maus
|
|
response 25 of 27:
| 
Oct 19 04:51 UTC 2006 |
Well, after discussion with colleagues, the OS will be Solaris 10u1. The
box only has a single system board for the time being (unforeseen hits
to the budget precluded adding a satelite board), but I have confidence
in the reliability of this board and will keep a spare on hand just in
case. Virtual environments will be built from zones with basic
functionality coming from loop-mounted, read-only copies of the system
/bin /sbin /lib etc.
Anyone have a V880 or V890 that they don't need anymore? I could run a
fairly large database on one of those and have plenty of muscle left to
run a whole slew of full-rooot zones. If I remember right, that one had
a standard configuration of 8 processors, 16 GBytes of RAM, 8
hard-drives, dual NICs and a combined LOM/remote-console-over-IP.
Inasmuch as computing resources can be sexy, that one is sexy.
Re: #24: In this instance, a jail is referring to one created with the
jail() or sysjail() facility, not simply a chroot() jail. The jail() or
sysjail() mechanisms make it very hard to escape, as they presume that
the contents will be running as root and are hostile. In addition to
pivoting hte root of the filesystem, they also pivot the root of the
process tree and will not allow even root to jail(./..) or the like.
http://sysjail.bsd.lv/ or
http://www.onlamp.com/pub/a/bsd/2006/03/09/jails-virtualization.html may
provide some interesting reading for the insomniac.
|