[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: [Fedora-xen] Best practices questions



Denise,
	Personally, I recommend lvm or partitions in Dom0 vs image files for
performance reasons.  The choice to use LVM or partitions can really safely
be left to whichever you are more comfortable with.  If you want to be able
to resize DomUs, then lvm might be useful, but if that can be done, it is
probably quite complicated.
	Dustin

-----Original Message-----
From: fedora-xen-bounces redhat com [mailto:fedora-xen-bounces redhat com]
On Behalf Of Lopez, Denise
Sent: Wednesday, November 28, 2007 19:43
To: fedora-xen redhat com
Subject: RE: [Fedora-xen] Best practices questions

Are you talking about inside the guests or where the guests are in DomO?

I was talking about where the guests are in Dom0.

Denise Lopez


-----Original Message-----
From: Stephen John Smoogen [mailto:smooge gmail com] 
Sent: Wednesday, November 28, 2007 4:39 PM
To: Lopez, Denise
Cc: fedora-xen redhat com
Subject: Re: [Fedora-xen] Best practices questions

On Nov 28, 2007 5:31 PM, Lopez, Denise <dlopez humnet ucla edu> wrote:
>
>
>
>
> Hi all,
>
>
>
> I am in the process of building a new Xen server from scratch and
wanted to
> ask a couple of questions about best practices.
>
>
>
> First, should the guest domains be image files or LVM's or just
regular ext3
> partitions? What are the pros and/or cons of each?
>

Are you talking about inside the guests or where the guests are in DomO?

For the guests files on Dom0, I am using image files stored on DomO's
LVM.. though I may follow some howtos on shared storage so that
failover works in the future.

Inside the guests, I am using ext3 direct in the image versus using
LVM+ext3. I wanted things to be simple to understand for myself.

>
>
> Second,  since the Dom0 is supposed to be kept secure, and most of my
> servers I don't install any X11 server on, is there any security risk
> installing an X11 server on the Dom0 in order to take advantage of the
> virt-manager GUI interface?
>
>

I do not know of any major security issues... but you should use
security in depth.
1) secure the logins
2) firewall the machine so that only ssh X port forwarding is available
3) keep the system up-2-date.
4) follow other best practices for securing a system.



-- 
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

--
Fedora-xen mailing list
Fedora-xen redhat com
https://www.redhat.com/mailman/listinfo/fedora-xen



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]