[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] which is the best way to setup DomU's kernel location

  • To: ady@xxxxxxxxxxx
  • From: Ian Murray <murrayie@xxxxxxxxxxx>
  • Date: Sun, 20 Sep 2009 13:19:05 -0700 (PDT)
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Sun, 20 Sep 2009 13:19:52 -0700
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.uk; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=6gztfN/iZQY1+ICqU3caXfE4d0HiomtnCLowgisG+QNnfKhVe9GiTxtcy52iTnxZhXC9cpFI6AqZUt0Bnhwf2Bn3pd6nX2XQVBIh/VbZSu5Zj7LDDvREbgTKjut34f6EI425AYa3tYuDZGxEzgTkuxWKqqjE+Kfn08XLeiOiNeY=;
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
Erm, it wasn't my question. You stated stated stuff as fact when it was your 
opinion. If you are running 2000 domu's that may be the way to go (I presume 
you *are*?), but I have no experience of such. When do uphdrage your home 
rolled kernel, sounds like nightmare risk analysis.

sorry fore top posting or whatever Yahoo mobile mail decides to do with this.

On Sun, 20 Sep 2009 21:07 BST Ady Deac wrote:

>Hi Ian,
>
>I see you know all about running Xen kernels. You don't even consider 
>any advice from me at least. Then what is the purpose of your question? 
>You asked for our opinions, but you consider yours to be the best.
>
>I've told you to build your own static domU kernels because in case you 
>upgrade the dom0 kernel you need to update the domU's modules as well. 
>For 1-2 domU's that's fine, but do that for 2000-3000!
>
>
>Good luck with your strong beliefs!
>
>
>Ian Murray wrote:
>>
>>
>> ----- Original Message ----
>>   
>>> From: Ady Deac <ady@xxxxxxxxxxx>
>>> To: Ian Murray <murrayie@xxxxxxxxxxx>
>>> Sent: Sunday, 20 September, 2009 10:33:43
>>> Subject: Re: [Xen-users] which is the best way to setup DomU's kernel 
>>> location
>>>
>>> Hi Ian,
>>>
>>> Heh, you learn something new each day. ;) Thanks for the tip!
>>>
>>> Anyways, you still need to build the custom kernel. :P
>>>
>>> Have phun!
>>>
>>>     
>>
>> Hi,
>>
>> No you don't. I am using pygrub with all my PV DomU's, using the
>> standard distribution kernels that come with CentOS 5.x in both Dom0
>> and DomU.
>>
>> Of pvGrub and pyGrub, I think pvgrub is the preferred option because of 
>> inherent security problems with pyGrub, but is available on newer 
>> hypervisors and not on the std CentOS hypervisor. I think the security issue 
>> goes along the lines of the DomU can affect something that runs on the Dom0 
>> (pyGrub) by manipulating the grub menu in the DomU. This could be part of an 
>> attack, if some other vector is discovered in pygrub. Something like that, I 
>> think. I am sure some one will correct me, if I am wrong about that.
>>
>> HTH,
>>
>> Ian.
>>
>>
>>
>>       
>>
>> _______________________________________________
>> Xen-users mailing list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>>   
>
>-- 
>Deac Mihai-Adrian
>
>W: www.mikesoftware.com
>P: +40-745-256.364
>





_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.