I'm looking to deploy a server capable of accepting arbitrary programs from many users (possibly thousands). These programs would vary in resource requirements. The typical program would likely wake up several times a second, perform some fairly light computation (approximately 5 microseconds of work or so), and go back to sleep.
The main concern is stability and security -- users shouldn't be able to impact other users on the system. I'd like to be able to limit resource usage per user -- memory, CPU time, etc. Additionally, I'd like to keep wake-up latency as low as possible (receiving data from the network and waking up the necessary program).
The systems running FreeBSD will be server-class. 8+ cores with 64GB+ of RAM.
I'm wondering if placing each user in a jail is a reasonable option. What might a maximum number of jails per-server be, assuming each jail contained 1 user with N programs? Or am I primarily limited by the total number of programs running, with jails being fairly negligible overhead?
The main concern is stability and security -- users shouldn't be able to impact other users on the system. I'd like to be able to limit resource usage per user -- memory, CPU time, etc. Additionally, I'd like to keep wake-up latency as low as possible (receiving data from the network and waking up the necessary program).
The systems running FreeBSD will be server-class. 8+ cores with 64GB+ of RAM.
I'm wondering if placing each user in a jail is a reasonable option. What might a maximum number of jails per-server be, assuming each jail contained 1 user with N programs? Or am I primarily limited by the total number of programs running, with jails being fairly negligible overhead?