Hello, 2005/12/16, GarconDuMonde <[EMAIL PROTECTED]>: > me also! i really don't know that much about kernel stuff at all, and it's not > highest on my list of priorities to learn at the moment, but i am keen to > "monitor the hell out of the vservers" (what a great phrase!), ultimately on a > number of different physical hosts. currently, the only monitoring tool i > really > have experience with is munin, but cacti has been highly recommended to me, so > i'm very happy to learn it and then try to help get it as good as possible for > vserver usage.
We're actually using an in-house monitoring tool (similar to munin or cacti but better suited to our needs) but the overall idea is very similar (get data via snmp and graph it). > err, did you patch the kernel to collect the usage stats? as i said, i know > zero > about kernel stuff, really, but would have thought that hte more patches to > the > kernel, the more insecure; and that it would be better to monitor from some > other method. Yep, but I don't like the patch. Due to various implementations of filesystems (tested on ext2, ext3 and reiserfs) I couldn't use current->xid (the context of the current process), as the journaled filesystems perform the write with a kernel thread (kjournald and pdflush IIRC). I got a bit lost in the VFS-block devices interface so I took the brute force of adding a xid field to struct page. The performance loss is/was unmeasurable but still I don't like it :) WRT your point that patching the kernel makes it insecure, IMHO it's somewhat true but it all depends on the patch quality. Would you say Openwall makes your box insecure? And AFAIK there's currently no way to distinguish disk I/O between vservers to collect stats from userspace. Best regards, Grzegorz Nosek _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
