I have a XEN server hosting some Windows and Linux clients and I want them to be able to share certain files.
So I decided to create one VM (currently running under fedora linux) which does all the mounting stuff (which is very complex in this case).
I made it all up so that this mounting-VM contains n folders, one for each VM to share files with.
These folders content overlaps internally (using mount -o bind).
My question is now, how do I connect these folders to the VMs that should have access to them?
So my idea was to have some sort of filesharing server running on the mounting-VM.
This server should open n different (tcp-)ports, one for each VM.
Then it would be an easy task to provide each VM access to only the port it is meant to access (using iptables inside the firewall-VM).
This way, the security relies mainly on the physical access provided by the firewall and not on some sort of user authentication.
For me as a network-guy this would be much easier to handle.
So I decided to create one VM (currently running under fedora linux) which does all the mounting stuff (which is very complex in this case).
I made it all up so that this mounting-VM contains n folders, one for each VM to share files with.
These folders content overlaps internally (using mount -o bind).
My question is now, how do I connect these folders to the VMs that should have access to them?
So my idea was to have some sort of filesharing server running on the mounting-VM.
This server should open n different (tcp-)ports, one for each VM.
Then it would be an easy task to provide each VM access to only the port it is meant to access (using iptables inside the firewall-VM).
This way, the security relies mainly on the physical access provided by the firewall and not on some sort of user authentication.
For me as a network-guy this would be much easier to handle.