Managing updates in jails
Ruben Bloemgarten
ruben at bloemgarten.demon.nl
Wed May 18 09:29:30 PDT 2005
Hi Mark,
What I find a lot easier is to use freebsd-update for the base system
updates and, after having mount_nullfs'd /usr/ports from the host system
onto the jailed systems, portsnap and portupgrade.
-> host system : freebsd-update/portsnap/portupgrade
Jailed system : freebsd-update/portupgrade
All in all in takes about 20-40 minutes to update all systems host+5Jails.
Good luck,
Ruben
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Mark Bucciarelli
Sent: May 13, 2005 7:46 PM
To: FreeBSD-questions at FreeBSD.org
Subject: Managing updates in jails
I'm a recent convert to FreeBSD, mainly because of the jail
functionality. I am trying to figure out a good system for keeping
jails updated and am running against my lack of experience with the
compile-from-source approach as well as the different startup scripts.
I have pretty much settled on the idea of creating a template or base
jail, updating that, then creating a tarball that I can extract over any
other jail I need to update. I figure I won't have more than six jails
and the complexity of hardlinks and/or unionfs/nullfs for me is not
worth the saved disk space.
Currently, I have been making buildworld, make buildkernel, etc on the
host, then repeating the process inside the template jail. The host is
just going to run sshd and ntpd, the template will be apache+mysql+php.
A couple questions:
- is there a correct way to "reuse" the makekernel and makeworld done on
the host system for the template jail? for example, using DESTDIR
and/or NOREBUILD? (I tried DESTDIR initially to install vim into the
template jail, but when I ran vim inside the jail, it wouldn't start b/c
it was missing a library. So I back tracked and installed the entire
ports tree inside the jail and built stuff from there.) It takes around
three hours to rebuild everything once, so this will be a limiting
factor on how fast I can patch the system (unless I invest in another,
faster machine just for compiling).
- what directories in the template jail do i need to tar when applying
an upgrade to other jails? just /usr and some selected pieces of /etc?
- i need to support multiple ip's per jail. i found a patch that
applies (pretty much--some wierdness in netinet6) against 5.4, but would
like to use the existing rc.conf to manage startup. where would i look
to modify the jail startup command to pass multiple ips?
- what do people do with the mount command inside a jail--just delete
it? are there other commands you take out?
Thanks for any pointers, I think a section on jails would be a good
addition to the handbook.
Regards,
m
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.9 - Release Date: 05/12/2005
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.9 - Release Date: 05/12/2005
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.12 - Release Date: 05/17/2005
More information about the freebsd-questions
mailing list