On Tue, 01 Oct 2013 06:10:46 -0600 Eric Blake <eblake@xxxxxxxxxx> wrote: > On 10/01/2013 06:04 AM, James Gibbon wrote: > > > > > > Hello all, > > > > I have a KVM guest VM which is a clone of a production machine > > running on a different physical server, incarnated from an > > image backup. > > Careful. You need to scrub more than just the IP address for a > clone and it's parent to safely run at the same time. For > example, if you don't scrub the entropy pool, then one of the > two machines will now have predictable "random" numbers just by > watching what the other host did, which is horrible from a > security perspective. I highly recommend the use of > 'virt-sysprep' on the image backup prior to creating your > clone, which will not only scrub the IP address, but everything > else that ought to be unique between a clone that is intended > to run alongside the parent. Once you start from a clean > image, then the question about starting the guest with network > disabled may be moot. > Thanks, looks really useful but unfortunately I don't have it on this particular machine, which is going to be decommissioned in a few weeks anyway. The cloned VM will only be used for testing purposes, and only for a short time. Would be grateful if someone could suggest a way to disable the networking in the cloned VM within the XML, if that's possible. Thanks again, James _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
