A somewhat important announcement

20 February, 2012 (20:03) | lol blog | By: dovac

Its server moving time again! Hey its a monthly thing ok? Well not this time, this will be the last move for the next 12 months.

I’ve decided to do a Lease to Own program with a local colo, it’ll save me almost 300 bucks a month. I think this is worth the hassle of moving to a new server. Plus if I have any hardware problems its a quick 20min drive down the freeway with replacement parts.

This is also a big change as well, as some people are aware I host a few sites all on the same system (IQDB, TLwiki, Ammy, mirrormoon, and others). I’ve decided that moving forward I’m going to use Virtual Machines to separate the PHP and Ruby on Rail apps. Which software I will use to setup the VMs is undecided but I’m leaning to KVM. Originally I wanted to use Vmware ESXi but I don’t have globs of RAM to throw around on all the systems. If people have suggestions on which stack to use please let me know! (No cloud hosting stuff, I only have one server, so I don’t want to run openstack or something like that without multiple systems)

I also have another important announcement!….except I haven’t worked out all the details, so once that is done I’m going to write yet another blog post! Oh god I’m writing too much lately.

Comments

Comment from Stele007
Time 02/21/2012 at 7:45 am

Oh boy an announcement!

Comment from edogawaconan
Time 03/1/2012 at 6:23 am

TBH I’m not sure about the advantage in using VMs in this case. It adds overhead and complexity while doesn’t seem to give any benefit in return.

Comment from dovac
Time 03/1/2012 at 9:07 pm

VM is only for php sites, isolate it from imouto, less chance of getting rooted…hopefully

Comment from Ayo
Time 03/2/2012 at 12:05 am

If you’re fine with FreeBSD, I can recommend its concept of “jails”. Does much of the security of VMs without the performance impact.

Comment from edogawaconan
Time 03/2/2012 at 6:39 am

Unless you’re looking at potential local privilege escalation, securing php (or most things) should be sufficient with proper privilege separation (eg. one user per site) and routine updates. Also I hope the postgres’ pg_hba.conf doesn’t have “trust” identification method in it…

Comment from dovac
Time 03/2/2012 at 7:56 pm

@Ayo we’re using Ganeti for vm management
@edogawaconan kvm is only used for php/mysql sites. Main site will be running on the host server w/o virtualization.

Comment from edogawaconan
Time 03/3/2012 at 6:57 am

um, what I’m saying is that KVM is probably not worth the effort :S

Comment from dovac
Time 03/3/2012 at 9:20 am

@edogawaconan its already setup and in use ~_~

Comment from edogawaconan
Time 03/3/2012 at 8:17 pm

lol, whatever then.