[colug-432] Cloud-based nested virtualization or other "wrapping" alternatives

Jeff Frontz jeff.frontz at gmail.com
Tue Jun 21 12:36:25 EDT 2016


On Tue, Jun 21, 2016 at 12:14 PM, R P Herrold <herrold at owlriver.com> wrote:

> On Tue, 21 Jun 2016, Jeff Frontz wrote:
>
> > My thought is to run the legacy distribution on a VM (say, under kvm)
> > inside another instance of a more modern distribution -- using the
> > encapsulating host's security to protect the legacy instance from the
> > outside world.  The only access to the legacy instance would be from the
> > modern instance (an encapsulating bastion host, if you will).
>
> nested containers are trickier than simeply running two
> instances, with the second accessible only across a non-routed
> backside network. Pmman is set up to permit the end user to
> disable and optionally re-enable the 'front side' routed
> network, and each machine gets an isolated appearance on a
> backside '10.x.x.n/24 network
>

I'm not sure I follow-- are you saying that the tricky part is having to
deal with instantiating/using a non-routed host-encapsulated network?  I'm
fine with requiring all access to be on/via the bastion host (e.g., ssh/scp
in to bastion, then ssh/scp into legacy via "local"/hosted network
instance).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20160621/bd858daf/attachment.html 


More information about the colug-432 mailing list