Thanks again for the input.<br><br>I should mention that the use of the RAID share is two-fold.<br>1.) It's a storage location for my backup and media files (though notably not the best solution).<br>2.) It would safeguard the media files against drive failure. (backups would already be safeguarded as they're on the PC and the RAID.<br>
Any suggestions for a better/easier/more practical solution?<br><br>A question on running VM and updates.<br><br>In my previous attempts to run VM, I've always had a problem where if I allowed the kernel to update via apt it would break VM and I would have to re-install. Is there any way around this?<br>
<br><div class="gmail_quote">On Thu, Jan 15, 2009 at 3:51 PM, Daniel A. Ramaley <span dir="ltr"><<a href="mailto:daniel.ramaley@drake.edu">daniel.ramaley@drake.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
If you intend to be able to move RAIDed drives to another machine and<br>
still access them, i'd suggest reevaluating the hardware RAID decision.<br>
With hardware RAID, if the RAID controller isn't identical (same<br>
hardware and firmware revisions), there is no guarantee of it working.<br>
Software RAID is a bit more flexible; as long as you have a kernel<br>
version that is close it should be possible to read another system's<br>
disks. If you're really thinking of needing to remove RAID disks and<br>
make them work on another machine, i'd advise doing a lot of testing<br>
and playing with it prior to loading any data onto the RAID. Also,<br>
remember that RAID is not a backup. While there are certain hardware<br>
failures that RAID will protect you from (motherboard or controller<br>
failure being notable exceptions), it will not protect you from<br>
software or user errors (rm -rf ...).<br>
<br>
As far as the VM issues, more attacks against VMs are being discovered<br>
all the time. Running things in a virtual machine is adding more layers<br>
of software, so of course it will be overall less secure than running<br>
on bare hardware. But for many applications the marginal difference in<br>
security is a worthwhile tradeoff to get the benefits that<br>
virtualization can give (fewer machines, lower overall power use,<br>
etc.). For a home server i'd say go ahead with virtualization, but just<br>
be sure to keep up to date with security patches. But you should do<br>
that anyway, especially if running internet-facing services.<br>
<div><div></div><div class="Wj3C7c"><br>
On Thursday January 15 2009 15:36, <a href="mailto:jrnosee@gmail.com">jrnosee@gmail.com</a> wrote:<br>
>Awesome. I think that gets most of what I wanted to know.<br>
><br>
>on the<br>
>If it's a RAID mirror then... maybe. Are you planning to use the linux<br>
>software RAID driver? Get familiar with the mdadm commands. If you're<br>
> using a hardware RAID controller, then being able to rebuild your<br>
> RAID sometimes depends on having a compatible controller available.<br>
><br>
>It's probably going to be a hardware RAID...I think. I know once upon<br>
> a time just having a controller card didn't always mean it was a full<br>
> hardware RAID. I bought a cheap SATA controller (probably Silicon<br>
> Image based) some time back that I'll probably use, but I forget it's<br>
> capabilities. I guess my question was whether or not I could access<br>
> the files without rebuilding the RAID or if it's even possible (i.e.<br>
> just plugging the one drive I grabbed into say an eSATA port on<br>
> another computer...worst case would be if all I had was a basic<br>
> windows computer available to me. Say, at my parent's house.).<br>
><br>
>And on:<br>
>Yes and no. Using a VM offers other vectors of attack... for instance<br>
>someone has demonstrated reading information directly from the CPU<br>
> buffers between VM's on the same machine.<br>
><br>
>Is this something that can be executed from the exposed VM, or on the<br>
> host machine, and by exposing a VM am I inherently exposing the host?<br>
><br>
>Thanks again,<br>
><br>
>Justin<br>
><br>
>On Thu, Jan 15, 2009 at 3:12 PM, David Champion<br>
<<a href="mailto:dchampion@visionary.com">dchampion@visionary.com</a>>wrote:<br>
>> I can offer answers on some of these... see replies inline...<br>
>><br>
>> -dc<br>
>><br>
>> <a href="mailto:jrnosee@gmail.com">jrnosee@gmail.com</a> wrote:<br>
>>> I've decided to take on a new endeavor and I'm looking for any<br>
>>> thoughts, suggestions, tips, etc. I can get.<br>
>>><br>
>>> I'm going to set up a box running Ubuntu (not sure if it will be<br>
>>> server (or server w/ gui) or desktop yet).<br>
