From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1R1ves-0003A8-Et for garchives@archives.gentoo.org; Fri, 09 Sep 2011 07:37:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5962521C16F; Fri, 9 Sep 2011 07:37:36 +0000 (UTC) Received: from smtp208.alice.it (smtp208.alice.it [82.57.200.104]) by pigeon.gentoo.org (Postfix) with ESMTP id 4549821C144 for ; Fri, 9 Sep 2011 07:36:04 +0000 (UTC) Received: from infra.agr.fm (79.31.116.138) by smtp208.alice.it (8.5.124.08) id 4DE64DF108C0F823 for gentoo-user@lists.gentoo.org; Fri, 9 Sep 2011 09:36:03 +0200 Received: from star.agr.fm (star.agr.fm [192.168.64.2]) by infra.agr.fm (Postfix) with ESMTP id 2ED835DDA31 for ; Fri, 9 Sep 2011 09:36:03 +0200 (CEST) Message-ID: <4E69C1E3.9050602@alyf.net> Date: Fri, 09 Sep 2011 09:36:03 +0200 From: Andrea Conti User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Filesystem with lowest CPU load, acceptable emerge performance, and stable? References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: a3dd83c97217bca6debc76779dabb22d > So, can anyone recommend me a filesystem that fulfills my following needs: > > Scenario: vFirewall (virtual Firewall) that is going to be deployed at > my IaaS Cloud Provider. > > Disk I/O Characteristic: Occasional writes during 'normal' usage, > once-a-week eix-sync + emerge -avuD > > Priority: Stable (i.e., less chance of corruption), least CPU usage. > > My Google-Fu seems to indicate either XFS or JFS; what do you think? IMHO a firewall (physical or virtual) is something that fits strictly into the "appliance" category. It must do only one thing and do it well, with as little complexity and maintenance overhead as possible. Why in the world would anyone want to run gentoo (which among the rest needs portage and a whole compiler stack) -- or for that matter any other full-fledged linux distribution -- on something like that in production is beyond me... That said, XFS and JFS are targeted at completely different use cases and are way too complex for your scenario. Without appropriately-sized hardware I'm not even sure XFS fits in the "stable" category. Stick to ext3, keeping an eye on the inode count for /usr/portage as the default value on a small partition probably won't be enough. Fs-related CPU usage in a firewall (which has nearly zero disk activity when up and running) is mostly a non-issue unless you need some form of heavy logging or you're doing something wrong. Weekly updates, on the other hand are exposing you to the risk of random breakages and -- if you compile from source -- are going to cost you a serious amount of CPU. My advice would be to limit updates to those fixing known vulnerabilities, and even then compiling somewhere else and doing binary installs would be preferable. andrea