Date: Mon, 12 Mar 2007 21:15:13 -0500 From: "Nikolas Britton" <nikolas.britton@gmail.com> To: "=?ISO-8859-1?Q?Andras_G=F3t?=" <andrej@antiszoc.hu> Cc: FreeBSD Stable List <freebsd-stable@freebsd.org> Subject: Re: Xen Dom0, are we making progress? Message-ID: <ef10de9a0703121915x50e8bf8dx2d6a0836accdb7be@mail.gmail.com> In-Reply-To: <45F5C23B.8040303@antiszoc.hu> References: <ef10de9a0703121216k1035481bwc7df222a92b44400@mail.gmail.com> <op.to3c4aos8527sy@guido.klop.ws> <ef10de9a0703121334t3af7daecw977dc1916d86ba52@mail.gmail.com> <45F5C23B.8040303@antiszoc.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/12/07, Andras G=F3t <andrej@antiszoc.hu> wrote: > Nikolas Britton wrote: > > On 3/12/07, Ronald Klop <ronald-freebsd8@klop.yi.org> wrote: > >> On Mon, 12 Mar 2007 20:16:32 +0100, Nikolas Britton > >> <nikolas.britton@gmail.com> wrote: > >> > >> > Is FreeBSD making any progress in Xen Dom0 / Intel VT support? I'd > >> > really like to consolidate some underutilized FreeBSD servers. Are > >> > their any alternative solutions that will enable me to do this kind = of > >> > stuff with FreeBSD, or would it be better to go with Solaris Dom0 + > >> > FreeBSD DomU? > >> > >> http://docs.freebsd.org/44doc/papers/jail/jail.html > >> google: jail freebsd > >> > > > > Yes I'd like to know more about jails, is there a high level / > > executive summary type document that I can read somewhere? From what I > > remember jails are mostly designed to partition stuff... for security > > reasons. > > > > What I'd really love to do is split up each service (httpd, postgres, > > samba/nfs, ldap/nis, asterisk, etc.) into discrete virtual machines. > > It's too much work trying to make them all play nice on one system, > > especially during upgrades. As it is right now I don't upgrade any > > services once a system is in production use. > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.or= g" > > > > Hi, > > For first read man jail. :) Apache, bind, mysql and postfix run fine in > a jail. For postgres you've to turn on the jail.ipc. > This is basicly not so bad, but definitely reduces security. For > samba/nfs/ldap/nis and asterisk I don't have the experience, but if they > not need ipc, they'll run fine out of the box. In jails I suggest that > you mount your ports tree with some nullfs mount. With this you'll save > some hd capacity. (The installed port list is in /var, not in > /usr/ports.) In jails you can't do resource control, so keep that in mind= . > Is their anyway to transfer jails on the fly between systems... For example, say I wanted to transfer the http service to a more powerful box because load was too high, can you do stuff like this?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ef10de9a0703121915x50e8bf8dx2d6a0836accdb7be>