From: Jonathan Sambrook (jonathan.sambrook_at_dsvr.co.uk)
Date: Thu 20 Mar 2003 - 16:15:49 GMT
At 15:38 on Thu 20/03/03, georges_at_norm.lu masquerading as 'Georges Toth' wrote:
> well we've been using vserver on a machine for about a year now and haven't
> experienced any problems, crashes or so, so far
> there are just three things which annoy me a bit....
> and those are that quota doesn't work inside a vserver if you have everything
No experience of this, but other do. (I mainly want to comment on grsec,
> on one partition.....at least not that i know of or it's still very beta at
> least (correct me if i'm wrong...)
> unification doesn't work for gentoo
Is there a Gentoo package maintainer (or is that portage maintainer?)
<fireresist>I don't know if it's just me, but I perceive an
increase in Gentoo users demanding that the rest of the world support
'their' distro which seems to be a horse/cart ordering
Less tetchily: could you expand on "unification doesn't work for gentoo"?
> the grsecurity patch doesn't work together with the vserver patch....maybe it
> does now, but didn't some weeks ago when i tried it
Could you expand on what you mean by 'doesn't work together'? Eg, do you
mean problems with overlaying the patches or problems with the
functionality once compiled?
I tried messing with grsec on top of ctx16 last week (or was it two
weeks ago? whichever) and it took a little merging, but was possible. I
didn't do any heavy testing so I know it can compile, but I've been
working on other matters (i.e. tracking down the major known oops) so
don't have an real experience after compilation.
As time goes by and the patches continue to evolve you should bear in
mind that the work involved in hand merging the two patches could
> so if you can live without quota and grsecurity vserver is a good choice.
> > In a business environment with several users (or even several businesses),
> > the vserver system seems to be an ideal way to isolate the different
> > subsystems that are used in businesses, in order to avoid possible
> > downtime caused by (re)installation/reconfiguration of services or even
> > hacking and bugs. E.g our idea is to install one vserver for each service,
> > which might be mysql, IMAP/POP3, SMTP, webserver, file sharing, etc.
> > The latest reports on stability problems like kernel crashes and panics has
> > so far scared me from installing the system in this way, and I might rather
> > go for a setup that distributes the the services on several machines
> > instead. Due to the increased hardware costs and physical room space
> > considerations, this will not be an ideal solution.
Jacques has released an offical fix for the oops problem so stability
just got an awful lot better.
> > Are there any experienced vserver users out there that could summarise the
> > pros and (especially) cons for vserver based on the current Linux kernel
> > patches, and any possible stable fixes?
> > Stability is the highest requirement for my setup, and any hints on what to
> > do (or NOT do) with vserver to get a "100% stable" system are highly
> > appreciated.
-- Jonathan Sambrook Software Developer Designer Servers