I might be flamed for this statement but not being able to run inside a
virtualized environment is not an option in the future.
Most servers you can buy today are to powerful for only taking care of
one task.
It is really handy to be able to "shuffle" around the cpu:s to the
virtual machine that needs it at the moment.
OpenBSD is much to powerful to be used only on soekris and wrap boxes as
a firewall for the homeuser.
If OpenBSD doesn't adopt to the virtualization trend it will used only
as an obscure firewall box.
If I need to run linux as Dom0 to be able to put most of my OpenBSD
machines into one single box(well two actually if you want failover, and
that you probably want)
The security sacrifice is OK to me, at least knowing that the option is
to not run OpenBSD at all since I would need too many machines and to
much electricity and force me to build a new serverroom.
The firewall and the KDC will probably not be virtualized yet, but
everything else will soon be.
Luca Corti wrote:
On Tue, 2007-10-23 at 01:11 +0200, ropers wrote:
unavoidable. The question is, is that a worthwhile trade-off? Is this
a reason not to support Xen? Or should the user be given that option
regardless of the inherent limitations and consequences?
A proper Dom0 port of XEN to OpenBSD would solve this by removing the
linux dependency. However this would probably require a significant
effort on OpenBSD side and a XEN Hypervisor code audit.
Also from earlier discussion on the list it seems this kind of
virtualization may impact on security, which is in direct contrast with
OpenBSD goals. Can someone elaborate more on this?
ciao
Luca
