Table of Contents
My first exposure to FreeBSD was in the early 2000s. IRC was more commonly used and I needed a bouncer to moderate some channels. The experience was great but my first web hosting career soon after caused a turn back to Linux. It was similar enough to remain interesting.
FreeBSD came to the rescue during a time when I needed to scale a WebSocket project. There was materially better behavior on FreeBSD with kqueue instead of epoll for the workload, especially at the time. A handful of things have entirely reshaped my understanding of system design, primarily go, plan9 and FreeBSD. My gratitude for experiencing FreeBSD cannot be overstated.
It is tragic how few web hosts use FreeBSD, as if merely knowing it by name and nothing else. To the best of my knowledge the only mainstream brands are Pair Networks and DreamHost.
The advent of cPanel and other outsourced commercial web hosting platforms paved the road for divergence between web hosting and in house technological progress. Development was no longer important because it could all just be purchased. The secondary effect was hiring minimal cost of labour and with that a decline of skills and experience because nothing is built in house so there is no need for depth of understanding. My later career positions showed just how different engineering cultures can be and reshaped my appreciation for strong technical leadership that encourages engineering excellence. It was correctly understood to be the single greatest force multiplier of positive customer and staff experience.
The managed WordPress hosting segment is unsure how to build a perfect platform for the product they sell. Ask them what they wish they had or are working on improving and it will largely comprise of these factors:
- Rock solid stability.
- Unbreakable isolation.
- Resource control (processor, memory, network, disk and kernel limits).
- Robust filesystem which supports snapshots and size management.
These points and much more were already a thoroughly solved problem by FreeBSD years before Linux namespaces! Docker cleverly packaged existing os primitives into an accessible developer workflow with great ergonomics and distribution. Which lead it to be considered the only tool available.
Let me show some basic examples of the power available:
Parent datasetzfs create -o mountpoint=/jails zroot/jails
Create templatezfs create zroot/jails/15.0-template
Extract base
12fetch -o base.txz https://download.freebsd.org/releases/amd64/15.0-RELEASE/base.txz
tar -C /jails/15.0-template -xf base.txz
Create snapshotzfs snapshot zroot/jails/15.0-template@base
Go to town creating jails from snapshotzfs clone zroot/jails/15.0-template@base zroot/jails/example_com
What about customer limits?
Diskzfs set quota=20G zroot/jails/example_com
CPUrctl -a jail:example_com:pcpu:deny=50
Memoryrctl -a jail:example_com:memoryuse:deny=4G
Pin corecpuset -l 1 -j example_com
Pin multiple corescpuset -l 1-4 -j example_com
Limit procsrctl -a jail:example_com:maxproc:deny=50
Verifyrctl -h -u jail:example_com
Complete control and isolation of a multi tenant environment entirely using os primitives at baremetal speed. No licences or vendor lock in and built in features to last for years ahead. This is design using first principles.
Add a well engineered agent to govern these and you yield arguably the strongest foundation for a secure, elegant and performant WordPress hosting platform. What about immutability you ask? Just specify zfs set readonly.
As a web host, consider reflecting on how you approach platform design. Do your senior decision makers study competitors only to directly imitate? Competitor offerings are meant to be assessed with comfort knowing it can be better and a vision to build something better. Otherwise you have talent scarcity scrambling to look up fundamental concepts like what Copy on Write actually means.
I am saying there are different ways of doing things. FreeBSD had the core primitives for this style of hosting long before the market learned to package them well. If you are a service provider interested in related development, then please reach out.