Vimage vs. jails
julian at elischer.org
Tue Aug 18 23:28:47 UTC 2009
Pierre Guinoiseau wrote:
> Julian Elischer wrote:
>> it's not Vimage vs Jails
>> Vimage as part of Jails.
>> Peter Cornelius wrote:
>>> Hi there,
>>> I just see the vimage changes going into RELENG_8 and I now am
>>> getting my hands dirty, finally. So thanks to all involved.
>>> Just to get my head around this the right way, I understand that
>>> there is no plan to merge vimage and jail into a single jail
>>> utility, right?
>> Actually it IS now all one utility...
>> Add the 'vnet' option to jail to get it to create a new vnet withthe
>> jail, otherwise it acts as before.
>>> I may want a large number of vimages "w/o" jails, or at least a
>>> number of jails "inside" a couple of vimages (reason being the
>>> default route issue raised a while ago).
>> can you expand on that?
>> example comand lines include:
>> jail -c host.hostname=test path=/ vnet command=/bin/tcsh
>> ( make a jail with the same root as normal but with a separate
>> network stack.)
>> jail -c host.hostname=test path=/ vnet children.max=4 \
>> (same as above, excep the jail made is in turn able to make
>> up to 4 child jails
> BTW, when will we be able to set those new parameters in rc.conf? The
> current jails rc script still uses the old way for setting up (or maybe
> did I missed something?), so it doesn't allow to add those new
> parameters. :( It may be a desirable feature for 8.0-RELEASE I think.
The 8.0 vimage/vnet feature is a "feature test" facility.
it allows you to test it out but no-one in their right mind
would tell you to use it in production.
It's been some time since I used the rc.conf method of starting jails
so I can't speak to how much change would be required.
possibly just the addition of "jail_xxx_extra_params".
I forgot to mention the ifconfig vnet additions too, to allow an
interface to be assigned to a particular jail.
>>> Thanks again, and
>>> All the best,
>>> PS. I see a couple of lock order reversals on RELENG_8 which I
>>> would like to report if the build currently running did not address
>>> them -- do we prefer them to a mailing list or to gnats?
More information about the freebsd-virtualization