Xen Hypervisor Dom0 and DomU Support
Xen is a GPLv2-license hypervisor for the Intel architecture
FreeBSD 8.0 onward includes i386 and amd64 DomU and Amazon EC2 unprivileged domain (virtual machine) support.
FreeBSD 11.0 onward includes Xen Dom0 privileged domain (host) support.
FreeBSD Dom0 Control Domain Support
NB! FreeBSD Xen cannot be loaded with UEFI at this time
Dom0 Control Domain Installation
The 'xen-kernel' and 'xen-tools' packages provide the Xen Dom0 kernel and support utilities. The following example will assume VNC output for unprivileged domains which will be accessed from a another system using a tool such as net/tightvnc.
Xen Dom0 Package Installation
pkg install -y xen-kernel xen-tools
Follow the instructions provided at the end of the package which modifies:
/etc/sysctl.conf /etc/ttys /boot/loader.conf
In addition to these instructions, Xen also requires:
/etc/rc.conf cloned_interfaces="bridge0" ifconfig_bridge0="addm <primary network interface i.e. igb0> up"
Reboot the host to boot to the Xen kernel.
You should see the Xen kernel output followed the FreeBSD kernel output. The FreeBSD control domain system will behave in the established manner and note the dom0_mem and dom0_max_vcpus options in /boot/loader.conf, particularly on root-on-ZFS systems with ZFS ARC read caching.
Unprivileged Domain Configuration
Unprivileged Domains consist of a configuration file and logical or physical optical and hard disks. For this example we will assume a ISO optical disk file freebsd.iso and a hard disk file created with truncate -s 20G freebsd.img.
An example FreeBSD DomU configuration file freebsd.cfg with 2048M RAM and two virtual CPUs without networking:
type = "hvm" memory = 2048 vcpus = 2 vif = [ 'bridge=bridge0' ] name = "FreeBSD" disk = [ '/root/freebsd.img,raw,hda,w', '/root/freebsd.iso,raw,hdc:cdrom,r' ] # boot = "c" # Boot to hard disk image boot = "d" # Boot to ISO image vnc = 1 vnclisten = 0.0.0.0 vncdisplay=1 # VNC Port 5900 on_poweroff = 'destroy' on_reboot = 'restart' on_crash = 'restart'
To boot this DomU with -vvvv level of verbose logging:
# xl -vvvv create freebsd.cfg # xl list Name ID Mem VCPUs State Time(s) Domain-0 0 2047 4 r----- 660.6 FreeBSD 1 2048 2 r----- 3.5
To connect to this DomU using net/tightvnc on the host:
# vncviewer 0.0.0.0
The DomU should reboot and shutdown properly but to manually destroy it:
# xl destroy FreeBSD
An example Windows DomU configuration file windows.cfg with 4096M RAM and a two virtual CPUs without networking:
type = "hvm" memory = 4096 vcpus = 2 name = "Windows" disk = [ '/root/windows.img,raw,hda,w', '/root/windows.iso,raw,hdc:cdrom,r' ] # boot = "c" # Boot to hard disk image boot = "d" # Boot to ISO image vnc = 1 vnclisten = 0.0.0.0 vncdisplay=1 # VNC Port 5901 on_poweroff = 'destroy' on_reboot = 'restart' on_crash = 'restart' acpi = 1
The network interface will appear as xn0 and note that the tap and bridge devices must be present or the DomU will not boot.
The additional configuration option serial='pty' should allow for attachment to the DomU serial console with xl create -c <DomU>.cfg. Be sure that your DomU is configured for serial console output. For a FreeBSD DomU add the following to /boot/loader.conf:
boot_serial="YES" comconsole_speed="115200" console="comconsole"
printf "%s" "-h -S115200" /boot.config
Once connected, CTRL-] will disconnect from the DomU console.
Live migration, save and restore
The version of Xen available in the ports tree supports live migration, save and restore of live guests. Keep in mind that in order to use live migration your virtual disk must be shared between the different Xen Dom0s (NFS, iSCSI...), and it must reside in the same path on the Dom0 filesystem. The usage is the following:
# xl migrate <vm name> <destination host>
The default transport used by xl is ssh, check the man page (xl(1)) for other options.
With save and restore you can take a snapshot of the current guest state and save it to disk as a regular file, including memory and device state. This allows you to restore a guest to a specific state without having to boot it again:
# xl save <vm name> <file>
Then in order to restore the guest:
# xl restore <file>
You can also take a snapshot of the disk in order to be able to do a complete checkpoint of a guest state.
- Suspend and Resume may not work
- The console mouse may not work on the host
- The FreeBSD kernel debugger may not work
- MSI-X PV interrupts are not supported (FreeBSD)
- PCI devices with virtual functions work inconsistently (FreeBSD)
- PCI Passthrough is not supported (Xen/FreeBSD)
- ARM64 is not supported
Loading vmm.ko will panic the Dom0, as may VirtualBox
Error creating domain 0 on boot indicates that VT-x extensions are unavailable or disabled in BIOS.
If your DomU "FreeBSD" does not boot, check the log in /var/log/xen/qemu-dm-FreeBSD.log
ZFS zvol-backed DomU virtual machines are supported with:
disk = ['/dev/zvol/zroot/freebsd,raw,hda,rw'] disk = ['phy:/dev/zvol/zroot/linux,xvda,w']
Some DomU virtual machines such as OpenBSD may support only one virtual CPU.
If your VNC display freezes or does not scale during the various DomU boot stages, try reconnecting.
DomU configuration files are not re-read on reboot.
The freebsd-virtualization mailing list and official Xen project resources may be helpful but at this stage you may be the first person to try your given configuration.
The established Xen documentation is generally applicable to FreeBSD.
More Dom0 development information can be found at: https://wiki.xen.org/wiki/FreeBSD_Dom0
More Amazon EC2 unprivileged domain information can be found at: http://www.daemonology.net/freebsd-on-ec2/
Tested DomU Operating Systems
- FreeBSD 11
- OpenBSD 5.6
- NetBSD 6.1.5
- Windows XP
- Windows 8.1 Pro
- Windows 10 Beta
- Windows Server 2008R2
- GNU/Linux (Ubuntu/Debian/Fedora...)
Any guest operating system supported by Xen on other platforms should be supported on FreeBSD.
This page replaces some, if not all of the other Xen pages on this wiki