XEN vm 1 virtual interface 0'
#    BOOTPROTO='static'
#    STARTMODE='hotplug'
#    ...
#
# The corresponding domain vif configuration would contain e.g.
# vif=[ 'mac=00:16:3e:aa:bb:cc,script=vif-route-ifup,vifname=xen1.0', ]
#
# If the vif-route-ifup script will be used for all domains, it can be
# set here as the default vif script, alleviating the need for
# 'script=' in domain vif configuration.
#(vif-script     vif-route-ifup)


## Use the following if network traffic is routed with NAT, as an alternative
# to the settings for bridged networking given above.
#(network-script network-nat)
#(vif-script     vif-nat)


# dom0-min-mem is the lowest permissible memory level (in MB) for dom0.
# This is a minimum both for auto-ballooning (as enabled by
# enable-dom0-ballooning below) and for xm mem-set when applied to dom0.
(dom0-min-mem 512)


# Whether to enable auto-ballooning of dom0 to allow domUs to be created.
# If enable-dom0-ballooning = no, dom0 will never balloon out.
(enable-dom0-ballooning yes)


# 32-bit paravirtual domains can only consume physical
# memory below 168GB. On systems with memory beyond that address,
# they'll be confined to memory below 128GB.
# Using total_available_memory (in GB) to specify the amount of memory reserved
# in the memory pool exclusively for 32-bit paravirtual domains.
# Additionally you should use dom0_mem = <-Value> as a parameter in 
# xen kernel to reserve the memory for 32-bit paravirtual domains, default 
# is "0" (0GB).  
(total_available_memory 0) 


# In SMP system, dom0 will use dom0-cpus # of CPUS
# If dom0-cpus = 0, dom0 will take all cpus available
(dom0-cpus 0)


# Whether to enable core-dumps when domains crash.
# This setting overrides the per-domain dump value 'on_crash' and causes a
# core dump on all crashed domains. For finer grain control, it is best to
# disable this setting (which is default) and use the per-domain controls.
#(enable-dump no)


# The tool used for initiating virtual TPM migration
#(external-migration-tool '')


# The interface for VNC servers to listen on. Defaults
# to 127.0.0.1  To restore old 'listen everywhere' behaviour
# set this to 0.0.0.0
#(vnc-listen '127.0.0.1')


# The default password for VNC console on HVM domain.
# Empty string is no authentication.
(vncpasswd '')


# The VNC server can be told to negotiate a TLS session
# to encryption all traffic, and provide x509 cert to
# clients enabling them to verify server identity. The
# GTK-VNC widget, virt-viewer, virt-manager and VeNCrypt
# all support the VNC extension for TLS used in QEMU. The
# TightVNC/RealVNC/UltraVNC clients do not.
#
# To enable this create x509 certificates / keys in the
# directory ${XEN_CONFIG_DIR} + vnc
#
#  ca-cert.pem       - The CA certificate
#  server-cert.pem   - The Server certificate signed by the CA
#  server-key.pem    - The server private key
#
# and then uncomment this next line
# (vnc-tls 1)


# The certificate dir can be pointed elsewhere..
#
# (vnc-x509-cert-dir vnc)


# The server can be told to request & validate an x509
# certificate from the client. Only clients with a cert
# signed by the trusted CA will be able to connect. This
# is more secure the password auth alone. Passwd auth can
# used at the same time if desired. To enable client cert
# checking uncomment this:
#
# (vnc-x509-verify 1)


# The default keymap to use for the VM's virtual keyboard
# when not specififed in VM's configuration
#(keymap 'en-us')


# Script to run when the label of a resource has changed.
#(resource-label-change-script '')


# Rotation count of qemu-dm log file.
#(qemu-dm-logrotate-count 10)


# Path where persistent domain configuration is stored.
# Default is /var/lib/xend/domains/
#(xend-domains-path /var/lib/xend/domains)


# Number of seconds xend will wait for device creation and
# destruction
#(device-create-timeout 100)
#(device-destroy-timeout 100)


# When assigning device to HVM guest, we use the strict check for HVM guest by
# default. (For PV guest, we use loose check automatically if necessary.)
# When we assign device to HVM guest, if we meet with the co-assignment
# issues or the ACS issue, we could try changing the option to 'no' -- however,
# we have to realize this may incur security issue and we can't make sure the
# device assignment could really work properly even after we do this.
#(pci-passthrough-strict-check yes)


# Domain Locking
# In a multihost environment, domain locking prevents simultaneously
# running a domain on more than one host.
#
# If enabled, xend will execute a external lock utility (defined below)
# on each domain start and stop event.  Disabled by default.  Set to yes
# to enable domain locking.
#
#(xend-domain-lock no)


# Path where domain lock is stored if xend-domain-lock is enabled.
# Note:  This path must be accessible to all VM Servers participating
#        in domain locking, e.g. by specifying a shared mount point.
#        Lock is placed in /<xend-domain-lock-path>/<domain-uuid>.
# Default is /var/lib/xen/images/vm_locks/
#
#(xend-domain-lock-path /var/lib/images/vm_locks)


# External locking utility called by xend for acquiring/releasing
# domain lock.  By default /etc/xen/scripts/domain-lock will be used
# if xend-domain-lock is set to yes.  Set to path of custom locking
# utility to override the default.
#
# Synopsis of lock-util:
# lock-util [-l|-u] -n <vm name> -i <vm uuid> -p <physical host> path"
# -l          Acquire (create) lock
# -u          Remove lock
# -n vm-name  Name of domain
# -i vm-id    Id or UUID of domain
# -p phy-host Name of physical host (dom0)
# path        /<xend-domain-lock-path>/<vm-uuid>
# Return 0 on success, non-zero on error.
#
# lock-util [-s] -i <vm uuid> path"
# -s          Lock status.  If lock is acquired, print any contents
#             on stdout and return 0.  Return non-zero if lock is
#             available.
# path        /<xend-domain-lock-path>/<vm-uuid>
# If lock is acquired, print any contents on stdout and return 0.
# Return non-zero if lock is available.
#
# Default lock-util behavior:
# On domain start event, domain-lock will create and flock(1)
# /<xend-domain-lock-path>/<vm-uuid>/lock.  Every two seconds it
# will write <vm-name>, <vm-id>, <vm-host>, and <tick> to the lock.
# <tick> is running counter.
# On domain stop event, domain-lock will unlock and remove
# /<xend-domain-lock-path>/<vm-uuid>/lock.
#
# Note: If xend-domain-lock-path is a cluster-unaware file system,
#       administrator intervention may be required to remove stale
#       locks.  Consider two hosts using NFS for xend-domain-lock-path
#       when HostA, running vm1, crashes.  HostB could not acquire a
#       lock for vm1 since the NFS server holds an exclusive lock
#       acquired by HostA.  The lock file must be manually removed
#       before starting vm1 on HostA.
#
#(xend-domain-lock-utility domain-lock)


# Some locking mechanism provide cluster wide locking service like sfex.
# And that requires a shared locking device.
#(xend-domain-lock-utility domain-lock-sfex)
#(xend-domain-lock-device "/dev/iwmvg/hbdevice")


# If we have a very big scsi device configuration, start of xend is slow,
# because xend scans all the device paths to build its internal PSCSI device
# list.  If we need only a few devices for assigning to a guest, we can reduce
# the scan to this device. Set list list of device paths in same syntax like in
# command lsscsi, e.g. ('16:0:0:0' '15:0') 
# (pscsi-device-mask ('*'))



几点人
几点人
请把xl更改为xm试试,我推测是你的生产环境xen版本较老
返回顶部
顶部