[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] Linode hacked, CCs and passwords leaked
On Thu, Apr 18, 2013 at 8:55 AM, Michael B. Trausch <mbt at naunetcorp.com>wrote:
> On 04/18/2013 01:50 AM, Wolf Halton wrote:
> > I have been testing openvz servers for over a year. Work well for
> > simple web services like drupal and less well for i/o-heavy apps like
> > evergreen-ils.
> It also stinks for applications in networking, since the user doesn't
> (at least the last time I used it) get a dedicated networking stack.
> LXC provides a networking stack through the use of a network device
> namespace for containers, and Xen/KVM simply emulate a full Ethernet
> card, usually attached to a software bridge.
> I tried to use OpenVZ a long time ago because the management interface
> on the setup I was working with wasn't bad, but then when I realized
> that I couldn't bring in my IPv6 through a router running as a guest
> ? Mike
Oh yeah, I'd forgotten those details: with OpenVZ (and probably LXC?) you
can't configure iptables, as you're sharing a kernel. You also can't use
tun/tap interfaces, for the reasons Michael mentioned -- which means you
can't run an OpenVPN server, for example.
I've been using Xen or KVM VMs for so long that I forgot how much I dislike
OpenVZ. OpenVZ probably works well enough for some use cases for users who
have control of the host (i.e., not VPSs.)
david at systemoverlord.com
-------------- next part --------------
An HTML attachment was scrubbed...