Admin... by accident!

You may have chosen to be an admin. I didn't!

  • Home
  • FreeBSD
  • GNU/Linux
  • Security
  • Network
  • Virtualization
  • Politics
  • Github
  • Donate
  • Me

Abandon Linux. Jails for developers.

April 29, 2019 by Albert Valbuena

Reading the title you might think I want to put developers in Jail and although some may be good candidates this is in the far opposite of my intention. I am talking about FreeBSD Jails. For the unfamiliar with the concept those Jails are userland secure contained environments that share a common kernel. Purists and more knoledgeable people may be jumping off their chairs with this definition but I believe this is a more accurate simplistic description for the uninitiated than say, this is just a chroot on steroids. Ever heard of Docker? There you go. This is it but it dates much older and with security in mind from the very first draft.

We are talking here about operating-system-level virtualization. This also leads us to a host operating environment and a guest operating environment. On a previous article I described a few tools to manage those guest environments. Benefits of these environments and tools can be summarized as ease of use, ease of new environments availability, ease of deploy into different host environments in an interchangeable way, predictability and customizability. These all sound great but how does all benefit a developer where it all sounds oriented to administrators.

Ever heard the topic about: ‘it works on my machine’? What if someone told you there is a tool that can set an environment in just seconds, with just the software you need, with full root control of that environment, in a safe way, and that you could take a snapshot of that environment and transplant it to another box seamlessly, even through the nextwork and it would just boot in a matter of seconds, hence the longest time operation is copying and moving the files around? Wouldn’t that be fantastic for your stable development pace? You need a place where things are set in one way and changes don’t disturb you. You need to know and have control over the environment you’re dealing with. At the same time your boss or your client is pushing you to get things done quick. And then the stages thing. Develop, integrate, put into production. Weren’t we in the devops era? Develop quick, build quicker, upload into production even quicker and die suddenly? Just kidding. You won’t die but you can do all the rest quick and safe.

FreeBSD Jails offer these capabilities leveraging the ZFS file system. Add some Python program into the mix like iocage and off you go. But how?

If you find the articles in Adminbyaccident.com useful to you, please consider making a donation.

Let’s say you are a PHP developer (when I say PHP just change that for Python, Java, Node.js, Angular) and you are working on a project and you always need a fresh clean AMP (Apache, MySQL, PHP) stack ready. And it is always a pain for you to set it up and you really hate it, and a friend of yours sent you a script that you lost or it’s broken. Wouldn’t it be great to have one always available and make modifyable copies of it so you could test different strategies of your project? Wouldn’t it be great to have similar environments but testing different PHP, Java or whatever versions for your new tool?

This is a set of FreeBSD Jails I have.

 

As it can bee seen there is one jail called ‘standardfamp’. Well… it is basically that thing I was talking about. A standard Apache MariaDB PHP stack jail ready to be used as a clean, freshly installed and rightly configured environment for work. The ‘F’ is just standing for FreeBSD, so instead of LAMP it is called FAMP. From that ‘standardfamp’ jail I can create other jails with the same configuration in it, with the same stack and I can literally clone them. If something goes wrong or you just one to get rid of them and start from scratch you already have that ‘base environment’ ready to use. But how does one get here?

First step is getting iocage installed. You can find the instructions on this article. To have the same configured Jail move into another system you can read this other article. But to make it quick, you can export and import Jails and set different properties to them in a matter of just a few commands. Exporting a jail takes from just a few seconds to a few minutes depending of the size of it. Moving it around can be done via USB stick or through the network since exporting a Jail ends up having a .zip file.

You don’t need to move away from Windows, Mac or your favorite GNU/Linux distro you are developing on. You don’t need to switch to a FreeBSD desktop experience to enjoy all this. Although I am a huge fan of operating-system-level virtualization, and Jails is part of that, you can run FreeBSD and have some nice Jail benefits using VirtualBox, Vmware, putyourhypervisornamehere. Now that we live in ‘crazy’ times and even Windows can now run Linux binaries and you can move files around with ease (now that your C drive is just another folder on your Windows box). You may be even doing that on a Windows box virtualizing some Linux. Give FreeBSD and Jails chance!

Use this link to get 100 $ credit at DOcean and support Adminbyaccident.com hosting costs.

Filed Under: FreeBSD, Politics

Recent Posts

  • How to install Mate on FreeBSD 12/13
  • How to install Nessus 10 on FreeBSD 12
  • How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
  • How to use Cloudflare’s Argo Tunnel service to publish a website on FreeBSD 12/13
  • How to setup MariaDB master-slave replication on FreeBSD
  • How to upload a FreeBSD custom image on DigitalOcean
  • How to install Drupal 9 on FreeBSD 13.0
  • How to manage site visitors based on IP Geolocation
  • How to enable Geolocation in AWStats on FreeBSD 13.0
  • How to install AWStats on FreeBSD 13.0
  • How to configure Modsecurity 3 for WordPress on FreeBSD
  • How to configure Apache HTTP with a TLS reverse proxy backend on FreeBSD
  • How to detect a WAF – Web Application Firewall
  • How to install Matomo 4 on FreeBSD
  • How to test SSL/TLS configurations
  • How to configure Apache HTTP as a reverse proxy on FreeBSD
  • How to install Nextcloud on FreeBSD 12
  • How to install ModSecurity 3 on FreeBSD
  • How to replace a disk on a ZFS mirror pool
  • How to install Webmin on FreeBSD 12

Archives

  • February 2023
  • January 2023
  • December 2022
  • April 2022
  • March 2022
  • October 2021
  • September 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • September 2018
  • June 2018
  • May 2018
  • April 2018
  • February 2018
  • January 2018
  • November 2017
  • April 2017

RSS Admin… by accident!

  • How to install Mate on FreeBSD 12/13
  • How to install Nessus 10 on FreeBSD 12
  • How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
  • How to use Cloudflare’s Argo Tunnel service to publish a website on FreeBSD 12/13
  • How to setup MariaDB master-slave replication on FreeBSD
  • How to upload a FreeBSD custom image on DigitalOcean
  • How to install Drupal 9 on FreeBSD 13.0
  • How to manage site visitors based on IP Geolocation
  • How to enable Geolocation in AWStats on FreeBSD 13.0
  • How to install AWStats on FreeBSD 13.0

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in