> So, can anyone recommend me a filesystem that fulfills my following needs: > > Scenario: vFirewall (virtual Firewall) that is going to be deployed at > my IaaS Cloud Provider. > > Disk I/O Characteristic: Occasional writes during 'normal' usage, > once-a-week eix-sync + emerge -avuD > > Priority: Stable (i.e., less chance of corruption), least CPU usage. > > My Google-Fu seems to indicate either XFS or JFS; what do you think?
IMHO a firewall (physical or virtual) is something that fits strictly into the "appliance" category. It must do only one thing and do it well, with as little complexity and maintenance overhead as possible. Why in the world would anyone want to run gentoo (which among the rest needs portage and a whole compiler stack) -- or for that matter any other full-fledged linux distribution -- on something like that in production is beyond me... That said, XFS and JFS are targeted at completely different use cases and are way too complex for your scenario. Without appropriately-sized hardware I'm not even sure XFS fits in the "stable" category. Stick to ext3, keeping an eye on the inode count for /usr/portage as the default value on a small partition probably won't be enough. Fs-related CPU usage in a firewall (which has nearly zero disk activity when up and running) is mostly a non-issue unless you need some form of heavy logging or you're doing something wrong. Weekly updates, on the other hand are exposing you to the risk of random breakages and -- if you compile from source -- are going to cost you a serious amount of CPU. My advice would be to limit updates to those fixing known vulnerabilities, and even then compiling somewhere else and doing binary installs would be preferable. andrea
