My backup solution is for each guest VM to back itself up. I already do this for the old servers that I plan to replace with guest VMs: each server runs a nightly cron job that backs itself up to Amazon S3 in a manner that mimics rsnapshot.
On Tue, Mar 10, 2015 at 11:51 AM, Edward Ned Harvey (blu) <[email protected] > wrote: > > From: John Abreau [mailto:[email protected]] > > > > I did a bit of googling to see how to setup a vpn server on the ESXi > host, and it > > seems that's not possible. And managing the host through a vpn running > on a > > guest VM sounds unreliable; if you need to use the management console to > > fix a problem that affects the vpn server guest, you have no access to > the > > management console until the problem is fixed. > > So it seems I'll still need a separate physical server to provide the > vpn. > > Correct(ish). > > You should not imagine ESXi as being a "normal" linux - although it runs a > linux kernel, it has little to no semblance to any normal linux > distribution that you're used to. It is intended to be a bare metal black > box, and it's generally best to let it be that way. As I said before, > there is some useful stuff you can do via ssh, but good reasons to avoid it. > > Presumably you have some other backup solution available, right? Don't > expect the host OS to do anything useful in terms of software raid or > backups, or even hardware raid management. HW raid management is a whole > separate subject - Some things you can do, others you can't. > > The *best* solution is to have the ESXi host running VM's, which are > network shared via iscsi from a storage server, which is *designed* to do > storage and iscsi well (such as a ZFS server). I like to run ESXi > diskless, because they do crap for disk management. > > You *can* install a VPN server in a VM running on the ESXi host - and I > have before - and it works fine - as long as nothing goes wrong with that > guest VM. Some time ago, I had to put in extra effort to make pfSense work > in a VM, but I think the recent versions actually support it, or something > - you can check with pfSense if you want. > > Of course, if anything goes wrong with your ESXi host, you'll be glad to > have a separate hardware vpn, and remote access to the iLom or whatever. > _______________________________________________ > Discuss mailing list > [email protected] > http://lists.blu.org/mailman/listinfo/discuss > -- John Abreau / Executive Director, Boston Linux & Unix Email [email protected] / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6 PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6 _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
