[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Xen on AWS EC2 Graviton 2 metal instances (c6g.metal)

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: "Driscoll, Dan" <dan.driscoll@xxxxxxxxxxx>
  • Date: Tue, 26 Sep 2023 19:41:45 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IGM7otXcCXKNz1HOL0pMqRluk2t26h1KrRtcNSD3cWQ=; b=QVcn4Uncs+riZVGlVBTSszjqvuk2n3ejuZXvdZzBdMBOZyjdMbM7WdOhWSa9yFFzUZv/ocQLlMqisDtyTEmuzfdLf89v9LGO+VT+zQUpaujPJwx1TnGOIv/kz6m2ubvf8O8vkziE/Hj3gAwbUULQ4lODENK2NdRrYhlGw1VDG1TB/FjiCGyjP7CXAhKKepmoJU/6+rav3kCmwCCkSxx0J5KApI2zAI0zKByOmolAcUY4lVn27s5+N8eaiYxpPIpTb3H1x41f9nAxOkmqRfNYLRmIpeLpweBUW6I1Nfb8LL8mI/3SjjGdnX9SgMS+f/iG9W116IVszde8xyEBKpfd2Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QOJVvJtW26ISAck+2ReEh7tN3hJnJUMO6yS8kExGHZnY5ggyf6T8x997fcchCTuMunTzk39sx/7fv+2P9kmD662ALsxqOIeaNXRYfumKLWymHJgoi5bZVtwe2dQmvu/fOtStQYFaJzlllRYKSseU6lDA9XBapFGf7D0AZgnJxAk4iohUNSw0X0yd8H1VRQ4tbJfF7KYiZXUY9Z2BRhJFSnQXNuFzAw0we/0n1EHkLBQVZXoMlaB7/55nYdRvBuKLrOycZ6iIwuhTyE1RzgckA880DwXesZYTK/CX6lfCwH1sRV1exh9Tcwh0NkacBVlsAVTOPmZyzmoxalHyiO1ctw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, "arvind.raghuraman@xxxxxxxxxxx" <arvind.raghuraman@xxxxxxxxxxx>, "julien@xxxxxxx" <julien@xxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, "rahul.singh@xxxxxxx" <rahul.singh@xxxxxxx>, Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • Delivery-date: Wed, 27 Sep 2023 04:48:48 +0000
  • Document_confidentiality: Restricted
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-09-26T19:41:40Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=259b605e-705d-4423-a6c1-45ef6193bf73; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0
  • Thread-index: AdnwsItjvuOZZuTtRQy72nkgCbOw3Q==
  • Thread-topic: Xen on AWS EC2 Graviton 2 metal instances (c6g.metal)
All,

        First off - sorry for the very long email, but there are a lot of 
details related to this topic and I figured more details might be better than 
less but I could be wrong here....

        Within Siemens Embedded, we have been doing some prototyping using Xen 
for some upcoming customer related work - this email thread attempts to explain 
what has been done here and our analysis of the problems we are having.

        We have done some initial prototyping to get Xen running on an AWS 
Graviton 2 instance using an EC2 Arm64 "metal" instance (c6g.metal - no AWS 
hypervisor) and ran into some problems during this prototyping.

        Since the Edge Workload Abstraction and Orchestration Layer (EWAOL) 
that is part of SOAFEE already has some enablement of Xen in various 
environments (including an Arm64 server environment), we used this as a 
starting point.

        We were able to successfully bring up Xen and a Yocto dom0 and multiple 
domu Yocto guests on an Arm AVA server (AVA Developer Platform - 32 core 
Neoverse N1 server) following documented steps with some minimal configuration 
changes (we simply extended the configuration to include 3 Linux guests): 
https://ewaol.docs.arm.com/en/kirkstone-dev/manual/build_system.html#build-system

        So, this specific EWAOL support has all the proper bitbake layers to 
generate images for both bare-metal (Linux running natively) and a 
virtualization build (using Xen) for AVA and also a Neoverse N1 System 
Development Platform (N1SDP), but we only verified this on AVA.

        AWS also has support for EWAOL on Graviton 2, but the only supported 
configuration is a bare-metal configuration (Linux running natively) and the 
virtualization build hasn't been implemented in the bitbake layers in their 
repo - here is the URL for information / instructions on this support: 
https://github.com/aws4embeddedlinux/meta-aws-ewaol

        As part of our effort to bring this up, we did a VERY minimal patch to 
the repo used for the AWS EWAOL to generate a virtualization build (attached 
meta-aws-ewaol.patch).  The resultant build of the AWS EWAOL support with this 
patch applied does result in Xen being built as well as a dom0 Yocto kernel, 
but there is definitely missing support to properly build everything for this 
virtualization layer.  Following the instructions for meta-aws-ewaol,  we 
generated an AMI and started an EC2 instance with this AMI (c6g.metal type).  
The resultant image does boot, but it boots into the dom0 Linux kernel with 
problems recorded in the boot log related to Xen (see dom0-linux-boot.txt).  

       Looking more closely at the EFI partition, it was clear that 
systemd-boot was being used and it was set-up to boot the dom0 Linux kernel and 
not boot into Xen - the Xen EFI images were not present in the EFI partition 
and obviously no launch entries existed for Xen.  To rectify this, the Xen EFI 
image that were built as part of the AWS EWAOL build mentioned above where 
placed in the EFI partition, along with a Xen config file that provided the 
dom0 Linux kernel image details.  A new entry was added into the EFI image for 
Xen and the launch conf file was updated to boot Xen instead of dom0 Linux.  
This resulted in the EC2 instance becoming "bricked" and no longer accessible.
       
       Details on the EFI related content and changes we made are captured in 
the meta-aws-ewaol-efi-boot-changes.txt file attached above.
       
       The next step was comparing the AVA Xen output that was working and we 
noticed a few differences - the AVA build did enable ACPI and UNSUPPORTED 
kconfig settings whereas the AWS Xen build did not.  So, we tried again to 
bring up another EC2 metal instance using the same AMI as before and utilized 
the AVA Xen EFI image instead and same Xen config file.  The result was the 
same - a "bricked" instance.
       
       We will likely try to use the entire AVA flow on AWS Graviton next as it 
is using GRUB 2 instead of systemd-boot and we hope to maybe extend or enable 
some of the debug output during boot.  The AWS EC2 instances have a "serial 
console", but we have yet to see any output on this console prior to Linux boot 
logs - no success in getting EC2 serial output during EFI booting.
       
       We have had a call and some email exchanges with AWS on this topic (Luke 
Harvey, Jeremy Dahan, Robert DeOliveira, and Azim Siddique) and they said there 
have been multiple virtualization solutions successfully booted on Graviton 2 
metal instances, so they felt that Xen should be useable once we figured out 
configuration / boot details.  The provided some guidance how we might go about 
some more exploration here, but nothing really specific to supporting Xen. 
       
       I have attached the following files for reference:
       
        * meta-aws-ewaol.patch - patch to AWS EWAOL repo found at 
https://github.com/aws4embeddedlinux/meta-aws-ewaol
        * meta-aws-ewaol-efi-boot-changes.txt - Description of EFI related 
changes made to AWS EWAOL EFI partition in attempt to boot Xen
        * ava.xen.config - config file for Xen build for AVA using EWAOL 
virtualization build
        * aws.xen.config - config file for Xen build for AWS using EWAOL 
virtualization build
        * xen-4.16.1.cfg - Xen config file placed in root of EFI boot partition 
alongside xen-4.16.1.efi image
        * aws.linux.config - dom0 Linux config file for AWS using EWAOL 
virtualization buld
        * ava.linug.config - dom0 Linux config file for AVA using EWAOL 
virtualization build
       
       Anyways, I think we are mainly looking for any pointers in how to best 
proceed in getting Xen running on an AWS Graviton 2 c6g.metal instance - 
problems in anything we show above, debugging tips, configuration tips, 
better/different starting points (instead of EWAOL), etc.

       We can always provide more details on the specifics of the AWS EC2 
set-up / usage if this helps - just let us know.
       
       Hope this all makes sense - quite a bit to all of this.

Thanks,

Dan Driscoll
Distinguished Engineer
Siemens DISW - Embedded Platform Solutions

Attachment: meta-aws-ewaol.patch
Description: meta-aws-ewaol.patch

Attachment: meta-aws-ewaol-efi-boot-changes.txt
Description: meta-aws-ewaol-efi-boot-changes.txt

Attachment: ava.xen.config
Description: ava.xen.config

Attachment: aws.xen.config
Description: aws.xen.config

Attachment: xen-4.16.1.cfg
Description: xen-4.16.1.cfg

Attachment: aws.linux.config
Description: aws.linux.config

Attachment: dom0-linux-boot.txt
Description: dom0-linux-boot.txt

Attachment: ava.linux.config
Description: ava.linux.config

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.