On Wed, May 27, 2009 at 8:40 AM, Douglas A. Tutty <dtu...@vianet.ca> wrote:
> On Tue, May 26, 2009 at 08:46:49PM +0200, Laurent Guignard wrote: > > On Fri, 22 May 2009 18:02:27 +0000, Sylvain Le Gall wrote: > > > On 22-05-2009, Sthu Deus <sthu.d...@gmail.com> wrote: > > > > How I can organize a Operating system-level virtualization on a > server > > > > for every service I would isolate? > > > > > > Use a chroot (standard) or a vserver (search for vserver in debian > > > archives there is a kernel version and two packages for userland > tools). > > > > > > vserver is more flexible and allow you to assign IP address et al. > > > > Beyond the question, what is the interest to virtualize services. I > understand > > the need to virtualize different machine for OS specific server software, > > tests and so on. > > Is there anywhere to find when virtualization is the best way to solve a > > problem and when it isn't ? > > > Unless something has changed, to be really secure, virtualization has to > be fully supported in the hardware of the CPU so that there are no CPU > instructions that can be issued from within the virtual machine to break > out of it. i386/amd64 don't meet that criteria. I don't know what > other vendors have, but e.g. IBM's Power architecture does, and provides > logical partitions (LPARs) at the firmware level which appear to the OS > as a real piece of hardware. > > AFAIK, virtualization on i386/amd64, beyond the os-specific software or > testing issues, is a gimmick. It may provide one extra layer for > someone to try to break out of but it also adds an extra layer to hold > bugs. > > Doug. > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > > There is nothing like LPAR in x86/amd64 architecture. Totally different arch. Believe me I work for the eye bee m company. -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas"
