Binary jail install/maintain/upgrade code (plus ezjail replacement)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Binary jail install/maintain/upgrade code (plus ezjail replacement)

Mike Wayne
A while ago I discovered that jails installed as purely binary jails
(where /usr/src is not installed) using ezjail can never be upgraded.

This led to a lot of investigation where I also discovered that
freebsd-update can not update a jail from the host. This means
that jails with no Internet access (used for local access only) can
not be easily upgraded.

To deal with this, I developed replacement code with these features:
   - The layout of a jail is built to be almost exactly what ezjail
     creates, including symlinks and nullfs mounts, changing basejail
     to BaseJail and newjail to NewJail. This permits both ezjail and
     this system to run in parallel on the same system.
   - Runs on UFS.  This is a hard design requirement as I need to
     be able to run multiple jails in VFS systems with 512MB RAM and
     10GB disk space. Plus I need dump/restore which ZFS does not support.
   - There are no package dependencies at all, everything is done
     using code in base.
   - The entire system is contained in one file, though it does
     write support files as it does its work.
   - Jails are currently installed using whatever distribution is
     already downloaded. An option is provided to determine which
     release will be installed before installation (needs work).
   - Jails are installed and upgraded using free-bsdupdate. /usr/src
     is never required.
   - ALL work is done from the host. No jail needs Internet access
     to be installed or upgraded.
   - Because of the way upgrades are done, jails MUST not be running
     to be upgraded. Sanity checks are provided to help prevent user
     errors.
   - Jails and the base system can be checked with freebsd-update IDS.
   - While not presently implemented, I plan to support upgrading
     binary-only jails which were installed with ezjail.

At this point, things seem to be working. This is NOT ready for
public release so I am not posting code here. I'd like to find one
or two people who are willing to work with what I have, going through
the install/upgrade process a bunch of times and tell me what I've
done wrong and suggest improvements.

Cautions:
   - There will have to be some discussion between us to understand
     how things work. Documentation is very limited.
   - There are some VERY ugly hacks going to to make all this work.
   - If your response is "you should use ZFS" please don't respond.

If this sounds like something you would like to help out with, and
you have some time to dedicate to it, please contact me directly
and we'll get started.

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"