This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] which is the best way to setup DomU's kernel location

To: ady@xxxxxxxxxxx
Subject: Re: [Xen-users] which is the best way to setup DomU's kernel location
From: Ian Murray <murrayie@xxxxxxxxxxx>
Date: Sun, 20 Sep 2009 13:19:05 -0700 (PDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 20 Sep 2009 13:19:52 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1253477945; bh=7EPFCj6iWISexpzWC9pEiXC9+ak4kRjPWgWvZEPlQj4=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=NMV6H/HqNq1jesf00OwDrOXmxHgkeTXuW9DJCfLMcBafH9ydsxPFJsndTRzvOTSVjYfRi10fI52gY/g2ZHUIYEqEspT378Qfu2PJGp55SrUVkoZ3R7NArHqabZOjNXkcJUSyr38ITzJ0Htm31vp/9Ro3WaOjh4jXuoxaoVYpOSk=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.uk; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=6gztfN/iZQY1+ICqU3caXfE4d0HiomtnCLowgisG+QNnfKhVe9GiTxtcy52iTnxZhXC9cpFI6AqZUt0Bnhwf2Bn3pd6nX2XQVBIh/VbZSu5Zj7LDDvREbgTKjut34f6EI425AYa3tYuDZGxEzgTkuxWKqqjE+Kfn08XLeiOiNeY=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Erm, it wasn't my question. You stated stated stuff as fact when it was your 
opinion. If you are running 2000 domu's that may be the way to go (I presume 
you *are*?), but I have no experience of such. When do uphdrage your home 
rolled kernel, sounds like nightmare risk analysis.

sorry fore top posting or whatever Yahoo mobile mail decides to do with this.

On Sun, 20 Sep 2009 21:07 BST Ady Deac wrote:

>Hi Ian,
>I see you know all about running Xen kernels. You don't even consider 
>any advice from me at least. Then what is the purpose of your question? 
>You asked for our opinions, but you consider yours to be the best.
>I've told you to build your own static domU kernels because in case you 
>upgrade the dom0 kernel you need to update the domU's modules as well. 
>For 1-2 domU's that's fine, but do that for 2000-3000!
>Good luck with your strong beliefs!
>Ian Murray wrote:
>> ----- Original Message ----
>>> From: Ady Deac <ady@xxxxxxxxxxx>
>>> To: Ian Murray <murrayie@xxxxxxxxxxx>
>>> Sent: Sunday, 20 September, 2009 10:33:43
>>> Subject: Re: [Xen-users] which is the best way to setup DomU's kernel 
>>> location
>>> Hi Ian,
>>> Heh, you learn something new each day. ;) Thanks for the tip!
>>> Anyways, you still need to build the custom kernel. :P
>>> Have phun!
>> Hi,
>> No you don't. I am using pygrub with all my PV DomU's, using the
>> standard distribution kernels that come with CentOS 5.x in both Dom0
>> and DomU.
>> Of pvGrub and pyGrub, I think pvgrub is the preferred option because of 
>> inherent security problems with pyGrub, but is available on newer 
>> hypervisors and not on the std CentOS hypervisor. I think the security issue 
>> goes along the lines of the DomU can affect something that runs on the Dom0 
>> (pyGrub) by manipulating the grub menu in the DomU. This could be part of an 
>> attack, if some other vector is discovered in pygrub. Something like that, I 
>> think. I am sure some one will correct me, if I am wrong about that.
>> HTH,
>> Ian.
>> _______________________________________________
>> Xen-users mailing list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>Deac Mihai-Adrian
>W: www.mikesoftware.com
>P: +40-745-256.364

Xen-users mailing list