[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ezjail] simple image files for jails



> Then I noticed that ezjail has simple images that do this in a more 
> automated fashion. However, there appear to be significant drawbacks 
> with regard to data duplication and upgrading which really limits the 
> benefits of ezjail, so I abandoned this.

| Why do you think this? Image jails work just as normal jails, only their root directory is in a md-image based filesystem.

From the ezjail man page:

     There are also file-based jails, in which the storage space for the jail
     is kept in a file mounted with mdconfig(8).  There are two advantages to
     image jails. The amount of disk space allocated to the jail is limited,
     while normal jails have no bound on the amount of disk space they use. On
     the other hand, the space dedicated to the jail is no longer available to
     the host, even if the jail doesn't use all its allocated space. In addi-
     tion, image jails contain a full copy of the basejail. This makes them
     portable between hosts running the same FreeBSD version as the image was
     created with.  Of course, the jail now needs to be updated independently
     from all other jails, and there is no longer any sharing of common files
     between the jails.

Maybe I am missing something. What I read here is that image jails copy (duplicate) the basejail in each image. Because files are not shared, so each jail must be updated independently.

I am testing it out again, and it does indeed appear that they are nullfs mounted.

So, I can use the image jail, and I can update the base jail, and all the image jails will be up to date with the base jail as well?

Thanks,


-----Original Message-----
From: Dirk Engling [mailto:erdgeist AT erdgeist DOT org] 
Sent: Wednesday, August 28, 2013 11:55 AM
To: ezjail AT erdgeist DOT org
Cc: John Ratliff
Subject: Re: [ezjail] simple image files for jails

On 28.08.13 17:32, John Ratliff wrote:

> Then I noticed that ezjail has simple images that do this in a more 
> automated fashion. However, there appear to be significant drawbacks 
> with regard to data duplication and upgrading which really limits the 
> benefits of ezjail, so I abandoned this.

Why do you think this? Image jails work just as normal jails, only their root directory is in a md-image based filesystem.

> I was wondering if there are any problems with my idea. Why does 
> ezjail put the whole system on the image?

As with "normal" jails created by ezjail, those inside the container also only contain a mountpoint for the shared world (/basejail) and a set of soft links pointing to the respective directories under /basejail

Why not mount the nullfs on top of the mounted image as I was originally doing?

IOW: This is what ezjail does.

  erdgeist