WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] dtc-xen [was: Firewalling Xen?]

To: "Thomas Goirand" <thomas@xxxxxxxxxx>
Subject: Re: [Xen-users] dtc-xen [was: Firewalling Xen?]
From: "Grant McWilliams" <grantmasterflash@xxxxxxxxx>
Date: Tue, 16 Dec 2008 23:07:16 -0800
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 16 Dec 2008 23:08:03 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=g7pTj6gXZZPdUWeEk8J08xG+IUDQezrCuq+Wbm74T84=; b=RPyDdrhV4SuDX9zdzFxW7IUwZlLryorQ2ePE9KgtJ2MdhtevwCKCL5oi7l6vUxSzY3 l/zYx25Y9a/VnuZ99Bvc/Tmee1Egw+YascjzfUEfS6Iavmq1eeFfyn+WX8GJ5b8YMiAC viUBGa9MQJ9Mz0bUT2Yo2heG0Va9yUx4zG1ck=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=m6hjeccVQPwSjq0fQVM4Gx9mtqIyT/FAlTRaN4sVa8dsLXvky1aNCHyySpLvjhyfDu l8zFwA1o1l6F+1vQ5640W33z+y4Sy/IztbFbhllH9AYOAmQB3QPkqzfK1LuWjCMpV4G+ lq0K4LKu6bD7HWp3FrlVA6/3YZZEHe2XihFus=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <49489E85.9000608@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <14915851.141229329317606.JavaMail.root@xxxxxxxxxxxxxxxxxx> <4947DEE9.1050607@xxxxxxxxxx> <ed123fa30812160953q130675adnb6b7ff9200fd93ca@xxxxxxxxxxxxxx> <49489E85.9000608@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx

On Tue, Dec 16, 2008 at 10:39 PM, Thomas Goirand <thomas@xxxxxxxxxx> wrote:
>     http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen.init;h=5e4df2e46e3a872a2d73ada77e24e8bb242f8b6b;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa
>
>     I'd be happy to have contributions in this small script that is by the
>     way very simple to extend (just add few functions for yourself and
>     share, then anybody can enable/disable them with ease.
>
>     Thomas
>
>
> Don't you mean this ;-)
>
> http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen-firewall.init;h=16139921d6efd6fc2e407f7d80b11fae97befdf9;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa

Yes, sorry for the confusion!!! :)

> A bit off topic but can dtc-xen control it's users in a way that you can
> assign an admin per VM? What I'm looking for is to have each student manage
> his and only his domU.

Well, it's a full commercial hosting solution, we have hundreds of
customers using it, so of course it supports what you are asking for,
and it's a fully automated solution.

That's the goal yes! Each "virtual admin" user can:
- set the RDNS
- do xm stop / xm start / xm shutdown / on his VPS (and his VPS only)
- do fsck.ext3 -f -y for his partition (if his VPS is shutdown)
- reinstall his OS (if his VPS is shutdown), many OS supported either
through network setup (yum install or debootstrap) or using images.
- see his network, I/O and CPU usage in realtime
- see the above, and all the other VPSes on the node (very useful if one
customer is abusing and the others want to know)
- Do "xm console" by simply doing ssh xenXX@xxxxxxxxxxxxxxxxxxx (so this
ssh pass can be changed using DTC, or a ssh key can be used to...)
- Set the CD to boot on, and manage the VNC console (HVM guests only)
- Select to use the NetBSD or NetBSD-INSTALL kernel (NetBSD guests only)
- renew his VPS for the period(s) defined in the hosting package

Each admin can have one or more VPS.

Note that dtc-xen is NOT an interface, just a SOAP service over HTTPS
with auth, on which DTC connects to give orders to or to collect data
from your dom0.

Thomas

Thanks for the rundown. Most of the solutions I've found have been overly complex. I'll look into dtc. How hard is it to create and delete
accounts with VPS via automated scripts? I'd like to have a script parse a CSV file each quarter and add the appropriate users and link to 
VMs.

Grant McWilliams

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>