First, I have to say that I loved giving this presentation. Huge kudos to both the Papers We Love movement and in particular to the Papers We Love NYC team – especially Zeeshan Lakhani who set this whole thing up and was generally great to work with.
Secondly, I just wanted to offer myself up to be corrected on anything I mischaracterized about FreeBSD Jails. I tried to get the technical details correct, but the reality is that I know infinitely more about zones than jails, and may well have gotten some bit of history or other technical detail incorrect. (In particular, I still struggle with the fact that Sys V IPC hasn’t been virtualized on a per-jail basis; I don’t see how that could possibly be true, but it seems to be?!)
Finally, I apologize for the length: 1h45m is a bit of a truck pull!
This is such a fantastic talk, thank you! I giggled and learned a lot.
The biggest “a-ha!” moment for me was when you talked about the zone console - that you have access to the console and can log into it even before the zone is booted is one of those things I’ve often wanted in jails. Turns out it’s an enormous yak shave making it work! (So I guess let’s call it technically impossible)
Thanks for the kind words and I’m glad you enjoyed it – and if my only service is to explain that implementing the console was a giant pain in the butt, I think I’ve done right by Dan, if no one else. ;)
The documentation, does seem to imply that Sys V IPC is not virtualized – only allowed or disallowed in a jail. I also found a fairly recent mailing list thread, talking about the desire for the per jail namespacing of it.
I had found the docs, but not the mail thread – especially given its recency, that pretty much says it all! I’m still a bit flabbergasted that this still isn’t done 15+ years after the original work; jails are woefully incomplete with respect to databases as long as this remains unimplemented!
As a predominantly FreeBSD user, it is a bit depressing.
Lately I was playing around with SmartOS, and found the UI of vmadm to be quite nice, even with the use of json¹. It’s like someone actually considered the UI of it! In comparison, the usability of jails (and associated tooling) is rather awful – even the jail.conf file is some weird custom format thing. ;_;
¹: I guess I would prefer something like yaml. The inability to add comments to json is sometimes irritating.
This was a great talk – especially since I could watch it while donating platelets (an almost 2-hour process), so the timing was perfect for me!
btw, in this talk – moreso than others of yours I’ve seen – you remind me of Lewis Black (the comedian), in a good way.
And having lived through the dot-bomb, and seeing companies I worked for spend $$$ on E10Ks, it was great to hear a bit around that from the inside.