[ale] Stable, backward compatible APIs

Derek Atkins warlord at MIT.EDU
Thu Sep 6 11:12:40 EDT 2012


JD <jdp at algoloma.com> writes:

>> What do you use for management and remote-console clients?
>> 
>> And assuming you have a web-based management in place, what server
>> platform are you using?
>
> We are small.

Me, too.  One admin (me) and only a handful of users of VMs.

> We do **not** - absolutely NEVER - use web-based administrative tools. Those
> seem to be filled with security holes.  It just isn't worth the added risks.

If I had other tools that solve the same problem and can be run remotely
that would suffice.  But my "users" (well, VM admins) might not
necessarily be running Linux on their desktops, so that's why a
web-based solution seems "best".

> For remote consoles ... we don't have any pure consoles.  ssh is good
> enough.  virsh provides commands for everything we need.  If we are on
> the same LAN, virt-manager has been enough.  Remember, I said we were
> small.  If a remote GUI is needed, I'll come in using FreeNX to a
> machine on the LAN and use that to run virt-manager.  NX protocol is
> probably 2x more efficient than RDP or VNC. I've used it over dialup,
> plus it uses ssh, so an extra tunnel/vpn isn't needed like with RDP or
> VNC.

All of my users are remote.  I was hoping to provide a way they could
access the VM without a login on the VM host (or even on another host
locally).  I suppose I could set up a VM for them to run from, but that
just seems silly and I don't know if virt-manager would work from a VM ;)

> Platforms - Ubuntu Server 8.04, 10.04, 12.04.  The 12.04 virt-manager
> is much improved over prior versions.  Support for the SPICE GUI accel
> has been included in 12.04, but I've never gotten it working.

Fair enough.  I'm a Fedora user, personally, but I suspect recent Fedora
also has recent virt-manager.

> I spent a few yrs in "rpm hell" and never want to return.  While I'm
> pretty certain it was caused by my ignorance in loading any .rpm that
> would work, it was also because the included versions for many tool
> didn't have the functions required. There was little choice.
> Eventually RPMs weren't enough and I had to

Yeah, this can happen if you just use any rpm that works.  Modern Fedora
is pretty good about being inclusive, especially with the rpmfusion
repositories.  I've also had decent luck backporting RPMs as necessary.
Then again I've been using RPM systems since Red Hat Linux 3.0.3 back in
199x, so I'm very comfy there.

> use source code to get necessary functions.  Things are very different
> these days.  I make it a point to never go outside the package manager
> for infrastructure.  Only the "main application" on a server can do
> that.  For example, our Zimbra server is allowed to not use packages.
> The same applies for the for Redmine box.  When we mix services on a
> single machine ... wiki, DMS, internal apache sites, we stay 100%
> package managed.

Yeah, I try to same thing.  (I'm using Zarafa instead of Zimbra).

> I'm certain there are more "optimized" ways to do this stuff, but we
> are small and managing servers is not a full time job for anyone
> here. We all wear many hats.

Yep.  I'm just still trying to find a replacement for vmware-server!

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available


More information about the Ale mailing list