Opened 5 years ago

Closed 5 years ago

#1664 closed volunteer task (fixed)

Set up virtualisation on puma

Reported by: planetcruiser Owned by: jsfan
Priority: blocker Milestone: 0.8
Component: unknown Keywords:
Cc:

Description

Task:

  • Set up either KVM or Xen (depending on admin mailing list feedback) on puma
  • Create initial vserver containers for weblive and mysql (names to be decided)

Urgency:

  • deer renews for another month on 31 May 2012, so it would be good to do this as soon as possible and aim for a server move before that date. If that's impossible, we'll take another month and do the migration without rush

Change History (6)

comment:1 Changed 5 years ago by planetcruiser

what i wrote to the admin list on the subject yesterday:

i think separation of services makes a lot of sense for a number of
reasons. for starters i suggest to set up vservers like this:

 * live web (apache, php)
 * mysql

..and leave enough for what is now on lamb and possibly other developer
test boxes. the boxes themselves should run on an absolute minimum
number of packages and debian stable if possible to make servicing and
backups as easy as possible.

first we need to decide on a virtualisation technology. i favour kvm,
because from what i read it has surpassed xen in speed, distribution
support and community size. also hetzner uses kvm for their vserver
range (
http://wiki.hetzner.de/index.php/VServer#Welche_Virtualisierungl.C3.B6sung_wird_eingesetzt.3F
). does anyone here have experience with both and could post an opinion?

next question: will we manage with one ip address and some clever
firewall forwarding based on hostnames and ports? that's how we do it at
ecobytes with our linux-vserver contextualisation. or do we need to
order additional ip addresses (1 eur/month each)? i will also check this
with the ecobytes vserver wizard.

comment:2 Changed 5 years ago by planetcruiser

  • Owner set to jsfan
  • Status changed from new to assigned

want this one? :)

comment:3 follow-up: Changed 5 years ago by jsfan

I'm happy with giving KVM a try. I'm sure it's not rocket science.

I've never worked with just one IP address. Unfortunately, I don't think it is 1EUR/IP. you will need the FlexiPack? (15EUR) and then you can add e.g. 6 IP addresses as a package. That's what I do. (Or we could just run IPv6 only which is free. Just kidding...)

If every service is only needed once, port forwarding could do the trick. However, while it saves money, it adds complexity (e.g. iptables as an additional service). I think if we think we can fund it, we should spend the extra 20EUR/month.

Not sure about the deadline. This might be a bit tight to have everything up and running and sufficiently tested. Might need to spend the money on the extra month just to be safe.

comment:4 in reply to: ↑ 3 Changed 5 years ago by planetcruiser

Replying to jsfan:

I've never worked with just one IP address. Unfortunately, I don't think it is 1EUR/IP. you will need the FlexiPack? (15EUR) and then you can add e.g. 6 IP addresses as a package. That's what I do. (Or we could just run IPv6 only which is free. Just kidding...)

If every service is only needed once, port forwarding could do the trick. However, while it saves money, it adds complexity (e.g. iptables as an additional service). I think if we think we can fund it, we should spend the extra 20EUR/month.

the iptables setup is working well for us at ecobytes on two virtualised hetzner boxes. if you have questions about it feel free to email to support at ecobytes net or pop by #ecobytes on irc.indymedia.org -> "veg" is the one you want to talk to.

Not sure about the deadline. This might be a bit tight to have everything up and running and sufficiently tested. Might need to spend the money on the extra month just to be safe.

i agree. let's do this right and without stress. i emailed the treasurer about it.

ok, off to my train to moscow now. :)

comment:5 Changed 5 years ago by jsfan

ROX doesn't seem to like having the DB on a different machine. We will have to fix that and then move the DB. Everything else should be alright.

comment:6 Changed 5 years ago by planetcruiser

  • Resolution set to fixed
  • Status changed from assigned to closed

we are now using kvm on currently 1 ip address. http and https is forwarded to the virtual server currently called "cub", which runs www and alpha, as well as various bevolunteer.org forwards.

i think we can safely close this one. :)

Note: See TracTickets for help on using tickets.