Hi!
> > - We expect that the lots-of-dirty-anon-memory-over-swap-over-network
> > scenario might still cause deadlocks.
> >
> > I assert that this can be solved by putting swap on local disks. Peter
> > asserts that this isn't acceptable due to disk unreliability. I point
> > out that local disk reliability can be increased via MD, all goes quiet.
>
> Putting swap on local disks really messes up the concept of stateless
> servers. I suppose you can do some sort of swap encryption, but
> otherwise you need to scrub the swap partition on boot if you
> re-purpose the hardware. You also then need to do hardware
> configuration to make sure the local disks are all setup the
> same way across all server platforms so the common images can
> boot.
We should really encrypt swap with random key generated at boot, for
all the machine. I believe it is possible (with some non-trivial
setup) today, but it would be nice to do it automagically.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
