In response to "Jonathan Horne" <[EMAIL PROTECTED]>: > > 4) what about kernel and system updates? i would assume that i would have to > manually update these jails when i buildworld and kernel for other systems as > well (ie, that updating the host would not also update the jails)?
Yes, except this is another place where the ezjail port makes life a breeze. ezjail pretty much automates upgrading all your jails at once (except ports). > 5) how about memory? is it basically one giant shared pool of physical memory > between the host and guests? is there any sort of memory "target" that i > should > try to meet in order to have my jails run the best the can (or a ratio of > memory > to host/jails)? There's no hard and fast rule that I know of. The more stuff you run in each jail, the more each of those will require. If you run relatively lightweight jails, you don't need as much. I've documented some of the stuff I learned here: http://people.collaborativefusion.com/~wmoran/howtos/sshdinjail.html It only describes creating a lightweight jail for sshd, but you can follow a similar process for httpd, or an email server, or whatever. Saves a LOT of memory and process space. Also, ezjail saves a LOT of disk space as you create more and more jails as it uses nullfs mounts to duplicate the base install instead of copying it. > finally, i suppose the best configuration might be to have my host just a > minimal install (avoiding anything that i dont need to function), and have my > jails set up as my service-providing hosts? and are there any services that > just dont work well in a jail (i think i can see NFS being one). Mostly. We run hardware-related stuff on the host system (i.e. snmpd) as well as some universal services (A DNS cache, sendmail). I've had trouble getting programs that use shared memory (such as Postgres) to run inside a jail, but it's been a while since I've tried. -- Bill Moran http://www.potentialtech.com _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"