Date: Tue, 21 Apr 2015 15:47:10 -0500 From: dweimer <dweimer@dweimer.net> To: Matthew Seaman <matthew@freebsd.org> Cc: freebsd-questions@freebsd.org, owner-freebsd-questions@freebsd.org Subject: Re: Jail Already Exists Message-ID: <d0042c0e5e12ebb038c51dd61ad6f2eb@dweimer.net> In-Reply-To: <5536761E.2040308@FreeBSD.org> References: <99152c411cd85b3cccd77a1404c519cf@dweimer.net> <5536761E.2040308@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/21/2015 11:09 am, Matthew Seaman wrote:
> On 2015/04/21 16:17, dweimer wrote:
>> At some point in the past I learned the trick of dropping TCP
>> connections that were left open to clear processes that were not
>> allowing a jail that had been shutdown to be restarted. Does anyone
>> know
>> other things that could cause a jail to be held open? I have one that
>> I
>> am unable to start, without rebooting the entire server? In this
>> particular instance, It wouldn't be a big deal for me to bounce the
>> server, nor is it an issue leaving the jail down for a while to
>> experiment. However on some other servers both of these would be an
>> issue so I figured now is a good time to experiment with finding a
>> solution.
>>
>> root@freebsd:/jails/proxy # jls
>> JID IP Address Hostname Path
>> 1 192.168.5.6 pgsql.dweimer.local
>> /jails/pgsql/ROOT
>> 2 192.168.5.9 mysql.dweimer.local
>> /jails/mysql/ROOT
>> 3 192.168.5.2 webmail.dweimer.local
>> /jails/webmail/ROOT
>> 4 192.168.5.4 bacula.dweimer.local
>> /jails/bacula/ROOT
>> 5 192.168.5.8 unifi.dweimer.local
>> /jails/unifi/ROOT
>> root@freebsd:/jails/proxy # jail -c proxy
>> jail: proxy: jail 6 already exists
>>
>> jail 6's IP is 192.168.5.3
>>
>> netstat -an | grep "192.168.5.3"
>>
>> finds no results.
>>
>> The jail simply runs a Squid proxy service, I have verified that there
>> isn't a hung up squid process. I have also verified that there are no
>> hung up python processes since I use a Python script as a log daemon
>> to
>> write the Squid logs into a PostgreSQL database on jail 1. I am not
>> sure
>> what else to check for.
>
> I find that not specifying the JID in your jail.conf -- so allowing the
> system to choose an arbitrary JID as required -- will allow restarting
> jails without the hassle of old connections blocking stuff.
>
> Of course, if you restart jails frequently, you'll end up with some
> arbitrarily large JIDs. Get used to referring to the jail by name
> instead. 'jls -h name' will help if you're unsure what those are.
>
> Cheers,
>
> Matthew
Thanks Matthew, that appears to work fairly well, I think after looking
more at the jls man page that a jls -N is more useful to me, as it still
gives me the other information above but lists the JID by name. I do
need to make sure none of my scripts are referencing any jails by their
numeric ID.
# jls -N
JID IP Address Hostname Path
pgsql 192.168.5.6 pgsql.dweimer.local
/jails/pgsql/ROOT
mysql 192.168.5.9 mysql.dweimer.local
/jails/mysql/ROOT
webmail 192.168.5.2 webmail.dweimer.local
/jails/webmail/ROOT
bacula 192.168.5.4 bacula.dweimer.local
/jails/bacula/ROOT
unifi 192.168.5.8 unifi.dweimer.local
/jails/unifi/ROOT
proxy 192.168.5.3 proxy.dweimer.local
/jails/proxy/ROOT
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d0042c0e5e12ebb038c51dd61ad6f2eb>