A while back, I found myself running out of hardware and wanting to host more sites than I currently was. In addition, I wanted to create a little bit more redundancy for some of the services I host.
At the time, I was hosting a number of services with Xen. One physical server hosted 3 or 4 virtual servers. After a certain amount of reading over different solutions, I decided to convert all my production virtual servers to Linux-vserver. I’m not advocating either solution here. I’m simply going to point out my reasons for changing and hopefully help my readers understand the issue more.
Continue reading “Linux-Vserver vs Xen”
To debug a problem I’m working on, I need to be able to see network traffic on an interface inside a linux-vserver guest. To do this, you have to enable the CAP_NET_RAW capability for that guest.
> echo "NET_RAW" >> /etc/vservers/myserver/bcapabilities
Then just restart the vserver.
I noticed you don’t have to enable NET_ADMIN, or unhide the interfaces. I’m not sure if there is much of a security risk on having NET_RAW enabled or not. You can always disable and restart after you’re done with tcpdump.
In my production setup, I don’t have a load balancer. This may be changed at some point, assuming that we can find one we like for the price we want to purchase it for, but in the mean time, I’ve been inspired to set up a virtual IP address across two machines that each can load balance between my real servers. Inspiration for this project came from this article. I’ll be using Linux-HA to manage the virtual ip address with heartbeat.
Continue reading “Using Linux-HA for High Availability with Gentoo and Linux-VServer”