Enabling Nested Virtualization on Citrix XenServer

Create a VM

Go through the normal process of creating or cloning a VM. Make sure the virtual machine is in a powered off state

 

Edit Settings to Allow Nested Virtualization

Locate the UUID of the system, if you know the name of the box this is fairly straightforward:

xe vm-list name-label=<server name>

Once you have located the system you will be able to use the system’s UUID

xe vm-param-set UUID=<UUID> platform:exp-nested-hvm=true

 

Check CPU Info on Guest

Now that you have created a guest VM and enabled nested virtualization you will want to check that the CPU has the vmx (Intel) or svm (AMD) flag

cat /proc/cpuinfo

Attaching CentOS to iSCSI Target

In my last post we went over the steps to setup an iSCSI target server host iSCSI LUNs on a CentOS box. This tutorial includes steps for setting up an iSCSI initiator on CentOS box and connect to your iSCSI targets. We’ll start by isntalling the packages, discovering and connecting to the target, finish up by persistently mounting the LUN in /etc/fstab.

Install Packages

To setup and configure iSCSI initiator connections to targets we’ll want to install the following:

yum install iscsi-initiator-utils -y
It’s normal for the iscsid service to show as stopped when it’s not in use

Discovering & Connecting to Targets

To discover targets and the target IQN use the following command (note 192.168.1.24 is used as an example, use the correct IP for your iSCSI target):

iscsiadm --mode discovery --type sendtargets --portal 192.168.1.24 --discover

This should discover the iSCSI target and it’s available LUNs. To get more info run the following command:

iscsiadm --mode node --op show | more

To connect to the iSCSI LUN run the following substituting your target IQN path and IP address:

iscsiadm --mode node --targetname iqn.2015.com.tgsrv1:tgt1 --portal 192.168.1.24 --login

To verify connection to the ISCSI LUN use the following command:

iscsiadm --mode session --op show

Once you are connected the LUN will show up as another block device on your system and will appear just like a local hard drive and will need to be formatted and have a filesystem written to it. After writing a filesystem we can mount the new iSCSI storage. In my case I used ext4 as my filesystem, if you used a different filesystem you’ll need to specify it instead of ext4.

mkdir -p /mnt/san
mount -t ext4 /dev/sdb /mnt/san

Setting Up Persistent Mounts

The ability to add iSCSI targets to the initiator system is great, but in situations where the iSCSI needs to reattach after reboot the following instructions will apply. To start with we will need to obtain the UUID of the iSCSI device:

blkid

Obtain the UUID of the device you’re working with (you may want to copy this to your clipboard for the time being).

vim /etc/fstab

Add the following line (using your UUID and correct filesystem (ext4 in my case) mount point).

UUID=d9275aa1-ab41-44d1-9f22-81ef1bf325e3 /mnt/san ext4 _netdev		0 0

 

CentOS ISCSI Target Server Setup

Requirements & Best Practices

ISCSI should have a dedicated disk or a dedicated LV to use, ensure you have sufficient space to create a new LV, otherwise storage should be added. If you are using SELInux please make appropriate changes or do the following to disable SELinux:

setenforce 0
sed -i 's/=enforcing/=disabled/g' /etc/sysconfig/selinux

 

If you are using iptables firewall be sure to add a rule to iptables to allow communication on port 3260 for iSCSI.

vim /etc/sysconfig/iptables

Above the explicit deny line in the iptables config enter the following line item:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3260 -j ACCEPT

Restart IP tables:

service iptables restart

 

Install and Enable Target Server

install the required packages

yum install scsi-target-utils -y

Enable for auto-start

chkconfig tgtd on

Start the Daemon

/etc/init.d/tgtd start

 

Configure Targets

Edit the contents of of the targets configuration file

vim /etc/tgt/targets.conf

Edit the following block:

# Set the driver. If not specified, defaults to "iscsi".
#
# This can be iscsi or iser. To override a specific target set the
# "driver" setting in the target's config.
default-driver iscsi
#<target iqn.2008-09.com.example:iser>
#       Example: the next line would override default driver type.
#       driver iser
#<target>

You’ll need to include the target iqn info as well as the backing store information. When you are finished it should look something like:

# Set the driver. If not specified, defaults to "iscsi".
#
# This can be iscsi or iser. To override a specific target set the
# "driver" setting in the target's config.
default-driver iscsi
<target iqn.2015-08.com.tgsrv1:tgt1>
        backing-store /dev/vg_centos6/iscsi
</target>
#       Example: the next line would override default driver type.
#       driver iser
#<target>

Once you have completed this step you will need to restart the tgtd servie

service tgtd restart

At this point we can verify that the ISCSI target LUN we configured is now visible:

tgtadm --mode target --op show

If you completed the configuration correctly you should see the LUN0 the control LUN and LUN1 which will the LUN we just created. It will look something like the example below:

[root@localhost ~]# tgtadm --mode target --op show
Target 1: iqn.2015-08.com.tgsrv1:tgt1
    System information:
        Driver: iscsi
        State: ready
    I_T nexus information:
    LUN information:
        LUN: 0
            Type: controller
            SCSI ID: IET     00010000
            SCSI SN: beaf10
            Size: 0 MB, Block size: 1
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: null
            Backing store path: None
            Backing store flags:
        LUN: 1
            Type: disk
            SCSI ID: IET     00010001
            SCSI SN: beaf11
            Size: 20401 MB, Block size: 512
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: rdwr
            Backing store path: /dev/vg_centos6/iscsi
            Backing store flags:
    Account information:
    ACL information:
        ALL