Any advice for a Partition Plan for a multi-jailed Server?

Wed Sep 26 14:05:40 PDT 2007

On Wednesday 26 September 2007 22:20:11 Aliya Harbouri wrote:
> Hi!
>
> I'm setting up a jailed server. I'm hoping to eventually use
> sysutils/ezjail to deaden the pain a bit!
>
> First step, have to get the disks partitioned! They're unpacked, at least
> ;-)
>
> I've read lots of comments like,
>
>   "You should never setup your FreeBSD systems the way Linux or other
> *nix's set them up."
>
> So, I'm looking for some Wisdom on how best to partition for the usage
> I'm planning.
>
> The server's goal state is 4 jails, plus the non-jailed host:
>
> jail-1: DNS services {Bind9 & RBLDNSD}
> jail-2: WebServer    {Apache 22x + PHP5 + Perl 588 + MySQL 50x}
> jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
> jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}
>
> I've got two identical 250 GB SATA2 drives available for this box.
>
> Although I have not yet grokked the whole "What's in a jail's dirs?"
> issue, my initial stab at 'slices' is ~:
>
> 	drive 2:
> 		/    	2GB
> 		/boot	2GB

/boot *needs* to be on /. A loader looks for [bootdisk][bootslice]
[a]/boot/loader.

> 		/tmp	2GB
> 		/swap	16GB	Machine has 8GB RAM, so swap = 2X RAM

Since you have 2 physical drives, you may want to do 8G on each drive. In the 
rare case it's needed, your system is in trouble and being able to swap on 
using 2 drives will be a plus.

> 		/usr	50GB
> 		/jails	178GB
>
> 	drive 2:
> 		/var	100GB
> 		/data	100GB	MailStore, DBs, www source files, etc.

Unless you're a packrat where logs are concerned, you can probably do with:
/var 10G (on disk 1)
And use:
/var/db 100G - this will house MySQL primarily
/var/spool 10-50G - any queues, most notably mail, disable softupdates. Adjust 
size to match your mail payload.
/var/mail - "rest" - possibly disable softupdates.

Allthough, I think MySQL will generally use less space then a mail storage, 
but this all depends on your users.

> 		/home	20GB

By default, the WWW root on bsd for apache is /usr/local/www and generally on 
servers like this, home can be done with 2G or less. *Unless* you plan on 
providing /~username/ service, then home might be on the light side.

I'm generally a fan of separating trees that can grow out of proportion over 
time, so that you can dump(8) the partition and restore(8) it on a new drive 
without too much worry. Your mileage may vary.

Also have a look at hier(7) manpage, it's quite informative about the default 
filesystem layout BSD uses.
-- 
Mel