OpenSolaris 2008.11 as a para-virtual Xen guest

UPDATE: the canonical location for this information is now here - please check there, as it will be updated as necessary, unlike this blog entry.

As well obviously working with VirtualBox, OpenSolaris can also run as a guest domain under Xen. The installation CD ships with the paravirtual extensions so you can run it as a fully para-virtualized guest. This provides a significant advantage over fully-virtualized guests, or even guests with para-virtual drivers like Solaris 10 Update 6. Of course, if you choose to, you can still run OpenSolaris fully-virtualized (a.k.a. HVM mode), but there's little advantage to doing so.

One slight wrinkle is that Solaris guests don't yet implement the virtual framebuffer that the Xen infrastructure supports. Since OpenSolaris doesn't yet have a text-mode install, this means that to install such a PV guest, we need a way to bring up a graphical console.

With 2008.11, this is considerably easier. Presuming we're running a Solaris dom0 (either Nevada or OpenSolaris, of course), let's start an install of 2008.11:

# zfs create rpool/zvol
# zfs create -V 10G rpool/zvol/domu-220-root
# virt-install --nographics --paravirt --ram 1024 --name domu-220 -f /dev/zvol/dsk/rpool/zvol/domu-220-root -l /isos/osol-2008.11.iso

This will drop you into the console for the guest to ask you the two initial questions. Since they're not really important in this circumstance, you can just choose the defaults. This example presumes that you have a DHCP server set up to give out dynamic addresses. If you only hand out addresses statically based on MAC address, you can also specify the --mac option. As OpenSolaris more-or-less assumes DHCP, it's recommended to set one up.

Now we need a graphical console in order to interact with the OpenSolaris installer. If the guest domain successfully finished booting the live CD, a VNC server should be running. It has recorded the details of this server in XenStore. This is essentially a name/value config database used for communicating between guest domains and the control domain (dom0). We can start a VNC session as follows:

# domid=`virsh domid domu-220`
# ip=`/usr/lib/xen/bin/xenstore-read /local/domain/$domid/ipaddr/0`
# port=`/usr/lib/xen/bin/xenstore-read /local/domain/$domid/guest/vnc/port`
# /usr/lib/xen/bin/xenstore-read /local/domain/$domid/guest/vnc/passwd
# vncviewer $ip:$port

At the VNC password prompt, enter the given password, and this should bring up a VNC session, and you can merrily install away.


The live CD runs a transient SMF service system/xvm/vnc-config. If it finds itself running on a live CD, it will generate a random VNC password, configure application/x11/x11-server to start Xvnc, and write the values above to XenStore. When application/graphical-login/gdm starts, it will read these service properties and start up the VNC server. The service system/xvm/ipagent tracks the IPv4 address given to the first running interface and writes it to XenStore.

By default, the VNC server is configured not to run post-installation due to security concerns. This can be changed though, as follows:

# svccfg -s x11-server
setprop options/xvm_vnc = "true"

Please remember that VNC is not secure. Since you need elevated privileges to read the VNC password from XenStore, that's sufficiently protected, as long as you always run the VNC viewer locally on the dom0, or via SSH tunnelling or some other secure method.

Note that this works even with a Linux dom0, although you can't yet use virt-install, as the upstream version doesn't yet "know about" OpenSolaris (more on this later).



Hi, I am trying to play witrh xvm/xen on opensolaris 2008.11.

I rebooted after all installation, see the i86xpv entry below:

uname -a
SunOS pigalle 5.11 snv_101b i86pc i386 i86xpv Solaris

svcs |grep xvm
disabled Dec_08 svc:/system/xvm/ipagent:default
online Dec_08 svc:/system/xvm/store:default
online Dec_08 svc:/system/xvm/domains:default
online Dec_08 svc:/system/xvm/xend:default
online Dec_08 svc:/system/xvm/console:default
online Dec_08 svc:/system/xvm/vnc-config:default

Did a
/usr/sbin/zfs create -V 10g rpool/guest-kubuntu-HVM

but a
/usr/bin/virt-install -n guest-kubuntu-HVM --ram 1024 --nographics -f /dev/zvol/dsk/rpool/guest-kubuntu-HVM -l /export/home/ludo/Desktop/kubuntu-8.10-desktop-amd64.iso

gives me this cryptic error that google search does not help at all:
Wed, 10 Dec 2008 15:01:40 ERROR virConnectOpen() failed
Traceback (most recent call last):
File "/usr/bin/virt-install", line 511, in ?
File "/usr/bin/virt-install", line 357, in main
conn = cli.getConnection(options.connect)
File "/export/builds/xvm_101///proto/install/usr/lib/python2.4/site-packages/virtinst/", line 92, in getConnection
File "", line 135, in open
if ret is None:raise libvirtError('virConnectOpen() failed')
libvirtError: virConnectOpen() failed

What am I missing?


Posted by ludo on December 10, 2008 at 03:02 PM GMT #

It's not clear, but it sounds like you're not running as root.

Posted by John Levon on December 10, 2008 at 06:55 PM GMT #

I am running as root...(all commands I showned are from a root terminal)
Same effect with pfexec.

Posted by ludo on December 11, 2008 at 03:52 PM GMT #

I'm having the exact same problem as ludo.

I'm also using 2008.11, booted into the xen kernel, and running the xvm services.

Any idea what's causing it? Thanks.

Posted by Paul on March 26, 2009 at 01:01 PM GMT #

Is libvirtd (SMF: virtd) running?

Posted by John Levon on March 26, 2009 at 01:09 PM GMT #

Thanks John, enabling virtd appears to fix the problem.

I'm really surprised that this isn't listed in the Sun technical brief entitled "INSTALL SUN xVM HYPERVISOR & USE IT to CONFIGURE DOMAINS"

Posted by Paul on March 26, 2009 at 01:57 PM GMT #

Paul, I believe that brief pre-dates the introduction of libvirtd. Even so, it's only necessary to enable these services by hand on OpenSolaris, as I mention here:

Future releases will not need you to do this by hand.

Posted by John Levon on March 26, 2009 at 03:10 PM GMT #

Post a Comment:
  • HTML Syntax: NOT allowed



« July 2016