Management and Repository for FreeBSD Jails

About the project

CBSD is a management layer written for the FreeBSD jail(8) subsystem, aimed at unifying racct(8), vnet, zfs(8), carp(4), hastd(8) in one tool and providing a more comprehensive solution for building and deploying applications quickly with pre-defined software sets with minimal configuration.

No extra OS functionality has been exposed yet, and everything that CBSD can do, you could also run manually with tens or hundreds of commands in the CLI using the underlying utilities (Not that you would want to!)

Features:

  • Fast deployment of jails from scratch
  • Import and export to and from images
  • Cloning and migration (including to remote nodes)
  • Snapshots using ZFS
  • Traffic Accounting and Resource Utilisation Information (per-jail)
  • Resource Management: Priorities (re-nice), RACCT/RCTL, File Quoatas
  • Remote Replication
  • Jail Distributions (jail with a certain set of software and services)
  • Web Interface and Centralized Management
  • XJails (Xorg in jail)
  • Bhyve (BSD Hypervisor support)

Why…

«Why FreeBSD? Why jails? Why sh?»:

FreeBSD Jails were chosen for several reasons:

  • Details about shell
  • Zero Virtualization Overhead: Without VIMAGE, the jail code is a very simple design.
  • Security: «divide and conquer». It is desirable for each service or group of services to be isolated.
  • Efficient Environment Replication: Systems engineers often have to deploy lots of similar environments — AMP, MTA, KDE4. At some point you want environments created and configured in advance. Jails allow you to deploy new environments into operation instantly. It also allows the creation of environments that differ from their master template only in configuration, such as different package sets.
  • Speed of deployment and convenient backups.
  • Building your own jail library with customizable options via FreeBSD ports
  • It isn’t really pleasant to me to live in the world in which there is only one Linux
  • Many more

Most of the code has been written in sh, since there are no demands for complex logic, it is primarily used to automate what was otherwise manual repetition of commands on the console and is designed to work with external utilities such as: zfs, zpool, sudo, pkg, rsync, etc. Areas that require optimization and specific components such as logtail, replication, node watching daemon are written in C for performance.

cbsd depends on the following software: rsync,sudo,libssh2,sqlite3

Features…

  • A ready repository for kernels and world that does not require buildworld/installworld;
  • src.conf support for buildworld/installworld customization;
  • Catalog can stored on memory disks, in ram or on tpmfs with a RO mounted base;
  • ZFS: Filesystem, Quotas and Snapshot support;
  • GUI Configuration of jails (Dialog or Web UI);
  • VIMAGE support;
  • Per-jail Traffic Accounting;
  • Jail Import/Export;
  • Jail Descriptions;
  • Cold migration between nodes;
  • Custom jail startup sequences and priorities;
  • RACCT/RCTL support;
  • A repository of ready jail templates;
  • Jail Replication;
  • Jail Conversion to PXE/ISO/Memstick-image;
  • Support for non-native architectures via Qemu User mode (eg: arm or mips64 jail on x86-64 host system);

Goals

  • Show features of FreeBSD as a hosting platform. Hosting not only jail, but also Linux-environments through bhyve;
  • WEB panel to create hosting farms on their own resources;
  • Environment deployment automation;
  • Convenient management, monitoring and control;
  • Creation of application platform with services on demand;
  • Environment (Image) library for rapid provisioning;