[CentOS-virt] How to pass messages from dom0 to domU??

Thu Jul 23 20:47:27 UTC 2009
David Knierim <dknierim at gmail.com>

Thanks for the feedback.
I as already planning to have a dedicated management network and had also
discussed the need for some network protocol to share state information.   I
now feel that using a network to share state information is the right
solution in our case.

While xenstore looks interesting, I am hesitant to implement anything that
is Xen specific at this time.   I want to be able to move to KVM or "the
next big thing" as simply as possible.

Thanks again,

On Thu, Jul 23, 2009 at 4:53 AM, Christopher G. Stach II <cgs at ldsys.net>wrote:

> ----- "R P Herrold" <herrold at centos.org> wrote:
> > The addition of a new private network segment seems like
> > overkill and needless additional fragility and complexity --
> > if one to one, use a remote syslog setup (viz., over UDP); if
> > one to many (domU), use a multicast sender and listeners.
> >
> > Run either on the existing network seqment shared by the domUs
> > and dom0 already.
> It's just RAM until you add a physical interface to the bridge, and then
> it's just Ethernet.  It would be difficult to argue that using either is
> fragile or complex.  Even compared against your suggestion, the only
> difference is isolation, the general rule for administrative networks.
> If the skill level involved is negative, perhaps if the person is coming
> from the Device Manager space, maybe the steps of adding a bridge, a vif
> entry for each VM, and configuring the interface within each VM is way too
> much to handle.  However, IIRC, virtual network bridges are one of the
> documented Xen use cases and are entry level stuff.  The cost and added risk
> thereof are next to zero.  Being that worried about fragility in your basic
> set of capabilities is silly, unless you have evidence to the contrary.
> If the messages are used to trigger things like shutdowns, scale back
> services, or be published in any way that could be dangerous (inadvertently
> notifying customers/competitors/attackers that your hardware sucks or what
> your system architecture looks like), you'll need to involve crypto unless
> you don't care if anyone inside shuts down your VMs.  syslogd would not help
> in this case, but at least SNMP could.
> --
> Christopher G. Stach II
> _______________________________________________
> CentOS-virt mailing list
> CentOS-virt at centos.org
> http://lists.centos.org/mailman/listinfo/centos-virt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20090723/bd008cd5/attachment-0005.html>