RE: [vserver] shrink wrap it

About this list Date view Thread view Subject view Author view Attachment view

Date: Sat Feb 09 2002 - 22:11:28 EST

On Saturday, 9 February 2002 at 13:31, klavs klavsen wrote:

> I would very much like to know your purpose for using a product like
> vserver, and what makes it the best for you.

many purposes, actually:

- transparent independant virtual servers with possibly different distros on the same machine;
- sandbox environment for running untrusted binaries;
- perfect framework for IDS setup ( security+integrity tools running in the root server with no
network access and all network services inside their respective vservers )
- use your imagination...

Why do I like it so much?

- It's simple and elegant;
- It's easy to audit ( try auditing selinux sources );
- It is a complete solution, not something that relies on twitching the userland, e.g. creating
"pseudo-root admin" like freevsd;
- There is no practical performance loss ( compare this with VMware and usermode linux );
- "unify" feature provides a way for very efficient use of memory. Running 100 webservers is not
using much more RAM than running 1 webserver because the binaries and libraries are hard
linked and only loaded into memory once for all those 100 servers;
- it is as stable as the base stock kernel;
- it still has many things to be added and I can contribute some of those.

As far as I'm concerned, this is the future.
I wouldn't run any public accessible network service
unless it's under vserver.


About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:00 EDT