Denise, Personally, I recommend lvm or partitions in Dom0 vs image files for performance reasons. The choice to use LVM or partitions can really safely be left to whichever you are more comfortable with. If you want to be able to resize DomUs, then lvm might be useful, but if that can be done, it is probably quite complicated. Dustin -----Original Message----- From: fedora-xen-bounces@xxxxxxxxxx [mailto:fedora-xen-bounces@xxxxxxxxxx] On Behalf Of Lopez, Denise Sent: Wednesday, November 28, 2007 19:43 To: fedora-xen@xxxxxxxxxx Subject: RE: Best practices questions Are you talking about inside the guests or where the guests are in DomO? I was talking about where the guests are in Dom0. Denise Lopez -----Original Message----- From: Stephen John Smoogen [mailto:smooge@xxxxxxxxx] Sent: Wednesday, November 28, 2007 4:39 PM To: Lopez, Denise Cc: fedora-xen@xxxxxxxxxx Subject: Re: Best practices questions On Nov 28, 2007 5:31 PM, Lopez, Denise <dlopez@xxxxxxxxxxxxxxx> wrote: > > > > > Hi all, > > > > I am in the process of building a new Xen server from scratch and wanted to > ask a couple of questions about best practices. > > > > First, should the guest domains be image files or LVM's or just regular ext3 > partitions? What are the pros and/or cons of each? > Are you talking about inside the guests or where the guests are in DomO? For the guests files on Dom0, I am using image files stored on DomO's LVM.. though I may follow some howtos on shared storage so that failover works in the future. Inside the guests, I am using ext3 direct in the image versus using LVM+ext3. I wanted things to be simple to understand for myself. > > > Second, since the Dom0 is supposed to be kept secure, and most of my > servers I don't install any X11 server on, is there any security risk > installing an X11 server on the Dom0 in order to take advantage of the > virt-manager GUI interface? > > I do not know of any major security issues... but you should use security in depth. 1) secure the logins 2) firewall the machine so that only ssh X port forwarding is available 3) keep the system up-2-date. 4) follow other best practices for securing a system. -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" -- Fedora-xen mailing list Fedora-xen@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-xen -- Fedora-xen mailing list Fedora-xen@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-xen
