WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Memory problems persist... Cannot allocate memory

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Memory problems persist... Cannot allocate memory
From: James Pifer <jep@xxxxxxxxxxxxxxxx>
Date: Sun, 24 Jan 2010 09:47:58 -0500
Delivery-date: Sun, 24 Jan 2010 05:48:17 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1264336547.19173.12.camel@xxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <1262292336.3139.9.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <20091231194825.GC16033@xxxxxxxxxxx> <1262295308.3139.21.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <20100101005322.GD16033@xxxxxxxxxxx> <1262320975.3139.23.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <20100101130615.GF16033@xxxxxxxxxxx> <1262361540.3139.33.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <20100101154113.GA25902@xxxxxxxxxxx> <1262376364.3139.39.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <20100101205148.GH25902@xxxxxxxxxxx> <20100102002806.GJ25902@xxxxxxxxxxx> <1264216007.30044.66.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <1264284166.10903.0.camel@xxxxxxxxxxxx> <1264299442.30044.84.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <1264336547.19173.12.camel@xxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
> > 
> 
> Hello,
> 
> I see that your Dom0 has 33543988k #32GB, is it all the memory in the
> server?
> If so it is possible that after some "ballooning" and memory allocation
> the memory is too unorganized that the allocator can't find suitable
> chunks of memory. I had had that problem after a system upgrade where
> the "menu.lst" (or grub.fcg) was recreated without the tuning
> parameters.
> I think that 32GB is fa too much for the Dom0, usually Dom0 is limited
> to a value between 1024M and 3072M with the dom0_mem=xxxx in the
> grub.cfg, the memory of Dom0 is mainly used for buffer cache on behalf
> of the Domus. 
> It is also often useful to use the parameter "dom0_min_mem=xxx" in the
> xend.config file. In my systems I use the same value eg : 
> (dom0-min-mem 2048)  
> (enable-dom0-ballooning no)   
> in xend-config.sxo
> and
>  multiboot       /xen-3.4.gz /xen-3.4.gz noreboot dom0_mem=2048M 
> in grub.cfg.
> I have had problems with "ballonning yes" if domUs are stopped and
> started many times without a server reboot (memory fargmentation ?).
> 
> Regards
> 
> JP Pozzi


No, dom0 has 4gb (was lower but was trying 4gb to see if it helped)
dom0_min_mem is set to 512M
Ballooning is disabled. 

>From menu.lst:
###Don't change this comment - YaST2 identifier: Original name: xen###
title Xen -- SUSE Linux Enterprise Server 11 - 2.6.27.19-5
    root (hd0,1)
    kernel /boot/xen.gz  dom0_mem=4096M 
    module /boot/vmlinuz-2.6.27.19-5-xen 
root=/dev/disk/by-id/scsi-200d0b29d2d004400-part2 
resume=/dev/disk/by-id/scsi-200d0b29d2d004400-part1 splash=silent showopts 
vga=0x317
    module /boot/initrd-2.6.27.19-5-xen

See xen-config.sxp below. 

Thanks,
James


# cat xend-config.sxp
# -*- sh -*-

#
# Xend configuration file.
#

# This example configuration is appropriate for an installation that 
# utilizes a bridged network configuration. Access to xend via http
# is disabled.  

# Commented out entries show the default for that entry, unless otherwise
# specified.

#(logfile /var/log/xen/xend.log)
#(loglevel DEBUG)

# Uncomment the line below.  Set the value to flask, acm, or dummy to 
# select a security module.

#(xsm_module_name dummy)

# The Xen-API server configuration.
#
# This value configures the ports, interfaces, and access controls for the
# Xen-API server.  Each entry in the list starts with either unix, a port
# number, or an address:port pair.  If this is "unix", then a UDP socket is
# opened, and this entry applies to that.  If it is a port, then Xend will
# listen on all interfaces on that TCP port, and if it is an address:port
# pair, then Xend will listen on the specified port, using the interface with
# the specified address.
#
# The subsequent string configures the user-based access control for the
# listener in question.  This can be one of "none" or "pam", indicating either
# that users should be allowed access unconditionally, or that the local
# Pluggable Authentication Modules configuration should be used.  If this
# string is missing or empty, then "pam" is used.
#
# The final string gives the host-based access control for that listener. If
# this is missing or empty, then all connections are accepted.  Otherwise,
# this should be a space-separated sequence of regular expressions; any host
# with a fully-qualified domain name or an IP address that matches one of
# these regular expressions will be accepted.
#
# Example: listen on TCP port 9363 on all interfaces, accepting connections
# only from machines in example.com or localhost, and allow access through
# the unix domain socket unconditionally:
#
#   (xen-api-server ((9363 pam '^localhost$ example\\.com$')
#                    (unix none)))
#
# Optionally, the TCP Xen-API server can use SSL by specifying the private
# key and certificate location:
#
#                    (9367 pam '' /etc/xen/xen-api.key /etc/xen/xen-api.crt)
#
# Default:
#   (xen-api-server ((unix)))


