On Thu Feb 28, 2008 at 20:22:54 +0000, Adam Trickett wrote:
> Fair enough, not that any of the systems are heavily loaded.
In all honesty mine aren't anyway. I have a couple of systems
which are just used for building Debian security updates. That
means they're literally doing nothing for 99% of their lives.
The other times they'll be compiling emacs, etc. So they get
intense use only rarely.
Having said that even with 128/256Mb they work well.
> 1) It's all going to take place on a private 192.168 network, so I can assign
> each VM their own IP address, and the host system will do the routing?
That is correct.
That is correct.
I'd guess you'd have a simple bridged setup so your main machine,
any visiting people, and your guests would be on the same range. The
host system (dom0 in Xen-speak) would do masquerading.
The only thing that you'd have to do would be setup rules on your
gateway to redirect external visitors to particular VM + port pairs.
.e.g. my host system is 'gold.my.flat' which is 192.168.1.10
my guests are oun the 10.0.0.0/24 range. So I've got two rules
on my linksys router. One to redirect incoming request on port
80 to 10.0.0.100:80, and one to redirect SSH to 10.0.0.118:22.
> 2) On most of the VMs I won't need any real user accounts per say. I normally
> never login to any of my boxes a root, I almost always login as me then "sudo
> foo" or "sudo su -" if I need to so admin stuff. How do you deal with admin
> on the VM? Login as root?
I use cfengine to install an 'skx' account on all machines and ensure
that has the ability to sudo. LDAP, or NIS in a trusted environment,
would be a perfect way to go if you did want to centralize things.
I keep meaning to sort out LDAP, but I never find the time ..
> 3) Though they are all VMs on one real system, is it worth running up a NIS or
> LDAP server to maintain users?
It could be, particularly if you want to experiment, but it isn't
required. If you wish you could just give each machine the same
local root password and treat them as low-security machines since
if you compromise the host the guests will fall ...
> 4) What kind of disk footprint will a Debian VM take up for something like an
> externally accessibly SSH server? I gather Xen works well with LVM.
I use LVM on my host system, and my guests are always created with
4Gb disk and 512Mb of swap. In my own use disk space isn't often
needed. Even running GDM + VNC in a guest I'm only at 14% usage
of that space.
If you run out of space, provided it is available, you can shutdown
the guest(s) and resize them pretty much at will with either LVM or
loopback images.
Steve
--
Managed Anti-Spam Service
http://mail-scanning.com/
