From owner-freebsd-jail@FreeBSD.ORG Tue Jun 23 21:17:12 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85D311065670 for ; Tue, 23 Jun 2009 21:17:12 +0000 (UTC) (envelope-from scheidell@secnap.net) Received: from mx1.bct.ionspam.net (mx1.bct.ionspam.net [204.89.241.173]) by mx1.freebsd.org (Postfix) with ESMTP id 1D77A8FC1A for ; Tue, 23 Jun 2009 21:17:12 +0000 (UTC) (envelope-from scheidell@secnap.net) Received: from localhost (mx1.bct.ionspam.net [204.89.241.173]) by mx1.bct.ionspam.net (Postfix) with ESMTP id 2BF14416F4F for ; Tue, 23 Jun 2009 16:56:09 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=secnap.net; h= content-type:in-reply-to:references:subject:mime-version :user-agent:from:date:message-id; s=dkim; t=1245790566; x= 1247604966; bh=oLnl2HwIQWeBwg4yfUt1nyAYFrbwYsA9sjZ1lpWT8wc=; b=Q tRsDy7QnAqSgtR+6DjmA+histycTaoHo9jQETkDiR3ArXGpDE05AZicaDOmGDmXS WyjnR/0rAEFHQ3Yh1l6i6UMP2IV4TchOLSxSri3rXSUvbj0uoe7vTj7RQsTkgBes XiLl1mmHDOn/tyo7wWPihvG+i+DQ3g+npKT8BbyWNk= X-Amavis-Modified: Mail body modified (using disclaimer) - mx1.bct.ionspam.net X-Virus-Scanned: SpammerTrap(r) VPS-1500 2.03 at mx1.bct.ionspam.net Received: from secnap3.secnap.com (secnap3.secnap.com [204.89.241.130]) by mx1.bct.ionspam.net (Postfix) with ESMTP id A2339416C11 for ; Tue, 23 Jun 2009 16:56:06 -0400 (EDT) Received: from Mikes-Laptop.local ([10.70.3.3] RDNS failed) by secnap3.secnap.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 23 Jun 2009 16:56:06 -0400 Message-ID: <4A41417A.9080805@secnap.net> Date: Tue, 23 Jun 2009 16:56:26 -0400 From: Michael Scheidell User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Tom Haapanen References: <0c1201c9f43e$166c8450$43458cf0$@com> In-Reply-To: <0c1201c9f43e$166c8450$43458cf0$@com> X-OriginalArrivalTime: 23 Jun 2009 20:56:06.0234 (UTC) FILETIME=[06E4ABA0:01C9F445] Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-jail@freebsd.org Subject: Re: Memory usage across multiple jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jun 2009 21:17:12 -0000 Tom Haapanen wrote: > I have been using FreeBSD (and other forms of *BSD) a long time, but I'm new > to the world of jails. I have been doing reading on them, but there is one > question I have not been able to find an answer to, and that's the > efficiency of memory usage when using multiple jails on a single system. > > > > With "conventional" virtual machines (VMware, Virtual Server et al), > essentially each VM is opaque to the host OS, and thus has to be allocated X > MB of memory, which that VM then manages internally. > > > im been expermenting with some of this disk cache (malloc, etc) is shared. if httpd is different in each jail (even if its the same), then example: jail 1 has 4 httpd's running, one copy (of binary) will be in memory, 4 copies of data structure jail 2 has 10 httpd's running, its got one (more) copy of binary, and 10 copies of data structure. HOWEVER if you nullmount /usr/local/bin ../sbin .../libexec ../lib then you CAN share the one httpd binary. other issue is static libs. in /usr/lib these aren't likely shares, as when you build the jail, you made COPIES of /usr/lib so, nullfs mount /usr/lib /usr/bin /usr/sbin /sbin, /usr/libexec, maybe you can get the most out of it. (but, 6 freebsd jails use a heck of a lot ram than 6 vmware images) > However, since jails are based on the FreeBSD kernel, and both host and > guest OSs are identical, I am wondering whether there are any comparative > efficiencies in memory utilization. Will the jails share the disk cache, > for example, or does each jail allocate its own? Will other kernel > structures (and code!) be shared across jails, or allocated multiple times? > And what about userland applications, like httpd, for example? (I suspect > userland would not be able to benefit, but that's just a guess.) > > > > Thanks for any insight into this ... > > > > Tom > > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _________________________________________________________________________