CBSD ! management FreeBSD & Jail

B

bryn1u

Hey,

Someone use it ? It looks amazing !
CBSD is a management layer written for the FreeBSD jail(8) subsystem, aimed at unifying racct(8), vnet, zfs(8), carp(4), hastd(8) in one tool and providing a more comprehensive solution for building and deploying applications quickly with pre-defined software sets with minimal configuration.

No extra OS functionality has been exposed yet, and everything that CBSD can do, you could also run manually with tens or hundreds of commands in the CLI using the underlying utilities (Not that you would want to!)

Features:

Fast deployment of jails from scratch
Import and export to and from images
Cloning and migration (including to remote nodes)
Snapshots using ZFS
Traffic Accounting and Resource Utilisation Information (per-jail)
Resource Management: Priorities (re-nice), RACCT/RCTL, File Quoatas
Remote Replication
Jail Distributions (jail with a certain set of software and services)
Web Interface and Centralized Management
XJails (Xorg in jail)
Bhyve (BSD Hypervisor support)

Why…

«Why FreeBSD? Why jails? Why sh?»:

FreeBSD Jails were chosen for several reasons:

Details about shell
Zero Virtualization Overhead: Without VIMAGE, the jail code is a very simple design.
Security: «divide and conquer». It is desirable for each service or group of services to be isolated.
Efficient Environment Replication: Systems engineers often have to deploy lots of similar environments — AMP, MTA, KDE4. At some point you want environments created and configured in advance. Jails allow you to deploy new environments into operation instantly. It also allows the creation of environments that differ from their master template only in configuration, such as different package sets.
Speed of deployment and convenient backups.
Building your own jail library with customizable options via FreeBSD ports
It isn’t really pleasant to me to live in the world in which there is only one Linux
Many more
Most of the code has been written in sh, since there are no demands for complex logic, it is primarily used to automate what was otherwise manual repetition of commands on the console and is designed to work with external utilities such as: zfs, zpool, sudo, pkg, rsync, etc. Areas that require optimization and specific components such as logtail, replication, node watching daemon are written in C for performance.

cbsd depends on the following software: rsync,sudo,libssh2,sqlite3

Features…

A ready repository for kernels and world that does not require buildworld/installworld;
src.conf support for buildworld/installworld customization;
Catalog can stored on memory disks, in ram or on tpmfs with a RO mounted base;
ZFS: Filesystem, Quotas and Snapshot support;
GUI Configuration of jails (Dialog or Web UI);
VIMAGE support;
Per-jail Traffic Accounting;
Jail Import/Export;
Jail Descriptions;
Cold migration between nodes;
Custom jail startup sequences and priorities;
RACCT/RCTL support;
A repository of ready jail templates;
Jail Replication;
Jail Conversion to PXE/ISO/Memstick-image;
Support for non-native architectures via Qemu User mode (eg: arm or mips64 jail on x86-64 host system);

Goals

Show features of FreeBSD as a hosting platform. Hosting not only jail, but also Linux-environments through bhyve;
WEB panel to create hosting farms on their own resources;
Environment deployment automation;
Convenient management, monitoring and control;
Creation of application platform with services on demand;
Environment (Image) library for rapid provisioning;
Click to expand...

Link: http://www.bsdstore.ru/en/about.html
 
Really Interesting.
I've only had a quick look through the website but it looks like they've put a lot of work into it. I like the sysinstall style menu to configure new jails, zfs/accounting integration, and the ability to 'migrate' a jail between hosts.

It would be great to have a FreeBSD fork (such as FreeNAS), but designed as a lightweight out-of-the-box hypervisor with a simple management system to host VMs using ZFS/bhyve/jails. In fact I'd say this would be just as popular (if not more so) these days as the existing FreeBSD forks (pfSense,FreeNAS,PC-BSD etc). Although getting bhyve to the point where it supports more image formats, virtual devices & guest operating systems is the main thing that would hold this back.

Reminds me a lot of Joyent's SmartOS, which does exactly that with ZFS/KVM/Solaris Zones. It's designed primarily to be booted diskless (either from USB stick or LAN) and they have a few ZFS style commands which allow downloading pre-made OS images, creating and managing Zones/KVM VMs, etc. In fact this may be where the CBSD authors got their inspiration from.
 
It is not only for jail but also bhyve manager too. It would be very interesting to see a comparison matrix between modern FreeBSD jail managements. It's really interesting to me as i'm absolute beginner in jail.
 
Actually, wouldn't it be better to have a port for this interface/layer so that we can all benefit from it?
 
CBSD looks phenomenal! I really have to try it. As somebody mentioned a fork of FreeBSD focused on Jails similar to FreeNAS, TrueOS, or PfSense would be very appropriate.
 
So then, how do you explain the following nginx example?

Code: 
server {
listen       *:80;
listen      [::]:80;

server_name  bsdstore.ru www.bsdstore.ru;
access_log /var/log/httpd/www.bsdstore.ru.acc main buffer=1m;
error_log /var/log/httpd/www.bsdstore.err;

root   /usr/home/web/www.bsdstore.ru;

if ($host !~* ^www\.) {
    rewrite ^(.*)$ http://www.$host$1 permanent;
}

rewrite  ^/ru/$  /ru/about.html permanent;
rewrite  ^/en/$  /en/about.html permanent;

location ~* \.(css|txt|html|js|xsl)$ {
    ssi on;
    ssi_types text/css text/javascript application/x-javascript;
}

location ~* \.(jpg|jpeg|gif|png|swf|tiff|swf|flv|zip|rar|bz2|iso|xz|img)$ {
    add_header Cache-Control "public";
    expires     1d;
}

location / {
    set $language_suffix 'en';

    if ($http_accept_language ~* '^(en|ru){1}') {
        set $language_suffix $1;
    }
    rewrite ^/$ /$language_suffix/about.html permanent;

}

error_page      404     /404.html;
}
 
I had a quick look through that Github repository the other day as I was interested in how it communicated commands to the server. It does appear to be nothing other than the documentation though. The Github project name and README is a bit of a give away.

cbsd-wwwdoc
cbsd documentation part for http://bsdstore.ru site
Click to expand...

The bsdstore.ru website says "work in progress" on the screenshots page so it may be that the web interface isn't available yet. I assume that's what @lukas was asking about?
 
Last edited by a moderator:
You must log in or register to reply here.
Back
Top