HP BL680c XenServer Software Development Kit Guide 4.1.0 - Page 34

XenServer API extensions

28

•

The device

/dev/xen/evtchn

, which is accessed via

xs_evtchn_open()

in

libxenctrl

. A han-

dle can be restricted using

xs_evtchn_restrict()

.

•

The device

/proc/xen/privcmd

, accessed through

xs_interface_open()

in

libxenctrl

. A

handle is restricted using

xc_interface_restrict()

. Some privileged commands are naturally

hard to restrict (e.g. the ability to make arbitrary hypercalls), and these are simply prohibited on restricted

handles.

•

A restricted handle cannot later be granted more privilege, and so the interface must be closed and re-

opened. Security is only gained if the process cannot subsequently open more handles.

•

The

qemu

device emulation processes and

vncterm

terminal emulation processes run as a non-root

user ID and are restricted into an empty directory. They uses the restriction API above to drop privileges

where possible.

•

Access to xenstore is rate-limited to prevent malicious guests from causing a denial of service on the

control domain. This is implemented as a token bucket with a restricted fill-rate, where most operations

take one token and opening a transaction takes 20. The limits are set high enough that they should never

be hit when running even a large number of concurrent guests under loaded operation.

•

The VNC guest consoles are bound only to the

localhost

interface, so that they are not exposed

externally even if the control domain packet filter is disabled by user intervention.

5.5. Advanced settings for network interfaces

Virtual and physical network interfaces have some advanced settings that can be configured using the

oth-

er-config

map parameter. There are a set of custom ethtool settings and some miscellaneous settings.

5.5.1. ethtool settings

Developers might wish to configure custom ethtool settings for physical and virtual network interfaces. This

is accomplished with

ethtool-<option>

keys via the

other-config

map parameter.

Key

Description

Valid settings

ethtool-rx

Specify if RX checksumming is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-tx

Specify if TX checksumming is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-sg

Specify if scatter-gather is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-tso

Specify if tcp segmentation offload is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-ufo

Specify if UDP fragmentation offload is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-gso

Specify if generic segmentation offload is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-autoneg

Specify if autonegotiation is enabled

on

or

true

to enable the

setting,

off

or

false

to disable it

ethtool-speed

Set the device speed in Mb/s

10, 100. or 1000

ethtool-duplex

Set full or half duplex mode

half or full

Section	Page
XenServer Software Development Kit Guide	1
Table of Contents	4
Chapter 1. Introduction	7
Chapter 2. Getting Started	8
2.1. System Requirements and Preparation	8
2.2. Downloading	8
2.3. Installation	8
2.4. What's new	8
2.5. Content Map	8
2.6. Building Samples for the Linux Platform	9
2.7. Building Samples for the Windows Platform	9
2.8. Running the CLI	9
2.8.1. Tab Completion	9
2.9. Accessing SDK reference	9
Chapter 3. Overview of the XenServer API	11
3.1. Getting Started with the API	11
3.1.1. Authentication: acquiring a session reference	11
3.1.2. Acquiring a list of templates to base a new VM installation on	11
3.1.3. Installing the VM based on a template	12
3.1.4. Taking the VM through a start/suspend/resume/stop cycle	12
3.1.5. Logging out	12
3.1.6. \	13
3.2. Object Model Overview	13
3.3. Working with VIFs and VBDs	15
3.3.1. Creating disks and attaching them to VMs	15
3.3.1.1. Creating a new blank disk image	16
3.3.1.2. Attaching the disk image to a VM	16
3.3.1.3. Hotplugging the VBD	17
3.3.2. Creating and attaching Network Devices to VMs	17
3.3.3. Host configuration for networking and storage	17
3.3.3.1. Host storage configuration: PBDs	18
3.3.3.2. Host networking configuration: PIFs	18
3.4. Exporting and Importing VMs	18
3.5. Where to look next	19
Chapter 4. Using the API	20
4.1. Anatomy of a typical application	20
4.1.1. Choosing a low-level transport	20
4.1.2. Authentication and session handling	20
4.1.3. Finding references to useful objects	21
4.1.4. Invoking synchronous operations on objects	21
4.1.5. Using Tasks to manage asynchronous operations	22
4.1.6. Subscribing to and listening for events	22
4.2. Language bindings	23
4.2.1. C	23
4.2.2. C#	24
4.2.3. Python	24
4.2.4. Command Line Interface (CLI)	25
4.3. Complete application examples	25
4.3.1. Simultaneously migrating VMs using XenMotion	25
4.3.2. Cloning a VM via the XE CLI	28
Chapter 5. XenServer API extensions	30
5.1. VM console forwarding	30
5.1.1. Retrieving VNC consoles via the API	30
5.1.2. Disabling VNC forwarding for Linux VM	31
5.2. Paravirtual Linux installation	32
5.2.1. Red Hat Enterprise Linux 4.1/4.4	32
5.2.2. Red Hat Enterprise Linux 4.5/5.0	32
5.2.3. SUSE Enterprise Linux 10 SP1	33
5.2.4. CentOS 4.5/5.0	33
5.3. Adding Xenstore entries to VMs	33
5.4. Security enhancements	33
5.5. Advanced settings for network interfaces	34
5.5.1. ethtool settings	34
5.5.2. Miscellaneous settings	35
5.6. Internationalization for SR names	35
5.7. Hiding objects from XenCenter	36

HP BL680c XenServer Software Development Kit Guide 4.1.0 - Page 34

Advanced settings for network interfaces, 5.5.1. ethtool settings

Page 34 highlights