Or if you need performance on a server, and have already learned, Gentoo is for production use. I've run it in an OpenVZ VE for over a year now, with no problems to speak of.
Also the "full time professional Army" isn't winning in Iraq because the war was horribly mismanaged right after the fall of Baghdad.
The Iraqi police were fired (but kept their weapons), the factories (which provided jobs) that were in operation before Saddam was captured weren't opened back up, and the people that actually had some real experience governing (the Sunnis) were banned from... government.
So now you've got a bunch of armed unemployed Iraqis with nothing to do and al-qaeda whispering in their ear, and a bunch of novices running the government...
Yea I'm not seeing the point here... the open sourcing of Java has made me take a huge second look at it. Eclipse+Glade in GNOME has made Java devel easy, from what I see
I think he meant getting to "port object permissions" on a programmatic level... with an API. What you are describing are filesystem Access Control Lists. He's talking about using ACLs on ports. Everything being an object in NT, and being able to have ACLs applied to "everything," is a good idea. As the grandparent said, the application developers at MS just have to use them.
Basically the "Security tab" you see for files could be applied to individual ports.
Re:Does theodp only write flamebait?
on
The HP Way 2.0
·
· Score: 1
OK what you're missing here is that there are two sides of virtualization (well technically there are more but we'll go with 2):
OS-based virtualization, which is done by OpenVZ, is based on "Virtual Environments" that all run under one kernel. It's kinda sorta like running different servers in their own "chroot jail", but with their own virtual interfaces, their own quotas, etc. etc. Generally because you're not semi-emulating hardware paravirtualization is faster
Para-virtualization, which is done by Xen, KVM and VMware, essentially runs "emulators" (domUs) inside the host server (the dom0). The performance of using this strategy is helped out by virtualiation-specific processor extensions, hence the "para-" prefix. As other posts have pointed out, this approach is slower and uses more resources, but provides a "thicker partition" between the domUs.
Saying you will only ever use virtualised workloads is stupid, and unprofessional. -and no, the fact that you got [oracle,mysql,postgresql] to run in a VM does not mean its going to be anywhere near decent performance.
I wasn't specifically saying I would do the virtualization with Xen... if it was specifically a Linux server I would most definitely run it in an OpenVZ VE. You seem to think "virtualization" automatically means paravirtualization, not OS-based virtualization.
What I meant was that even if the server was only going to host one OS (one copy of Apache, one copy of mySQL, etc. etc.), I'd still setup OpenVZ on the node side and setup the OS inside a VE on that server... this gives you a huge amount of portability.
For backups, I can take a snapshot of the current VE without even interrupting the services running in that VE (if the node is running on LVM), or only minimal downtime (I'm talking 3-5 minutes) if its not.
If the server's load is getting too high because the site's getting Slashdotted I can simply snapshot my VE and move it over to a beefier server with more RAM/CPU that's running OpenVZ. No rsync, no reinstall. No fuss, no muss
I can have the node be Debian 3.1 and run in the VEs Gentoo, CentOS, Fedora, Debian, etc. etc.
I realize the performance hit Xen-based virtualization imposes. As the article points out OpenVZ-based virtualization doesn't carry that performance hit. I'd even still consider running e.g. a Windows server in a Xen domU because of the portability that would give me as well. Of course anything would be tested with an appropriate load before putting it into production... and I'd NEVER consider running two disk intensive VEs or domUs side by side (e.g. two virtualized database servers side by side)
When you sit down and do your homework, and don't oversell as you said, OpenVZ gets the job done. I was looking for a good way of virtualizing a new server we were moving to and I've gotta say I can't see myself ever NOT installing a server in either an OpenVZ VE or a Xen domU ever again.... with OpenVZ you can give one VE (almost) all the resources of the hardware its running on, and when that one server outgrows that hardware doing a vzdump or vzmigrate is sooo easy.
The big difference between Xen and OpenVZ comes down to what openvz calls "privvmpages" - memory that is claimed by running processes but not actually used.
The example here is this: two OpenVZ virtual environments (VE) can be set up on a server with, say, 1 gig of ram, with a gig of swap underneath it (So, RAM+Swap equals 2 gigs).
