Virtualization on Debian

[Ian Petersen]

Hi Meng,

I don't have much personal experience with virtualization, and the
experience I have is with VMWare ESX Server hosting a bunch of Windows
guests, so I don't know how interested you'll be, but I thought I'd
chime in anyway.

My mother is the IT manager for a company of somewhere between 50 and
100 computer users.  I'm pretty sure that her and her only direct
report (Ben) are the entire IT staff for this company.  They recently
consolidated several servers onto a VMWare setup.  I don't know the
hardware specs for sure (although I could get them if anyone cares),
but I think it's something like dual Xeon dual cores, with multi-GB
RAM.  There are two such machines sharing a SAN with, perhaps, 1TB of
disk.

This configuration has made maintenance a lot easier for Ben because
he can now make some changes to the system during business hours that
used to required after-hours work.  I think this is because the
virtual machines can be live migrated between the physical machines.
I'm not exactly sure what this feature buys him, though, that allows
him to do maintenance during the day.

Another benefit of the virtualization is disaster recovery.  I built a
web application for them and it is being hosted on a Gentoo guest.
This being my first-ever contract, I made a few mistakes.  The worst
mistake was to leave an insecure user/password combo on the machine
after opening the SSH server to the world.  Somebody from the
Netherlands (or, maybe a zombie machine in the Netherlands) broke into
the machine and started scanning the rest of the 'net for more open
machines.  Thankfully, I had a log of when it happened, and Ben had a
backup of the VM from the night before.  Monday morning, we created a
new VM from the backup, compared the contents of the web-app's
database between the two images, deleted the weak account, secured the
SSH server to only accept key-based logins, and then transferred
everything over to the new machine.   Total recovery time was about 60
minutes and I was working from home.  Perhaps similar or faster
recovery times can be achieved with traditional backups and
traditional servers--I don't know, because I've never done one--but
this seemed quick to me.

Finally, I think the electricity bill has dropped at my mother's
office because they threw out a bunch of machines.  The computer room
is also cooler, so the air conditioner is running either less often or
less powerfully.  So, even though the project cost a few tens of
thousands of dollars (I think), the overall effect is a net savings in
the long run.  (The project was more expensive than I would have
expected, but it included an outside team doing a whole lot of
pre-transition measuring to figure out how much horsepower the new
host machines would need.  I think the bill also includes some amount
of post-transition support, the hardware, VMWare licenses, and
probably a few other things I'm forgetting.)

Ian

-- 
Tired of pop-ups, security holes, and spyware?
Try Firefox: http://www.getfirefox.com
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists