[MLB-WIRELESS] possible vpn and public ip address allocation option

Steven Haigh netwiz at crc.id.au
Tue Mar 16 22:02:50 EST 2010


On 16/03/2010, at 8:55 PM, <mw at freenet.net.au> <mw at freenet.net.au> wrote:
> Should be quite easy really - only a matter of /where/ to put it.  The way I work it, if there was a VMWare platform available for MW services, it would be easy as pie to add services to the mix by simply running up a new VM with the new service - for example a VM running freeradius could be developed with read-only access to the database, and thereby no danger of damage to the database contents.
> 
> Furthermore, this sort of setup could support various project teams working on some area of specific interest to individuals - we could have an SNMP project, a mailing list project, web site project, wiki project and so forth, all on independent VMs.  Nobody needs to get root access to something they aren't involved in.  Furthermore, individuals can easy establish copies of the VMs relevant to their project to work on independent development components.


A number of comments about this:

1) For what you want to do, nobody should need root access. If they do, then you're doing something wrong. There is no reason why someone who is working on a wiki needs root level access to the operating system. Again, if they do, then something is being done wrong.

2) I'd be more concerned at the moment with fixing things like spammers who have automated the process of creating accounts and spamming the wiki such as: http://www.melbournewireless.org.au/wiki/?diff=Apple This is much more of an issue than having VMs everywhere and trying to reinvent the wheel.

3) You seem to overlook the overhead in VMs. Unless you throw serious hardware at it the performance penalty is more than acceptable for doing all but toying. Neither the current server nor the newer one being built supports hardware virtualisation so there is a rather large performance drop in CPU cache speeds between tasks etc etc. You basically lose ~10-20% CPU performance even if using hardware virtualisation. From what I have seen this gets even worse when multiple VMs are very busy.

4) Nobody working on a user space project (snmp, wiki etc etc) should need root access. I know I mentioned this twice, but its such an important thing I thought I would mention it twice.

-- 
Steven Haigh

Email: netwiz at crc.id.au
Web: http://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
Fax: (03) 8338 0299







More information about the Melbwireless mailing list