From owner-freebsd-questions@FreeBSD.ORG Wed Sep 26 21:21:15 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADCD816A41A for ; Wed, 26 Sep 2007 21:21:15 +0000 (UTC) (envelope-from florenzi@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.177]) by mx1.freebsd.org (Postfix) with ESMTP id 6037E13C461 for ; Wed, 26 Sep 2007 21:21:15 +0000 (UTC) (envelope-from florenzi@gmail.com) Received: by py-out-1112.google.com with SMTP id u77so4594659pyb for ; Wed, 26 Sep 2007 14:21:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=cWCMs0apPhOg7Uila73Y0nIw1yVvrTnbzJnU5IdRJYQ=; b=Gzkjq1zUVJhPTUJyXUwROppIp8RnUtAo8dR170Pcu8xIefP2RvbPiwS6w8w4v+0c0PK0QDEllrQEuZINH9AarAYe3/wk1o/ka7HLT6FZDloR5yXEi5Kp9zR6mUO8vGfYOhAXhKbbdZdKY31zGYNbHK5J51WaUGKfcXNkVorNr40= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=SriI2UBzgSTs9uKJUQNLwJ1PazYJYFxxCvtcnECL9H6A7M63NU+aG/13+mrIgIMWOU7w46rOkFmq11Xsg9m41POtA18TWSbfFjsscxMkOc7PHWd0TOBztDZBZoikDR+JEoZCDsCpY4R1NnhtzW61fav1nG6kfgI8fPHT1ck0NhU= Received: by 10.64.213.3 with SMTP id l3mr2380116qbg.1190841659583; Wed, 26 Sep 2007 14:20:59 -0700 (PDT) Received: by 10.64.181.6 with HTTP; Wed, 26 Sep 2007 14:20:59 -0700 (PDT) Message-ID: <3a386af20709261420q6feca0f0kb14290ee527ba7b7@mail.gmail.com> Date: Wed, 26 Sep 2007 23:20:59 +0200 From: "Federico Lorenzi" To: freebsd-questions@freebsd.org In-Reply-To: <200709262305.26067.fbsd.questions@rachie.is-a-geek.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200709262305.26067.fbsd.questions@rachie.is-a-geek.net> Subject: Re: Any advice for a Partition Plan for a multi-jailed Server? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Sep 2007 21:21:15 -0000 On 9/26/07, Mel wrote: > On Wednesday 26 September 2007 22:20:11 Aliya Harbouri wrote: > > Hi! > > > > I'm setting up a jailed server. I'm hoping to eventually use > > sysutils/ezjail to deaden the pain a bit! > > > > First step, have to get the disks partitioned! They're unpacked, at least > > ;-) > > > > I've read lots of comments like, > > > > "You should never setup your FreeBSD systems the way Linux or other > > *nix's set them up." > > > > So, I'm looking for some Wisdom on how best to partition for the usage > > I'm planning. > > > > The server's goal state is 4 jails, plus the non-jailed host: > > > > jail-1: DNS services {Bind9 & RBLDNSD} > > jail-2: WebServer {Apache 22x + PHP5 + Perl 588 + MySQL 50x} > > jail-3: mail server {Exim 468 + Spamassassin + ClamAV, etc.} > > jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.} > > > > I've got two identical 250 GB SATA2 drives available for this box. > > > > Although I have not yet grokked the whole "What's in a jail's dirs?" > > issue, my initial stab at 'slices' is ~: > > > > drive 2: > > / 2GB > > /boot 2GB > > /boot *needs* to be on /. A loader looks for [bootdisk][bootslice] > [a]/boot/loader. > > > /tmp 2GB > > /swap 16GB Machine has 8GB RAM, so swap = 2X RAM > > Since you have 2 physical drives, you may want to do 8G on each drive. In the > rare case it's needed, your system is in trouble and being able to swap on > using 2 drives will be a plus. > > > /usr 50GB > > /jails 178GB > > > > drive 2: > > /var 100GB > > /data 100GB MailStore, DBs, www source files, etc. > > Unless you're a packrat where logs are concerned, you can probably do with: > /var 10G (on disk 1) > And use: > /var/db 100G - this will house MySQL primarily > /var/spool 10-50G - any queues, most notably mail, disable softupdates. Adjust > size to match your mail payload. > /var/mail - "rest" - possibly disable softupdates. > > Allthough, I think MySQL will generally use less space then a mail storage, > but this all depends on your users. > > > /home 20GB > > By default, the WWW root on bsd for apache is /usr/local/www and generally on > servers like this, home can be done with 2G or less. *Unless* you plan on > providing /~username/ service, then home might be on the light side. > > I'm generally a fan of separating trees that can grow out of proportion over > time, so that you can dump(8) the partition and restore(8) it on a new drive > without too much worry. Your mileage may vary. > > Also have a look at hier(7) manpage, it's quite informative about the default > filesystem layout BSD uses. > -- Um, from what I've understood, it's going to be a jail server, those defaults would be all well and good for a normal server, but in this case we want a big /data. and moderate /jails. Here are my recommendations: / -> Small, painfully so. 512MB /var -> Nothing should really go in here if you are using Jails. Including EZjail, that should be somewhere under /usr... 2GB /tmp -> Not to big really, remember everything goes in a Jail... 2GB --> Symlink /var/tmp to here /usr -> Again, and now i sound like a broken record. However, since ports can get quite big be a little more generous... 15GB /jails -> Doesn't really need to be too big, the max I say one jail could reach is 10GB without data, which falls under /data... 50GB /home -> Should be medium sized... 20GB /data -> I have no clue what your requirements will be, so 100GB should cover everything a few times over... Rest of disk... ~170GB This should be just fine, and you can have your disks in RAID 1. As for performance, RAID 1 doubles read speed. Cheers Federico PS) I take you know how to use NullFS and the like?