Results 1 to 3 of 3
Thread: Virtualization advice needed
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Nov 2012
Virtualization advice needed
First, I'm sorry for my english but I'm trying to do the best !
I'm here to take advice from more experimented users on GNU/Linux server administration.
I want to host some services on a dedicated server like NGinX on Debian stable.
I improving myself to security issue, looking to the best way to offer low cost but secure hosting to my futur users.
I know I can virtualize my services to improve security and make an attacker's intrusion less efficient for my data's users and my own infrastructure. I've heard about OpenVZ for example, which seems good but maybe not the best choice for Debian because it's recommanded to use a RHEL kernel and I don't think it's a good idea because it's not optimized for Debian.
I've heard about LXC too, which is seems a better choice for Debian.
But I know also other way to separate my services, like a chroot, but by default it's not securised at all and I need to configure it to has something usable in production.
I want something lightweight and secure.
What are you recommendation ? How do you separate your services ? I'm aiming Web, mail and jabber hosting for now.
You are using Debian, so it will be easy to install Sun/Oracle's VirtualBox.
As long as you have some good horse power in the main server, you can use it run 3 or 4 virtual machines, each of which can have a different role. The firewall would reside in the main Debian server.
For example, you can run the following virtual machine: a linux fileserver, a linux webserver, a linux mailserver, and for user-accounts even something like Windows Server 2008 (if the users want a windows environment, or run specific win-only software).
Each would have its own IP address, is secure, can be backed up easily, and it is so much cheaper than running 4 seperate real machines. You would need samba on the main server too for talking between win and linux, of course. And good cabling, good switches, and if you want reliable wireless, you will need a good access point (not a SOHO wireless router/internet connector, a pro grade access point).
Your terminals (if you want to run terminal services - easily done if you want user accounts on Win 200 need only be cheaper machines running something like Debian as a base OS.
You would just have a link on the desktop to a remote desktop script, like "rdesktop -f 192.168.1.10" where 192.168.1.10 is your windows user account server.
Hope this helps
- Join Date
- Nov 2012
Thanks for your answer !
Yeah that's probably what I'll do but with XEN, which seems the most secure and powerful virtualizing solution.