VMs | diyIT
VMs leverage bhyve

Currently run these natively on the host system instead of inside a jail - more flexibility in network connectivity

Run VMs in a special jail

Current VMs:

  • FreePBX/Asterisk 15
  • Windows 10 Enterprise N LTSC 1809 - gaming proxy
  • Linux Ubuntu 18.04 - docker deployment
  • Windows Server 2019 DC - docker deployment, hmailserver, openvms emulation
  • FreeBSD 12.1-RELEASE
  • Kali 2020.2
export JAIL=vm
export JAILHOSTNAME=vm
export JAILDOMAIN=ahlawat.com
export JAILIP=89
export JAILUSER=X
export JAILUSERID=1000
export JAILUSERVNC=false

/root/FreeBSD/jails/create.sh $JAIL $JAILHOSTNAME $JAILDOMAIN $JAILIP $JAILUSER $JAILUSERID $JAILUSERVNC

iocage fstab -r $JAIL /mnt/ship/certs /mnt/certs nullfs ro 0 0

iocage exec $JAIL "mkdir /mnt/windows"
iocage fstab -a $JAIL /mnt/ship/sw/iso/windows /mnt/windows nullfs ro 0 0
iocage exec $JAIL "mkdir /mnt/linux"
iocage fstab -a $JAIL /mnt/ship/sw/iso/linux /mnt/linux nullfs ro 0 0
iocage exec $JAIL "mkdir /mnt/freebsd"
iocage fstab -a $JAIL /mnt/ship/sw/iso/freebsd /mnt/freebsd nullfs ro 0 0
iocage fstab -l $JAIL

iocage exec $JAIL "pkg install -y bhyve-firmware tmux"

iocage exec $JAIL cp /mnt/config/.tmux.conf /root

iocage stop $JAIL

iocage set allow_vmm=1 children_max=8 securelevel=1 allow_mount=1 enforce_statfs=1 allow_mount_devfs=1 devfs_ruleset=200  allow_mount_procfs=1 exec_start="/bin/sh /mnt/config/setup_jail.sh" exec_prestart="/bin/sh /root/FreeBSD/jails/config/vm/create_taps.sh" $JAIL

iocage start $JAIL
Notes
#added to sysctl.conf
#sysctl net.link.tap.up_on_open=1

#check disk usage of VMs
#zfs list -ro space ship/raw

#use chicken of the VNC for these bhyve VNC connections
#https://github.com/boecko/chicken/releases/tag/v2.2b3
Showcased here is a capital and operational cost effective approach, using minimal server and networking hardware with multiple virtualized applications for Home and Business. This solution template can be easily scaled out and adapted for larger Enterprise deployments.
drop by the diyIT Matrix public room at #diyit:matrix.ahlawat.com
if you have any IT questions/feedback or to request pro bono consulting for a nonprofit

message me privately at @sharad:matrix.ahlawat.com
or email me at - sharad@ahlawat.com - pgpkey: 68DD6B89
Networking and Security Technologist.
EngineerĀ andĀ an avid Programmer.

https://sharad.ahlawat.com
strive to learn and pass on the knowledge to the next generation
one day humanity will understand the meaning of life and hopefully it will be more than ASCII 42 = "*" regex for whatever you want it to be,
and destiny is more than just a roll of a pair of dice with 42 dots (Lets nail down Quantum Entanglement)

May you Live Long (Intelligently) and Prosper and work on technology that matters.
© 2025 Sharad Ahlawat

No personal identifying data is collected or any form of analytics/metrics reported to a third-party by this website.