I like to use jails.conf and the sysutils/jail2/ port. I create a very basic jail and later just clone it taking advantage of ZFS.
I share the /usr/ports from the host with the jails, but let each jail have their own files, so that later if needed, I can just dump the full jail and move it to another server with out need to worry about X o Y missing files. Once I have the jail, I follow this schema: https://github.com/nbari/arena Hope this can help or give more ideas. regards. On Jan 13, 2014, at 2:03 PM, [email protected] wrote: >> W dniu 2014-01-12 10:09, wishmaster pisze: >> >>>> I would also recommend ezjails. Using fat jails is often completely >>>> unnecessary. >>> >>> Do you think using ezjail you will obtain "thin" jails? >>> You are wrong. Setup 5...10 jails for applications: one jail for >>> web-applications on php, one for java and so on. And you will see how your >>> jails will be FAT! And now imagine update system and software procedure. >>> So, if you need a lot of "light" isolation containers, ezjail is not your >>> way. >>> I use self written scripts which creates one base system with all needed >>> packages and a lot of "containers" with vnet supports and with "security in >>> mind". Upgrading is very easy, just one jail. >> >> Sounds nice, maybe write some blog post or even a more detailed mail to >> this list with some how-to? I'm sure many people would find this very >> interesting. >> >> -- >> best regards, >> Lukasz Wasikowski > > Yes indeed, then we can all learn how and more importantly "why". > > Best Regards. > > Dave B. > > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
