[ubuntu-za] To virtualise or not to virtualise

Lee Sharp leesharp at hal-pc.org
Tue Oct 27 21:05:48 GMT 2009 

Charl Wentzel wrote:
> Hi Guys
> 
> My virtual server is on order and I will start setting it up early next
> week.  For that part I don't see much problems.  My customer currently
> have the following server which he wants to consolidate:

Beforw we start, what did you finally get?  It makes a difference...

> - Pastel Accounting server (Win Server 2003)
> - GoldMine CRM (Win Server 2008 + MS SQL server)
> - Linux Domain server with SAMBA (File and print server) & Web server
> - Linux Firewall
> 
> Important: This is a small company with roughly 20 computer users, so
> traffic volumes are low.
> 
> This is where experience counts:
> 
> a. Which of these servers can I safely virtualise on one server, e.g.
> can the firewall be a virtual machine or should it always be a separate
> physical machine?

All of the "can" be, and quite a few people run the firewall in a VM.  I 
would not.  I like to keep security separate from my servers.

> b. Should the servers be virtualised as is, or should I split them up
> further, e.g. Domain Server, SAMBA server and Web Server?

Assumming that they perform well now, I would not split them up more. 
For one, there is no real reason.  But also, telling all the suers that 
the web site address has changed, and for what?

> c. I would like to start with Ubuntu JeOS (just enough OS) and build the
> Linux Servers up from there, rather that doing full Ubuntu Server on
> each.  Is this a good idea or are there hidden security risks?

Yes and no.  You will have to know Linux quite well to admin the JeOS 
server.  You can install the entire gnome GUI (just not run it) and have 
all of the GUI admin tools via ssh...  If you are better able to manage 
it, it will be more secure.

> d. Since there is likely to be more than one Ubuntu server (and some
> desktops in the future), I would like to set up apt-cache-ng.  Does it
> matter which server this goes on to?... obviously not the Win 2008
> Server :-)

If you set up debmirror on the web server, you can have a local repo, 
and just point the clients to that.

> e. They've show interest in an LTSP server.  My guess is that should be
> a completely separate server?

It all depends on load.  You will need to monitor load of the real 
server, and the virtual servers.

> I gut is that there must be some rule of thumb here, e.g. 
> Number of Virtual servers <= number of CPU cores.  Are there such
> guidelines?

Nope.  Because some servers do nothing, and others are slammed.  Also, 
different servers slam different parts of the system.  One can be disk 
bound with idle CPU.  The other is CPU bound with idle disk.  Those two 
can actually combine very well.

			Lee

More information about the ubuntu-za mailing list