X-Original-To: alpine-devel@lists.alpinelinux.org
Delivered-To: alpine-devel@mail.alpinelinux.org
Received: from dal-a2.localdomain (unknown [74.117.189.115])
	by mail.alpinelinux.org (Postfix) with ESMTP id 6F58ADC0091
	for <alpine-devel@lists.alpinelinux.org>; Wed, 26 Jun 2013 06:12:34 +0000 (UTC)
Received: from ncopa-desktop.alpinelinux.org (3.203.202.84.customer.cdi.no [84.202.203.3])
	(using SSLv3 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: ncopa@tanael.org)
	by dal-a2.localdomain (Postfix) with ESMTPSA id 39053BC2969;
	Wed, 26 Jun 2013 06:12:32 +0000 (UTC)
Date: Wed, 26 Jun 2013 08:12:26 +0200
From: Natanael Copa <ncopa@alpinelinux.org>
To: Jeff Bilyk <jbilyk@gmail.com>
Cc: Eric Duncan <eduncan911+alpinelinux@gmail.com>, Alpine Development
 <alpine-devel@lists.alpinelinux.org>
Subject: Re: [alpine-devel] Re: [acf] 300 Mbps router, VServer, Squid
 caching
Message-ID: <20130626081226.6de85eba@ncopa-desktop.alpinelinux.org>
In-Reply-To: <CAHwjr34k+E8m-3BfkV71yw4cG5imvcMJ7eW=Keqi-g6jFfMgqg@mail.gmail.com>
References: <CACaqnaR8OhSk7gbqJ4hjaRCURbnAK-Uv1ZAVMhKoisF_fn+=+w@mail.gmail.com>
	<CACaqnaQH=qM5FOSLC9R7zHeaVHKsVrJZi3gU_mU3jkcNxYNeVg@mail.gmail.com>
	<CAHwjr34k+E8m-3BfkV71yw4cG5imvcMJ7eW=Keqi-g6jFfMgqg@mail.gmail.com>
X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.17; x86_64-unknown-linux-gnu)
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Sorry for late answer

On Fri, 21 Jun 2013 11:24:24 -0400
Jeff Bilyk <jbilyk@gmail.com> wrote:

> On Wed, Jun 19, 2013 at 5:46 PM, Eric Duncan <
> eduncan911+alpinelinux@gmail.com> wrote:
> > What I understand of Alpine is there is a VServer option.  I know 0%
> > about this kind of setup on Linux.
> >
> > 1) How are the network interfaces shared/setup with VServer?
> >
> > What can I do/what setup should I concentrate on to minimize network
> > latency for the high-speed 300 Mbps networks?

vserver share network stack with the host so there should be no added
latency. Same with LXC.

> Under a VServer setup, the NIC is shared with the host, however firewalling
> is handled on the host, as per
> http://wiki.alpinelinux.org/wiki/Setting_up_a_basic_vserver.
> 
> However, VServer is being deprecated in favour of LXC (
> http://wiki.alpinelinux.org/wiki/LXC), which is now available in Alpine
> Linux 2.6.

We still use vserver for our build server infrastructure. I think we
will maintain vserver for some more time.

Also, LXC is not as mature as vserver.

> > 2) Under Alpine VServer distro, does the router/firewall run under the
> > host, or an additional virtual machine?
> >
> With VServer, the firewalling and routing are handled on the host, however
> LXC provides bridged access to the NIC.

Yes, with vserver the "guests" share the network stack with the host.
The drawback is that it can get slightly complicated if you think
"virtual". I tend to think that the guests are safe/protected chroots.

LXC does a better job in hiding whats going on and is better in giving
an illusion of virtualization.

> > I am just worried about the latency introduced if within a VM at
> > running at 300 Mbps speeds.  I already have seen this first hand with
> > a Hyper-V machine I've setup temporarily.
> >
> >
> > 3) If I wanted to setup Squid, would I do it under the host or a new
> > VM of a Linux distro of my choice?
> >
> 
> For service isolation, you could use an LXC guest.  I've used several Squid
> proxies for campus networks running on Alpine Linux, from Alpine Linux 1.9
> onwards, and Squid is very stable under Alpine, both as a caching and
> filtering proxy.

I would guess you gain a few % speedup using vserver over LXC. But with
LXC you use the grsecurity patched kernel which provides some
additional security features.

I haven't really tested but I think none of vserver or lxc adds any
network latency since they both share the network stack with the host.
The performance should be the same as if squid ran directly on host.

> > Again, just concerned about the network latency of 65 Mbps upstream of
> > the Squid caching box.
> >
> >
> > 4) How would I monitor a simple RAID 1 setup on the host for any drive
> > failures?  I admit I haven't run *nix systems in > 15 years so some
> > nudging in the right direction is all I need.  I plan on throwing this
> > into the basement and forgetting about it for years to come, until I
> > get an email alert that a drive has failed.
> >
> 
> My experience with RAID monitoring under Alpine is either with software
> (madm) or HP hardware based RAID under ML350 or DL380 servers
> (cciss_vol_status).  With mdadm, setting up email alerts is done via the
> MAILADDR parameter in mdadm.conf, or a plugin for the monitoring tool of
> choice is simple enough to setup via snmpd, nrpe or other monitoring
> daemon.  cciss_vol_status simply provides a CLI to monitor the status, and
> would require a wrapper script to notify on failure.
> 
> 
> >
> > Note above I stated that this Intel mobo has an ICH9R so it should
> > have pretty common drivers.
> >
> > Optionally, the Core i7 board, while not having as nice as NICs as the
> > Intel board, does have an ICH10R if those drivers are more mature for
> > RAID monitoring.
> >
> 
> I haven't ever tried Intel RAID monitoring under Alpine, so I'm not sure
> how simple or complex the procedure would be.

@Eric: It would be nice if you could write a wiki article about it if
you get it running.

Thanks!


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---