The FreeBSD jail is an operating system level virtualization technology. One common kernel is used by the host and the hosted containers. Hosted jails have restricted access to the resources of the system.
It’s not so complicated to create jails:
- userland must be built at least once, later can be rebuilt, if the base system was upgraded
- installed userland or parts of the userland for every jail
- enabled and configured jails
ZFS will be used to deliver jails. A jail can be relative easy to clone from the snapshot of an example jail.
ZFS snapshots represent consistent filesystem states at the given moments. These snapshots are useful securing backups or creating filesystem clones.
Creating a snapshot takes a moment and cloning the snapshot takes an other one. ZFS clones are the writable instances of snapshots. The changes consume only space on disk, so the delta is stored. The common parts share the same data blocks and the modifications shall be written to new blocks. Create a snapshot before major modification and the rollback is relative simple.
2 ZFS dataset will be created on an existing ZFS pool – zroot in this case:
- One dataset for the base userland of the template jail. This will be automatically mounted under /jail/template
- A second one for skeleton of the jail specific data, config and additionally installed files. /jail/skeleton