[Freedombox-discuss] jails in Debian?

[Rob van der Hoeven]

On Mon, 2013-02-04 at 11:32 +0100, Johan Henselmans wrote:
> i had a short discussion the Bdale about jails in Debian, like there exist in FreeBSD: lightweight jails, having their own TCP/IP stack, which could compartimentalize a server. 
> 
> He mentioned that there are similar solutions in Debian, but did not mention any kind of software. I don't think he meant chroot environments, but I might be mistaken. 
> 
> Can anyone point me to that type of software in Debian?

My FreedomBox uses LXC (Linux containers) as "chroots on steroids".
Everything on my FreedomBox that is connected to the internet is running
in its own LXC container. 

At the moment i'm running 3 Wordpress containers, a GIT container and a
Owncloud container. I am using my LXC setup for two years now on
hardware comparable with the DreamPlug (same processor, 512Mb ram)
without any problems. I have documented my setup on my blog at: 

http://freedomboxblog.nl 

Interesting articles are:

http://freedomboxblog.nl/a-software-architecture-for-the-freedombox/
http://freedomboxblog.nl/installing-lxc-dhcp-and-dns-on-my-freedombox/
http://freedomboxblog.nl/my-freedombox-internet-module-part-1/
http://freedomboxblog.nl/a-wordpress-module-for-my-freedombox/
http://freedomboxblog.nl/adding-a-firewall-and-nat-to-my-freedombox/

Unfortunately LXC on Debian does not work out-of-the-box. This has to do
with the way Debian manages its releases. Releases are stable, and if a
package is broken at the time of freeze, or gets broken after the
release, it stays broken. LXC on Squeeze creates Lenny containers, but
the Lenny repositories are not available anymore. LXC on Wheezy was
frozen at the time the Debian LXC package itself was broken. Its very
unfortunate that LXC on Wheezy is broken because its maintainer has
clearly put a *lot* of effort in the package and now *normal* Debian
users cannot enjoy this great technology for years to come.   

Rob.
http://freedomboxblog.nl