retrofitting LUKS encryption on installed system
Reindl Harald
h.reindl at thelounge.net
Mon Jul 1 18:20:34 UTC 2013
Am 01.07.2013 20:11, schrieb Junk:
> On Sat, 2013-06-29 at 23:51 +0200, Reindl Harald wrote:
>>
>> Am 29.06.2013 23:38, schrieb Bill Davidsen:
>>> Reindl Harald wrote:
>>>> "model name: QEMU Virtual CPU version 1.0.1"
>>>> what the hell - on VMware you have the same CPU as the host and only "VMware EVC"
>>>> is filtering CPU capabilities to provide relieable hot-migration between hosts
>>>> by make only the flags of the oldest CPU in the cluster visible to guests
>>> That's why we use KVM, migrations may not be within a cluster. Or be real time "migrations" as you are thinking of
>>> it, but rather may involve being backed up until the next time there is a support need for the machine. Different
>>> environment, different goals
>>
>> the goal of virtualization in production is live-migartion and failover
>> this way you hve zero downtime at host-upgrades / reboots
>>
>>>> that's why a VMwar eguest has around 95-98 % of the native performance because
>>>> there is only few binary translation and most instrcutions are passed 1:1
>>>>
>>> And as I remember if there was one old machine in the cluster you wouldn't have the aes instruction either.
>>> That's from docs, haven't tried VMware in a very long time
>>
>> that is why i mentioned "VMware EVC"
>>
>> you hardly need this because any running process inside a virtual machine will crash if
>> it is using CPU instructions which are not available on the CPU of the target host after
>> a migartion and with "VMware DRS" the cluster automatically starts live-migartions
>> if one host is overloaded while others are idle to spread the load of the guests
>> in a useful manner to the available hosts
>>
>> virtualization is the base of my daily job and afer working some time
>> with this features you never ever setup a server on bare metal for
>> gain a few percent more peformance with no safety net or way too complex
>> HA setups inside the machines itself inseatd have them a layer deeper
>> than your production OS
>>
>> well, i love opensource and on the guests Fedora/CentOS is running but
>> until now there is no opensource solution which can beat VMware on
>> certified hardware with proper support
>>
>
> Ovirt does this for free, as does the Redhat Product RHEV
> https://gb.redhat.com/products/cloud-computing/virtualization/ Live
> migration with HA is part of the base package. You don't need to buy an
> extra subscription
that's all nice, but until now you do not get certified appliances running on it
like https://www.barracuda.com/products/spamandvirusfirewall/vx or things like
http://www.vmware.com/products/datacenter-virtualization/vsphere/data-protection.html
out of the box which beats most backup-solutions in efficiency and in case
of disaster recovery
until now there are things coming partly close to the VMware ecosystem but
i see nothing which is able to beat them in context of *easy* managment
to bother only with the stripped down linux guest systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130701/d14a867f/attachment.sig>
More information about the users
mailing list