Thanks for the feedback.
I as already planning to have a dedicated management network and had also
discussed the need for some network protocol to share state information. I
now feel that using a network to share state information is the right
solution in our case.

While xenstore looks interesting, I am hesitant to implement anything that
is Xen specific at this time. I want to be able to move to KVM or "the
next big thing" as simply as possible.

Thanks again,

On Thu, Jul 23, 2009 at 4:53 AM, Christopher G. Stach II wrote:

----- "R P Herrold" wrote:
The addition of a new private network segment seems like
overkill and needless additional fragility and complexity --
if one to one, use a remote syslog setup (viz., over UDP); if
one to many (domU), use a multicast sender and listeners.

Run either on the existing network seqment shared by the domUs
and dom0 already.
It's just RAM until you add a physical interface to the bridge, and then
it's just Ethernet. It would be difficult to argue that using either is
fragile or complex. Even compared against your suggestion, the only
difference is isolation, the general rule for administrative networks.

If the skill level involved is negative, perhaps if the person is coming
from the Device Manager space, maybe the steps of adding a bridge, a vif
entry for each VM, and configuring the interface within each VM is way too
much to handle. However, IIRC, virtual network bridges are one of the
documented Xen use cases and are entry level stuff. The cost and added risk
thereof are next to zero. Being that worried about fragility in your basic
set of capabilities is silly, unless you have evidence to the contrary.

If the messages are used to trigger things like shutdowns, scale back
services, or be published in any way that could be dangerous (inadvertently
notifying customers/competitors/attackers that your hardware sucks or what
your system architecture looks like), you'll need to involve crypto unless
you don't care if anyone inside shuts down your VMs. syslogd would not help
in this case, but at least SNMP could.

Christopher G. Stach II

CentOS-virt mailing list
CentOS-virt at centos.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.centos.org/pipermail/centos-virt/attachments/20090723/bd008cd5/attachment.html

Search Discussions

Discussion Posts


Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 7 of 7 | next ›
Discussion Overview
groupcentos-virt @
postedJul 22, '09 at 9:18p
activeJul 23, '09 at 8:47p



site design / logo © 2022 Grokbase