Busted: Using BSD jails to isolate legacy code
gchaix
While running the latest and greatest code is usually the goal, operations people know the code running on the servers always lags a bit behind. Perhaps a mission-critical custom application that has not yet been ported to a modern platform? Or a legacy Drupal 6 site that can't be shut down yet? What can we do to balance the risks of running old, possibly insecure code with organizational requirements?
Toss them in jail!
This session is an introduction to running Drupal in a FreeBSD jail environment. Topics covered include:
- Configuring the host to use jails
- Creating new jails and configuring them to more securely run legacy code
- Using templates to streamline jail creation and configuration
- Managing jails - security, segregation, and snapshots
- Cleaning up the mess when things go wrong
This session is for sysadmins and operations people who have a solid understanding of web server system administration.