| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
[Xen-users] Stacked File Systems and Xen - state of the art
Hi,
does anybody know what the current state of stacking filesystems for xen
guests is? The last discussions were about a year ago. Has anything
changed? I.e. is it still unreliable and not really recommended?
Motivation:
-----------
I would like to set up a secure firewall. Consequently only minimal
tools should be available... which makes administration not exactly
comfortable.
The basic idea is to have the domU's (i.e. the firewall machine's) disk
exported from dom0 via nfs. On dom0 the exported directory consists of
several stacked layers. In the "standard" layer a "comfortable" linux is
installed with all the tools that make admin's life easier... but the
machine unsafe. On a "deletion" layer all the unneccesary tools have
been marked as deleted. (...think about unionfs using the white-out
deletion method.)
Now anytime I want to change something significant on my router I take
it from the net, remove the "deletions" layer and restart it - and can
comfortably go about my business without being hindered my by own
security-mindedness.
Advantage of this approach: I only need unionfs support in dom0 and do
not have to worry about fiddling with initrds etc for my guests.
Has anybody done this; how does it work in practise? Or - does anybody
see a reason why this can't be done or won't work properly?
Regards,
Arik
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
| <Prev in Thread] |
Current Thread |
[Next in Thread> |
- [Xen-users] Stacked File Systems and Xen - state of the art,
Arik Raffael Funke <=
|
|
|
| |
|
Home