Handbook Jail Chapter rewrite available for critique

Fbsd8 fbsd8 at a1poweruser.com
Mon Mar 18 20:44:04 UTC 2013 

Nicolas de Bari Embriz Garcia Rojas wrote:
> Hi, nice document, related to the use of jail.con maybe the use of
> sysutils/jail2 could be mention since I think makes things a little more
> easy.

I don't know what you mean by "jail.con", But I have reviewed 
sysutils/jail2 which tries to work with the new /ect/jail.conf file and 
the jail(8) program. Whats provided with the new handbook jail chapter 
surpasses what it does in my opinion.
> 
> related to this:
> During the development of the jail.conf file method documented here, a
> few bugs came to light with the jail(8) program which the author has
> fixed, but which are not included in the 9.1-RELEASE. You can wait for
> the publishing of 9.2-RELEASE which will contain the updated version of
> jail(8) or you can download just the source for jail(8) and compile it
> to use on 9.1-RELEASE.
> 
> Can you please explain what are the bugs are or any reference with more info?

There are no pr's on the bugs I have been working with Jamia Gritton on. 
He's the author of the jail(8) program. I don't see the need to list 
them here. But I can say downloading the jail(8) source and doing a make 
on it this morning has resolved many problems I was experiencing. One of 
the problems was fixed in the kernel source so downloading a fresh copy 
and recompiling your kernel will put you ahead of my testing bed.  hahaha
> 
> also any idea/example of how to use the cpuset.id  would be appreciated.

As I read it, processes running on the host pretty much share all the 
cpu's across all tasks as they call for service. cupset is all ready 
available at the host level if I remember correctly. cpuset.id provides 
a way to give a jail a larger slice of the time slice resources at a cpu 
level. In simple terms make that jail run faster. On the other side of 
that same coin it could be used to limit what the jail would normally be 
getting. All depends how you code the parameter and how many jail 
definitions it's used in.

You may want to give this a try, it's already in 9.1
  http://forums.freebsd.org/showthread.php?t=28871

Let me know if you have any success using it on jails.

Also if you have time, download those handbook scripts and play around 
and see it you like what they build for you.

> 
> regards
> 
>

More information about the freebsd-jail mailing list