Idea about "skeleton jail"

[Jeremie Le Hen]

> I'm curious if your idea for jails extends to running 50+ jails on a box
> or not?  I'd definitely be interested in any feedback you have on what
> problems may or may not be encountered with so many mounts and also the
> stability of nullfs nowadays.

PHK has just made a call for unionfs and nullfs tests on -CURRENT and
he promised to fix every known problems about these filesystems as far
as they are not unsolvable architectural problems.
Unfortunately these fix won't likely be backported to RELENG_5 since
they are tightly bound to his "bufwork" on -CURRENT.

> For our 5.x hosting platform, we used a single shared filesystem that
> was mounted in each client jail, that contained the basic FreeBSD
> distribution.  Ports are handled in a similar manner, having all the
> "basic" and commonly used ports already installed in the shared
> filesystem, and if the user wants to install their own ports, they go
> into the user's filesystem.
> 
> We are considering open sourcing all of our stuff, to contribute back
> what we can to the OS that allowed us to build our entire company.  I'd
> really like to see what others have done to make jails more manageable,
> as it seems like there is so much that can be done but not many people
> are working on it.  It seems jails have the potential to become an
> incredible way to virtually partition servers, and it would not be that
> hard to implement solid tools for managing them.  We have things like
> JID-aware top and tools for automated jail builds, but it would be great
> to work with some FreeBSD heavies to finish up clean development of
> things like jail resource restrictions (CPU,MEM,#PROCS,etc) and perhaps
> a clean and universally useful way to easily configure and launch full
> jail environments.

Are you thinking of Solaris zones [1] ?  :-)

Best regards,

[1] http://www.sun.com/bigadmin/content/zones/zones_lisa.pdf
-- 
Jeremie Le Hen
jeremie at le-hen.org