# Jails for web services



## gpatrick (May 17, 2012)

Currently my everyday laptop is FreeBSD 9.0 and my firewall is OpenBSD and my web and mail servers are OpenBSD.  

I am using Pound as my reverse proxy, OpenSMTPD for mail, and using OpenBSD's base Apache 1.3.  I'm considering changing to FreeBSD and using Jails and giving mail, reverse proxy and the web server their own virtual servers.

However, one thing I like right now is my restore for OpenBSD is quick should disaster occur.  I have dumps and would just have to disklabel, newfs, restore and I'm back in business.  As a precaution I also have a USB drive with all of the dumps restored, so I would only have to plug in and reboot.  The dumps are stored on another USB drive and get updated with changes.  I also save the dumps to my FreeBSD machine and also to DVD.

I like freebsd-update and the qjail or ezjail update methods for Jails, too.

What would my recovery process be like using Jails?
Another question with Jails is for the network stack is -vnet or netgraph the best way to go?
A third question is I read from, circa, January (v 9.0), there was a memory leak in vnet and if that has been fixed?


----------



## zodias (May 18, 2012)

I use FreeBSD 9.0-RELEASE + zfs + ezjail.

Ezjail supports backup:
[CMD=]ezjail-admin archive jailname[/CMD]
[CMD=]ezjail-admin restore jailname][/CMD]

ZFS supports file system snapshots, etc.

I make a separate zfs for every jail either by hand or using ezjail-admin option for that. It is very convenient.


----------



## fbsd1 (May 18, 2012)

Keep in mind that vnet and zfs is experimental and not intended for production use.


----------

