Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
comparison docs/man/man8/ftjail.rst @ 468:3108ce603fa1
Add usage examples for managing thin jails with the ftjail commands into the manual page of ftjail
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Wed, 21 Aug 2024 12:58:35 +0200 |
| parents | 38a5d6693b8b |
| children | c65a79d84e9e |
comparison
equal
deleted
inserted
replaced
| 467:6ecd16725818 | 468:3108ce603fa1 |
|---|---|
| 82 | 82 |
| 83 Environment | 83 Environment |
| 84 ----------- | 84 ----------- |
| 85 | 85 |
| 86 All environment variables that affect :command:`zfs` are effective also. | 86 All environment variables that affect :command:`zfs` are effective also. |
| 87 | |
| 88 | |
| 89 Examples | |
| 90 -------- | |
| 91 | |
| 92 Prepare the containers for the template datasets | |
| 93 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 94 | |
| 95 Container for templates:: | |
| 96 | |
| 97 zfs create -o canmount=off -o mountpoint=/jail/ttmpl zpool/jail/ttmpl | |
| 98 | |
| 99 Sub-container for all read-only bases:: | |
| 100 | |
| 101 zfs create -o canmount=off zpool/jail/ttmpl/base-ro | |
| 102 | |
| 103 Sub-container for all read-write volumes:: | |
| 104 | |
| 105 zfs create -o canmount=off zpool/jail/ttmpl/skel-rw | |
| 106 | |
| 107 | |
| 108 Create a new complete template for a FreeBSD distribution | |
| 109 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 110 | |
| 111 Create new template datasets and populate them from a distribution archive. | |
| 112 The example is for FreeBSD 13.3-RELEASE:: | |
| 113 | |
| 114 # prepare empty datasets | |
| 115 ftjail datasets-tmpl -P zpool/jail/ttmpl/base-ro zpool/jail/ttmpl/skel-rw 13.3-RELEASE | |
| 116 | |
| 117 # | |
| 118 # Here you can adjust some properties (``canmount``) or create some additional | |
| 119 # datasets manually. | |
| 120 # | |
| 121 | |
| 122 # mount at a temporary mountpoint | |
| 123 mkdir /var/tmp/13.3 | |
| 124 ftjail mount-tmpl -P zpool/jail/ttmpl/base-ro/13.3-RELEASE zpool/jail/ttmpl/skel-rw/13.3-RELEASE /var/tmp/13.3 | |
| 125 | |
| 126 # populate the contents from the distribution archive | |
| 127 ftjail populate-tmpl -P /var/tmp/13.3 base-13.3-RELEASE.txz | |
| 128 | |
| 129 # If the kernel is wanted also then extract it like this | |
| 130 ftjail populate-tmpl -P -b /var/tmp/13.3 base-13.3-RELEASE.txt kernel-13.3-RELEASE.txz | |
| 131 | |
| 132 Make a named snapshot named "base" for the original:: | |
| 133 | |
| 134 ftjail snapshot-tmpl zpool/jail/ttmpl/base-ro/13.3-RELEASE zpool/jail/ttmpl/skel-rw/13.3-RELEASE base | |
| 135 | |
| 136 Also prepare the :command:`etcupdate`:: | |
| 137 | |
| 138 ftjail build-etcupdate-current-tmpl /var/tmp/13.3 etcupdate-current-13.3@base.tbz | |
| 139 | |
| 140 Update to the current patch level and tag accordingly (e.g. "p5"):: | |
| 141 | |
| 142 # Update | |
| 143 freebsd-update -b /var/tmp/13.3 -d /var/tmp/13.3/var/db/freebsd-update/ --currently-running 13.3-RELEASE fetch | |
| 144 freebsd-update -b /var/tmp/13.3 -d /var/tmp/13.3/var/db/freebsd-update/ --currently-running 13.3-RELEASE install | |
| 145 | |
| 146 # Snapshot | |
| 147 ftjail snapshot-tmpl zpool/jail/ttmpl/base-ro/13.3-RELEASE zpool/jail/ttmpl/skel-rw/13.3-RELEASE p5 | |
| 148 | |
| 149 # Do not forget to prepare for etcupdate | |
| 150 ftjail build-etcupdate-current-tmpl /var/tmp/13.3 etcupdate-current-13.3@p5.tbz | |
| 151 | |
| 152 Unmounten:: | |
| 153 | |
| 154 ftjail umount-tmpl zpool/jail/ttmpl/base-ro/13.3-RELEASE zpool/jail/ttmpl/skel-rw/13.3-RELEASE | |
| 155 | |
| 156 | |
| 157 Container and Common Location for instantiated Thin Jails | |
| 158 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 159 | |
| 160 All thin jails are located at :file:`/jail/TROOT`:: | |
| 161 | |
| 162 zfs create -o mountpoint=/jail/TROOT zpool/jail/TROOT | |
| 163 | |
| 164 Create the variable datasets (read-write) with the same mountpoint as above:: | |
| 165 | |
| 166 zfs create -o canmount=off -o mountpoint=/jail/TROOT zpool/jail/TVAR | |
| 167 | |
| 168 | |
| 169 Creation of a real Thin Jail | |
| 170 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 171 | |
| 172 Clone the read-only root filesystem base:: | |
| 173 | |
| 174 zfs clone -o readonly=on zpool/jail/ttmpl/base-ro/13.3-RELEASE@p5 zpool/jail/TROOT/build13 | |
| 175 | |
| 176 If you want some additional directory (e.g. for :file:`/srv` et al.) do this | |
| 177 instead:: | |
| 178 | |
| 179 zfs clone -o readonly=off zpool/jail/ttmpl/base-ro/13.3-RELEASE@p5 zpool/jail/TROOT/build13 | |
| 180 # change before making it read-only | |
| 181 mkdir /jail/TROOT/build13/srv | |
| 182 zfs set readonly=on zpool/jail/TROOT/build13 | |
| 183 | |
| 184 Copy -- not clone -- the variable parts:: | |
| 185 | |
| 186 ftjail copy-skel -P zpool/jail/ttmpl/skel-rw/13.3-RELEASE p5 zpool/jail/TVAR/build13 | |
| 187 | |
| 188 Configure some important parts (as in "normal" jails):: | |
| 189 | |
| 190 mount -t devfs devfs /jail/TROOT/build13/dev | |
| 191 fjail configure /jail/TROOT/build13 | |
| 192 umount /jail/TROOT/build13/dev |