Those two virtual environments can be "oversold" in the amount of privvmpages they're allowed to use, because processes ask for more memory than they _actually use_ all the time. So let's say we give those two VEs 1.5 gigs of privvmpages (total of 3 gigs - more than RAM+Swap), but we only give them each 500 megs of oomguarpages. (less than RAM+Swap).
The thing that _should never_ go over RAM+Swap is oomguarpages (out of memory guaranteed pages) - pages of memory that are guaranteed (OpenVZ measures some of its resources in pages and some in megs).
With Xen, on that server I just described you're locked in - there's no bursting, and there's no dynamic allocation going on. You give one domU 750 megs of ram and you give the other domU 750. That's it.
OK who all here knew right off the bat just from the article name that CleverNickname was Wil Wheaton (I have my prefs set so gaming articles are oneliners)
Have you looked at DJB's tinydns with dynamic capabilities wrapped around it? I know for a fact djbdns scales, but I dunno how well scripts wrapped around it work.
"TinyDYN
In a nutshell, TinyDYN consists of a set of scripts that allow you to run your own dynamic dns services (similar to dyndns.org) on your own network. The services use strong authentication via GnuPG, and is designed to work with djbdns's tinydns for name service."
That's good stuff... last week I was in an "Advanced VOIP" class the Army put us in (I'm active duty unfotunately), and as different concepts were gone over I kept thinking about "how proprietary all this is." Open hardware is a great concept... I'd love to not be under the same lock-in as users of that OS are.
Anyways so basically: The proprietary Cisco CallManager talks to the Cisco router's proprietary T1 controller card, via a proprietary protocol (MGCP), and the VoIP calls to the POTS phone are done via SCCP (which is... you guessed it! proprietary). You get the idea.
I asked the instructor if he'd ever looked at Asterisk as an alternative PBX, and he'd never even heard of the thing. I then asked what Cisco CallManager 5 would be running on (knowing it was Linux), and he replied "RedHat."
As I type this from "Camp Victory"(oh the irony), Baghdad, Iraq I have to wonder if the current administration is capable of managing any country where we defeated the standing government and were responsible for managing that country afterwards.
Russia would probably be run by opposing mafia and a corrupt government, and all the while more and more soldiers are committed to the country under the guise of "winning the war on terror."
I wonder how Vietnam would have worked out, if we actually won there. I suppose W and Co. weren't in charge then though, so maybe it would've worked out
Once again I gotta reply to this thread and ask that you guys take a look at the GP2X
I bought one and I never looked back at the other guys/soldiers out here (I'm deployed to Iraq) who bought PSPs and all they talk about is how damn crippled the DRM-loving Sony PSP is.
And no I'm not a frigging paid shill damnit. Just a happy owner of a product that actually listens to its customers
Yea great job on the informative side of that post there guy...
For those that don't know about it (I didn't know about it until a couple of weeks ago: "Free Space Optics (FSO) is a line-of-sight wireless technology, which enables secure, high speed bandwidth connections using optical laser communication"
This is true, however you can download a non crippled Progman.exe and run it on XP SP2. I have personally done this to setup a locked down Internet cafe (instead of settings up 65,000 local group policy settings)
I wasn't implying that they "destroy their business model" in the name of open source... I'm saying that they're doing this because "the web demands open standards" and it looks good on the PR front ("hay guys we embrace open source"), not because it's the right thing to do.
MS would use closed, proprietary, patented protocols/standards (furthering vendor lock-in) wherever they could, if people didn't immediately jump to Apache/PHP if they did.
Slashdot Mirror
hey I laughed... too bad i don't have mod points right now man
Or if you need performance on a server, and have already learned, Gentoo is for production use. I've run it in an OpenVZ VE for over a year now, with no problems to speak of.
I "cut my teeth" on RedHat 5 though...
Also the "full time professional Army" isn't winning in Iraq because the war was horribly mismanaged right after the fall of Baghdad.
The Iraqi police were fired (but kept their weapons), the factories (which provided jobs) that were in operation before Saddam was captured weren't opened back up, and the people that actually had some real experience governing (the Sunnis) were banned from... government.
