Date: Fri, 8 Feb 2002 15:57:37 -0600 (CST) From: Joe Greco <jgreco@ns.sol.net> To: freebsd-isp@freebsd.org Subject: Re: about Jail Message-ID: <200202082157.PAA35011@aurora.sol.net>
next in thread | raw e-mail | index | archive | help
> Hi Anders, > > Can you tell me how many Jails you have running on your production machine > and what kind of spec for the host machine? I totally agree with you > on putting faster and more RAMs to support many Jail as possible. I think the really interesting thing to do would be to design some inetd- like functionality for jails. The original point of the internet superserver, inetd, was to eliminate the need to have a listening daemon for each of a dozen different servers, each eating memory and resources in the system. The problem you're referring to is essentially the same issue. Running a large number of jails suggests that there will be a number of them that are relatively inert at any given time, and instead of having an active jail process tree for that virtual host, a better technique would be to have a superserver able to determine when traffic existed for the site and launch a jail process tree. This is probably not a great approach for active jails, but for ones that are infrequently used, it would seem to make sense. There are some complexities, such as detecting the activity without rejecting it while the jail process tree starts up and starts its service daemons, although I would think that this is not an insurmountable problem for anyone with a little imagination. Unfortunately, I mentioned this concept to Poul-Henning Kamp about two years ago, and he didn't seem to understand what I was trying to accomplish. Basically, I just think it'd be real neat to be able to host a Class B's worth (*) of low activity jails on one big honkin' machine, but right now that is not feasible due to the system demands of having 65000 process trees (each presumably with several processes, exceeding the maximum # of processes allowed). * The issue of maintaining 65,000 jails on a single machine is interesting but not insurmountable, since in reality, a basic FreeBSD system does not require a huge number of files, and/or could be hardlinked/schg, and/or could be union mounted (have to fix possibly broken code?), and/or could be NFS mounted with a clever NFS daemon to provide union-style functionality. -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202082157.PAA35011>