Xen is definitely a great piece of software. It is currently the only viable (truly) Open Source solution to build secure virtual systems by isolating software in their own sandbox, and being able to set CPU/Memory restrictions on each of the sub systems.
However, each subsystem has to be managed and upgraded separately. This means that each subsystem is a (nearly) complete system that must be administrated in its own. Another aspect is User Management, since some users may need to be propagated. An LDAP repository can be used to avoid the ugly NIS-like propagation, but one needs to define a policy regarding how the users are laid-out in the directory and how the directory is used, since not all virtual machines may be accessed by all users… And user management also implies the usual sharing of /home, for which most people use the old and broken (though working ) NFS .
Monitoring is also an important topic in this area : open source monitoring solutions like OpenNMS must be leveraged in order to monitor all the servers. This is another layer of complexity, that isn’t necessarily needed.
So now, what I am wondering about is why all the buzz goes to Xen, and nobody really cares about SELinux (except maybe Red Hat which seems to provide decent SELinux support in its distribution). Ubuntu, in any case, does not seem to make SELinux its priority, as Michael Dolan highlights it.
Sure, Xen and SELinux are not meant to tackle the same problems. Xen is a virtualization layer, whereas SELinux is a security layer. However, the problem, I believe, is that people tend to use Xen to tackle security problems that SELinux could solve without the need of additional systems. Of course, for complex needs, Xen+SELinux could be envisionned, but the philosophy behind virtualization is that the system is dumb from a security perspective, whereas SELinux tries to fix the heart of the problems : making a multi-user system secure.
In fact, why would anyone want to setup of a full-blown virtual server just to run a DNS server, if some security stack could protect the rest of the system from being damaged in the case that the DNS daemon would get hacked ?
+1 – Why do you need Xen at all when you can isolate your applications in their own sandbox – similar to a linux-vserver/OpenVZ container almost. I can see other uses for Xen – scale out, test, consolidation. Right now though – I think the SELinux with RHEL and for some part AppArmor with SLES are what set the “enterprise Linux”s apart from the community ones. I took unfair aim at Ubuntu in my post b/c really most of the ‘community’ distros that are not based on RHEL/SLES seem to have largely ignored SELinux and AppArmor. For instance, why is SELinux an ‘alternative’ type install for Gentoo. WIth Gentoo it’s all build from scratch, but SELinux isn’t a part of the default handbook – it’s optional.