Date: Sat, 02 Oct 2010 17:23:15 +0300 From: Nikos Vassiliadis <nvass9573@gmx.com> To: =?UTF-8?B?RWlyaWsgw5h2ZXJieQ==?= <ltning@anduin.net> Cc: "jail@freebsd.org" <jail@freebsd.org> Subject: Re: VIMAGE and jail. Message-ID: <4CA74053.5080008@gmx.com> In-Reply-To: <92C217C3-64ED-4B07-87C5-F188C1BD4D2C@anduin.net> References: <5EBB05A0-53C9-4813-9DF3-031764E13B49@pean.org> <4CA72E5F.1050507@gmx.com> <6734878B-8703-4550-841A-D767CDAE5582@pean.org> <4CA72FB0.4030806@gmx.com> <92C217C3-64ED-4B07-87C5-F188C1BD4D2C@anduin.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eirik Øverby wrote: > On 2. okt. 2010, at 15:12, Nikos Vassiliadis <nvass9573@gmx.com> wrote: > >> Peter Ankerstål wrote: >>> On 2 okt 2010, at 15.06, Nikos Vassiliadis wrote: >>>> Peter Ankerstål wrote: >>>>> Anyone here used the VIMAGE together with jail? >>>> Is this some kind of poll?:) >>>> >>>> I have used VIMAGE and jail. >>>> >>>> Nikos >>>> >>>> >>> Haha, sorry. Just wanted some pointers. >> do ask... > > Then I'd much appreciate some pointers to info about the vimage stuff, availability (8.x?), stability, real-world experiences and tales from the crypt.. > > In short: why do I want the visage stuff and what can it do for me? It appeared in its current form during the 7 branch and it was added in the official source tree during the development of the 8 branch. The concept is much older and there was a prototype based on the 4 branch. I think that the VIMAGE code in branch 9 is more or less in-sync with the VIMAGE code in the 8 branch. I use it regularly in a lab environment. The only problem I am seeing regularly(when a vnet is destroyed) is this message: > Freed UMA keg was not empty (203 items). Lost 1 pages of memory. > Freed UMA keg was not empty (36 items). Lost 2 pages of memory. I don't remember having any panics out of the blue since a long time. Do note that VIMAGE option is an experimental feature. Don't have any tale from the crypt. I *believe* that it can handle real-world traffic without problems. But... not all network related things work along with option VIMAGE and that may annoy you(or not). Among the things that are virtualized and work, are: inet, inet6, netgraph, ipsec, ipfw Among the popular things that don't work is pf. Keep in mind that VIMAGE is under development and things may change soon... The above lists are not exhaustive by far, there are other things that work and other that don't. A 2 cents of worth opinion is that I would use VIMAGE on a jailed server and still be able to sleep peacefully. HTH, Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CA74053.5080008>