ditwal001 at gmail
Apr 30, 2012, 7:19 AM
Views: 1350
Permalink
|
sorry here,
my comment should not be taken wrong and the concept to have one powerfull
server to handle most oft he services is absolutelly good too, we almost do
that here too.
first:
the probem i have, for ex, ist he firewall stuff, i mean in our point of
view, a firewall should be seperated by 2 nic's and i assume briged nic on a
xen will cause some difficulties with iptable! even i dont know how you
would quaranty security when all ip packages traverse the same nic!
second:
on powerfull server == one single point of failure! what about lvm
snapshots, where to put them, what to do if the server crashes, server down
time?
that what i wanted to say, for me the concept is missing. all your services
can be made easely with xen, windws domU, linux domU.
i would only suggest to consider of using at least 2 xen server, replicated
with drbd, but not remus! and in the very best case a third lowcost server
with disk space to copy lvm gziped snapshots over ssh daily or weekly.
thats it.
thanks walter
-----Original Message-----
From: xen-users-bounces [at] lists
[mailto:xen-users-bounces [at] lists] On Behalf Of Slawek Kosowski
Sent: Montag, 30. April 2012 12:58
To: xen-users [at] lists
Subject: Re: [Xen-users] Firewall in domU, networking in XEN
The concept is to buy one powerful dedicated machine and virtualize all the
rest.
@Walter can you clarify what's messy about this design ?
@Simon, thanks for advises
The reason why I have only one physical NIC is that, the server will be a
dedicated server collocated in the datacenter. Therefore, I don't see any
need to have additional NICs.
Question regarding the LVM.
I will dispose hardware RAID 1. I will create a volume group on the whole
disk. Then I will make 2 logical volumes, one for dom0 root and one for dom0
swap. I don't see any clear advantage of making more LVs with separate
mounting points unless I have big and bulky files to archive by making
snapshots. Simply by having only 2 LVs I decrease granularity, but
facilitate management. At the limit I can add new LVs and mount them to
specific locations (e.g. /usr or /var) copying the files from root LV.
I plan to make new domU on additional LV in the same VG as dom0. Does it
make sense ?
Thanks !
Slawek Kosowski
Dnia 30-04-2012 o godz. 11:28 Walter Robert Ditzler napisał(a):
> hi slawek,
>
> 1 comment only so far, until u begin u should know what u want. all
> wished features can be set up by xen, no prpos but dhcp firewall ...
> with 1 nic ...
>
> that sound really mess'y
>
> not xen is here the nut, the overal concept!
>
> u want all services and all security with minimal hardware (nic).
>
> in switzland we say: u can have the bread and the 5p at the same time
> :)
>
> thanks walter
>
_______________________________________________
Xen-users mailing list
Xen-users [at] lists
http://lists.xen.org/xen-users
_______________________________________________
Xen-users mailing list
Xen-users [at] lists
http://lists.xen.org/xen-users
|
