Date: Fri, 10 Aug 2007 13:13:42 -0500 From: Josh Paetzel <josh@tcbug.org> To: chat@freebsd.org Subject: Creating and copying jail images Message-ID: <20070810181342.GG83613@tcbug.org>
next in thread | raw e-mail | index | archive | help
--IGPMjTREWkoKVnU2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I've been searching for a way to create and copy jail images around for some time now and I've found a solution that works for me and thought I would share it with list and see if anyone can poke any holes in it. Problem: I need to create a jail image that I can deploy on multiple servers, ala a generic apache jail or postgresql jail or whatever. I need to be able to simply explode this image in to a directory and have it work, I'd also like to be able to compress the image because it occasionally has to go over lower-speed WAN links. Here are the tools that I've investigated and the problems I've had with them: tar, cpio, pax: All 3 of these tools have problems with various combinations of meta-data, links, and things like device nodes. cpdup: makes perfect copies, no way to create an archive or image dump: only operates on filesystems. mksiofs: After 3 hours of trying various flags I was unable to create a perfect image, although I got close a couple of times. I finally hit on a solution that works for me. Create a filebacked md filesystem and create the initial jail on that, then dump it. From there you can use restore to explode it anywhere it's needed. so, as a quick example.... dd if=3D/dev/zero of=3D/data/jailfile bs=3D2m count=3D1000 mdconfig -a -t vnode -f jailfile -u 0 newfs /dev/md0 mount /dev/md0 /mnt cd /usr/src ; make installworld distribution DESTDIR=3D/mnt do the things you do to start the jail jexec in to it, install what you need, customizations, so on... stop the jail dump -0Laf jail.img /dev/md0 bzip2 jail.img Now you have a bzip2'd image file that you can restore to an empty directory any time you want a perfect copy of that jail. Another interesting thought is that you could restore to a file backed md device and impliment quotas...at the cost of preallocating the disk space. Anyways, for my problem set it seems to be a workable solution, whether it is useful for anyone else or not I don't know. Also, if you have a different solution or can see a flaw in this one I'd love to hear about it. --=20 Thanks, Josh Paetzel --IGPMjTREWkoKVnU2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.3 (FreeBSD) iD8DBQFGvKrWJvkB8SevrssRAhSMAKCKHcGZkuzEz+Kuqb4nnjQK137t2wCfRKwH 5wZJWf3aPdBXJO9uCM0vENs= =T3RK -----END PGP SIGNATURE----- --IGPMjTREWkoKVnU2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070810181342.GG83613>