Advertisement
Guest User

Untitled

a guest
Sep 16th, 2011
117
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # -*- sh -*-
  2.  
  3. #
  4. # Xend configuration file.
  5. #
  6.  
  7. # This example configuration is appropriate for an installation that
  8. # utilizes a bridged network configuration. Access to xend via http
  9. # is disabled.  
  10.  
  11. # Commented out entries show the default for that entry, unless otherwise
  12. # specified.
  13.  
  14. #(logfile /var/log/xen/xend.log)
  15. #(loglevel DEBUG)
  16.  
  17. #(xend-http-server no)
  18. (xend-unix-server yes)
  19. #(xend-tcp-xmlrpc-server no)
  20. #(xend-unix-xmlrpc-server yes)
  21. #(xend-relocation-server no)
  22. # The relocation server should be kept desactivated unless using a trusted
  23. # network, the domain virtual memory will be exchanged in raw form without
  24. # encryption of the communication. See also xend-relocation-hosts-allow option
  25.  
  26. (xend-unix-path /var/lib/xend/xend-socket)
  27.  
  28. # Port xend should use for the HTTP interface, if xend-http-server is set.
  29. #(xend-port            8000)
  30.  
  31. # Port xend should use for the relocation interface, if xend-relocation-server
  32. # is set.
  33. #(xend-relocation-port 8002)
  34.  
  35. # Address xend should listen on for HTTP connections, if xend-http-server is
  36. # set.
  37. # Specifying 'localhost' prevents remote connections.
  38. # Specifying the empty string '' (the default) allows all connections.
  39. #(xend-address '')
  40. #(xend-address localhost)
  41.  
  42. # Address xend should listen on for relocation-socket connections, if
  43. # xend-relocation-server is set.
  44. # Meaning and default as for xend-address above.
  45. # Also, interface name is allowed (e.g. eth0) there to get the
  46. # relocation address to be bound on.
  47. #(xend-relocation-address '')
  48.  
  49. # The hosts allowed to talk to the relocation port.  If this is empty (the
  50. # default), then all connections are allowed (assuming that the connection
  51. # arrives on a port and interface on which we are listening; see
  52. # xend-relocation-port and xend-relocation-address above).  Otherwise, this
  53. # should be a space-separated sequence of regular expressions.  Any host with
  54. # a fully-qualified domain name or an IP address that matches one of these
  55. # regular expressions will be accepted.
  56. #
  57. # For example:
  58. #  (xend-relocation-hosts-allow '^localhost$ ^.*\.example\.org$')
  59. #
  60. #(xend-relocation-hosts-allow '')
  61. (xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')
  62.  
  63. # The limit (in kilobytes) on the size of the console buffer
  64. #(console-limit 1024)
  65.  
  66. ##
  67. # To bridge network traffic, like this:
  68. #
  69. # dom0: fake eth0 -> vif0.0 -+
  70. #                            |
  71. #                          bridge -> real eth0 -> the network
  72. #                            |
  73. # domU: fake eth0 -> vifN.0 -+
  74. #
  75. # use
  76. #
  77. # (network-script network-bridge)
  78. #
  79. # Your default ethernet device is used as the outgoing interface, by default.
  80. # To use a different one (e.g. eth1) use
  81. #
  82. # (network-script 'network-bridge netdev=eth1')
  83. #
  84. # The bridge is named xenbr0, by default.  To rename the bridge, use
  85. #
  86. # (network-script 'network-bridge bridge=<name>')
  87. #
  88. # It is possible to use the network-bridge script in more complicated
  89. # scenarios, such as having two outgoing interfaces, with two bridges, and
  90. # two fake interfaces per guest domain.  To do things like this, write
  91. # yourself a wrapper script, and call network-bridge from it, as appropriate.
  92. #
  93. (network-script network-bridge)
  94.  
  95. # The script used to control virtual interfaces.  This can be overridden on a
  96. # per-vif basis when creating a domain or a configuring a new vif.  The
  97. # vif-bridge script is designed for use with the network-bridge script, or
  98. # similar configurations.
  99. #
  100. # If you have overridden the bridge name using
  101. # (network-script 'network-bridge bridge=<name>') then you may wish to do the
  102. # same here.  The bridge name can also be set when creating a domain or
  103. # configuring a new vif, but a value specified here would act as a default.
  104. #
  105. # If you are using only one bridge, the vif-bridge script will discover that,
  106. # so there is no need to specify it explicitly.
  107. #
  108. (vif-script vif-bridge)
  109.  
  110.  
  111. ## Use the following if network traffic is routed, as an alternative to the
  112. # settings for bridged networking given above.
  113. #(network-script network-route)
  114. #(vif-script     vif-route)
  115.  
  116.  
  117. ## Use the following if network traffic is routed with NAT, as an alternative
  118. # to the settings for bridged networking given above.
  119. #(network-script network-nat)
  120. #(vif-script     vif-nat)
  121.  
  122.  
  123. # Dom0 will balloon out when needed to free memory for domU.
  124. # dom0-min-mem is the lowest memory level (in MB) dom0 will get down to.
  125. # If dom0-min-mem=0, dom0 will never balloon out.
  126. (dom0-min-mem 256)
  127.  
  128. # In SMP system, dom0 will use dom0-cpus # of CPUS
  129. # If dom0-cpus = 0, dom0 will take all cpus available
  130. (dom0-cpus 0)
  131.  
  132. # Whether to enable core-dumps when domains crash.
  133. #(enable-dump no)
  134.  
  135. # The tool used for initiating virtual TPM migration
  136. #(external-migration-tool '')
  137.  
  138. # The interface for VNC servers to listen on. Defaults
  139. # to 127.0.0.1  To restore old 'listen everywhere' behaviour
  140. # set this to 0.0.0.0
  141. #(vnc-listen '127.0.0.1')
  142.  
  143. # The default password for VNC console on HVM domain.
  144. # Empty string is no authentication.
  145. (vncpasswd '')
  146.  
  147. # The default keymap to use for the VM's virtual keyboard
  148. # when not specified in VM's configuration
  149. (keymap 'en-us')
  150.  
  151. # The VNC server can be told to negotiate a TLS session
  152. # to encryption all traffic, and provide x509 cert to
  153. # clients enalbing them to verify server identity. The
  154. # GTK-VNC widget, virt-viewer, virt-manager and VeNCrypt
  155. # all support the VNC extension for TLS used in QEMU. The
  156. # TightVNC/RealVNC/UltraVNC clients do not.
  157. #
  158. # To enable this create x509 certificates / keys in the
  159. # directory /etc/xen/vnc
  160. #
  161. #  ca-cert.pem       - The CA certificate
  162. #  server-cert.pem   - The Server certificate signed by the CA
  163. #  server-key.pem    - The server private key
  164. #
  165. # and then uncomment this next line
  166. # (vnc-tls 1)
  167. #
  168. # The certificate dir can be pointed elsewhere..
  169. #
  170. # (vnc-x509-cert-dir /etc/xen/vnc)
  171. #
  172. # The server can be told to request & validate an x509
  173. # certificate from the client. Only clients with a cert
  174. # signed by the trusted CA will be able to connect. This
  175. # is more secure the password auth alone. Passwd auth can
  176. # used at the same time if desired. To enable client cert
  177. # checking uncomment this:
  178. #
  179. # (vnc-x509-verify 1)
  180.  
  181. # Allow probing of disk image file format.  This is insecure!  It lets
  182. # a malicious domU read any file in dom0.  Applies only to fully
  183. # virtual domUs.  Required for using formats other than raw.
  184. #(enable-image-format-probing no)
  185.  
  186. # Number of seconds xend will wait for device creation
  187. #(device-create-timeout 100)
  188.  
  189. # Number of second xend will wait for device destroy
  190. #(device-destroy-timeout 100)
  191.  
  192. # Strict checking when doing PCI passthrough; enabled by default
  193. #(pci-dev-assign-strict-check yes)
  194.  
  195. # Automatically balloon dom0 down if try to balloon domU up for more memory
  196. # that is free.
  197. # (auto-balloon-dom0 no)
Advertisement
RAW Paste Data Copied
Advertisement