eyck wrote:
You can get away with running without those: That means running them on the host, and my idea was to have as absolutely as little as possible on the host. My original comments *were* the short version. A slightly longer version, for example, is that you can get away without things like CAP_MKNOD, but only if you manually create the nodes that the script tries to do. I started with that, but got tired of re-running it for every node it failed for. I'm guessing I could revoke the capability now, under the assumption that, once installed, VMware won't want to alter the nodes. I *think* I need the CAP_NET_* caps because of the way VMware wants to do networking. I haven't exhausted the possibilities here, so you might be right. The Xen and QEMU comments were a joke. My wife doesn't get my jokes either. But in seriousness, I'm using the (free (beer)) VMware Server, not ESX / GSX, and this VMware Server doesn't need a hypervisor.Both xen and esx use hypervisor, I guess they wouldn't like running one on top of the other... On that, I wonder if the vserver patches and Xen patches can co-exist. I shudder to think of the patching. But it might be nice to have them both in one - the flexibility of Xen (different kernels etc) and the efficiency of vservers. Tony |
_______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
