Xen Project

Virtualization: Why I Stopped Using Xen Server

A few quick notes before that actual post:

I posted this originally in early 2018 on a different website, but no longer use that site. So I decided that it would make sense to re-upload here with a few edits.

There is something called Xen and something called Xen Server. Xen is a virtualization platform that is similar to KVM, and I still think that it is amazing. Xen Server is a product by Citrix that builds upon Xen to be more user-friendly. This post is only referring to Xen Server the product, not Xen the part that does the actual virtualization.

Now For the Actual Post

Up until recently, I used Xen Server to run all my virtual machines that were going to exist for more than I few moments while testing something. For example, it’s how I hosted a Mattermost server for the Southern California EmComm network. The combination of Xen Center (it’s management interface on Windows), how lightweight it is compared to competitors, and general ease of use compared to other hypervisor options made Xen Server quite appealing. That is, until version 7.3 was dropped.

The way that Citrix has handled licensing for Xen Server is that most features are free, but some require that an enterprise license be purchased. For example, when making a pool of servers, a user could have up to X amount of servers for free, but then had to buy a license after that. In my mind, doing it this way is fair, since the cutoffs made sense and didn’t get in my way.

As of version 7.3, however, there are new restrictions on the free version. The worst of which, in my opinion, is that the free version no longer allows GPU passthru, which is pretty standard for all virtualization platforms and is quite important to me. But with their new policy change, I would need to pay $800 in order to allow a VM to use the GPU I have in the server.

Because of this, Rob and I moved our infrastructure at our apartment over to Proxmox, which is built on top of Debian and KVM. It’s not a perfect solution, but it suits our needs and is pretty simple to use.

My More Minor Gripes with Xen Server

The Kernel Does Not Support Network Bridging

The kernel that ships with Xen Server was not compiled with network bridging support. This means that setting up an internal network within your virtual machines is basically impossible, unless you recompile the kernel from source to add the needed modules. But by the time you complete that, you may as well just install base CentOS and added Xen. The only thing missing from doing that would be Xen Center (which might work with normal Xen, I’m not sure. And if it doesn’t, Xen Orchestra provides a nice web interface that can do the same things).

Xen Server Blocks Yum from Working

As I just mentioned, Xen Server is built on CentOS, which should be pretty cool. Yum is a great package manager, and CentOS is super for a super long time compared to other distros. The problem is that Citrix made neither of those things matter, because they disable every single RPM repo, so yum update doesn’t work. And if you manually reenable them, updates fail anyway because of custom packages.

I assume this is so that the patches Citrix releases are the only updates that happen to the server. Which is understandable, but can become a pretty major issue when something like Meltdown or Spectre is discovered and they take a month to release a patch. It might have actually been longer, but that’s how long it was before I got the next update.

No USB Passthru

This is my most minor complaint. It’s not even something that came up often, I just think that it’s nice to have in a hypervisor. I don’t need VMware’s ability to pass a remote USB to a VM over the internet using VMware Workstation, but being able to pass a USB device from host to guest is useful and should be supported. Especially when Xen does allow USB passthru and Citrix just hasn’t implemented a way to make use of it.

What You can Use Instead

I briefly said above that I switched over to Proxmox and enjoy the experience. The other big option that makes use of KVM is of course oVirt. It’s developed by RedHat and is a solid option that I think may be industry leading in a couple years.

If you want to stick with Xen, there is now an open source option called XCP-ng. While I have not personally used it, I have heard great things about it. And Ryan has suggested to several of our friends as an entry level hypervisor.




About: Bailey Kasin

I build virtual environments and challenges for Cybersecurity students to complete as a way to gain experience before graduating and entering the workforce.


Leave a Reply

Your email address will not be published. Required fields are marked *