Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 14 May 2006 13:09:52 -0500
From:      Andrew <andrew.chace@gmail.com>
To:        Bill Moran <wmoran@collaborativefusion.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: VM and jailed processes
Message-ID:  <1147630193.10075.33.camel@LatitudeFC5.network>
In-Reply-To: <20060514100121.60fce840.wmoran@collaborativefusion.com>
References:  <1147578337.10075.12.camel@LatitudeFC5.network> <20060514100121.60fce840.wmoran@collaborativefusion.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 2006-05-14 at 10:01 -0400, Bill Moran wrote:
> Andrew <andrew.chace@gmail.com> wrote:
> 
> > Ok, I'm a bit fuzzy on some of the details, so take it easy. ;-)
> > 
> > It's my understanding that if there is more than one instance of a
> > specific application running, then portions of the code are shared in
> > memory. I would assume that would apply to dynamically linked
> > applications as well; i.e. if two different applications are linked
> > against the same library, the given code exists in only one location in
> > memory. Is this correct?
> > 
> > The second portion of my question is, how does this apply to jailed
> > processes? Looking through the architecture handbook, I did not see any
> > references to VM, which leads me to believe that the standard rules
> > apply to jails as well. So, for instance, if I was to provide a hosting
> > service with numerous instances of Apache running in individual jails,
> > could I assume that base memory usage (ie idle, not serving requests)
> > would increase at a roughly linear rate?
> 
> Keep in mind that if you set up jails the cononical way, each jail instance
> will have it's own installation of Apache.  Even if each of these
> installations are _identical_, they're still seperate, and the kernel
> has now way of knowing that /jail1/usr/bin/httpd and /jail2/usr/bin/httpd
> are the same execution image (Unless you're doing symlinks or hardlinks).
> 
> So getting that kind of memory sharing will require some extra work on
> your part, above and beyond what is normally done for a jail.
> 

Hi Bill,

I'm thinking of using mount_nullfs(8) to provide read-only mounts for
all the executables in each jail. I've been doing some reading, 'man
rtld(1)', and it seems that the linker will take of sharing non-writable
code between processes, even if the executables are loaded from
different mount-points/file-systems. 

But thanks for the heads up...

-Andrew




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1147630193.10075.33.camel>