xen-users

[Top] [All Lists]

RE: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!

from [Jonathan Tripathy]

[Permanent Link][Original]

To:	"Vern Burke" <vburke@xxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject:	RE: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!
From:	"Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
Date:	Tue, 25 May 2010 15:24:27 +0100
Cc:
Delivery-date:	Tue, 25 May 2010 07:26:28 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<4BFAC419.9020507@xxxxxxxx> <4BFADA4B.5060705@xxxxxxxxxxx> <4BFADF2B.70205@xxxxxxxx><4BFAEC50.7070103@xxxxxxxxxxx> <1126208382-1274738991-cardhu_decombobulator_blackberry.rim.net-829565113-@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <5330ace671848dbbe0069c43b622481e.squirrel@xxxxxxxxxxxxxxxxxxxxxx> <4BFBD8EA.5040803@xxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	Acr8Ex3GgH6Iz5ZBQeW/KVy8Ko9TFQAAt2Uo
Thread-topic:	[Xen-users] XCP Xen Cloud Control System ver 0.3 released!

You could try this:

http://www.standingonthebrink.com/index.php/ipv6-ipv4-and-arp-on-xen-for-vps/

Don't know if it will stop DHCP broadcasts, but maybe...

From: Vern Burke [mailto:vburke@xxxxxxxx]
Sent: Tue 25/05/2010 15:04
To: matt@xxxxxxxxxxxxxxxxxx
Cc: Jonathan Tripathy; xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!

I only do static IP assignments on the VMs. I have no idea how you'd
stop a VM from running a DHCP server from outside the VM (not that I can
imagine why anyone would want to do that anyways). The best answer I've
found for a lot of shennanigans is a zero tolerance policy in the terms
of service (do it and you're gone, period).

Openflow looks like it might be useful except I'm not seeing much for
controllers. I'm still pondering how to make best use of the
capabilities of openvswitch.

XCCS multitenancy will provide a reduced set of functions to customers
for controlling their own VMs with the end goal being self provisioning
and automatic billing.

Vern

On 5/25/2010 4:49 AM, Matthew Law wrote:
> Hi Verne,
>
> a fine job!
>
> Do you assign domU addresses from a DHCP server and if so how do you stop
> a rogue VM from running it's own DHCP server and answering DHCP requests
> from other domUs as they start up?
>
> The default config for XCP does let a domU spoof IP addresses. I asked
> some questions on the openvswitch list recently and I get the impression
> that with a separate flow controller box you could do some quite
> fine-grained control of network properties even through migration.
>
> What plans do you have for the multi-tenancy side of things? - if you need
> any help with database development or the web frontend I would be more
> than willing to help out (thats my background).
>
>
> Cheers,
>
> Matt
>
> On Mon, May 24, 2010 11:09 pm, Vern Burke wrote:
>
>> Jonathan:
>>     I don't think there's much to do about preventing someone breaking out
>> of a DomU. As I've said before, that would have to be a severe fubar of
>> the hypervisor and it's not likely.
>>
>> Protecting the Dom0 is really nothing more than the standard best
>> practices for any Internet connected server.
>>
>> If you're really concerned about packet sniffing you could always use a
>> private vswitch and use a Vyatta virtual router and VPN out to wherever
>> you're going.
>>
>> Vern
>> Sent from my BlackBerry® wireless device from U.S. Cellular
>>
>
>
>

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Vern Burke Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Jonathan Tripathy Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Vern Burke Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Jonathan Tripathy Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Vern Burke Message not available Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Matthew Law Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Vern Burke RE: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Jonathan Tripathy <= RE: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Matthew Law Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Frank Pikelner Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Iustin Pop Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Jonathan Tripathy Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Iustin Pop Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Frank Pikelner

Previous by Date:	Re: [Xen-users] High availability and live migration with just LVMand hardware fencing, Frank S Fejes III
Next by Date:	[Xen-users] Examining a dump from /opt/xensource/libexec/dumpcore, David Markey
Previous by Thread:	Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Vern Burke
Next by Thread:	RE: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!, Matthew Law
Indexes:	[Date] [Thread] [Top] [All Lists]