So now you've got a bunch of armed unemployed Iraqis with nothing to do and al-qaeda whispering in their ear, and a bunch of novices running the government...
Yea I'm not seeing the point here... the open sourcing of Java has made me take a huge second look at it. Eclipse+Glade in GNOME has made Java devel easy, from what I see
http://www.youtube.com/watch?v=9m-GXQF1Zdw take a look for yourself
I think he meant getting to "port object permissions" on a programmatic level... with an API. What you are describing are filesystem Access Control Lists. He's talking about using ACLs on ports. Everything being an object in NT, and being able to have ACLs applied to "everything," is a good idea. As the grandparent said, the application developers at MS just have to use them.
Basically the "Security tab" you see for files could be applied to individual ports.
it might be his name... Theo D. P. :/
OK what you're missing here is that there are two sides of virtualization (well technically there are more but we'll go with 2):
OS-based virtualization, which is done by OpenVZ, is based on "Virtual Environments" that all run under one kernel. It's kinda sorta like running different servers in their own "chroot jail", but with their own virtual interfaces, their own quotas, etc. etc. Generally because you're not semi-emulating hardware paravirtualization is faster
Para-virtualization, which is done by Xen, KVM and VMware, essentially runs "emulators" (domUs) inside the host server (the dom0). The performance of using this strategy is helped out by virtualiation-specific processor extensions, hence the "para-" prefix. As other posts have pointed out, this approach is slower and uses more resources, but provides a "thicker partition" between the domUs.
Just because a lumberjack doesn't know how to use his tools properly, don't blame the chainsaw because it ran out of oil and seized up
Thnaks for OpenVZ btw! It's a great product, when used correctly
Saying you will only ever use virtualised workloads is stupid, and unprofessional. -and no, the fact that you got [oracle,mysql,postgresql] to run in a VM does not mean its going to be anywhere near decent performance.
I wasn't specifically saying I would do the virtualization with Xen... if it was specifically a Linux server I would most definitely run it in an OpenVZ VE. You seem to think "virtualization" automatically means paravirtualization, not OS-based virtualization.
What I meant was that even if the server was only going to host one OS (one copy of Apache, one copy of mySQL, etc. etc.), I'd still setup OpenVZ on the node side and setup the OS inside a VE on that server... this gives you a huge amount of portability.
For backups, I can take a snapshot of the current VE without even interrupting the services running in that VE (if the node is running on LVM), or only minimal downtime (I'm talking 3-5 minutes) if its not.
If the server's load is getting too high because the site's getting Slashdotted I can simply snapshot my VE and move it over to a beefier server with more RAM/CPU that's running OpenVZ. No rsync, no reinstall. No fuss, no muss
I can have the node be Debian 3.1 and run in the VEs Gentoo, CentOS, Fedora, Debian, etc. etc.
I realize the performance hit Xen-based virtualization imposes. As the article points out OpenVZ-based virtualization doesn't carry that performance hit. I'd even still consider running e.g. a Windows server in a Xen domU because of the portability that would give me as well. Of course anything would be tested with an appropriate load before putting it into production... and I'd NEVER consider running two disk intensive VEs or domUs side by side (e.g. two virtualized database servers side by side)
When you sit down and do your homework, and don't oversell as you said, OpenVZ gets the job done. I was looking for a good way of virtualizing a new server we were moving to and I've gotta say I can't see myself ever NOT installing a server in either an OpenVZ VE or a Xen domU ever again.... with OpenVZ you can give one VE (almost) all the resources of the hardware its running on, and when that one server outgrows that hardware doing a vzdump or vzmigrate is sooo easy.
The big difference between Xen and OpenVZ comes down to what openvz calls "privvmpages" - memory that is claimed by running processes but not actually used.
The example here is this: two OpenVZ virtual environments (VE) can be set up on a server with, say, 1 gig of ram, with a gig of swap underneath it (So, RAM+Swap equals 2 gigs).
Those two virtual environments can be "oversold" in the amount of privvmpages they're allowed to use, because processes ask for more memory than they _actually use_ all the time. So let's say we give those two VEs 1.5 gigs of privvmpages (total of 3 gigs - more than RAM+Swap), but we only give them each 500 megs of oomguarpages. (less than RAM+Swap).
