Attention! I apologize, but it is automatic machine translation of the text. You can improve it if will send to me more correct version of the text or fix html pages via GITHUB repository.
About the project
CBSD is a wrapper from sh-scripts (mainly) round a jail(8) subsystem an operating system
FreeBSD OS. Any new functional in OS at this stage it is not brought - everything that can do cbsd scripts, you can do by command (by commands, tens commands, hundreds of commands) in CLI through the corresponding utilities.
The project becomes as for relief of own needs on administration of jails and servers, and 'just for fun'.
From the list of own needs it is possible to note the following actions:
fast deploy of jail from scratch
export and import of jail to/into the image
jail cloning (including on the remote node)
zfs snapshots for jail
accounting of a traffic per jail via ipfw
jail resource management (priority (re-nice), RACCT/RCTL, file quotas)
jail replication on remote node
distribution of "standard" jails, jail with a certain set of software and services
The WEB interface and the centralized management of jails farm
building pkg repository
A bit of WHY...
Why FreeBSD, why jail, why sh, why...":
The FreeBSD OS and jail are chosen for the project as i very much like jail-based an approach in administration of servers for some reasons, the most important for me are:
absence at overhead on virtualization. Without VIMAGE, the jail code still has very few if/case of designs in a kernel
following to security recommendation - divide and rule. It is desirable each service or group of services to isolate from others
In my administrator's practice often was necessary to do mass of the same installations - FAMP, MTA, KDE4. at some instant it wanted to have
in advance created and adjusted environment. The jail approach allows to enter the server into an operation instantly, after the FreeBSD installation from scratch -
to deploy the mail server or to start with KDE4, any settings in the master a host after the minimum bsdinstall it is not necessary to do - enough
to download in advance created environment through the network. Possibility to create desktop environment image have the special charm in the form of an absence of need
to create the 1024th distribution with differing from the others 1023 only by a wallpaper.
Convenience for backup and a fast deploy jails on the fresh installation.
Build you own local libraries/repository of jails
at already written plus in a look lack of overhead for virtualization, with the corresponding monitoring, it is possible to assembly the most effective systems.
For example, there are jails with NoSQL (redis, memcached) - dense work with memory, a jail with MySQL - dense work with CPU, a jail with Web jails (CPU and network),
jails with Samba (dense work with a network and storage). It is possible to complete each physical note with such jail with which any of the hardware components won't stand idle
and thus, jails won't fight for resources with other jails
The most part of a code is written on sh for the reason that similar tasks don't demand any mathematical logic - scripts generally repeating a lot of input
command of system administrator in the console, i.e., work with external utilities, such as: zfs, zpool, sudo, pkg, rsync..., respectively, need to apply languages
programming generally be absent. The part of bottlenecks, and also some functional (logtail, replication, node wathing daemon and ..) are written on C (in plans
to rewrite bottlenecks on C and further, however not everywhere it is possible: zfs, sudo and тд - have no any libraries through which it would be possible to work with them)
The list of 3rd-party software which use in cbsd work: rsync,sudo,libssh2,sqlite3
a ready repository for kernels and the worlds that takes buildworld/installworld steps not the obligatory.
When steps of buildworld/installworld are undertaken, src.conf for a world customization is supported
base the catalog can place on MD/RAM/TMPFS on a disk that can be useful at a big num of jails with RO mounted base
support of ZFS of file system, ZFS of quotas, ZFS snapshots
GUI configurator of jails (DIALOG/WEB)
traffic count per jail
import/export of jails
descriptions for jails
cold migration of a jails between nodes
management of sequence of start of jail and their priority
a repository with ready jail template
possibility to create own scenarios for creation of jails/repository
jail converting into PXE/ISO/Memstick-image
automatic for the peolple)
convenient management, monitoring and control of jails
application platform with services on demand. If SQL Server is necessary - download & run jail,
is necessary a Internet Gateway - download & run jail, is necessary for AMP, Asterisk PBX, MTA, to GIT a repository -
download and start the corresponding jail. Each service is isolated from others.
As restriction in number of jail can act only hardware resources. If rested against hardware resources - establish
the second node, migrate a part of jails and continue to work.
Accounting for resources of nodes within which it is possible to create N quantity of environments (for example,
jail hosting for individual person)
possibility of use of the central storage of images which it is possible to develop and provide for other users.
and so on...