[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ezjail] sharing selected ports across jails?
Le 02/10/2010 18:05, Royce Williams a écrit :
Is anyone sharing selected ports across jails?
For ports that multiple jails need (for me, ports like bash, sudo,
portupgrade, portaudit, etc.), it would be far more efficient to
upgrade one instance. Some ports would necessarily be per-jail ports,
and others would be shared.
* Specify jail-specific configs and data directories, if needed.
* Handling libraries.
What is The Right Way to do this? Unionfs, other?
I see this as a significant potential force multiplier.
I share packages among my jails from the first time i used jails (and
I 've set up one "forge" jail , that is the only one which mount the
port tree, and from this jail i create a directory
/var/ports/`jails_name`.pkg that has the name of each jail running
services (one directory per jail so), and one more directory
/var/ports/common-pkgs for all common packages i install among all the
Inside /var/ports/common-pkgs I build all the packages from the port
tree that all other jails will need (zsh, tmux, sudo, vim) like this
(e.g. zsh build for my 'www' jail) :
forge# export PACKAGES=/var/ports/common-pkgs
forge# cd /usr/ports/shells/zsh
forge# make config-recursive (optionnal)
forge# make package-recursive
forge# make deinstall-clean (as make package-recursive
install the port while building the packages, I deinstall every ports
after package building)
The zsh package (and its deps) is in '/var/ports/common-pkgs/All' directory.
In the 'www' jail I've created the directory /var/ports/common-pkgs
(/var/ports/packages is created by default), so all the mount point
directories are ready.
From the host running jails, I add the corresponding mount entries in
the jail's fstab : /etc/fstab.www
nullfs ro 0 0
/jails/forge/var/ports/www.pkg /jails/www/var/ports/packages nullfs ro 0 0
and mount these new mount points (from the host of course).
Then I enter the www jail and
www# pkg_add /var/ports/common-pkgs/All/zsh-X.Y.tbz
With this hierarchy :
-I can build common packages for all my jails using the PACKAGES
(export PACKAGES=/var/ports/common-pkgs or setenv PACKAGES
/var/ports/common-pkgs from the forge jail depending your shell type)
-When i need some special build option for a port (make config) only for
one jail, or specific packages for specific jail, I use
export PACKAGES=/var/ports/`myjailname` or setenv PACKAGES
-As every built packages has its version number in its name, I can
update the port tree, build newer versions of packages and roll back to
previous version if any package upgrade fails.
-All packages are centralized, that makes packages backups simpler.
This is a very basic a typical way to do this but I hope this can help you.
Michael "sidh" Henneton