[ale] Stable, backward compatible APIs

JD jdp at algoloma.com
Wed Sep 5 08:57:42 EDT 2012 

On 09/04/2012 12:37 PM, Derek Atkins wrote:
> JD <jdp at algoloma.com> writes:
> 
>> On 08/31/2012 09:01 PM, Wolf Halton wrote:
>>> JD
>>> What did you go to instead of VMWare?
>>>
>>
>> We already had some Xen and added KVM mainly for the few Windows
>> boxes.  We are mostly Linux on the server-side, so ESX was overkill.
> 
> What do you use for management and remote-console clients?
> 
> And assuming you have a web-based management in place, what server
> platform are you using?

We are small.

We do **not** - absolutely NEVER - use web-based administrative tools. Those
seem to be filled with security holes.  It just isn't worth the added risks.

For remote consoles ... we don't have any pure consoles.  ssh is good enough.
virsh provides commands for everything we need.  If we are on the same LAN,
virt-manager has been enough.  Remember, I said we were small.  If a remote GUI
is needed, I'll come in using FreeNX to a machine on the LAN and use that to run
virt-manager.  NX protocol is probably 2x more efficient than RDP or VNC. I've
used it over dialup, plus it uses ssh, so an extra tunnel/vpn isn't needed like
with RDP or VNC.

Platforms - Ubuntu Server 8.04, 10.04, 12.04.  The 12.04 virt-manager is much
improved over prior versions.  Support for the SPICE GUI accel has been included
in 12.04, but I've never gotten it working.

Why Ubuntu and not Debian?  This is a historical thing. In 2008, Debian Stable
was really stable ... almost dead. It was years behind current "stuff", so
Ubuntu was used.  Ubuntu has been extremely stable for us ... it grows on you.
;)  Why switch? We don't have a good reason, so we never bothered.  On the
server side, Ubuntu hasn't changed much over that time until 12.04 when they
screwed with resolv.conf - you can't edit that directly anymore.  Are other
distros like that too?  Seems like they made a change when no change was needed
or wanted, at least on the server-side.  All other Ubuntu changes have really
been improvements and newer code, IMHO.

I spent a few yrs in "rpm hell" and never want to return.  While I'm pretty
certain it was caused by my ignorance in loading any .rpm that would work, it
was also because the included versions for many tool didn't have the functions
required. There was little choice.  Eventually RPMs weren't enough and I had to
use source code to get necessary functions.  Things are very different these
days.  I make it a point to never go outside the package manager for
infrastructure.  Only the "main application" on a server can do that.  For
example, our Zimbra server is allowed to not use packages.  The same applies for
the for Redmine box.  When we mix services on a single machine ... wiki, DMS,
internal apache sites, we stay 100% package managed.

I'm certain there are more "optimized" ways to do this stuff, but we are small
and managing servers is not a full time job for anyone here. We all wear many hats.

More information about the Ale mailing list