From owner-freebsd-questions@FreeBSD.ORG Sun May 14 18:11:39 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 87A9C16A440 for ; Sun, 14 May 2006 18:11:39 +0000 (UTC) (envelope-from andrew.chace@gmail.com) Received: from nz-out-0102.google.com (nz-out-0102.google.com [64.233.162.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id ADDDD43D48 for ; Sun, 14 May 2006 18:11:36 +0000 (GMT) (envelope-from andrew.chace@gmail.com) Received: by nz-out-0102.google.com with SMTP id s18so12750nze for ; Sun, 14 May 2006 11:11:36 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:subject:from:to:cc:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer:content-transfer-encoding; b=Ds6aon0lgfZo68XunG0i3pTPr2a2U5aIIv2HCjNqPpU8fYAQDzm1OdgIit0cUlAUBoWWbatOiFEJG9x0XU1Co9M4YLFhqJRf8QeNHmeI9CV/Ypm5NT7Snfhx3lqqvfYtdCwDx/A4aaY1+6W6TXKaizyqZw6pCPsAeyBY9lgHFrk= Received: by 10.37.13.52 with SMTP id q52mr2060349nzi; Sun, 14 May 2006 11:11:36 -0700 (PDT) Received: from ?192.168.0.6? ( [71.38.163.167]) by mx.gmail.com with ESMTP id 8sm1183485nzn.2006.05.14.11.11.35; Sun, 14 May 2006 11:11:36 -0700 (PDT) From: Andrew To: Bill Moran In-Reply-To: <20060514100121.60fce840.wmoran@collaborativefusion.com> References: <1147578337.10075.12.camel@LatitudeFC5.network> <20060514100121.60fce840.wmoran@collaborativefusion.com> Content-Type: text/plain Date: Sun, 14 May 2006 13:09:52 -0500 Message-Id: <1147630193.10075.33.camel@LatitudeFC5.network> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 (2.6.1-1.fc5.2) Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: VM and jailed processes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 May 2006 18:11:39 -0000 On Sun, 2006-05-14 at 10:01 -0400, Bill Moran wrote: > Andrew wrote: > > > Ok, I'm a bit fuzzy on some of the details, so take it easy. ;-) > > > > It's my understanding that if there is more than one instance of a > > specific application running, then portions of the code are shared in > > memory. I would assume that would apply to dynamically linked > > applications as well; i.e. if two different applications are linked > > against the same library, the given code exists in only one location in > > memory. Is this correct? > > > > The second portion of my question is, how does this apply to jailed > > processes? Looking through the architecture handbook, I did not see any > > references to VM, which leads me to believe that the standard rules > > apply to jails as well. So, for instance, if I was to provide a hosting > > service with numerous instances of Apache running in individual jails, > > could I assume that base memory usage (ie idle, not serving requests) > > would increase at a roughly linear rate? > > Keep in mind that if you set up jails the cononical way, each jail instance > will have it's own installation of Apache. Even if each of these > installations are _identical_, they're still seperate, and the kernel > has now way of knowing that /jail1/usr/bin/httpd and /jail2/usr/bin/httpd > are the same execution image (Unless you're doing symlinks or hardlinks). > > So getting that kind of memory sharing will require some extra work on > your part, above and beyond what is normally done for a jail. > Hi Bill, I'm thinking of using mount_nullfs(8) to provide read-only mounts for all the executables in each jail. I've been doing some reading, 'man rtld(1)', and it seems that the linker will take of sharing non-writable code between processes, even if the executables are loaded from different mount-points/file-systems. But thanks for the heads up... -Andrew