Reading the title you might think I want to put developers in Jail and although some may be good candidates this is in the far opposite of my intention. I am talking about FreeBSD Jails. For the unfamiliar with the concept those Jails are userland secure contained environments that share a common kernel. Purists and more knoledgeable people may be jumping off their chairs with this definition but I believe this is a more accurate simplistic description for the uninitiated than say, this is just a chroot on steroids. Ever heard of Docker? There you go. This is it but it dates much older and with security in mind from the very first draft.
We are talking here about operating-system-level virtualization. This also leads us to a host operating environment and a guest operating environment. On a previous article I described a few tools to manage those guest environments. Benefits of these environments and tools can be summarized as ease of use, ease of new environments availability, ease of deploy into different host environments in an interchangeable way, predictability and customizability. These all sound great but how does all benefit a developer where it all sounds oriented to administrators.
Ever heard the topic about: ‘it works on my machine’? What if someone told you there is a tool that can set an environment in just seconds, with just the software you need, with full root control of that environment, in a safe way, and that you could take a snapshot of that environment and transplant it to another box seamlessly, even through the nextwork and it would just boot in a matter of seconds, hence the longest time operation is copying and moving the files around? Wouldn’t that be fantastic for your stable development pace? You need a place where things are set in one way and changes don’t disturb you. You need to know and have control over the environment you’re dealing with. At the same time your boss or your client is pushing you to get things done quick. And then the stages thing. Develop, integrate, put into production. Weren’t we in the devops era? Develop quick, build quicker, upload into production even quicker and die suddenly? Just kidding. You won’t die but you can do all the rest quick and safe.
FreeBSD Jails offer these capabilities leveraging the ZFS file system. Add some Python program into the mix like iocage and off you go. But how?
Let’s say you are a PHP developer (when I say PHP just change that for Python, Java, Node.js, Angular) and you are working on a project and you always need a fresh clean AMP (Apache, MySQL, PHP) stack ready. And it is always a pain for you to set it up and you really hate it, and a friend of yours sent you a script that you lost or it’s broken. Wouldn’t it be great to have one always available and make modifyable copies of it so you could test different strategies of your project? Wouldn’t it be great to have similar environments but testing different PHP, Java or whatever versions for your new tool?
This is a set of FreeBSD Jails I have.
As it can bee seen there is one jail called ‘standardfamp’. Well… it is basically that thing I was talking about. A standard Apache MariaDB PHP stack jail ready to be used as a clean, freshly installed and rightly configured environment for work. The ‘F’ is just standing for FreeBSD, so instead of LAMP it is called FAMP. From that ‘standardfamp’ jail I can create other jails with the same configuration in it, with the same stack and I can literally clone them. If something goes wrong or you just one to get rid of them and start from scratch you already have that ‘base environment’ ready to use. But how does one get here?
First step is getting iocage installed. You can find the instructions on this article. To have the same configured Jail move into another system you can read this other article. But to make it quick, you can export and import Jails and set different properties to them in a matter of just a few commands. Exporting a jail takes from just a few seconds to a few minutes depending of the size of it. Moving it around can be done via USB stick or through the network since exporting a Jail ends up having a .zip file.
You don’t need to move away from Windows, Mac or your favorite GNU/Linux distro you are developing on. You don’t need to switch to a FreeBSD desktop experience to enjoy all this. Although I am a huge fan of operating-system-level virtualization, and Jails is part of that, you can run FreeBSD and have some nice Jail benefits using VirtualBox, Vmware, putyourhypervisornamehere. Now that we live in ‘crazy’ times and even Windows can now run Linux binaries and you can move files around with ease (now that your C drive is just another folder on your Windows box). You may be even doing that on a Windows box virtualizing some Linux. Give FreeBSD and Jails chance!