Hi,
Up until now my main production server has been a "bare metal" installation of CentOS 7.9 hosting a variety of stuff.
DNS server with BIND for eight domains
IMAP mail server with Postfix and Dovecot for these domains, with about
two dozen mail accounts
Webmail with Roundcube for all the mail accounts
Various WordPress-based websites and blogs
Several instances of the management software Dolibarr
The learning platform GEPI for our local school
One instance of OwnCloud for half a dozen users
The hardware has no problems to deal with all that performance-wise. But managing all this in one big bulk has become a bit of a problem, since the LAMP-based PHP applications (WordPress, Dolibarr, GEPI, OwnCloud) increasingly cultivate their idiosyncrasies, so this feels more and more like herding cats.
My main goal in migrating all this stuff preogressively to a series of neat VMs hosted on a KVM hypervisor is clarity and ease of maintenance.
Now I wonder what could be a smart subdivision of all these VMs. After a bit of brainstorming, here's what I can come up with.
- It would make sense to regroup all the applications, e. g. one VM for
all the Dolibarr hostings, and then a different VM for WordPress, and a third VM for OwnCloud.
- It's tempting to have a lot of small VMs for clarity's sake. On the
other hand, it's maybe better to have one single VM for all the mail stuff.
- Should I put all the Roundcube instances in a separate VM? Or does that
go with the Postfix/Dovecot mail VM?
I'd suggest to have it on one VM. I guess Webmail and the other parts don't disturb each other and they really belong together, so why not put them into one instance.
- DNS is a bit of a special case, a bit of a catch 22. I would be tempted
to setup an extra (bare-metal) machine for just handling this. Since BIND provides the DNS information about the hypervisor and the backup server themselves this becomes a bit of a chicken-and-egg situation.
If the backup server and the KVM host are two hardware servers, then why not put one DNS server on each of them? Primary on one and secondary on the other hardware so as long as one of these hosts are up, you have working DNS.
- Even if it's tempting to multiply VMs, let's not forget that I have to
keep an eye on hardware resources, not to forget I have to pay for every extra IPv4 address.
Why not have some hosts with only internal addresses? I don't think all of the hosts will need public addresses, right?
Regards, Simon
I'd be curious to have your input, since I'm fairly new to this sort of approach.
Cheers,
Niki
-- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32 Mob. : 06 51 80 12 12 _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos