hngopher.com

       [HN Gopher] Creating Comfy FreeBSD Jails Using Standard Tools
       ___________________________________________________________________
        
       Creating Comfy FreeBSD Jails Using Standard Tools
        
       Author : kettunen
       Score  : 53 points
       Date   : 2021-01-17 19:07 UTC (3 hours ago)
        
 (HTM) web link (kettunen.io)
 (TXT) w3m dump (kettunen.io)
        
       | efortis wrote:
       | That guide is for non-vnet jails. If you want vnet, use this one:
       | 
       | https://blog.uidrafter.com/engineering/freebsd-jails-network...
       | 
       | Why VNET? "VNET jails give each jail its own isolated copy of the
       | network stack" https://klarasystems.com/articles/virtualize-your-
       | network-on...
        
       | pimeys wrote:
       | I found jails kind of accidentally. A few years back I built a
       | NAS at home and wanted to run ZFS on it, so FreeBSD was an
       | obvious choice. I soon found out how easy it is to create and
       | manage jails: you just start a new one from a template, get an ip
       | address, ssh into it and `pkg install` whatever you need. I now
       | run over 10 jails, having home automation, media player, grafana,
       | few different databases, unifi controller and so on all in their
       | own jails.
       | 
       | I like the simplicity and how straightforward it is to add new
       | servers to our home. I have long history with docker, but kind of
       | prefer the way of being able to ssh into the jail and manage it
       | like a normal server distro. Docker again is much nicer in the
       | daily development flow, where I want nine different databases in
       | a clean state every morning.
        
         | S3raph wrote:
         | jails are great, coincidentally I started using them too with
         | Freenas (now Truenas). The only big disadvantage is that the
         | FreeBSD ports are less uptodate than docker (Linux).
        
           | kazen44 wrote:
           | How are freebsd ports less up to date? As far as i am aware,
           | ports are usually as up to date as can be, because you are
           | compiling from source.
        
             | frankharv wrote:
             | Most open source applications are released for Linux and
             | have to be adapted to FreeBSD. So FreeBSD maintainers have
             | to keep up with the ports. Sometimes port maintainers drop-
             | off leaving stale ports until they break. It is not at all
             | uncommon to be running applications that are several
             | versions behind.
        
               | aduitsis wrote:
               | For popular packages this is not _that_ common. For less
               | popular packages, yes it can happen, because maintainers
               | are almost completely volunteers. Some years ago I
               | created a port, then at some point stopped being able to
               | find the time to maintain it. Eventually someone offered
               | to take over, and I happily obliged.
               | 
               | The ports Makefile framework is incredibly sophisticated,
               | so one can find lots of examples and be quickly able
               | create and test ports very easily, especially for
               | packages written in C, C++, Go, Java, Perl, Python, Ruby,
               | etc. Poudriere, which is the definitive bulk package
               | builder used by FreeBSD pkg itself, is especially useful
               | here. Ports that a have a billion vendored libraries are
               | a pain. Ports are not allowed to download from the
               | internet at build time, so all the vendor dependencies
               | need to be known beforehand and be marshaled to download
               | at the "fetch" phase accordingly. But eventually it all
               | boils down to a very terse and declarative Makefile. What
               | used to be a bigger pain, was the way to update ports in
               | the ports tree, which used to require someone with access
               | to the ports tree taking your new port and updating it.
               | But recent news indicate that FreeBSD is moving to git
               | and towards a model where port owners can each update
               | their own directly, which will be huge. My personal
               | opinion is that this will lower the ports maintenance bar
               | significantly.
               | 
               | Also, for administrators, switching /etc/pkg/FreeBSD.conf
               | from "quarterly" to "latest" pkg train of your version
               | number (e.g. FreeBSD 12.x) will get you the latest
               | versions of binary packages, as soon as their respective
               | port is released into the ports tree. Quarterly is also
               | pretty good, but you get only security updates and
               | package versions tend to stay stable and change every
               | quarter. I've administered systems switched to "latest"
               | and seldom had any serious problems.
        
       ___________________________________________________________________
       (page generated 2021-01-17 23:00 UTC)