We use Xen and Xen Linux for a number of our own services within the University of Cambridge Computer Laboratory. The services include:
Network boot servers, including XenoBoot for both internal and external machines
- Internal web servers, including wiki and source browser
- Serial console proxies
Storage
The machines are Sunfire V20z AMD64 boxes. The root filesystems for the domain 0s on each machine is stored on an iSCSI LUN on the Laboratory's Network Appliance F840 filer. We use the opensource Cisco initiator and the iscsi_init module within an initrd. The unprivileged domains' root filesystems are stored on a further iSCSI volume which is carved up with LVM within the domain 0s. The logical volumes are exported to guests as VBDs.
Some guest domains also have direct access to the Laboratory's main NFS hierarchy.
Software
We are currently using xen-2.0-testing. Domain 0 uses Debian sarge with a minimal installation. Guest domains are either Debian sarge or Fedora Core 3. One domain is managed by Laboratory system administrators as if it were a standalone machine - this is a requirement to allow that domain access to restricted facilities.
Networking
Each machine is connected to our main internal VLAN using untagged packets. The switch also provides access to a second, DMZ-like, VLAN using 802.1Q tagging. A bridge is created for each VLAN and the xm domain configuration files select the bridge to connect to. Domain 0 has no IP access to the DMZ VLAN therefore there is no possibility of one of these machines bridging the two networks.
xen.org,
