You do not need another copy of the FreeBSD userland in a jail.
My unbound dns server, for instance, has something like 24 total files in it. The reason it has so many is because I run two different jails from it - my unbound jail and my nsd jail share the same directory/mountpoint.
Which is to say, I run two different jail commands, that start two different jails with different IPs and startup commands, but they both point to the same directory/mountpoint.
Updates consist of replacing a few binary executables.
Not everything will fit into that model, but when it does, it is fantastic.
My unbound dns server, for instance, has something like 24 total files in it. The reason it has so many is because I run two different jails from it - my unbound jail and my nsd jail share the same directory/mountpoint.
Which is to say, I run two different jail commands, that start two different jails with different IPs and startup commands, but they both point to the same directory/mountpoint.
Updates consist of replacing a few binary executables.
Not everything will fit into that model, but when it does, it is fantastic.