Meetings and Events [RSS]
2005-12-07 - Jail(8), Isaac `Ike` Levy18:00, Apple Store (SoHo)
Early unix mainframe computing brought elegant process and resource sharing systems which helped get more application use out of expensive hardware. These concerns have been largely been pushed aside in computing with the rise of desktop PCs, and large farms of ever-shrinking pizza boxes in the data center. Today, as more punch gets packed into 1u than ever, server resources can be further consolidated and abstracted to securely separate complex and sophisticated services in the same hardware server, by running secure virtual UNIX machines. FreeBSD Jails are a time-tested, secure, reliable UNIX virtual machine with endless uses.
Who wants jails?
- System Administrators who need to securely separate small yet important services.
- Software Developers who always need more dev machines.
- System Architects who need affordable high-availability systems.
- Educators who could use virtual machines to provide clean unix server systems for student use.
- Anyone who wants secure virtual machines.
Why do these people want jail(8)?
- The design of Jail(8) and jail(2) are secure, and because jails use native system utilities, they are simple to work with.
What I would like to focus on:
- How Jails Work, the technical low-down
- How to setup jails, the practical how-to, cooking show style...
- When NOT to use jails
- jail(8) security vulnerabilities/considerations
- Jails vs. Linux UML, XEN, VMware- technical and philosophical differences
- Tools and management practices
- [nycbug-2005-12-07.mp3] (Generously recorded and processed by Nikolai Fetissov)