Date: Sun, 14 May 2006 13:09:52 -0500 From: Andrew <andrew.chace@gmail.com> To: Bill Moran <wmoran@collaborativefusion.com> Cc: freebsd-questions@freebsd.org Subject: Re: VM and jailed processes Message-ID: <1147630193.10075.33.camel@LatitudeFC5.network> In-Reply-To: <20060514100121.60fce840.wmoran@collaborativefusion.com> References: <1147578337.10075.12.camel@LatitudeFC5.network> <20060514100121.60fce840.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 2006-05-14 at 10:01 -0400, Bill Moran wrote: > Andrew <andrew.chace@gmail.com> wrote: > > > Ok, I'm a bit fuzzy on some of the details, so take it easy. ;-) > > > > It's my understanding that if there is more than one instance of a > > specific application running, then portions of the code are shared in > > memory. I would assume that would apply to dynamically linked > > applications as well; i.e. if two different applications are linked > > against the same library, the given code exists in only one location in > > memory. Is this correct? > > > > The second portion of my question is, how does this apply to jailed > > processes? Looking through the architecture handbook, I did not see any > > references to VM, which leads me to believe that the standard rules > > apply to jails as well. So, for instance, if I was to provide a hosting > > service with numerous instances of Apache running in individual jails, > > could I assume that base memory usage (ie idle, not serving requests) > > would increase at a roughly linear rate? > > Keep in mind that if you set up jails the cononical way, each jail instance > will have it's own installation of Apache. Even if each of these > installations are _identical_, they're still seperate, and the kernel > has now way of knowing that /jail1/usr/bin/httpd and /jail2/usr/bin/httpd > are the same execution image (Unless you're doing symlinks or hardlinks). > > So getting that kind of memory sharing will require some extra work on > your part, above and beyond what is normally done for a jail. > Hi Bill, I'm thinking of using mount_nullfs(8) to provide read-only mounts for all the executables in each jail. I've been doing some reading, 'man rtld(1)', and it seems that the linker will take of sharing non-writable code between processes, even if the executables are loaded from different mount-points/file-systems. But thanks for the heads up... -Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1147630193.10075.33.camel>