[Fedora-xen] Best practices questions
Stephen John Smoogen
smooge at gmail.com
Thu Nov 29 00:39:24 UTC 2007
On Nov 28, 2007 5:31 PM, Lopez, Denise <dlopez at humnet.ucla.edu> wrote:
>
>
>
>
> Hi all,
>
>
>
> I am in the process of building a new Xen server from scratch and wanted to
> ask a couple of questions about best practices.
>
>
>
> First, should the guest domains be image files or LVM's or just regular ext3
> partitions? What are the pros and/or cons of each?
>
Are you talking about inside the guests or where the guests are in DomO?
For the guests files on Dom0, I am using image files stored on DomO's
LVM.. though I may follow some howtos on shared storage so that
failover works in the future.
Inside the guests, I am using ext3 direct in the image versus using
LVM+ext3. I wanted things to be simple to understand for myself.
>
>
> Second, since the Dom0 is supposed to be kept secure, and most of my
> servers I don't install any X11 server on, is there any security risk
> installing an X11 server on the Dom0 in order to take advantage of the
> virt-manager GUI interface?
>
>
I do not know of any major security issues... but you should use
security in depth.
1) secure the logins
2) firewall the machine so that only ssh X port forwarding is available
3) keep the system up-2-date.
4) follow other best practices for securing a system.
--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the Fedora-xen
mailing list