Idea about "skeleton jail"

Pawel Jakub Dawidek pjd at FreeBSD.org
Tue Feb 1 02:40:26 PST 2005


On Mon, Jan 31, 2005 at 11:13:04PM -0800, Justin Hopper wrote:
+> We are considering open sourcing all of our stuff, to contribute back
+> what we can to the OS that allowed us to build our entire company.  I'd
+> really like to see what others have done to make jails more manageable,
+> as it seems like there is so much that can be done but not many people
+> are working on it.  It seems jails have the potential to become an
+> incredible way to virtually partition servers, and it would not be that
+> hard to implement solid tools for managing them.  We have things like
+> JID-aware top and tools for automated jail builds, but it would be great
+> to work with some FreeBSD heavies to finish up clean development of
+> things like jail resource restrictions (CPU,MEM,#PROCS,etc) and perhaps
+> a clean and universally useful way to easily configure and launch full
+> jail environments.

Yes, it would be useful (I mean CPU/MEM/#PROCS limits), but as I understand
there are two kinds of opinions about jails. First is that it should be
extended and allow to create a real virtual server and second is that it
should be light-weight.

+> Pawel had some really interesting ideas for jails, but it seems that
+> he's too busy to work on them at the moment.  Speaking of which, his
+> multiple IPs patch for 5.3 is still broken, and I haven't been able to
+> find what the problem is =(

Could you describe the brokeness? I've made some fixes a week or something
ago, I just created a patch against HEAD if you want to try it:

	http://people.freebsd.org/~pjd/patches/jail_2005020101.patch

There can still be some remaining issues, but I don't have time for more
detailed tests.


The thing that can be useful IMHO is possibility to use
reboot(8)/shutdown(8), etc. inside a jail, but...
I'm unfortunately too busy with other (probably less interesting, but
profitable) projects.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20050201/e7626ec6/attachment.bin


More information about the freebsd-hackers mailing list