Date: Mon, 13 Jan 2014 14:15:04 +0000 From: Nicolas de Bari Embriz Garcia Rojas <nbari@inbox.im> To: g8kbvdave@googlemail.com Cc: freebsd-jail@freebsd.org Subject: Re: Advice/guidance requested. Message-ID: <0A404767-FB48-4269-93F3-4BBCACE959EC@inbox.im> In-Reply-To: <52D3F217.16121.982CEA@g8kbvdave.gmail.com> References: <52D1A7D5.32720.65E995@g8kbvdave.gmail.com>, <1389516744.523477025.przufqea@frv34.ukr.net>, <52D3C8E6.5030907@wasikowski.net> <52D3F217.16121.982CEA@g8kbvdave.gmail.com>
index | next in thread | previous in thread | raw e-mail
I like to use jails.conf and the sysutils/jail2/ port. I create a very basic jail and later just clone it taking advantage of ZFS. I share the /usr/ports from the host with the jails, but let each jail have their own files, so that later if needed, I can just dump the full jail and move it to another server with out need to worry about X o Y missing files. Once I have the jail, I follow this schema: https://github.com/nbari/arena Hope this can help or give more ideas. regards. On Jan 13, 2014, at 2:03 PM, g8kbvdave@googlemail.com wrote: >> W dniu 2014-01-12 10:09, wishmaster pisze: >> >>>> I would also recommend ezjails. Using fat jails is often completely >>>> unnecessary. >>> >>> Do you think using ezjail you will obtain "thin" jails? >>> You are wrong. Setup 5...10 jails for applications: one jail for >>> web-applications on php, one for java and so on. And you will see how your >>> jails will be FAT! And now imagine update system and software procedure. >>> So, if you need a lot of "light" isolation containers, ezjail is not your way. >>> I use self written scripts which creates one base system with all needed >>> packages and a lot of "containers" with vnet supports and with "security in >>> mind". Upgrading is very easy, just one jail. >> >> Sounds nice, maybe write some blog post or even a more detailed mail to >> this list with some how-to? I'm sure many people would find this very >> interesting. >> >> -- >> best regards, >> Lukasz Wasikowski > > Yes indeed, then we can all learn how and more importantly "why". > > Best Regards. > > Dave B. > > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0A404767-FB48-4269-93F3-4BBCACE959EC>