Managing updates in jails
Mark Bucciarelli
mark at gaiahost.coop
Fri May 13 10:45:41 PDT 2005
I'm a recent convert to FreeBSD, mainly because of the jail
functionality. I am trying to figure out a good system for keeping
jails updated and am running against my lack of experience with the
compile-from-source approach as well as the different startup scripts.
I have pretty much settled on the idea of creating a template or base
jail, updating that, then creating a tarball that I can extract over any
other jail I need to update. I figure I won't have more than six jails
and the complexity of hardlinks and/or unionfs/nullfs for me is not
worth the saved disk space.
Currently, I have been making buildworld, make buildkernel, etc on the
host, then repeating the process inside the template jail. The host is
just going to run sshd and ntpd, the template will be apache+mysql+php.
A couple questions:
- is there a correct way to "reuse" the makekernel and makeworld done on
the host system for the template jail? for example, using DESTDIR
and/or NOREBUILD? (I tried DESTDIR initially to install vim into the
template jail, but when I ran vim inside the jail, it wouldn't start b/c
it was missing a library. So I back tracked and installed the entire
ports tree inside the jail and built stuff from there.) It takes around
three hours to rebuild everything once, so this will be a limiting
factor on how fast I can patch the system (unless I invest in another,
faster machine just for compiling).
- what directories in the template jail do i need to tar when applying
an upgrade to other jails? just /usr and some selected pieces of /etc?
- i need to support multiple ip's per jail. i found a patch that
applies (pretty much--some wierdness in netinet6) against 5.4, but would
like to use the existing rc.conf to manage startup. where would i look
to modify the jail startup command to pass multiple ips?
- what do people do with the mount command inside a jail--just delete
it? are there other commands you take out?
Thanks for any pointers, I think a section on jails would be a good
addition to the handbook.
Regards,
m
More information about the freebsd-questions
mailing list