Re: Jails V2, VIMAGE, and integration in the base system
On 02/03/12 17:02, Devin Teske wrote: Please give this a try: http://druidbsd.sf.net/vimage.shtml http://druidbsd.sf.net/download.shtml Hi, Interesting. Is it safe to run in production (VIMAGE/vnets) ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Jails V2, VIMAGE, and integration in the base system
On Feb 4, 2012, at 10:45 AM, Hugo Silva wrote: On 02/03/12 17:02, Devin Teske wrote: Please give this a try: http://druidbsd.sf.net/vimage.shtml http://druidbsd.sf.net/download.shtml Hi, Interesting. Is it safe to run in production (VIMAGE/vnets) ? I can't speak to every application, release, or even purpose, but we've been using between 2 and 3 dozen vimages for various purposes without problem on 8.1-RELEASE-p6 (just haven't got around to updating to -p7 which is lated RELENG_8_1 security patch). We've been running amd64 hosts with both amd64 and i386 jails. Doing compiler builds, using them as web servers, shell servers, bastion's, gateways, proxies (both shell and web), and even for running legacy releases of FreeBSD (running 4.11 i386 on an amd64 8.1 host). So the VIMAGE/vnets support seems pretty stable in 8.1-RELEASE. Oh, we did have to MFC SVN r207194 to fix a bug in sys/net/rtsock.c when running i386 route(8) in VIMAGE under amd64 host. Though you don't have to apply the patch, as the workaround was simple -- copy the host's amd64 route(8) over vimage's i386 one. That's really the only bug we ever hit, but your mileage may vary. We've been generally very happy with VIMAGE/vnets so far. Now, with respect to the script being production ready, I'd say yes with one minor nit... Unnecessarily starting/stopping vimages after boot is bad for two reasons: 1. In 8.1-RELEASE there's an necessary loss in VM pages everytime you remove a vimage jail with jail -r (this has been fixed in later releases). 2. The Ethernet HW address auto-calculations performed in my script are based on the order in which vimages are started and stopped. This is easily overcome by setting the HW address in the ifconfig_* line within rc.conf(5) (within the vimage rootdir). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Jails V2, VIMAGE, and integration in the base system
Hello, I didn't find much about jails v2 + epair + vimage on google; The FreeBSD wiki pages concerning this subject seem fairly outdated (that or not much has happened in 3 years), and the manpages don't mention much about vimage/vnet. According to http://ivoras.net/freebsd/freebsd8.html it should be in FreeBSD 8.0 (VIMAGE, Jails v2), and maybe it is, but if it's not integrated in the base system and information/documentarion is scarse, few will use it. Found this: http://www.freebsd.org/cgi/query-pr.cgi?pr=142972 - nearly 2 years old. My question is, how wise would it be to attempt to use these features in production? IMO this is very interesting stuff, having these things integrated would be a worthy addition to FreeBSD. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Jails V2, VIMAGE, and integration in the base system
-Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd- questi...@freebsd.org] On Behalf Of Hugo Silva Sent: Friday, February 03, 2012 8:17 AM To: freebsd-questions@freebsd.org Subject: Jails V2, VIMAGE, and integration in the base system Hello, I didn't find much about jails v2 + epair + vimage on google; The FreeBSD wiki pages concerning this subject seem fairly outdated (that or not much has happened in 3 years), and the manpages don't mention much about vimage/vnet. According to http://ivoras.net/freebsd/freebsd8.html it should be in FreeBSD 8.0 (VIMAGE, Jails v2), and maybe it is, but if it's not integrated in the base system and information/documentarion is scarse, few will use it. Found this: http://www.freebsd.org/cgi/query-pr.cgi?pr=142972 - nearly 2 years old. My question is, how wise would it be to attempt to use these features in production? IMO this is very interesting stuff, having these things integrated would be a worthy addition to FreeBSD. Please give this a try: http://druidbsd.sf.net/vimage.shtml http://druidbsd.sf.net/download.shtml -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Jails V2, VIMAGE, and integration in the base system
Hugo Silva wrote: Hello, I didn't find much about jails v2 + epair + vimage on google; The FreeBSD wiki pages concerning this subject seem fairly outdated (that or not much has happened in 3 years), and the manpages don't mention much about vimage/vnet. According to http://ivoras.net/freebsd/freebsd8.html it should be in FreeBSD 8.0 (VIMAGE, Jails v2), and maybe it is, but if it's not integrated in the base system and information/documentarion is scarse, few will use it. Found this: http://www.freebsd.org/cgi/query-pr.cgi?pr=142972 - nearly 2 years old. My question is, how wise would it be to attempt to use these features in production? IMO this is very interesting stuff, having these things integrated would be a worthy addition to FreeBSD. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Yes VIMAGE Jails are part of the 8.x releases. Jail is in the base release in its manual form and you have to recompile the kernel to enable VIMAGE which is labeled experimental. Jails are used in many production environments managed by the sysutil/qjail port but use VIMAGE at your own risk. Have no info on epair. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
