[Vserver] ideal setup

[Matthew Nuzum]

Hello, I've been using linux-vserver for years and years. I'm getting
ready to put a couple servers into use and it seems things have
changed greatly since I last configured it. Namely, you can do lots of
cool stuff that couldn't be done before.

I'll admit, I'm using a budget colo facility. I want to keep my
bandwidth down. To achieve this, I've connected the servers via eth1
to each other to create a private lan. Ideally, all traffic between
the hosts would use this lan. I first started struggling with the idea
of setting up multihomed vhosts when I realized it was pure insanity
to do so. It would be so much better to create all the vservers on the
private lan segment and use the hosts as routers to the outside world.
By using SNAT rules, I can keep all my vhost traffic quiet and I can
even install different services on different vhosts. Smart, right? Am
I on the right track here, or should I just use multi-homed vservers?
Anyone here seen a scenario like this documented? I'd love to be able
to stand on the shoulders of giants.

Additionally, I would love to use both quota and have the benefits of
unification. I understand that to use quotas you need a separate
filesystem. Of course, this makes unification impossible. So I had a
bright idea.

Most of the user data, everything I think I need to count against
quotas as a matter of fact, will be in /home. So what if I create a
filesystem (loop for example) and somehow mount it so that it is /home
in the vserver. Would this allow me to enable quotas on the /home area
of the disk?

Lastly, what is the best way to share user accounts across several
vservers? (possibly spanning two physical hosts) Best being simple,
reliable, non resource intensive and secure.

Thanks for your suggestions and help.

--
Matthew Nuzum
newz2000 on freenode
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] ideal setup

[Herbert Poetzl]

On Thu, Apr 26, 2007 at 03:21:44PM -0500, Matthew Nuzum wrote:
 Hello, I've been using linux-vserver for years and years. I'm getting
 ready to put a couple servers into use and it seems things have
 changed greatly since I last configured it. Namely, you can do lots of
 cool stuff that couldn't be done before.
 
 I'll admit, I'm using a budget colo facility. I want to keep my
 bandwidth down. To achieve this, I've connected the servers via eth1
 to each other to create a private lan. Ideally, all traffic between
 the hosts would use this lan. I first started struggling with the idea
 of setting up multihomed vhosts when I realized it was pure insanity
 to do so. It would be so much better to create all the vservers on the
 private lan segment and use the hosts as routers to the outside world.
 By using SNAT rules, I can keep all my vhost traffic quiet and I can
 even install different services on different vhosts. Smart, right? Am
 I on the right track here, or should I just use multi-homed vservers?
 Anyone here seen a scenario like this documented? I'd love to be able
 to stand on the shoulders of giants.
 
 Additionally, I would love to use both quota and have the benefits of
 unification. I understand that to use quotas you need a separate
 filesystem. Of course, this makes unification impossible. So I had a
 bright idea.
 
 Most of the user data, everything I think I need to count against
 quotas as a matter of fact, will be in /home. So what if I create a
 filesystem (loop for example) and somehow mount it so that it is /home
 in the vserver. Would this allow me to enable quotas on the /home area
 of the disk?

yep, but I'd suggest to use lvm volumes, because they
will give you better performance than loop files

 Lastly, what is the best way to share user accounts across several
 vservers? (possibly spanning two physical hosts) Best being simple,
 reliable, non resource intensive and secure.

on the same host: have the same filesystem
on different hosts: use a network based filesystem

HTH,
Herbert

 Thanks for your suggestions and help.
 
 -- 
 Matthew Nuzum
 newz2000 on freenode
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver