ZFS, Jails, network, routing, domains and IP addresses
Roland Smith
rsmith at xs4all.nl
Tue Sep 9 20:03:32 UTC 2014
On Tue, Sep 09, 2014 at 03:22:00PM +0200, Niklaas Baudet von Gersdorff wrote:
<snip>
> It would be cool if I could simplify the process of updating the
> software that is running in every jail. I searched in the web for some
> information and also had a look at the FreeBSD mailing lists. It looks
> like it's quite a popular set-up to create a "base" FreeBSD Jail that is
> cloned with the help of ZFS if there is a new jail needed. The ports
> tree is mounted with a nullfs in every jail so updating the "main" ports
> tree would lead to the software in every jail getting updated. Or am I
> understanding something totally wrongly here?
If you mount the ports tree with nullfs, you only get the "recipes" for
installing software.
One way to "automatically" update every jail is to mount /usr/local with a
nullfs in every jail. And then use a unionfs in every jail for the
configuration files in /usr/local/etc.
This does have limitations;
* Every jail then has access to *everything* in /usr/local. That might not
be what you want.
* Every jail needs its own /usr/local/etc, hence the need for unionfs.
* You could run into a situation where /usr/local is updated but not a
jail's configuration files in /usr/local/etc. That might mean that you
e.g. cannot restart a service until a config file is updated as well.
You could also use the host to built packages, and make a repository available
to the jails. In the jails you can then use pkg(8) to keep the packages
updated. This is a good combination of only building a piece of software once
yet being able to keep different packages in different jails.
Roland
--
R.F.Smith http://rsmith.home.xs4all.nl/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 5753 3324 1661 B0FE 8D93 FCED 40F6 D5DC A38A 33E0 (keyID: A38A33E0)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140909/5dac4af7/attachment.sig>
More information about the freebsd-questions
mailing list