This sounds like a good idea, I just don't think it will work well on this
hardware.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In all things, Be Intentional.
On Mon, Jan 30, 2023 at 2:16 PM Peter Smode <psmode at kitsnet.us> wrote:
> Rob,
>
> You are walking a path I have already been down. It is painful. Years ago,
> I had everything in one: AD, fileserver and more. Then time for upgrades,
> which got put off longer and longer making for a bigger and bigger mess.
>
> So today, I have all my systems running inside of KVM using LVM to present
> LVs directly to the guests for use as their disks. I run a pair of VMs for
> AD controllers using Samba kits I Built from source on yet another VM. I
> have a "factory" assembly line that I use to roll out updates.
Each DC is
> running Rocky Linux 8.7 with a relatively limited number of packages. Each
> VM works with just 2 vCPU and 1.5 GB RAM. Each system is profiles with 13
> GB on SSD for everything but /var, when I have a separate 4 GB volume
> presented from a host VM allocated from spinning rust.
>
> I actually have to member fileservers in the domain. Again, as VMs on
> Rocky Linux 8.7, using LVs on the host to present "disks" to the
guests.
> Again, two vCPUs does the trick with 2 GB RAM allocated to each. Disks are
> laid out with 10 GB for everything but /var, and a separate 4 GB disk works
> there. On the main fileserver, I also enabled AD logins to the server
> itself and automatic creation of user shares. I then setup a GPO to bind
> these to a consistent drive letter for Windows logins as well as for the
> one domain joined Mac we have here (this is a home operation, but with lots
> of variety ? ). The volume on which the user shares and other mount
> targets are presented from the fileserver is an entirely separate volume.
> Using the LV technique is nice, because it is trivial to manage backups of
> this device as well as having a contingency of simply exporting/importing
> the LV to another guest if I have a real problem or need to rebuild. There
> are other operational advantages as well.
>
> My host server has multiple NICs. I use one bonded pair for management
> access. Another bonded pair is connected to the bridge that has all the VM
> connections. And then I have one other 2.5 Gbps NIC that I also added to
> the mix. This NIC goes only to my other fileserver which is the one I use
> as a backup target. Having a dedicated NOC ensured the regular fileserver
> traffic never slows down, even when backups are run. Using the LV approach
> also made generation of safety backup of the backup target much easier. I
> also attached to the host a SATA dock into which I drop a multi-TB drive
> encrypted with Veracrypt. I then have a job that runs on the host once a
> month that snapshots the host LV that the guest employs as the target for
> the network backup share. I pick a known quite time in the schedule and
> snapshot the host LV and then copy it to the encrypted disk.
>
>
> So an AD controller pair, one fileserver for actual fileserver work and
> another to act as a network backup target. Use LVs on the host presented to
> the guests for storage and separate out the volumes used for shares from
> everything else. In general, only 1.5 to 2.0 GB RAM per VM, and whatever
> you want for vCPU (KVM oversubscription on vCPU is not an issue at this
> level), but 2 vCPU per seems to be enough. If doing backup operations
> through your home, assigning a dedicated NIC to the fileserver used for
> backups eliminates that contention as an issue for the host; if backup
> clients queue up after that, not a big deal.
>
> Peter Smode
> psmode at kitsnet.us
>
> -----Original Message-----
> From: samba <samba-bounces at lists.samba.org> On Behalf Of Rob
Campbell via
> samba
> Sent: Monday, January 30, 2023 12:50 PM
> To: samba at lists.samba.org
> Subject: Re: [Samba] System Requirements for Samba?
>
> Yeah, I just want the most basic server to host vms as to not use up any
> of the resources since it is pretty old. I just need something I can ssh
> into and run vbox (bc I'm most familiar with this) or something.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In all things, Be Intentional.
>
>
> On Mon, Jan 30, 2023 at 12:29 PM Kris Lou via samba <samba at
lists.samba.org
> >
> wrote:
>
> > >
> > > There is also Citrix XenServer for maxium comfort. It offers GUI
> > > tools under Windows for managing VMs. The drawback is, there are
a
> > > lot of parameters you cannot set in the non paid version.
> >
> >
> > Just to throw it out there, there's also XCP-NG which is a
rebranded (w/o
> > Citrix) version of XenServer without all of the proprietary bits. The
> same
> > people also produce XenOrchestra, which is a web-based management
> interface
> > for XenServer, so no need for Windows-based tools.
> >
> > While they are capable of in-place-upgrades, XCP-NG tracks XenServer,
> which
> > is based upon CentOS 7, so really, nobody knows how Citrix is going to
> > handle the backend in the future.
> >
> > Kris Lou
> > klou at themusiclink.net
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>