This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] dtc-xen [was: Firewalling Xen?]

Subject: Re: [Xen-users] dtc-xen [was: Firewalling Xen?]
From: Thomas Goirand <thomas@xxxxxxxxxx>
Date: Wed, 17 Dec 2008 14:39:01 +0800
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 16 Dec 2008 22:39:44 -0800
Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=goirand.fr; h=message-id: date:from:mime-version:cc:subject:references:in-reply-to: content-type:content-transfer-encoding; q=dns/txt; s=postfix; bh= QgrjhQf0gdkBH+lJA0GCnAQY00g=; b=edr+mDdNyStW0IVW2Q8RFi/tv3L0cv2b vWvJeC7NZGpblXOGg+edjPp057lfavzmPwzUmBRzqFk8vdatr2imyDaVpfHtElZT b2mksIrZB+td47TVIROCPwycQ9VDB6aKncmEpmUXrVQ5TsxOvpOapZzZk4UGqWU7 tWc9Brb5Q88=
Domainkey-signature: a=rsa-sha1; c=nofws; d=goirand.fr; h=message-id:date:from:mime-version:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; q=dns; s=postfix; b= lER3Ucc5S+GCauDLPDkXZ2MqPcM6Pj1EVGgMHlX1QQI6Y3HA+eT8xnqgg7sLzPCh PKamOVSNmoOi95BRmc31CnlrYSwZxHj9WlW297Lh5q2DTVzxFbxT9lBIBdCe8qJ+ 32eJMmATwI+34uWJwp98URMJGFplzrdUK9UE8g/bLyY=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <ed123fa30812160953q130675adnb6b7ff9200fd93ca@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Openpgp: id=98EF9A49
Organization: GPLHost
References: <14915851.141229329317606.JavaMail.root@xxxxxxxxxxxxxxxxxx> <4947DEE9.1050607@xxxxxxxxxx> <ed123fa30812160953q130675adnb6b7ff9200fd93ca@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla-Thunderbird (X11/20081018)
> http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen.init;h=5e4df2e46e3a872a2d73ada77e24e8bb242f8b6b;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa
>     I'd be happy to have contributions in this small script that is by the
>     way very simple to extend (just add few functions for yourself and
>     share, then anybody can enable/disable them with ease.
>     Thomas
> Don't you mean this ;-)
> http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen-firewall.init;h=16139921d6efd6fc2e407f7d80b11fae97befdf9;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa

Yes, sorry for the confusion!!! :)

> A bit off topic but can dtc-xen control it's users in a way that you can
> assign an admin per VM? What I'm looking for is to have each student manage
> his and only his domU.

Well, it's a full commercial hosting solution, we have hundreds of
customers using it, so of course it supports what you are asking for,
and it's a fully automated solution.

That's the goal yes! Each "virtual admin" user can:
- set the RDNS
- do xm stop / xm start / xm shutdown / on his VPS (and his VPS only)
- do fsck.ext3 -f -y for his partition (if his VPS is shutdown)
- reinstall his OS (if his VPS is shutdown), many OS supported either
through network setup (yum install or debootstrap) or using images.
- see his network, I/O and CPU usage in realtime
- see the above, and all the other VPSes on the node (very useful if one
customer is abusing and the others want to know)
- Do "xm console" by simply doing ssh xenXX@xxxxxxxxxxxxxxxxxxx (so this
ssh pass can be changed using DTC, or a ssh key can be used to...)
- Set the CD to boot on, and manage the VNC console (HVM guests only)
- Select to use the NetBSD or NetBSD-INSTALL kernel (NetBSD guests only)
- renew his VPS for the period(s) defined in the hosting package

Each admin can have one or more VPS.

Note that dtc-xen is NOT an interface, just a SOAP service over HTTPS
with auth, on which DTC connects to give orders to or to collect data
from your dom0.


Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>