preferred jail management tool
smithi at nimnet.asn.au
Sat Jan 24 15:16:54 UTC 2015
Excuse top-post, but the gmail header on this message was (surprisingly)
insufficiently anonymised to disguise its origin:
Received: from [192.168.111.118] ([184.108.40.206])
by mx.google.com with ESMTPSA id i9sm3249067pdj.27.2015.01.23.19.05.08
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Fri, 23 Jan 2015 19:05:09 -0800 (PST)
Message-ID: <54C30BEC.3090102 at gmail.com>
Date: Sat, 24 Jan 2015 11:05:16 +0800
From: Ernie Luzar <luzar722 at gmail.com>
User-Agent: Thunderbird 220.127.116.11 (Windows/20100228)
Where 18.104.22.168 is in:
inetnum: 22.214.171.124 - 126.96.36.199
descr: Comclark Cable Internet
address: Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
Which is in Angeles City, Philippines.
So, hello there Joe Barbish,
we haven't had one of your selfpromotions of qjail at the expense of
ezjail, the belately acknowledged source of your code, for ages now.
Good to be reminded where you're still coming from, how you acknowledge
your sources, and how you continue to collaborate with your peers.
Michael Lucas, who you may not have been around long enough to know of,
is clearly seeking to research information, ideas and comments from his
peers and acknowledged betters in this field before rushing into print,
as we've come to expect. I wouldn't worry too much about him getting it
Thanks again Joe,
On Sat, 24 Jan 2015 11:05:16 +0800, Ernie Luzar wrote:
> Michael W. Lucas wrote:
> > Hi,
> > For those who haven't heard, I'm writing a book on jails. Some details
> > are at http://blather.michaelwlucas.com/archives/2286.
> > I want to cover at least one jail management tool. I've done some
> > research into jail tools. You can see my results at
> > http://blather.michaelwlucas.com/archives/2291.
> > (No, I'm not trying to drag traffic to my blog. I just don't want to
> > cut-and-paste it to a mailing list. ;-)
> > I have several choices of jail management tools to write about. It
> > seems that ezjail gets all the press. I'm wondering if this is because
> > it's the first tool, or if it's the best of its kind.
> > I also hear a lot of whinging about ezjail. I suspect that's because
> > it's the most widely deployed tool of it's type, however. The one in
> > front gets the most mud slung at it.
> > Looking at the documentation, I'm highly intrigued by iocage. It seems
> > to do everything that ezjail does and then some.
> > CBSD also looks like a really good choice. Based on what I know now,
> > I'm inclined to cover iocage and CBSD.
> > I want to ask the experts, though. Which is you guys.
> > Any recommendations on what I should cover, or not cover? Any big
> > screaming red flags in these tools that I should be aware of?
> > Thanks,
> > ==ml
> I started with ezjail and was so disappointed in it's lack of documentation
> in its [man pages] that I found it to be useless unless you can
> follow it's rats nest of script source code. Now with the change in jail(8)
> configuration file from rc.conf to jail.conf that has been
> slowly making its way into FreeBSD operating system since 9.1 , and scheduled
> to be totally removed in 11.0.
> ezjail has not been updated to use jail.conf yet so ezjail reaches it's [end
> of life] with FreeBSD 11.0 which is on schedule to be
> published by June.
> qjail is a fork of ezjail. qjail is fully documented and jail.conf compliant.
> qjail's real strength is it's user friendliness and it's ability
> to auto create large numbers of jails from a single command. Qjail can also
> setup vimage jails which ezjail does not do.
> There are many other major differences between ezjail and qjail that makes
> qjail far easier to admin jails. A simple review of
> ezjail and qjail man pages will make this point very obvious to the reader.
> Qjail is a simple standalone script and the port has no dependents like the
> other tools you mention at your URL. Any jail tool requiring
> one of the other programing language as a dependent is a show stopper in my
> ezjail has incorporated zfs into its script and as zfs has changed it takes a
> very long time for those zfs changes to be added to ezjail.
> On the other hand qjail uses the jail.conf zfs parameters as the door way for
> zfs as the jail(8) developers have intended.
> ezjail is the old man on the block soon to be planted in the grave yard.
> So my recommendation is to cover qjail in detail and use it as the ruler to
> measure the other jail tools that you select to write about.
> I read your post at http://blather.michaelwlucas.com/archives/2291 and it
> reads like a review based on a reading of the ports comments.
> I recommend you install and use the jail tools you intend to write about
> before you start talking like an expert authority on a subject
> you really know little about.
> To get you started, here is a good URL for you to read
> To the ezjail die hearts on this List. The above is my option based on my
> usage experience and not intended to start a flame war.
More information about the freebsd-jail