Date: Sun 10 Feb 2002 - 03:11:28 GMT
On Saturday, 9 February 2002 at 13:31, klavs klavsen wrote:
> I would very much like to know your purpose for using a product like
> vserver, and what makes it the best for you.
many purposes, actually:
- transparent independant virtual servers with possibly different distros on the same machine;
- sandbox environment for running untrusted binaries;
- perfect framework for IDS setup ( security+integrity tools running in the root server with no
network access and all network services inside their respective vservers )
- use your imagination...
Why do I like it so much?
- It's simple and elegant;
- It's easy to audit ( try auditing selinux sources );
- It is a complete solution, not something that relies on twitching the userland, e.g. creating
"pseudo-root admin" like freevsd;
- There is no practical performance loss ( compare this with VMware and usermode linux );
- "unify" feature provides a way for very efficient use of memory. Running 100 webservers is not
using much more RAM than running 1 webserver because the binaries and libraries are hard
linked and only loaded into memory once for all those 100 servers;
- it is as stable as the base stock kernel;
- it still has many things to be added and I can contribute some of those.
As far as I'm concerned, this is the future.
I wouldn't run any public accessible network service
unless it's under vserver.