>>><br>
>>> This box is going to be 2 things.<br>
>>><br>
>>> 1.) VMware Server<br>
>>> Currently this runs my NSLU2 "slug" embedded linux development<br>
>>> environment. I may also add a web/email server VM* (see below)<br>
>>> 2.) Media File and Backup Server<br>
>>> I'm going to set up a mirrored 500GB raid to hold multi-media files<br>
>>> and backup files from my home windows pc's.<br>
>>><br>
>>> The OS will either be on a separate drive, or the same drive as the<br>
>>> VM's. The RAID will be a share as a whole (unless suggested<br>
>>> differently). I want to make as much room available to this share<br>
>>> as possible.<br>
>>><br>
>>> My primary questions involve the RAID as I've never set one up<br>
>>> before. There are 2 things I'm hoping the raid can do for me, but I<br>
>>> don't know if it can, or how to set it up.<br>
>>> 1.) Pull 'n go in an emergency. You know, the house is burning<br>
>>> down and I have time to grab...one drive tray from the server. If<br>
>>> I pull out one of the two raid drives and my house goes up in<br>
>>> flames, can I just stick the drive in another computer later as a<br>
>>> single drive and get my files back?<br>
>><br>
>> If it's a RAID mirror then... maybe. Are you planning to use the<br>
>> linux software RAID driver? Get familiar with the mdadm commands. If<br>
>> you're using a hardware RAID controller, then being able to rebuild<br>
>> your RAID sometimes depends on having a compatible controller<br>
>> available.<br>
>><br>
>> 2.) Windows/Linux accessable. I'm going to be sharing to a Windows<br>
>> PC. I<br>
>><br>
>>> want the linux OS to be able to read the drive too. I'm going to<br>
>>> have large (4+GB) files on it and I know FAT32 won't go that big.<br>
>>> Should #1 happen, I may want to get at these files from a Windows<br>
>>> PC.<br>
>><br>
>> The store's local filesystem format is irrelevant, you only care<br>
>> that the network file share is readable... which will probably<br>
>> either be Samba or NFS... unless you want to make an iSCSI share or<br>
>> something like that. Probably best to use a linux native fs, like<br>
>> ext3.<br>
>><br>
>> My other questions involves Security & VM's.<br>
>><br>
>>> 1.) If I open up a VM to the web for webhosting and email, are my<br>
>>> other VM's and my host OS still safe from attack? Sadly for years<br>
>>> I've pretty much sat myself behind a router firewall and lived<br>
>>> happily...I doubt that'll be enough sooner than later.<br>
>><br>
>> Yes and no. Using a VM offers other vectors of attack... for<br>
>> instance someone has demonstrated reading information directly from<br>
>> the CPU buffers between VM's on the same machine.<br>
>><br>
>> Odd question out:<br>
>>> Going along with #2 from the RAID questions, is there any format I<br>
>>> can use on a portable drive that would store large (4+GB) files,<br>
>>> and be readable and writable in Linux and Windows?<br>
>><br>
>> The linux fuseblock driver should be able to read & write NTFS (I've<br>
>> been using it without any issues). You can also get linux filesystem<br>
>> drivers for ext2 & 3, reiserfs and probably others for Windows. If<br>
>> you're worried about being able to plug it into any random Windows<br>
>> box and read it, you'll probably want NTFS.<br>
>><br>
>> Thanks,<br>
>><br>
>>> Justin W. Richeson<br>
>>> -------------------------------------------------------------------<br>
>>>-----<br>
>>><br>
>>> _______________________________________________<br>
>>> Cialug mailing list<br>
>>> <a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br>
>>> <a href="http://cialug.org/mailman/listinfo/cialug" target="_blank">http://cialug.org/mailman/listinfo/cialug</a><br>
>><br>
>> _______________________________________________<br>
>> Cialug mailing list<br>
>> <a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br>
>> <a href="http://cialug.org/mailman/listinfo/cialug" target="_blank">http://cialug.org/mailman/listinfo/cialug</a><br>
<br>
</div></div><font color="#888888">--<br>
------------------------------------------------------------------------<br>
Dan Ramaley Dial Center 118, Drake University<br>
Network Programmer/Analyst 2407 Carpenter Ave<br>
+1 515 271-4540 Des Moines IA 50311 USA<br>
</font><div><div></div><div class="Wj3C7c">_______________________________________________<br>
Cialug mailing list<br>
<a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br>
<a href="http://cialug.org/mailman/listinfo/cialug" target="_blank">http://cialug.org/mailman/listinfo/cialug</a><br>
</div></div></blockquote></div><br>