Mailing List Archive

On Wed, Jan 24, 2007 at 07:34:15PM +0100, Henning Sprang wrote:

> Hi,
> Ad here my actual question:
>
> the xend-config.sxp file contains multiple settings for some magic
> xml-rpc service, xend-tcp-xmlrpc-server amongst others.
>
> Enabling this one, for example, seems to do nothing - no tcp port is
> listening on anything.
>
> I cannot find any docs.
>
> What's the diference between the xen-api-server, which seems something
> very new, and seems to be configured with only this one parameter, and
> the things configured with xend-tcp-xmlrpc-server and his freinds, whic
> seems older, but to have no effect.
>
> Do I have to compile xen with specific options to enable it?

You're right that xen-api-server is very new -- I snuck this in at the end of
the 3.0.4 release cycle, so that people could try the Xen-API support. It
will be available as a full release, not a preview, with 3.0.5.

The only documentation of that option is in tools/examples/xend-config.sxp
(though I think that the comments there are pretty comprehensive). If you
could update the main docs, then that would be great.

You don't have to enable specific options, though you do need to be using
3.0.4 or above (preferably xen-unstable, because it's still changing a fair
amount).

xend-tcp-xmlrpc-server et al are the legacy interfaces into Xend. Certainly
if you turn one of these on and restart Xend you should see open ports.

Here's a quick run through:

xend-http-server: Very old and totally broken HTML interface and legacy,
generally working SXP-based interface, on port 8000.

xend-unix-server: Ditto, using a unix domain socket.

xend-unix-xmlrpc-server: Legacy XML-RPC server, over HTTP/unix, the recommended
way to access Xend in 3.0.4.

xend-tcp-xmlrpc-server: Ditto, over TCP, on port 8006.

xen-api-server: All new, all shiny Xen-API interface, available in preview
form now, and landing for 3.0.5.

HTH,

Ewan.

_______________________________________________
xen-api mailing list
xen-api@lists.xensource.com
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api

Ewan Mellor wrote:
> The only documentation of that option is in tools/examples/xend-config.sxp
> (though I think that the comments there are pretty comprehensive). If you
> could update the main docs, then that would be great.

Yeah, I should have said that I saw that, including the docs in the
config file - would have saved you some lines.

>
> You don't have to enable specific options, though you do need to be using
> 3.0.4 or above (preferably xen-unstable, because it's still changing a fair
> amount).
>
> xend-tcp-xmlrpc-server et al are the legacy interfaces into Xend. Certainly
> if you turn one of these on and restart Xend you should see open ports.

Nope - That's why I ask.

I am pretty sure I already tried multiple versions, as well as Xensource
Binaries and Debian Etch packages, now and here with Ubuntu Edgy and
native package, but there is nothing listening on any new port after
setting tcp xmlrpc server to yes and rebooting.
And I see no errors that might tell me why it can't be started.

Is it maybe depending on some additional libraries, and silently
discarded if those aren't there?

One thing i that I'm curious, the other is, that xenman seems to use it
for remote controlling Xen.
Henning

_______________________________________________
xen-api mailing list
xen-api@lists.xensource.com
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api

On Wed, Jan 24, 2007 at 09:27:34PM +0100, Henning Sprang wrote:

> I am pretty sure I already tried multiple versions, as well as Xensource
> Binaries and Debian Etch packages, now and here with Ubuntu Edgy and
> native package, but there is nothing listening on any new port after
> setting tcp xmlrpc server to yes and rebooting.
> And I see no errors that might tell me why it can't be started.
>
> Is it maybe depending on some additional libraries, and silently
> discarded if those aren't there?

Not that I'm aware of.

You could try starting xend with "xend trace_start" which will dump a full
trace to /var/log/xen/xend.trace -- this will probably tell us what it's
doing.

Ewan.

_______________________________________________
xen-api mailing list
xen-api@lists.xensource.com
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api

Ewan Mellor wrote:
> You could try starting xend with "xend trace_start" which will dump a full
> trace to /var/log/xen/xend.trace -- this will probably tell us what it's
> doing.

Argh.

It's on port 8005 - I only tested with nmap without further arguments,
and some ports with telnet, but not 8005.
Netstat -tl show it and at least I get an error for a wrong request with
telnet.

Now i only need to find how to talk to it in more meaningful ways,
trying xenman first, I guess.

Thanks and sorry for not looking at it right before wasting your time...

Henning

_______________________________________________
xen-api mailing list
xen-api@lists.xensource.com
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api

On Wed, Jan 24, 2007 at 06:50:16PM +0000, Ewan Mellor wrote:
> You're right that xen-api-server is very new -- I snuck this in at the end of
> the 3.0.4 release cycle, so that people could try the Xen-API support. It
> will be available as a full release, not a preview, with 3.0.5.
>
> The only documentation of that option is in tools/examples/xend-config.sxp
> (though I think that the comments there are pretty comprehensive). If you
> could update the main docs, then that would be great.
>
> You don't have to enable specific options, though you do need to be using
> 3.0.4 or above (preferably xen-unstable, because it's still changing a fair
> amount).
>
> xend-tcp-xmlrpc-server et al are the legacy interfaces into Xend. Certainly
> if you turn one of these on and restart Xend you should see open ports.
>
> Here's a quick run through:
>
> xend-http-server: Very old and totally broken HTML interface and legacy,
> generally working SXP-based interface, on port 8000.
>
> xend-unix-server: Ditto, using a unix domain socket.
>
> xend-unix-xmlrpc-server: Legacy XML-RPC server, over HTTP/unix, the recommended
> way to access Xend in 3.0.4.
>
> xend-tcp-xmlrpc-server: Ditto, over TCP, on port 8006.

NB, there is no authentication in these 4 server methods of Xend. ie if
you turn them on, who ever can access the socket has full control over all
XenD functions with no prior authentication. Thus the UNIX socket based
servers have best security since they are chmod'd to only allow root to
access them. If you turn on HTTP server at the very least restrict it to
run on 127.0.0.1, so only local users access it and be sure you lock down
or trust your local users). Tunnelling over SSH is the only way to get
reasonably secure access to the XenD with these server methods

> xen-api-server: All new, all shiny Xen-API interface, available in preview
> form now, and landing for 3.0.5.

This requires username & password authentication using PAM as its backend
so will make secure remote management more viable, although it is still
only HTTP so passwords are sent over the wire in cleartext.

Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|

_______________________________________________
xen-api mailing list
xen-api@lists.xensource.com
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api