Giving your Xen instances a working X setup
Posted by Steve on Sun 1 Jan 2006 at 15:46
Xen, the virtualisation system, is a great tool for running fresh copies of an operating system. However it doesn't allow you to run X11 programs. Here we can fix that with the help of VNC.
VNC is the "virtual network computer", a simple tool which allows you to share a graphical display to other hosts. We introduced using VNC to graphically administer remote computers last year.
If we have a virtual installation of Debian running within Xen we can use the VNC server to export the graphical display to all machines upon the LAN - this is perfect for running programs such as Firefox which require a display.
(The other approach is to use X11 forwarding via SSH. That will work nicely for many programs, but if you're wanting an actual desktop it isn't so hot.)
To setup the export of the display is relatively simple. We just need to install the X11 packages upon the virtual instance, and any programs we might wish to run, and then make a minor tweak to export the display.
Upon the virtual image run:
apt-get update apt-get install xserver-xfree86 vncserver xfonts-100dpi xfonts-75dpi xfonts-base rxvt
This will give your instance almost everything it needs. The only things you're missing is a window manager and a login manager. We'll come back to those shortly.
Once the installation has finished you'll be prompted to configure your X server - you may simply select all the default answers. The system should default to a Vesa video server and this is sufficient for our needs.
The next step is to configure a login manager, so far I've tested xdm and gdm and both work nicely. (If you can get kdm to work I'd appreciate a comment with details.)
The login manager is the thing that we'll need to update to export the display via VNC. We'll also need to install a window manager, or desktop manager for to run.
I'm a fan of the simplicity of IceWM, so we'll use that:
apt-get install icewm-experimental
Now we choose the login manager. xdm is simple and basic, gdm has the useful advantage of having a "shutdown" and "reboot" button - so you might prefer that. (No matter if you're not running GNOME!)
XDM SetupGDM SetupXDM setup is very simple, you can install it and configure it to use the VNC server to export its display with:
apt-get install xdm echo ':0 /usr/bin/Xvnc /usr/bin/Xvnc -geometry 1024x768 -depth 24' \ > /usr/X11R6/lib/X11/xdm/XserversOnce this has been done start the manager with:
/etc/init.d/xdm stop /etc/init.d/xdm start
GDM setup is also pretty painless once it has been installed. We just need to make a change to the configuration file /etc/X11/gdm/gdm.conf, and add a new section.
Install gdm as follows:
apt-get install gdmNow we add a new section to end of the configuration file:
cat <<EOF >> /etc/X11/gdm/gdm.conf [server-VNC] name=VNC server command=/usr/bin/Xvnc -geometry 800x600 -depth 24 flexible=true EOFFinally we make that section the active server:
perl -pi.bak -e 's/^0=Standard/0=VNC/g' /etc/X11/gdm/gdm.confOnce this has been done we can restart the server as follows:
/etc/init.d/gdm stop /etc/init.d/gdm start
Once you've setup the login manager you should be able to connect from the host to the virtual server just by running:
xvncviewer xx.xxx.xx.xx
Where xx.xx.xx.xx is the IP address of your virtual server. Login and you should have complete control over the desktop - just as if it were a real machine in front of you.
(If you don't have it installed upon the host already you can fetch it with "apt-get install xvncviewer".)
You might want to experiment with different sizes for the display the defaults shown above of 800x600 can be changed to, say, 1024x768, if you have the screen space for it!
The only obvious drawback of using this approach is that the VNC server may be connected to without any password by anybody upon your LAN.
Firewalling is the order of the day here..
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
From the article:
The next step is to configure a login manager, so far I've tested xdm and gdm and both work nicely. (If you can get kdm to work I'd appreciate a comment with details.)
Feel free to try it yourself, and let us know what you had to do to get it working ..
[ Parent | Reply to this comment ]
But when I change 2 lines in gmd.conf it works:
change in /etc/X11/gdm/gdm.conf:
FirstVT=7
VTAllocation=true
by:
FirstVT=7
VTAllocation=false
bye
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Strange I don't see that on my system - using a real host rather than VMWare.
[ Parent | Reply to this comment ]
can you not "ssh -X" into the xen instance, run x applications, and have them tunneled back to your desktop? as long as the xen instance has network connectivity and the x-based application is installed, i figure it would work, but i have no personal experience with xen.
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Yes you can use "ssh -X", or "ssh -Y", and that works as expected. The problem is you cannot run a real X server since there is no graphical window to display the output in - if that makes sense?
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
What could be the problem?
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Hard to say without more details.
Is the GDM/XDM manager running? (Which did you install?)
Is there firewalling rules preventing external connections?
Are you running "vncviewer xx.xx.xx.xx:1", or "vncviewer xx.xx.xx.xx" ? (Assuming you have networking setup and xx.xx.xx.xx is the correct addresss.)
What have you tried to debug the situation?
[ Parent | Reply to this comment ]
I didn't have any firewall setting at this stage.
About the external connections, I have to say I do have problems, I posted my ssh problems to the xen mailing list few minutes ago, I listed here again, you may be able to help me sort this problem as well.
I have installed xen 3.0 on debian sarge, dom0 is sarge, domu is sarge as well. (vm01, I read you the other post: the perfect setup for Debian ..., I even followed the name schema :~), very good start for me!). Since I only have one ip address, so I set up the system using network bridge and routing.
I have the xend and xendomains started automatically at the boot time, at
this point, I can ssh to dom0 from a remote client,
then I used the /etc/xen/scripts/network-bridge and
/etc/xen/scripts/network-nat scripts to start the netwrok, running the
following scripts which I found on xen-users mailing list:
ifconfig xenbr0 192.168.3.1 netmask 255.255.255.0 up
iptables --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface xenbr0 -j
MASQUERADE
iptables --append FORWARD --in-interface xenbr0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
route add -net 192.168.3.0 netmask 255.255.255.0 dev xenbr0
Then I have domu and dom0 running, however I only have ssh connection to my
remote client from both dom0 and domu, but couldn't have ssh access to
dom0 and domu from the remote client.
so I won't be able to run vncviewer from the remote client, but I did try to run vncviewer from dom0, like vncviewer vm01.localhost.localdomain:1, then I got the error message. Does it mean I can't acess to vm01 from dom0 using vncviewer?
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
I think all your vnc problems are probably network related, so posting the the xen-users list is definitely the best thing to do.
Once they've helped sort out your problem you'll probably find VNC works properly too.
[ Parent | Reply to this comment ]
mmm using Vserver on a parisc-linux box, I am so very interested by your nice and clear guide ;-) (more over this was actualy a server without gfx card, though), I don't see why it would works too?
I follow your reciepe on namely a guest (a debian unstable) on this system, it seems it wants to start: xvncviewer start to show the well know gdm greeter panel but failed near the end?
Well the system on which I run xvncviewer (a i386) is actualy another then the host (no gfx on the host system) but there are togheter in the same lab, in the same subnet (without fw)?
Here I just see the short xvncviewer's messages:
$ xvncviewer debvs007
VNC server supports protocol version 3.3 (viewer 3.3)
No authentication needed
Desktop name "root's x11 desktop (debvs007:0)"
Connected to VNC server, using protocol version 3.3
VNC server default format:
32 bits per pixel.
Most significant byte first in each pixel.
True colour: max red 255 green 255 blue 255, shift red 16 green 8 blue 0
Using default colormap which is TrueColor. Pixel format:
32 bits per pixel.
Most significant byte first in each pixel.
True colour: max red 255 green 255 blue 255, shift red 16 green 8 blue 0
xvncviewer: VNC server closed connection
From the guest env, I can launch a xterm or gdmsetup without pb but daemon.log show me about gdm:
gdm[15580]: The display server has been shut down about 6 times in the last 90 seconds. It is likely that something bad is going on. Waiting for 2 minutes before trying again on display :0.
...
and so for?
Any idea?
TIA,
Joel
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Look at /var/log/gdm/ to see which logfiles are produced and see what messages they contain - it could be there are errors in your setup which make gdm die prematurely.
[ Parent | Reply to this comment ]
unfortunately I din't get any error in /var/log/gdm/:0.log*:
20/01/06 12:30:07 Xvnc version 3.3.7 - built Nov 5 2005 22:24:04
20/01/06 12:30:07 Copyright (C) 2002-2003 RealVNC Ltd.