The thing that _should never_ go over RAM+Swap is oomguarpages (out of memory guaranteed pages) - pages of memory that are guaranteed (OpenVZ measures some of its resources in pages and some in megs).
With Xen, on that server I just described you're locked in - there's no bursting, and there's no dynamic allocation going on. You give one domU 750 megs of ram and you give the other domU 750. That's it.
Ha! Wow that would be some serious trojan-horse ninja'd shit if that works out as you describe. Let the court testing of the GPL begin!
well at least something came out of this thread lol
I was pointing out folks that I have personally seen comment as I was browsing articles. I've seen ESR comment here maybe once or twice...
Bruce Perens still posts here regularly it looks like... that's the only other "old timer" type that comes to mind :/
OK who all here knew right off the bat just from the article name that CleverNickname was Wil Wheaton (I have my prefs set so gaming articles are oneliners)
Maybe I should get out more...
Actually, if you really want to get technical, no it is not. :)
Darwin is the BSD-based OS, XNU is the kernel, not the BSD kernel.
Have you looked at DJB's tinydns with dynamic capabilities wrapped around it? I know for a fact djbdns scales, but I dunno how well scripts wrapped around it work.
"TinyDYN
In a nutshell, TinyDYN consists of a set of scripts that allow you to run your own dynamic dns services (similar to dyndns.org) on your own network. The services use strong authentication via GnuPG, and is designed to work with djbdns's tinydns for name service."
http://www.technocage.com/~caskey/tinydyn/
That's good stuff... last week I was in an "Advanced VOIP" class the Army put us in (I'm active duty unfotunately), and as different concepts were gone over I kept thinking about "how proprietary all this is." Open hardware is a great concept... I'd love to not be under the same lock-in as users of that OS are.
Anyways so basically: The proprietary Cisco CallManager talks to the Cisco router's proprietary T1 controller card, via a proprietary protocol (MGCP), and the VoIP calls to the POTS phone are done via SCCP (which is... you guessed it! proprietary). You get the idea.
I asked the instructor if he'd ever looked at Asterisk as an alternative PBX, and he'd never even heard of the thing. I then asked what Cisco CallManager 5 would be running on (knowing it was Linux), and he replied "RedHat."
Just goes to show you the thinking I guess...
As I type this from "Camp Victory"(oh the irony), Baghdad, Iraq I have to wonder if the current administration is capable of managing any country where we defeated the standing government and were responsible for managing that country afterwards.
Russia would probably be run by opposing mafia and a corrupt government, and all the while more and more soldiers are committed to the country under the guise of "winning the war on terror."
I wonder how Vietnam would have worked out, if we actually won there. I suppose W and Co. weren't in charge then though, so maybe it would've worked out
Once again I gotta reply to this thread and ask that you guys take a look at the GP2X
I bought one and I never looked back at the other guys/soldiers out here (I'm deployed to Iraq) who bought PSPs and all they talk about is how damn crippled the DRM-loving Sony PSP is.
And no I'm not a frigging paid shill damnit. Just a happy owner of a product that actually listens to its customers
Or get a GP2X and have a handheld that's designed to be hacked, uses SD cards (SDHC support is being worked on...) and runs Linux!
And a PSX emulator is being worked on right now. (See PSX4GP2X
Yea great job on the informative side of that post there guy...
o mmunication
For those that don't know about it (I didn't know about it until a couple of weeks ago:
"Free Space Optics (FSO) is a line-of-sight wireless technology, which enables secure, high speed bandwidth connections using optical laser communication"
http://en.wikipedia.org/wiki/Free-space_optical_c
This is true, however you can download a non crippled Progman.exe and run it on XP SP2. I have personally done this to setup a locked down Internet cafe (instead of settings up 65,000 local group policy settings)
See here for an explanation
I wasn't implying that they "destroy their business model" in the name of open source... I'm saying that they're doing this because "the web demands open standards" and it looks good on the PR front ("hay guys we embrace open source"), not because it's the right thing to do.
MS would use closed, proprietary, patented protocols/standards (furthering vendor lock-in) wherever they could, if people didn't immediately jump to Apache/PHP if they did.