On Mon, Nov 22, 2010 at 5:54 PM, Matthew Monaco <dgbaley27@xxxxxxxxxxx> wrote: > On 11/22/2010 11:41 AM, C Anthony Risinger wrote: >> >> fellow patrons, >> >> i am moving my company's in house platforms off of a mix of deprecated >> soft virtualization solutions like openvz and bare metal installs -- i >> have decided on using libvirt + kvm (in conjunction with cgroups for >> qemu and possibly other uses). >> >> i'm trying to use Arch for the host/hypervisor setups, for a couple >> reasons: >> >> ) very easy to roll custom initramfs builds >> ) shooting for a< 128MB 100% in-RAM diskless image (RHEV-H or ESXi) >> ) host is changed infrequently, and all-at-once (no need for >> ongoing/stable repo support) >> ) i'm very familiar with Arch's initramfs setup, and with Arch in general >> >> the other possibility i'm considering is Gentoo, but it's been quite >> some time since i've used it :-/. neither arch nor gentoo will be >> used for guests (likely debian/ubuntu here). >> >> does anyone have any experience/insight here? the comparable >> technology for RHEV-H for redhat, or ESXi for vmware. i am looking >> into the `archboot` setup for inspiration on a custom initramfs build >> system. >> >> primarily i'm just look for any pointers/information anyone may find >> useful, not only on the image itself but also management and >> configuration techniques. >> >> thanks, >> >> C Anthony >> > > How important is the stability of your system? Will you be able to build > custom versions of packages when security updates are released so that you > don't have to start upgrading everything? well since these are the host images, i pretty much want them to be as rock solid as possible. there is not much need for packages/updating; the host systems will be network booted (or booted from a small flash... maaaaaybe CDROM as last resort), and are a completely self contained image -- kernel + initramfs. everything inside the image will be hand picked and stripped down -- no docs/etc. only the necessary kernel modules, only the bare minimum services needs to run VMs, diagnostics, and metrics. kernel will be hand tuned. the idea is that with a couple host machines in place, and a distributed block layer (undecided... LVM + iSCSI or something else...), VMs can be migrated off a host, and the host is simply rebooted to run a new, updated image. VMs can then be moved back without downtime. i'm not too concerned with host security (guests are a diff story...); the host images are totally inaccessible except for SSH, and via a built in host key. we might allow TCP + TLS connections, but unlikely. so yes, we will be doing many custom packages and builds; i'm trying to see if anyone has done custom initramfs work like this, beyond the archboot tool (which is great :-). C Anthony
