[ubuntu-za] To virtualise or not to virtualise

Charl Wentzel charl.wentzel at vodamail.co.za
Tue Oct 27 21:59:44 GMT 2009

On Tue, 2009-10-27 at 23:30 +0200, Matthew French wrote:
> On 27 Oct 2009, at 10:03 PM, Charl Wentzel wrote:
> > a. Which of these servers can I safely virtualise on one server, e.g.
> > can the firewall be a virtual machine or should it always be a  
> > separate
> > physical machine?
> (You haven't mentioned which virtual machine software you will use. I  
> am going to assume kvm since you are using Ubuntu, although VMWare  
> would probably apply to these points as well.)

Ubuntu Server Edition with KVM.

> You will need to apt-get the software you want to  
> install so probably best to set aside some time to waiting for  
> downloads. Unless you have a 24mbps ADSL line handy... :)

I wish! but I can dream!

> Another option is to use squid as a transparent proxy, running on the  
> firewall. This is reasonably safe if you don't expose squid to the  
> outside world, and IME the convenience far outweighs the risk. It also  
> has the benefit that all those other annoying Windows/anti-virus/game  
> updates are also cached and it can do wonders for general Internet  
> performance.

Cool, that sounds like the better option.

> You are probably right - since LTSP is a kind of desktop  
> virtualization which you don't want competing for resources with the  
> server applications. Although the great thing about virtual machines  
> is that you can easily set up a virtual LTSP server to see if it  
> works, and when performance does become an issue _then_ you can set up  
> a new box.

I was thinking along the same lines.  This is also true for any other
future experiments, no need to buy hardware first!

> As I have mentioned, you must make sure you have enough memory.

I've got 16 GB RAM.

> For CPU's I would have at least 2 cores

I'm starting off with a 2.0GHz Xeon Quad core on a dual slot motherboard

> One other important issue to consider is that with virtual servers you  
> have all your eggs in one basket. So if the server fails then you lose  
> everything at once. 

This is my only real concern, hence I'm buying proper server components,
including dual redundant power supplies.

> Obviously RAID is not negotiable

I've got 5 x 500GB SATA harddrives, i.e. RAID 10 (4 disks) + 1 spare

> Installing smartmon and lmsensors on the physical box to monitor for  
> disk failures and excessive temperatures might also be a good idea.

Thanks, I'll look into it.

> You also need a plan B

I'm still working on that, but you are certainly right.

> Oh, and one other minor point: if you are running an NTP server to  
> keep the clock in sync, you need to run it on the physical server, not  
> the virtual machines. The virtual machines will get their time from  
> the hardware but probably won't be able to reset the hardware time.

Thanks, haven't even thought of that.

> Hope this helps,

Definitely, thanks!  You've been a great help!

One more thing.  How should one partition in this case?  I'm planning on
using LVM to make things flexible, but which partitions are required?
I'm thinking at least the following:

1. Base installation
2. Virtual machine images.

The idea is to keep at least your virtual machine images and file server
data separate in case you need to reinstall/upgrade the base
installation.  This way it won't be removed by accident.


More information about the ubuntu-za mailing list