#(xend-http-server no)
(xend-unix-server yes)
#(xend-tcp-xmlrpc-server no)
#(xend-unix-xmlrpc-server yes)
# Only enable xend-relocation-server on trusted networks as it lacks
# encryption and authentication.
#(xend-relocation-server no)
#(xend-relocation-ssl-server no)
#(xend-udev-event-server no)

#(xend-unix-path /var/lib/xend/xend-socket)


# Address and port xend should use for the legacy TCP XMLRPC interface, 
# if xend-tcp-xmlrpc-server is set.
#(xend-tcp-xmlrpc-server-address 'localhost')
#(xend-tcp-xmlrpc-server-port 8006)

# SSL key and certificate to use for the legacy TCP XMLRPC interface.
# Setting these will mean that this port serves only SSL connections as
# opposed to plaintext ones.
#(xend-tcp-xmlrpc-server-ssl-key-file  /etc/xen/xmlrpc.key)
#(xend-tcp-xmlrpc-server-ssl-cert-file /etc/xen/xmlrpc.crt)


# Port xend should use for the HTTP interface, if xend-http-server is set.
#(xend-port            8000)

# Port xend should use for the relocation interface, if xend-relocation-server
# is set.
#(xend-relocation-port 8002)

# Port xend should use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-ssl-port 8003)

# SSL key and certificate to use for the ssl relocation interface, if
# xend-relocation-ssl-server is set.
#(xend-relocation-server-ssl-key-file  /etc/xen/xmlrpc.key)
#(xend-relocation-server-ssl-cert-file  /etc/xen/xmlrpc.crt)

# Whether to use ssl as default when relocating.
#(xend-relocation-ssl no)

# Address xend should listen on for HTTP connections, if xend-http-server is
# set.
# Specifying 'localhost' prevents remote connections.
# Specifying the empty string '' (the default) allows all connections.
#(xend-address '')
#(xend-address localhost)

# Address xend should listen on for relocation-socket connections, if
# xend-relocation-server is set.
# Meaning and default as for xend-address above.
#(xend-relocation-address '')

# The hosts allowed to talk to the relocation port.  If this is empty (the
# default), then all connections are allowed (assuming that the connection
# arrives on a port and interface on which we are listening; see
# xend-relocation-port and xend-relocation-address above).  Otherwise, this
# should be a space-separated sequence of regular expressions.  Any host with
# a fully-qualified domain name or an IP address that matches one of these
# regular expressions will be accepted.
#
# For example:
#  (xend-relocation-hosts-allow '^localhost$ ^.*\\.example\\.org$')
#
#(xend-relocation-hosts-allow '')
(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')

# The limit (in kilobytes) on the size of the console buffer
#(console-limit 1024)

##
# To bridge network traffic, like this:
#
# dom0: ----------------- bridge -> real eth0 -> the network
#                            |
# domU: fake eth0 -> vifN.0 -+
#
# use
#
# (network-script network-bridge)
#
# Your default ethernet device is used as the outgoing interface, by default. 
# To use a different one (e.g. eth1) use
#
# (network-script 'network-bridge netdev=eth1')
#
# The bridge takes on the ethernet device name by default.  To rename the
# bridge, use
#
# (network-script 'network-bridge bridge=<name>')
#
# It is possible to use the network-bridge script in more complicated
# scenarios, such as having two outgoing interfaces, with two bridges, and
# two fake interfaces per guest domain.  To do things like this, write
# yourself a wrapper script, and call network-bridge from it, as appropriate.
#
# SuSE users note:
# On openSUSE >= 11.1 and SLES >= 11, networks should be configured using
# native platform tool - YaST.  vif-bridge and qemu-ifup can be used to
# connect vifs to the YaST-managed networks.
#(network-script network-bridge)
(network-script )

# The script used to control virtual interfaces.  This can be overridden on a
# per-vif basis when creating a domain or a configuring a new vif.  The
# vif-bridge script is designed for use with the network-bridge script, or
# similar configurations.
#
# If you have overridden the bridge name using
# (network-script 'network-bridge bridge=<name>') then you may wish to do the
# same here.  The bridge name can also be set when creating a domain or
# configuring a new vif, but a value specified here would act as a default.
#
# If you are using only one bridge, the vif-bridge script will discover that,
# so there is no need to specify it explicitly.
#
(vif-script vif-bridge)


## Use the following if network traffic is routed, as an alternative to the
# settings for bridged networking given above.
#(network-script network-route)
#(vif-script     vif-route)


## Use the following if network traffic is routed with NAT, as an alternative
# to the settings for bridged networking given above.
#(network-script network-nat)
#(vif-script     vif-nat)

# dom0-min-mem is the lowest permissible memory level (in MB) for dom0.
# This is a minimum both for auto-ballooning (as enabled by
# enable-dom0-ballooning below) and for xm mem-set when applied to dom0.
(dom0-min-mem 512)

# Whether to enable auto-ballooning of dom0 to allow domUs to be created.
# If enable-dom0-ballooning = no, dom0 will never balloon out.
(enable-dom0-ballooning no)

# In SMP system, dom0 will use dom0-cpus # of CPUS
# If dom0-cpus = 0, dom0 will take all cpus available
(dom0-cpus 0)

# Whether to enable core-dumps when domains crash.
#(enable-dump no)

# The tool used for initiating virtual TPM migration
#(external-migration-tool '')

# The interface for VNC servers to listen on. Defaults
# to 127.0.0.1  To restore old 'listen everywhere' behaviour
# set this to 0.0.0.0
#(vnc-listen '127.0.0.1')

# The default password for VNC console on HVM domain.
# Empty string is no authentication.
(vncpasswd '')

# The VNC server can be told to negotiate a TLS session
# to encryption all traffic, and provide x509 cert to
# clients enalbing them to verify server identity. The
# GTK-VNC widget, virt-viewer, virt-manager and VeNCrypt
# all support the VNC extension for TLS used in QEMU. The
# TightVNC/RealVNC/UltraVNC clients do not.
#
# To enable this create x509 certificates / keys in the
# directory /etc/xen/vnc
#
#  ca-cert.pem       - The CA certificate
#  server-cert.pem   - The Server certificate signed by the CA
#  server-key.pem    - The server private key
#
# and then uncomment this next line
# (vnc-tls 1)

# The certificate dir can be pointed elsewhere..
#
# (vnc-x509-cert-dir /etc/xen/vnc)

# The server can be told to request & validate an x509
# certificate from the client. Only clients with a cert
# signed by the trusted CA will be able to connect. This
# is more secure the password auth alone. Passwd auth can
# used at the same time if desired. To enable client cert
# checking uncomment this:
#
# (vnc-x509-verify 1)

# The default keymap to use for the VM's virtual keyboard
# when not specififed in VM's configuration
#(keymap 'en-us')

# Script to run when the label of a resource has changed.
#(resource-label-change-script '')

# Rotation count of qemu-dm log file.
#(qemu-dm-logrotate-count 10)

# Path where persistent domain configuration is stored.
# Default is /var/lib/xend/domains/
#
#(xend-domains-path /var/lib/xend/domains)

# Domain Locking
# In a multihost environment, domain locking prevents simultaneously
# running a domain on more than one host.
#
# If enabled, xend will execute a external lock utility (defined below)
# on each domain start and stop event.  Disabled by default.  Set to yes
# to enable domain locking.
#
#(xend-domain-lock no)

# Path where domain lock is stored if xend-domain-lock is enabled.
# Note:  This path must be accessible to all VM Servers participating
#        in domain locking, e.g. by specifying a shared mount point.
#        Lock is placed in /<xend-domain-lock-path>/<domain-uuid>.
# Default is /var/lib/xend/domains/
#
#(xend-domain-lock-path /var/lib/xend/domains)

# External locking utility called by xend for acquiring/releasing
# domain lock.  By default /etc/xen/scripts/domain-lock will be used
# if xend-domain-lock is set to yes.  Set to path of custom locking
# utility to override the default.
#
# Synopsis of lock-util:
# lock-util [-l|-u] -n <vm name> -i <vm uuid> -p <physical host> path"
# -l          Acquire (create) lock
# -u          Remove lock
# -n vm-name  Name of domain
# -i vm-id    Id or UUID of domain
# -p phy-host Name of physical host (dom0)
# path        /<xend-domain-lock-path>/<vm-uuid>
# Return 0 on success, non-zero on error.
#
# lock-util [-s] path"
# -s          Lock status.  If lock is acquired, print any contents
#             on stdout and return 0.  Return non-zero if lock is
#             available.
# path        /<xend-domain-lock-path>/<vm-uuid>
# If lock is acquired, print any contents on stdout and return 0.
# Return non-zero if lock is available.
#
# Default lock-util behavior:
# On domain start event, domain-lock will create and flock(1)
# /<xend-domain-lock-path>/<vm-uuid>/lock.  Every two seconds it
# will write <vm-name>, <vm-id>, <vm-host>, and <tick> to the lock.
# <tick> is running counter.
# On domain stop event, domain-lock will unlock and remove
# /<xend-domain-lock-path>/<vm-uuid>/lock.
#
# Note: If xend-domain-lock-path is a cluster-unaware file system,
#       administrator intervention may be required to remove stale
#       locks.  Consider two hosts using NFS for xend-domain-lock-path
#       when HostA, running vm1, crashes.  HostB could not acquire a
#       lock for vm1 since the NFS server holds an exclusive lock
#       acquired by HostA.  The lock file must be manually removed
#       before starting vm1 on HostA.
#
#(xend-domain-lock-utility domain-lock)



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users