From owner-freebsd-questions@FreeBSD.ORG Wed Apr 23 20:10:03 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A8D45BCE for ; Wed, 23 Apr 2014 20:10:03 +0000 (UTC) Received: from mail-pd0-f173.google.com (mail-pd0-f173.google.com [209.85.192.173]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 81BB61213 for ; Wed, 23 Apr 2014 20:10:03 +0000 (UTC) Received: by mail-pd0-f173.google.com with SMTP id p10so759911pdj.4 for ; Wed, 23 Apr 2014 13:09:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=WJYnUrR+ZIKkkHIW0RVPbSvsmyALOcq7iBV0C/NtrcU=; b=Nnq51R3/bwkBtfyfMnIf0Lo7vkFVPjSUzDNdEDd5RRT7lhIiFTARGUreaDmLrLnyHE 5r3eaEQorwiT19e+Qstp5lrKm5vLW96ecfHpRD14lXJN2O5MJK0T6sfOgWhZaa2lw5hH nby8Qk9RhQ+C1JpqepwRYieFkDD+eGZqB/xO6NyEE/JTKgeN1ERHloNsuVie5hNX1rjc 2E0SkyF4+O6TbPxB2Va5WrGMnKIdhQ9IIMd+4UzdEJCshhUG6oh0CpPVFD+h84wmVY97 r4WEj7l7mUujuxrREu8uBvifZvMNEqvFiTskB2vK9RwUzShCTA6dWYt3iySK7R15U6Sr ecoA== X-Gm-Message-State: ALoCoQka8n2cJqBV8cdlL6dPxQzDTc7m0Run/GVxJ73p66tLrpLPkzgaOP1H/AeA93bxJYwks4ag MIME-Version: 1.0 X-Received: by 10.68.254.5 with SMTP id ae5mr58385169pbd.83.1398283797347; Wed, 23 Apr 2014 13:09:57 -0700 (PDT) Received: by 10.66.217.168 with HTTP; Wed, 23 Apr 2014 13:09:57 -0700 (PDT) In-Reply-To: <53580129.5010909@ssimicro.com> References: <53580129.5010909@ssimicro.com> Date: Wed, 23 Apr 2014 16:09:57 -0400 Message-ID: Subject: Re: FBSD jail versus VMWare? What services do YOU run in a jail? From: Alejandro Imass To: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 20:10:03 -0000 > On 14-04-22 3:47 PM, edflecko . wrote: > > I'm really interested in the comparison of using a FBSD jail rather than > VMWare in the context of virtualization. > > At my business, we heavily use VMWare - you might say we consider ourselves > a VMWare "shop". 99% of our servers are virtualized. > > I've heard that it's possible to run hundreds, if not thousands, of > services in FBSD jails on a given host server because of the sharing of > resources that all of your jails take advantage of. If I understand that > correctly, that's one of the HUGE advantages of running services in jails > as opposed to creating VM after VM after VM - each VM eats up disk space on > the SAN as well as memory resources, etc. Additionally, the jailed service > is far better from a security perspective? > > Having said all of that, I'm curious to hear from some of you who may be > doing just this - are you running a FBSD server with some of your mission > critical services (Apache, Bind, DHCP, etc., etc.) within jails and how do > you like it versus running hundreds of VMs and VMWare? > Hi Ed, I have used FBSD Jails for many years running dozens and dozens of jails per severs. I use EZJail which simplifies the set-up and further reduces the disk space usage as all jails derive from a single base jail, and greatly simplifies upgrades and many other jail related tasks. EZJail is an awesome addition to Jails and you will feel almost like in VMWare. For example, I routinely archive and move jails around my servers! (so long as you keep all your servers up to date) So with EZJail it's almost like using VMWare, if not better. No GUI though ;-) > What type of services CAN be run from within a jail? > Basically anything. AFAIK Best, Alejandro Imass