From owner-freebsd-virtualization@freebsd.org Sat Apr 28 10:36:47 2018 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D442FFAA29C for ; Sat, 28 Apr 2018 10:36:47 +0000 (UTC) (envelope-from list+org.freebsd.virtualization@io7m.com) Received: from mail.io7m.com (mail.io7m.com [IPv6:2001:19f0:5:752:f000::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 827A880127 for ; Sat, 28 Apr 2018 10:36:47 +0000 (UTC) (envelope-from list+org.freebsd.virtualization@io7m.com) Received: from almond.int.arc7.info (unknown [IPv6:2a02:390:7502:2:0:2:4:0]) by mail.io7m.com (Postfix) with ESMTPSA id 1EFDF31C8; Sat, 28 Apr 2018 10:36:46 +0000 (UTC) Date: Sat, 28 Apr 2018 11:36:35 +0100 From: Mark Raynsford To: "Rodney W. Grimes" Cc: freebsd-virtualization@freebsd.org Subject: Re: Read-only view of a ZFS filesystem inside a bhyve guest? Message-ID: <20180428113635.4b6b567a@almond.int.arc7.info> In-Reply-To: <201804271842.w3RIgIIo007831@pdx.rh.CN85.dnsmgr.net> References: <20180427174341.03373bc8@almond.int.arc7.info> <201804271842.w3RIgIIo007831@pdx.rh.CN85.dnsmgr.net> Organization: io7m.com OpenPGP: id=B84E17747616C6174C68D5E55C1A7B712812CC05; url=http://io7m.com/pgp/B84E_1774_7616_C617_4C68_D5E5_5C1A_7B71_2812_CC05.key MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/MPVsoO6FN4EuNKbsDVX6YYD"; protocol="application/pgp-signature" X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2018 10:36:48 -0000 --Sig_/MPVsoO6FN4EuNKbsDVX6YYD Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On 2018-04-27T11:42:18 -0700 "Rodney W. Grimes" wrote: > > You should be able to "plumb" NFS from the host to the guests on a > local bridge device, possibly evening playing games with the use > of an unroutable network like 127.1.0.0/24. On 2018-04-27T12:22:39 -0500 Eric Borisch wrote: > I use NFS for (*nix) guests, and SMB for Windows guests; both work well, > and can be restricted to specific IPs / ranges to help minimize security > concerns. >=20 Well that's two in favour of NFS. I have one small question: Is there any way to stop nfsd from forking into the background? I run everything on the system under process supervision (runit), and this is the first time I've ever seen a daemon program with no option to stay in the foreground. I can write a wrapper in C that starts up rpcbind and nfsd (the former *does* have an option to stay in the foreground), but I'd rather not if I don't have to. --=20 Mark Raynsford | http://www.io7m.com --Sig_/MPVsoO6FN4EuNKbsDVX6YYD Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQS4Thd0dhbGF0xo1eVcGntxKBLMBQUCWuROswAKCRBcGntxKBLM BUDkAQCkM3VyhnKHoTtEhVunmcBbIjxyqVa3girg2k7fIzxcVwD/UaJPuKYvCNcL sLp+wq4YlTBzqWb19xDy2ynVIlpIhQ0= =mHnS -----END PGP SIGNATURE----- --Sig_/MPVsoO6FN4EuNKbsDVX6YYD--