BSDCan2010 - Final Release

BSDCan 2010
The Technical BSD Conference

Bjoern A. Zeeb
Day Talks - 1 - 2010-05-13
Room DMS 1160
Start time 13:00
Duration 01:00
ID 196
Event type Lecture
Track System Administration
Language used for presentation English

The New VVorld

Bjoern Zeeb (presenting) and Robert Watson

For over a decade, FreeBSD has supported lightweight OS virtualization through the Jail framework. The jail approach allows a single kernel to share multiple user space installations, each with their own root user and management environment. Jail has been widely adopted by Internet service providers to achieve virtual machine densities of hundreds or thousands of virtual instance, per server, but also for enterprise service virtualisation. However, a key limitation of the Jail technology has been the one-IP-address-per-Jail constraint, a property of how Jail was integrated with the FreeBSD network stack. This talk describes exciting on-going work to virtualise the FreeBSD network stack, giving each Jail to operate with its own virtual network interfaces, firewalls, traffic management, IPsec stack and forwarding tables, and much more.

What makes FreeBSD's virtualisation framework different from other approaches, such as fully virtualised hardware, and when is it appropriate? What are the design principles and how are things implemented? How does it scale? Why could this approach be interesting to people doing R&D, Internet Service Providers, and other businesses? What interesting things can be done using the framework? How could you extend the framework for your needs, and what are our future plans?

This presentation will attempt to answer these questions to help you evaluate how to use FreeBSD jail-based virtualisation to save time and resources for your business or research.