Date: Sat, 24 Jan 2015 20:27:35 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: "Michael W. Lucas" <mwlucas@michaelwlucas.com>, jail@freebsd.org Subject: Re: preferred jail management tool Message-ID: <54C3F227.2080100@quip.cz> In-Reply-To: <20150123210026.GA45086@mail.michaelwlucas.com> References: <20150123210026.GA45086@mail.michaelwlucas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael W. Lucas wrote on 01/23/2015 22:00: > Hi, > > For those who haven't heard, I'm writing a book on jails. Some details > are at http://blather.michaelwlucas.com/archives/2286. I am glad to read that somebody is working on this topic. (after all!) :) I was maintaining https://wiki.freebsd.org/Jails for some time in the past. It was not easy task, because almost all development work (new features and changes) was made behind close doors. I am no longer able to keep this page up to date. > I want to cover at least one jail management tool. I've done some > research into jail tools. You can see my results at > http://blather.michaelwlucas.com/archives/2291. I don't know your concept of the book but from my point of view, it is more important to explain "all behind" rather than a one tool (and I am almost sure you know it). Too many users have feelings that jails are some king of black magic. And reality is as simple as directory tree full of normal system files. If it should have real value to wide range of users (not only for beginners), the book should cover all corner usecases. For example: cpuset, resource limits, quotas, setfib, VIMAGE (routing and firewalling inside jails), IPv6, ZFS (cloning, snapshoting) nullfs, unionfs, hierarchical jails, using jails.conf instead of rc.conf running 32bit jails on 64bit system running Linux inside of jail monitoring jail resource usage Installing jails by extracting base.txz, by installworld, by rsync from host system Upgrading jails by installworld, by freebsd-update, by rsync from host system Converting physical server in to the jail and vice versa. etc. > I have several choices of jail management tools to write about. It > seems that ezjail gets all the press. I'm wondering if this is because > it's the first tool, or if it's the best of its kind. > > I also hear a lot of whinging about ezjail. I suspect that's because > it's the most widely deployed tool of it's type, however. The one in > front gets the most mud slung at it. > > Looking at the documentation, I'm highly intrigued by iocage. It seems > to do everything that ezjail does and then some. > > CBSD also looks like a really good choice. Based on what I know now, > I'm inclined to cover iocage and CBSD. I created my first jail long time before I discovered existence of ezjail. Then I tried ezjail and ended up with some crashes after update / upgrade of jails by ezjail so I decided not to use it anymore (I still have one old server with ezjail installed). I wrote my one simple tool (shell script) focused on my tasks and my workflow. Instalation or update never failed anymore. So I am one of those folks whinging about ezjail. > I want to ask the experts, though. Which is you guys. > > Any recommendations on what I should cover, or not cover? Any big > screaming red flags in these tools that I should be aware of? From my point of view, ezjail is the most widespreaded and outdated at the same time. New features are glued in it in not so good way and some are missing. Newer tools, like iocage or CBSD, are designed with all new features from the beginning. As I wrote above, I am using my own tool and I don't have practical experience with iocage or CBSD, but I really would like to read about one of them from your book. After some documentation and mailinglist reading I prefer CBSD for bigger projects and iocage for some smaller (single host server, for example) I am looking forward to read your books about Jails and ZFS. Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54C3F227.2080100>