I am not a sysadmin. I have used Linux for a long time and have run multiple servers but I am new to BSD. I have little experience of running containers or VM hosts. I have been running one VM host server (using Proxmox) and some desktop VMs (using Virtmanager) and containerising some desktop applications (using firejail). Of these tools the one I like the most is firejail, the one I like least is Proxmox's web UI which I find clunky and opaque.
I need to set up a physical server to run multiple internet facing servers. Mostly, but not solely, PHP and Python websites. No untrusted users will have access to the host, but I will need to ensure that a few people only have access to the jail (or VM) that they are given access to. I do not need to deploy anything on a large scale (just the one server, and one jail or VM per server). I think jails will do everything I want (really, a simple chroot would do most of what I want) and almost everything will run on FreeBSD so will only use VMs where I need to use a different OS.
My actual questions:
I need to set up a physical server to run multiple internet facing servers. Mostly, but not solely, PHP and Python websites. No untrusted users will have access to the host, but I will need to ensure that a few people only have access to the jail (or VM) that they are given access to. I do not need to deploy anything on a large scale (just the one server, and one jail or VM per server). I think jails will do everything I want (really, a simple chroot would do most of what I want) and almost everything will run on FreeBSD so will only use VMs where I need to use a different OS.
My actual questions:
- What are the easiest tools for managing these? The documentation has a chapter on ezjail - does that mean it is the default to start with for jails? What about for Bhyve? CBSD seems to do both.
- Is there a lot to learn in terms of the OS (other than the VM and container specific stuff) given I am coming from Linux? Any gotchas I need to be aware of? I imagine most of what I want to do (install and configure web servers, databases, similar common stuff) will be straightforward.