Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Xen>
  3. Users
Question: bootloader pygrub VS kernel and ramdisk in filesystem of Dom0
bobbisanchez at gmx
Apr 23, 2021, 7:08 PM
Post #1 of 2 (228 views)
Permalink
Hello Xen folks ;-)


while i was reading the Xen Wiki Pages https://wiki.xenproject.org/wiki/Tuning_Xen_for_Performance

at the part of:  Tuning your Xen installaton: advenced settings, there are two examples in this Manual of howto start a PV Guest. It shows  booting a PV Guest one with the bootloader: pygrub

bootloader = "/usr/bin/pygrub"
memory = 1024
name = "linux"
vif = [ "bridge=xenbr0" ]
disk = [ "/root/images/debian_squeeze_amd64_standard.raw,raw,xvda,w" ]
root = "/dev/xvda1"

and the other example from the Xen Wiki shows howto start the PV Guest and boot kernel and ramdisk directly from dom0:

kernel = "/boot/vmlinuz"
ramdisk = "/boot/initrd"
memory = 1024
name = "linux"
vif = [ "bridge=xenbr0" ]
disk = [ "/images/debian_squeeze_amd64_standard.raw,raw,xvda,w" ]
root = "/dev/xvda1"

The second example will start the domu without going with the bootloader: pygrub and trys otherwise to run kernel and ramdisk directly to load at start the PV Guest directly from the dom0.

The first example goes with pygrub and the start of the domu in this case, first  loads pygrub, after that pygrub (aka grub) loads the kernel and ramdisk.

So my Question is what makes the differences to start a PV Guest with bootload pygrub or load the kernel and ramdisk directly?

What is the difference if I start a PV guest with pygrub or if the kernel and ramdisk are loaded directly when starting the PV Guest.

Speed differences, security aspects, more or less flexibility, saving resources?


Thanks a lot.

Best Regards
Re: Question: bootloader pygrub VS kernel and ramdisk in filesystem of Dom0 [ In reply to ]
andy at strugglers
Apr 24, 2021, 6:45 AM
Post #2 of 2 (228 views)
Permalink
Hi Bobbi,

On Sat, Apr 24, 2021 at 04:08:52AM +0200, Bobbi Sanchez wrote:
> The first example goes with pygrub and the start of the domu in
> this case, first? loads pygrub, after that pygrub (aka grub) loads
> the kernel and ramdisk.

pygrub is not grub, it's a python script that opens a guest's block
device(s), finds a grub config and tried to parse it. It isn't a
part of the grub project.

There's a couple of serious downsides to pygrub:

- As it isn't part of the grub project, newer releases of grub can
change and add configuration syntax which pygrub might not
understand. That leaves the guest unbootable.

- It opens guest block devices and does all its work in dom0
context. Linux filesystem developers do not give any strong
guarantee that arbitrary filesystem images do not contain root
exploits.

For these reasons it is recommended that you either use pvgrub2 or
pvhgrub instead. Both are integrated with grub upstream.

> So my Question is what makes the differences to start a PV Guest
> with bootload pygrub or load the kernel and ramdisk directly?

Aside from the downsides of how pygrub works, there is no
difference. pygrub does its thing in order to find and extract
kernel and initramfs files. They are then passed to Xen for direct
kernel boot. If you do direct kernel boot you are simply bypassing
the pygrub part. The Xen part is identical.

Practically speaking, if the guest administrator is not the dom0
administrator, then letting the guest administrator manage their own
kernel & initramfs is generally a much easier life with pygrub /
pvgrub2 / pvhgrub.

Cheers,
Andy

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal