paulgorman.org

< ^ txt

Thu Sep 24 08:54:21 EDT 2015 Went to bed at midnight last night, slept OK, and woke up at 8:30. Sunny today, with a high of seventy-six. Goals: - Walk Nope. - Take out the trash Nope. - Play with FreeBSD jails Yes, played with jails. I'm now at lease somewhat familiar with ezjail. Even looked at HAProxy a little for poxying traffic to different jailed websites on private, nat'd IP's. There's a lot to know, but these tools are tremendously promising in their flexibility. I half feel like I've wasted my vacation, but it gave me time to acquire a solid foundational understanding of this stuff. - Go to bed before eleven Done. Realized I haven't vacuumed in a week, and ran the Roomba. I spent a lot of yesterday (while watching episodes of Gotham) reading up on FreeBSD jails. Since the first place I'm likely to deploy these is on my theoretical new personal vm, I'll only have a single public IP address. Everyone says not to run jails without giving them their own IP, so started looking at using ipfw to create a nat'd virtual network. But I keep running into stuff like: nat nat_nr | tablearg Pass packet to a nat instance (for network address translation, address redirect, etc.): see the NETWORK ADDRESS TRANSLATION (NAT) Section for further information. ...from ipfw(8) where there is no NETWORK ADDRESS TRANSLATION section. And a lot of the Handbook sections on jails are just a mess. Wait... I totally libeled the ipfw man page. There is a NETWORK ADDRESS TRANSLATION section. For some reason, `less` can't find section titles on FreeBSD. Odd. Searching for "NAT" finds the section. This week, I kept waiting for Dreamhost to do the database moves they talked about, but I just realized that all my apps are configured to point to name record aliases. Assuming they update the name records for me, I shouldn't actually need to make any changes. I'm zeroing in on FreeBSD/jails/ipfw nat/HAProxy as pretty cool solution; it's slightly complex, but offers huge flexibility and utility. I still feel ambivalent about leaving Dreamhost after so many years, but I'm no confident that the $5/month DigitalOcean vm will more than meet my needs.

< ^ txt