On 4/10/21 6:13 PM, Nicolas Kovacs wrote: > I'd be curious to have your input, since I'm fairly new to this sort of approach. I would only separate things that for some reasons are "dirty", e.g. require non packaged installation. All the rest (like bind, postfix, dovecot) can happily live in the same machine. Splitting things too much will increase the maintenance effort, every stupid detail like new kernel installation, clock syncing, log rotation, security patching, etc. gets duplicated. Not to mention the need to now maintain a network connecting the pieces. Same considerations when using containers instead of VMs, you only gain some performance by not dragging entire kernels for each service. Start by isolating the service that is giving you most troubles. Then with a bit of experience, you can evaluate if proceeding along that road. Best regards. -- Roberto Ragusa mail at robertoragusa.it