On 4/10/21 6:13 PM, Nicolas Kovacs wrote:
> I'd be curious to have your input, since I'm fairly new to this sort of approach.
I would only separate things that for some reasons are "dirty", e.g. require non packaged
installation.
All the rest (like bind, postfix, dovecot) can happily live in the same machine.
Splitting things too much will increase the maintenance effort, every stupid detail
like new kernel installation, clock syncing, log rotation, security patching, etc.
gets duplicated. Not to mention the need to now maintain a network connecting the pieces.
Same considerations when using containers instead of VMs, you only gain some performance
by not dragging entire kernels for each service.
Start by isolating the service that is giving you most troubles.
Then with a bit of experience, you can evaluate if proceeding along that road.
Best regards.
-- 
    Roberto Ragusa    mail at robertoragusa.it