On 9/7/2011 5:25 AM, Pandu Poluan wrote:
On Wed, Sep 7, 2011 at 01:15, kashani<kashani-l...@badapple.net> wrote:
On 9/6/2011 10:26 AM, Pandu Poluan wrote:
So, can anyone recommend me a filesystem that fulfills my following needs:
Scenario: vFirewall (virtual Firewall) that is going to be deployed at
my IaaS Cloud Provider.
Disk I/O Characteristic: Occasional writes during 'normal' usage,
once-a-week eix-sync + emerge -avuD
Priority: Stable (i.e., less chance of corruption), least CPU usage.
My Google-Fu seems to indicate either XFS or JFS; what do you think?
I think it's a useless local optimization for no real world gain
which only increases the complexity of your systems. Use the same filesystem
you use on all your other servers.
Well, for all my other servers, I standardized on ext4.
Since a vFirewall have to perform lots of packet-juggling, I'd rather
dedicate the CPU time to the kernel rather than the HD I/O.
Of course, a vFirewall needs to be updated every now and then, but
everytime an update is called for, it should not overly tax the CPU
and degrade the netfilter framework.
Rgds,
You are making my point for me, but not realizing the end result of the
logic. There isn't any filesystem change that is going to affect CPU
usage by more than a few percentage points in the use case you've
described. Rsync, portage, and gcc use a massive amount of CPU compared
to the amount the filesystem changes will use other than brief points
during the rsync. Additionally most benchmarks are testing filesystem
throughput and comparing it to CPU. Because disk IO isn't under pressure
in your scenario you're unlikely to see the pathological use of CPU that
can highlight the differences between filesystems.
That said, you have a few reasonable choices.
1. Move to a binary distro
2. Use buildpkg on a clone of this server and only install packages on
your Firewall.
3. NFS mount /usr/portage when you need it and dist build on another server
4. Don't upgrade
5. Get a firewall server with more CPU so that it doesn't matter
6. Script a new firewall server install every x months and swap it into
place and drop the original server.
7. Some combination of the above.
kashani