20/01/06 12:30:07 Copyright (C) 1994-2000 AT&T Laboratories Cambridge.
20/01/06 12:30:07 All Rights Reserved.
20/01/06 12:30:07 See http://www.realvnc.com for information on VNC
20/01/06 12:30:07 Desktop name 'x11' (debvs007:0)
20/01/06 12:30:07 Protocol version supported 3.3
20/01/06 12:30:07 Listening for VNC connections on TCP port 5900
There are 5 log's file differing just by timestamp.
oops, the following dmesg wasn't showned at console (weird ;-( ):
[351602.130000] do_page_fault() pid=20464 command='Xvnc' type=15 address=0x400410d8
[351602.130000] vm_start = 0x4002a000, vm_end = 0x40041000
[351602.130000]
[351602.130000] YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
[351602.130000] PSW: 00000000000011101111111100001111 Not tainted
[351602.130000] r00-03 00000000 00000378 00000011 00000000
[351602.130000] r04-07 000000de 00000000 00dd0015 00000000
[351602.130000] r08-11 00000001 40039030 80008000 00000001
[351602.130000] r12-15 000000d8 4006acf0 001916b8 c050b708
[351602.130000] r16-19 001916b8 001916b8 00190ff8 ffffff25
[351602.130000] r20-23 00000000 400410d8 fffffe4a 0000006d
[351602.130000] r24-27 009e9a91 000000de 4006acf8 001707f8
[351602.130000] r28-31 00000004 40041450 c050bac0 ffffff25
[351602.130000] sr0-3 00000000 00000000 00000000 00002d73
[351602.130000] sr4-7 00002d73 00002d73 00002d73 00002d73
[351602.130000]
[351602.130000] VZOUICununcqcqcqcqcqcrmunTDVZOUI
[351602.130000] FPSR: 00001000000111100001100000000000
[351602.130000] FPER1: 00000000
[351602.130000] fr00-03 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[351602.130000] fr04-07 4038000000000000 4000000000000000 0000000280000000 4038000000000000
[351602.130000] fr08-11 0000000000000000 1f91f80000000000 107b0e40107b0e48 000000001056d810
[351602.130000] fr12-15 3b9aca001056ddf0 104bd1c810175eb8 000000f04a5e8e00 0098963a10563810
[351602.130000] fr16-19 1f91e00010567010 0000000000000000 f00001e0f00001e8 1056ddf010580810
[351602.130000] fr20-23 1056d8103b9aca00 1056ddf010175e58 00000000000000de 000000de00000000
[351602.130000] fr24-27 0000000100000010 000000039999999a 0000000000000000 3ff623a2a02e7980
[351602.130000] fr28-31 40409ab9f822db20 3ff0000000000000 000000f04a5e8e00 0098963a10563810
[351602.130000]
[351602.130000] IASQ: 00002d73 00002d73 IAOQ: 0010381b 00103827
[351602.130000] IIR: 0eb81280 ISR: 00002d73 IOR: 400410d8
[351602.130000] CPU: 0 CR30: 1506c000 CR31: 1050c000
[351602.130000] ORIG_R28: 00000000
[351602.130000] IAOQ[0]: 0x10381b
[351602.130000] IAOQ[1]: 0x103827
[351602.130000] RP(r2): 0x11
Too bad.
Thanks a lot,
Joel
[ Parent | Reply to this comment ]
Xvnc seems to exit right after it is started. :(
[ Parent | Reply to this comment ]
After installation edit /etc/gdm/gdm.conf:apt-get install gdm
Then restart gdm:[servers] #We do NOT want to start any local X-Server here #0=Standard [xdmcp] #We need to ENABLE XDMCP here Enable=true
That was it. You should now be able to start a gdmXnestchooser on your workstation and connect to the displayless machine vi xdmcp. If you do not see the host in the list, add it's IP address manually. Next you need to set up whatever X should do.invoke-rc gdm restart
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
In /etc/services add the following lines:
vnc1024 5901 /tcp # normal
Then in /etc/inetd.conf add the following:
vnc1024 stre am tcp nowait nobody /usr/bin/Xvnc Xvnc -inetd -query 127.0.0.1 -once -depth 16 -geometry&nbs p;1024x768
You can add more ports and services for different screen resolutions.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]