Update jails strategy

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Update jails strategy

Michael Grimm-4
Hi --

[FYI: I am running some service jails with an ezjail-type basejail approach.]

Until now I did stop all jails before updating and restarting them afterwards. Now I am wondering if that is necessary at all.

Wouldn't it be sufficient to update basejail with running jails and restart them after this updating? (In analogy to a "make installworld; make installkernel; reboot")

Background of my question: Until now I do have two identical servers running in parallel (simple failover approach), but I am thinking about migrating both servers to a single cloud instance, and keeping downtimes of my service jails whilst updating the OS to a bare minimum.

Thanks for your input in advance,
Michael

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Update jails strategy

Luke Crooks
When I do this, I am lucky enough to have a physical spare server, so I run
everything on the backup server as a mirror of the master.

I then rebuild and update the jails on master, if there was ever a problem,
I could just switch local dns records to the slave.

All of my last 4 jail rebuilds have been done on my master without any
effect to users or services, then I just schedule a reboot for a time the
server isn't in use.

To date I have had no problem at all, and the whole process of rebuilding
base jail image and all packages from source is easy (just time consuming).
Some of these jails server Web applications and databases handling some
quite heavy traffic. Just seems to work on FreeBSD flawlessly.

On 11 Nov 2017 20:43, "Michael Grimm" <[hidden email]> wrote:

> Hi --
>
> [FYI: I am running some service jails with an ezjail-type basejail
> approach.]
>
> Until now I did stop all jails before updating and restarting them
> afterwards. Now I am wondering if that is necessary at all.
>
> Wouldn't it be sufficient to update basejail with running jails and
> restart them after this updating? (In analogy to a "make installworld; make
> installkernel; reboot")
>
> Background of my question: Until now I do have two identical servers
> running in parallel (simple failover approach), but I am thinking about
> migrating both servers to a single cloud instance, and keeping downtimes of
> my service jails whilst updating the OS to a bare minimum.
>
> Thanks for your input in advance,
> Michael
>
> _______________________________________________
> [hidden email] mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "[hidden email]"
>
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Update jails strategy

Miroslav Lachman
In reply to this post by Michael Grimm-4
Michael Grimm wrote on 2017/11/11 21:42:
> Hi --
>
> [FYI: I am running some service jails with an ezjail-type basejail approach.]
>
> Until now I did stop all jails before updating and restarting them afterwards. Now I am wondering if that is necessary at all.
>
> Wouldn't it be sufficient to update basejail with running jails and restart them after this updating? (In analogy to a "make installworld; make installkernel; reboot")

Update of basejail and restart of jails is enough. I am doing it this
way for a years.
We have build server with prepared updates mounted thru NFS and then
just make installkernel && make installworld (+ mergemaster) in host
system. After the host is updated (before reboot) I run my local script
to rsync changes from host to basejail (sync just bin, sbin, libs, but
not home, etc, var), then mergemaster in all jails and finally reboot
the server. I never stop jails before update.

Miroslav Lachman

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Update jails strategy

Michael Grimm-4
Miroslav Lachman <[hidden email]> wrote:
> Michael Grimm wrote on 2017/11/11 21:42:

>> [FYI: I am running some service jails with an ezjail-type basejail approach.]
>>
>> Until now I did stop all jails before updating and restarting them afterwards. Now I am wondering if that is necessary at all.
>>
>> Wouldn't it be sufficient to update basejail with running jails and restart them after this updating? (In analogy to a "make installworld; make installkernel; reboot")
>
> Update of basejail and restart of jails is enough. I am doing it this way for a years.

Thanks, that's what I wanted to hear ;-)

> We have build server with prepared updates mounted thru NFS and then just make installkernel && make installworld (+ mergemaster) in host system. After the host is updated (before reboot) I run my local script to rsync changes from host to basejail (sync just bin, sbin, libs, but not home, etc, var), then mergemaster in all jails and finally reboot the server. I never stop jails before update.

Ok. Until now I did something similar:

#) make buildworld && make buildkernel at fastest server
#) zfs send /usr/obj and /usr/src to remote server
#) make installworld && make installkernel at remote server

I did use "ezjail-admin update" to update basejail only after stopping all jails. That I will omit from now on, thanks.

Regards,
Michael

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"