Re: [vserver] basic questions about vserver

About this list Date view Thread view Subject view Author view Attachment view

From: Billy Hager (whager_at_bellsouth.net)
Date: Sun Jun 23 2002 - 00:35:18 EDT


> 1. Is there a recommended brand and version of Linux to use with vserver?

Slackware is my favorite Linux distribution, but so far I have installed
vserver on SuSE 7.3(another favorite) using the rpm install. I would
recommend that you use the Linux distribution that you feel most comfortable
securing.

>Debian vs FreeBSD. Current target is RedHat 7.3, but have a version of
>Debian handy and have FreeBSD around here somewhere...

How would you use FreeBSD?

> 2. What is the recommendation about hard drive setup? Should each vserver
> be given its own partition? How large should that partition be? If all
> vservers can be put on one large drive, say, a 60GB drive, is there any way
> to approximate how much disk space will be needed for say 100 vservers?

As John said I would put all the vservers in a single partition.

> 3. (related to #2) Does each vserver have a full and complete installation
> of Linux on it, or are utilities/applications shared between vservers?

Install, exactly, only the software you need to run your vserver. When I made
my vserver setup, I used the Slackware 8.0 tar balls to create a custom
filesystem. Pick out only the packages you need and untar them into a
directory and, presto, custom filesystem. Less packages mean fewer possible
security concerns. If users don't need to change the base system on the
vserver I would suggest making it immutable, too.

> 4. How does vserver work with virtual web hosting with sharing IP
> addresses? If I wanted each domain I host to be its own vserver, does each
> of them have to have their own IP address, or can multiple vservers be on
> the same IP? How would I configure Apache on each vserver with this in
> mind? Or *can* I even run Apache on each vserver if each needs to bind to
> port 80?

Each different instance of a particular program binding to a particular port
needs to be on its own IP address. It is entirely possible to run apache in
its own vserver and the programs users use to access their files(ftp, ssh,
etc) on another. When setting things up keep thinking, "How can I separate
my users from stuff I don't want them to mess up.". That is one of the
greatest powers of vservers.

> 5. With regards to unique IP addresses, I currently have resellers who each
> get a unique IP address, and their resale customers share their IP address
> with the reseller ... should I just limit each reseller to their own
> vserver then and use Apache's <VirtualHost> setup?

If everyone is using the same IP, I would use Virtual Hosts.

> Thanks for any info.
>
> -id

-- 
Billy Hager          | AIM: wwhager2
whager_at_bellsouth.net | http://www.billsbox.net

About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT