If you’re running Debian squezze with a Linux-Vserver kernel you’ll soon have to face the fact that support for non-mainline virtualization patches will soon be dropped from Debian stable.
The Debian kernel team stated very clearly that they won’t continue to provide custom patched kernel packages. In general I think that is a very good decision. Taking the workload for the team into account and the unwillingness of the Linux-Vserver and OpenVZ maintainers to cooperate with Debian this is very much understood.
So what to do now if have vservers running your business?
These are the options I could think of so far, feel free to suggest further:
- Stay with Squeeze
- KVM w/ Squeeze VM
- VMWare ESXi w/ Squeeze VM
- Custom patched Kernel
- Xen w/ Squeeze domU
Staying with Squeeze
If you plan to stay with squeeze you’re good to go for quite a while. Of course squeeze security updates will end some time after the Wheezy release, but what to do with newer hardware which is not supported by Squeeze? So not an option I think.
Linux Containers (LXC) are the preferred contextualization from Wheezy on. They are maintained within the mainline kernel are said to have a very good intregration with it. The biggest drawback however, are the userspace tools. While the team developing those used to be quite active it has slowed down a bit recently without having brought the tools anywhere close to util-vserver – which aren’t perfekt either.
KVM w/ Squeeze VM and Vserver Kernel
You could run Wheezy or Squeeze w/ an Backport Kernel on your host and run an squeeze vserver kernel inside KVM. That sounds ugly and means having to set up a network bridge on your host.
Of course you could also turn all your vservers into KVM VMs. This is very much work and means completly migrating to an entirely differnt virtualization architecture. Not very nice.
Long story short: The management of an ESXi is an PITA.
Xen w/ Squeeze VM and Vserver Kernel
Same as KVM w/ Squeeze kernel. See above.
Same as KVM. See above.
Custom patched Kernel
While the Linux-Vserver team isn’t always cheered about debian they are still very active and continue to provide patches for recent kernel. The biggest drawbacks here are, that you have to care about security update yourself and that you need to build a custom set of util-vserver. Older versions from squeeze won’t work with newer kernels.
While cleaning up some package dependencies I’ve stumbled upon debtree. Have a look, it’s worth it. Generates pretty picture. The policy manual may come in handy as well.
A short status update regarding VBoxAdm.
Finally I’ve created a Mailinglist: http://www.vboxadm.net/support.html#mailinglist
I’ve been refactoring the Code for a while to turn it more into a MVC-Shape. This means separating the Model from the Controller (former VBoxAdm::Frontend, now VBoxAdm::Controller::Frontend). The ultimate goal of this work is to support code reuse and support for multiple ways to manipulate the data. Once the Model classes are stable I’ll finish the command line interface as well as the HTTP-API. This will provide three ways to modify the underlying data:
- Web Frontend
- HTTP-API (no REST for now, maybe later)
The Mailarchive is postponed for the time being.
Most Mailclients, like Outlook, Thunderbird and KMail, support a way of client auto-configuration. When setting up a new mail account they request a certain URL derived from the mail address and if they find an XML document with the expected information there they’ll use this information to set the correct username, mailserver and protocols. Support for this was added recently. There is even support for the weird way MS Outlook does this. However Outlook support is, so far, based solely on the documentation on Technet. Due to the lack of a Outlook license I wasn’t able to test it. Please provide feedback.
After the refactoring, API and CLI are finished I’m going to look into the Mailarchive again. After that I’ll look into Quota Support, Mailman integration and I’d like to find a way to get the Postfix Logs into the database to ease support work. Having the Log in the database in a parsed format – no raw syslog to db – would make support request more easy to handle. No more need to log into the server and grep through the mail.log.
Further feature request are always welcome. Please direct any ideas and comments to the mailinglist at email@example.com.
Thanks to Liveblogging at identi.ca/debian everyone can follow the release progress during this weekend. Too sad theres no release party nearby …
The latest release of VBoxAdm features Debian Packaging and translation updates. Several new translations are now available. Please note that most of these are machine translations, so I’d gladly accept any suggestions for improvements.