Future development of Jail (was Re: corporate backers of freebsd)

Andy Dills andy at xecu.net
Mon Dec 31 17:51:53 PST 2007

On Mon, 31 Dec 2007, Colin Percival wrote:

> Giorgos Keramidas wrote:
> > Yes, Gary, there are companies who also fund FreeBSD work in several
> > ways [...] Some examples which I recall off the top of my head are:
> Don't forget pair Networks, which has generously supported phk, andre,
> and myself on our respective "sponsored FreeBSD coding" fundraising
> drives of 2004, 2005, and 2006, with slightly over $40,000 in total.

Not that I have a pile of money laying around I could throw at it, but the 
thing I wish for most from FreeBSD is a more mature and robust jail 
implementation. Specifically, the ability to implement per-jail quotas and 
resource limitations on disk, memory, network and cpu. I'd really love a 
seperate network stack for each jail...that's critical for a plethora of 
reasons. I'd be curious what sort of commitment (in $) that would require.

There was some development being done last year (2006) to that effect, but 
the developer seems to have abandoned it.

Over the next 2-3 years, as cheap commodity hardware continues to explode 
with numerous processors with numerous cores and several gigs of memory, 
fast busses and standard multiple gige ports, inexpensive solid state 
disks...down the road I think it will become best common practice to setup 
any service on a virtual server, if for no other reason than to abstract 
the operating environment from the hardware to enable greater levels of 
redundancy and to better leverage the unused horsepower of these boxes in 
such a way that doesn't increase exposure and vulnerability.

We seem to be very close to having the ability to completely segregate the 
control-plane from the data-plane (using router terminology). This is such 
a huge improvement over the status quo that I'm a little bit sad and 
confused why it seems to be such a low priority with the developers. But 
they have their hands full and nobody seems to be driven to steer that 
particular ship.

Happy new year everybody. I definitely owe a huge thanks to all the 
developers who have worked to improve FreeBSD, my professional tool of 
choice for over a decade now.


Andy Dills
Xecunet, Inc.

More information about the freebsd-questions mailing list