Date: Mon, 22 Feb 2016 13:18:09 +1100 From: Aristedes Maniatis <ari@ish.com.au> To: erdgeist <erdgeist@erdgeist.org> Cc: freebsd-jail <freebsd-jail@freebsd.org> Subject: Re: Jail management Message-ID: <0f5cae7e-7de3-2617-fcf6-3423d4caf13a@ish.com.au> In-Reply-To: <DFFE2BFC-1D53-457D-A4C3-633418D3690D@erdgeist.org> References: <ff8307f6-1264-30ec-1ef8-ed3b0a18dd84@ish.com.au> <DFFE2BFC-1D53-457D-A4C3-633418D3690D@erdgeist.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --t6cg0w4f0SCP2auHAqR3oVxhAg4e3gc1d Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 22/02/2016 12:57pm, erdgeist wrote: >=20 >> On 22 Feb 2016, at 14:13, Aristedes Maniatis <ari@ish.com.au> wrote: >> >> Thoughts? What seems like a more robust long term approach to jail man= agement? >=20 > Take a look at bsdploy https://github.com/ployground/bsdploy or just co= me and ask ezjails author. ;) Hello there! Thanks for ezjail: a very useful tool for avoiding the pain = of setting up nullfs and friends. However I think that bsdploy is orthogonal to my problem. I'm already emb= edded in saltstack, so moving to ansible doesn't solve any problems for m= e. And I can't see how it solves the pkg versioning problem any better. That's why I was thinking to move to a snapshot clone/restore approach to= jail management. But that idea butts up against ezjail's assumptions. > Also unionfs does not work very stable. OK, I'll cross that option off my list. That then leaves just ZFS clone a= s the way to create a reproducible and deployable jail environment with t= he correct (old) package versions. I did have another idea: create a poudriere environment for each version = of the app and switch /usr/local/etc/pkg/repos/my.conf each time. But tha= t seems awkward and still very hard to go back in time and apply small fi= xes to an old deployed version. Have I just now outgrown ezjail and should set off on my own? I'm afraid = of how I'd go about upgrading the basejail for new FreeBSD host versions = without your tool :-) Thanks Ari --=20 --------------------------> Aristedes Maniatis ish http://www.ish.com.au Level 1, 30 Wilson Street Newtown 2042 Australia phone +61 2 9550 5001 fax +61 2 9550 4001 GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A --t6cg0w4f0SCP2auHAqR3oVxhAg4e3gc1d Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlbKb+EACgkQ72p9Lj5JECrzgQCcCkNYJYydfF5aZjyZWTPLejep eCoAn3Co69zVuRyi2S5H6msgJKul6QQI =0eFD -----END PGP SIGNATURE----- --t6cg0w4f0SCP2auHAqR3oVxhAg4e3gc1d--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0f5cae7e-7de3-2617-fcf6-3423d4caf13a>