FBSD jail versus VMWare? What services do YOU run in a jail?
outbackdingo at gmail.com
Wed Apr 23 03:28:48 UTC 2014
On Tue, Apr 22, 2014 at 10:43 PM, Boris <borisbsd at gmail.com> wrote:
> 'VMware' does not tell much of what you want to compare jails against.
> The have Fusion on Mac, ESXi for hosts, vCenter for ESXi host management,
> That can run on top of VERY complex datacenter architectures with fabric
> and L2 network and could potentially work for multiple clusters/DC across
> the world. </marketing>
> AFAIK, jails do not offer anything beyond the same physical server. Don't
> get me wrong, jails are a lot easier to spin in my opinion and make more
> sense when it comes to sticking to a full FreeBSD environment.
> For anything a bit more heterogenous, VMware products will help.
> Now, you can keep an eye on is Opencontrail, sponsored by Juniper who
> already released this as a product name Contrail.
> Opencontrail project details on FreeBSD:
> And Juniper ref to their product:
This in itself is quite interesting, opencontrail, openstack, and bhyve
merged together would be awesome, however, i would think someone by now
would have done a comparison of FreeBSD jails, bhyve and vimage...... and
lastly VPS for FreeBSD, http://www.7he.at/freebsd/vps/features.html
while it seems, bhyve has the most traction, vps might be a better fit for
those using jails, or wanting to compare it to say VMWare. But a feature
comparison matrix would be beneficial to the BSD community overall. I
seriously hate VMWare, it bloted and over-engineered by far, and well, can
become quite costly, but depending on your needs, Ive found for commercial
environments, XenServer 6.2 with cloudstack / or openstack to be a
much better choice, openstack with bhyve support, well gives us a whole new
world of BSD virtualization environments.
> On Tue, Apr 22, 2014 at 7:02 PM, Julian H. Stacey <jhs at berklix.com> wrote:
> > "edflecko ." wrote:
> > > I'm really interested in the comparison of using a FBSD jail rather
> > > VMWare in the context of virtualization.
> > >
> > > At my business, we heavily use VMWare - you might say we consider
> > ourselves
> > > a VMWare "shop". 99% of our servers are virtualized.
> > >
> > > I've heard that it's possible to run hundreds, if not thousands, of
> > > services in FBSD jails on a given host server because of the sharing of
> > > resources that all of your jails take advantage of.
> > Yes, lots.
> > (If you really try a thousand, avoid a class C net interface though ;-)
> > > If I understand that
> > > correctly, that's one of the HUGE advantages of running services in
> > Yes
> > > as opposed to creating VM after VM after VM - each VM eats up disk
> > on
> > > the SAN as well as memory resources, etc.
> > Yes.
> > Maybe if the prison (parent) host runs ZFS & there's sparse file
> > it could save space for (child) VMs & jails ? I don't know.
> > > Additionally, the jailed service
> > > is far better from a security perspective?
> > No. The opposite. I would expect a VM to be more secure. I put my
> > finger on a security hole with jails last year, & raised it on a
> > freebsd list, it got considered, no solution, it'll be in archives,
> > but I cant remember detail, & no time to look, & when I do get time
> > to get back to it, I'd be aiming at list freebsd-jail at freebsd.org
> > not this general questions@ list.
> > > Having said all of that, I'm curious to hear from some of you who may
> > > doing just this - are you running a FBSD server with some of your
> > > critical services (Apache, Bind, DHCP, etc., etc.) within jails and how
> > do
> > > you like it versus running hundreds of VMs and VMWare?
> > As a mere VM user & jail owner, i run those services on both a VM
> > & a jail, they run functionaly the same, except in jail I've had
> > problems with chflags failing, & in jail I've had to take more care
> > with ifconfig flags.
> > A VM is a cleaner concept if one can spare the RAM. A jail is a
> > cheaper: less security, less flexibility (eg No linux jail in a
> > FreeBSD prison), more efficiency of resources, thus cheaper. Both
> > useful, Analogy: I also use both a car & a bike.
> > > What type of services CAN be run from within a jail?
> > Try it! All I guess, certainly inc. httpd ftpd sshd smtpd popd named
> > etc.
> > > Thank you,
> > > Ed
> > Cheers,
> > Julian
> > --
> > Julian Stacey, BSD Unix Linux C Sys Eng Consultant, Munich
> > http://berklix.com
> > Interleave replies below like a play script. Indent old text with "> ".
> > Google breach privacy http://berklix.com/jhs/adverts/
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "
> > freebsd-questions-unsubscribe at freebsd.org"
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions