On Wed, Jul 4, 2012 at 1:28 PM, Yohei Sasaki wrote:
Let me clarify.
In our environment, we deploy single-tenant DEAs, each of which is a
small VMs on a large physical server. so in terms of security among
apps, we can protect each other by VM-level seperation.
But in a DEA, we have several 'special' processes for applications
such as log collector daemon, SMTP gateway daemon, ...etc. So our
purpose to use 'ulimit' is separate these special processes and
In this context, should we use warden on our small VM? I think it's
less useful and ulimit configuration on dea.yml is useful.
Even if you separate VMs, isolating the application code running "in
the DEA" from your 'special' processes; so that even if the app
misbehaves, get compromised etc your processes won't be compromised.
Let me turn that around: would using Warden hurt? I don't think so,
LXC / cgroups are very light-weight.
The CF project is designed for a use-case that is different from
yours, in particular multi-tenancy.
So it's pretty much a given that going forward there will be more
isolation, and as far I can tell from code in the review code, it will
Let's say it does and the burden falls on you to patch CF to run
without Warden--do you want that so badly that you would be willing to
commit time and resources to develop and maintain that?