[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] encrypted virtual machines

On 16/06/2011 13:14, David Oros wrote:
Hi all,

I am looking everywhere but cannot find such a nice solution. I need to create lots of encrypted PV domUs. I find some how tos, but for such 15 domUs it will be mess.

I am using XEN 4 and LV as disk for every machine. I also tried to install HVM machine a set up encrypted disk via installation steps but actually, I can read some data from this LV under HVM encrypted machine.

Has anybody some advices?

Thanks in advance.


The way I usually do encrypted guests is to encrypt the partition on the host, mount the encrypted volume and then create volume groups within that.

Create a raid1 array, call it /dev/md0
Encrypt this block device with truecrypt and mount it
pcreate /dev/mapper/truecrypt0 and vgcreate/lvcreate from here.

This makes the process much simpler as the encryption is at a lower level, and you can handle the guests with direct LVMs

Even if you decide not to do it this way, truecrypt created block devices in /dev/mapper so you can point your configs at that.


May the ping be with you ..

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.