[CentOS-virt] Mixed dom0/domU usage?
montanelli at rivint.com
Wed Feb 4 16:50:04 UTC 2009
Thank you Henric, exactly what I was looking for. I hope to try this
tweek over the weekend.
I guess many of us want the optimized "grail" dom0. (Please forgive me
if this is in the archive, I find nothing to little on this topic.)
Does this look like a decent summary of your suggestions:
-yum-updatesd (oh yeah)
-portmap (hmnn, not needed on new domUs, NIC configs as well as
migration for xend? Truly do not know the answer here.)
I'm only slightly above noob on Xen and I still like to do a bit in gui,
(fluxbox or Gnome/XFCE4), so I can see right away if there are any balks
in the service window. I do know that dropping windows manager(s) opens
up some resources, but I still need the assist.
I'm weak in dom0 configuration and securing. I am relying on a separate
NIC (private IP, tight ingress/egress) for dom0 with profound hardware
firewalling and monitoring until I get this aspect comfortably nailed
down. I just don't trust my knowledge of inherent linux firewalling for
I doubt I will ever drop the separate NIC and firewall setup on dom0 though.
Henrik Holmboe wrote:
> ++ 04/02/09 16:56 +0100 - Henrik Holmboe:
>> And in addition to that I also run this in Centos 5.x dom0's:
>> for svc in bluetooth gpm pcscd cups avahi-daemon yum-updatesd; \
>> do chkconfig $svc off; \
>> service $svc stop; \
> Oh, I forgot this for dom0's:
> for svc in nfslock portmap rpcidmapd cups yum-updatesd; \
> do chkconfig $svc off; \
> service $svc stop; \
More information about the CentOS-virt