I use Debian

Submitted by root

Tags: none.

 

On servers  <-> 16%61 votes
On the desktop  <-> 13%49 votes
Both  <-> 70%261 votes
Total 372 votes

<<< My favourite editor is? I'm a Debian >>>

#1
debian servers
Posted by bmontgom (68.15.xx.xx) on Sun 15 May 2005 at 18:50
[ Send Message ]
Lately I've been thinking alot about segregating services on my server using UML (user mode linux). My hardware resources are limited and I see this as a way to run some services that I normally wouldn't allow to co-exist on a machine. Anyone have any experience with this?

[ Parent ]

#2
Re: debian servers
Posted by Steve (82.41.xx.xx) on Sun 15 May 2005 at 20:05
[ Send Message | View Steve's Scratchpad | View Weblogs ]

Well UML isn't going to be included in Sarge, so that's a problem if you're running a stable server ...

Otherwise, yes, it's a good solution.

I've written about it once here before, but nowadays I do prefer running services under Qemu - I find the availability of a graphical environment a nice bonus.

User mode linux can be used successfully for lots of things, if you have a spare collection of IP addresses you can isolate different services, or setup pretend clusters fairly easily.

It's not clear if your hardware resources are limited in the sense that you only have a server, or if you have only an underpowered server? But if it's the latter you're going to find that it might be pretty resource intensive to run more than a few UML instances...

Steve
-- Steve.org.uk

[ Parent ]

#3
Re: debian servers
Posted by Anonymous (193.237.xx.xx) on Sun 15 May 2005 at 20:55
Set up UML on a box so me and a mate could share it without treading on each other toes too much.

Both host and hosted systems run Debian sarge - since it is basically just a kernel patch (SKA is essential currently no matter what the documentation says!) and a kernel (Arch = UM), not having the packages in Sarge isn't a major issue.

We manually pulled in the Deb files for the other utilities from other versions of Debian (Woody if IIRC they didn't have any weird dependencies so you can "just snaffle them").

I have suspicions about performance but these boxes aren't heavily used, but I suspect these could be mitigated by better planning. I'd make the hosted filesystems separate paritions (does it work with LVM? I assume it would) rather than files within a filesystem, and use the latest kernel (and latest patches).

It tooks a lot longer than expected to get a stable system - hence the SKA patch comment. But if you hit on a working combination of kernels/patches you could probably have it working first time in under and hour. As such give it a try.

If the resulting system needs a lot of kernel modules I'd say give up, but we wanted just web servers, no sound, no fancy graphics or hardware, no firewalling (everything is either public or not running, ssh locked to specific users - as per the tip here!), seems to work fine, and seems very stable despite suggestions I've seen elsewhere.

[ Parent ]

#4
Re: I use Debian
Posted by Kellen (68.15.xx.xx) on Tue 17 May 2005 at 01:06
[ Send Message | View Weblogs ]
Speaking of UML-ish things, what about the vserver patch? (http://linux-vserver.org/)

I've not had much experience in compiling custom kernels, but this seems like something that would make it "worth it" in terms of enhancing the security of the base server.

Anybody used this?

[ Parent ]

#6
Re: I use Debian
Posted by Steve (82.41.xx.xx) on Fri 20 May 2005 at 06:35
[ Send Message | View Steve's Scratchpad | View Weblogs ]

I've wanted to try it, but I haven't gotten round to it yet.

The only potential concern I have is how the kernel building will interfere with the module-assistent built nvidia modules I use...

Steve
-- Steve.org.uk

[ Parent ]

#5
Re: I use Debian
Posted by Anonymous (130.231.xx.xx) on Wed 18 May 2005 at 09:32
"On PDA's, home appliances, mobile units and waistcoat buttons" is missing :(

[ Parent ]

User Login

Username:

Password:

[ Advanced Login ]

Register Account

Quick Site Search

Poll Archive

View Prior Polls