Date: Mon, 13 Jan 2014 14:15:04 +0000 From: Nicolas de Bari Embriz Garcia Rojas <nbari@inbox.im> To: g8kbvdave@googlemail.com Cc: freebsd-jail@freebsd.org Subject: Re: Advice/guidance requested. Message-ID: <0A404767-FB48-4269-93F3-4BBCACE959EC@inbox.im> In-Reply-To: <52D3F217.16121.982CEA@g8kbvdave.gmail.com> References: <52D1A7D5.32720.65E995@g8kbvdave.gmail.com>, <1389516744.523477025.przufqea@frv34.ukr.net>, <52D3C8E6.5030907@wasikowski.net> <52D3F217.16121.982CEA@g8kbvdave.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I like to use jails.conf and the sysutils/jail2/ port. I create a very basic jail and later just clone it taking advantage of = ZFS. I share the /usr/ports from the host with the jails, but let each jail = have their own files, so that later if needed, I can just dump the full = jail and move it to another server with out need to worry about X o Y = missing files. Once I have the jail, I follow this schema: = https://github.com/nbari/arena Hope this can help or give more ideas. regards. On Jan 13, 2014, at 2:03 PM, g8kbvdave@googlemail.com wrote: >> W dniu 2014-01-12 10:09, wishmaster pisze: >>=20 >>>> I would also recommend ezjails. Using fat jails is often completely >>>> unnecessary. >>>=20 >>> Do you think using ezjail you will obtain "thin" jails?=20 >>> You are wrong. Setup 5...10 jails for applications: one jail for >>> web-applications on php, one for java and so on. And you will see = how your >>> jails will be FAT! And now imagine update system and software = procedure. >>> So, if you need a lot of "light" isolation containers, ezjail is not = your way.=20 >>> I use self written scripts which creates one base system with all = needed=20 >>> packages and a lot of "containers" with vnet supports and with = "security in >>> mind". Upgrading is very easy, just one jail. >>=20 >> Sounds nice, maybe write some blog post or even a more detailed mail = to >> this list with some how-to? I'm sure many people would find this very >> interesting. >>=20 >> --=20 >> best regards, >> Lukasz Wasikowski >=20 > Yes indeed, then we can all learn how and more importantly "why". >=20 > Best Regards. >=20 > Dave B. >=20 > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to = "freebsd-jail-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0A404767-FB48-4269-93F3-4BBCACE959EC>