Fedora Strands Xen Users

From Fedora Weekly News:

Daniel P. Berrange laid it out there. “There is pretty much zero chance that Fedora 10 will include a Xen Dom0 host. While upstream Xen developers are making good progress on porting Dom0 to paravirt_ops, there is simply too little time for this to be ready for Fedora 10. So if you need to use Fedora 10 as a host, then KVM is your only viable option at this time. If you can wait for Fedora 11 (or use RHEL-5 / CentOS-5) then Xen may be an option for you.”

The basic issue is that the the virtualization groups are getting together on a standard kernel interface, paravirt_ops, and the Xen folks aren’t ready yet. Fedora 10 has a hard deadline, and the Xen group isn’t likely to make it in time.

Why Fedora 10 is important, is that Fedora 8 will stop getting security updates once Fedora 10 is released, per policy. When Fedora 9 came out, the Fedora Project told Xen users to hold off on Fedora 9, that Fedora 10 would have the Xen pieces. Had it told users at that time stop using Fedora they might have had a reasonable opportunity to plan for a chance, but at this point they have only weeks to get their systems off onto another operating system.

While RHEL/CentOS have always been billed as the ‘stable’ platform, many community-minded systems administrators run Fedora as a way to help find problems and improve the codebase. In return, they get more up-to-date packages and an expectation of being able to upgrade to new releases as they’re available.

Now, for the first time I can recall, Fedora has dropped its end of the bargain, for any folks who are using Xen virtualization. I know I don’t deploy any new servers these days that don’t use virtualization, and I doubt I’m highly unusual in that regard. Fedora thus stands to lose a great number of users, i.e. testers, trust and goodwill. After all, if one of the two major kernel flavors can get the axe, just about anything else can too. It raises the question of what Fedora provides, as a distribution. Sure, we understand that the upstream kernel isn’t ready, but is Fedora willing to merely have its feature set dictated by outside parties? This is as much a function of Fedora’s release-by-date rather than release-when-ready policy. They want to release approximately every six months, come hell or high water, and while momentum is desirable in a vacuum, sometimes the community might deserve some consideration as well.

The current expectation is that the Dom0 bits will be in kernel-2.6.28. By all expectations, this release will come about 90 days after 2.6.27 is released, or approximately mid-January, if not sooner. One would hope since the Xen kernel no longer requires a separate RPM package that when Fedora adopts 2.6.28 as its primary kernel (early Feb ‘09, perhaps) that Xen Dom0 support will re-appear.

So, to arrive at a detente, the most practical approach would be to extend Fedora 8 security updates until such a time as a Xen-Dom0 kernel is integrated into Fedora. Without argument, this will consume precious development hours among the Fedora development community. And Fedora can legitimately argue that it’s ‘for experimental use only’ and plausibly get away with not doing so. However, the practical reality of choosing this path is to lose community-sourced testing hours orders of magnitude larger than would be saved by continuing the updates. And since RHEL 6 will require a stable Xen base for its release, Fedora 10 with Xen is going to be very important to have well shaken-out for RHT.