Date: Fri, 25 Apr 2014 12:46:12 -0400 From: Fbsd8 <fbsd8@a1poweruser.com> To: Victor Sudakov <vas@mpeks.tomsk.su> Cc: freebsd-questions@freebsd.org Subject: Re: FBSD jail versus VMWare? What services do YOU run in a jail? Message-ID: <535A9154.4010205@a1poweruser.com> In-Reply-To: <20140425120532.GB89790@admin.sibptus.tomsk.ru> References: <CAFS4T6apJ30_WPrV3-azuwr5LHFE8htEk5a_xqe7DRZ7Wy5XqQ@mail.gmail.com> <53580129.5010909@ssimicro.com> <CAHieY7SViGaVXXK2CxQEuiTUZMA4EfrUVn_BdB-PHvoJiUjzaA@mail.gmail.com> <CAJYdwgUq=2s1sL=1EdEQYs=3Gv2ikrSP34kpvtQH%2BfNSedPkHA@mail.gmail.com> <033901cf603f$55a1ffc0$00e5ff40$@FreeBSD.org> <535A468D.7080006@a1poweruser.com> <20140425120532.GB89790@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Victor Sudakov wrote: > Fbsd8 wrote: > >> As the number of running jails increase the >> difficultly of managing them also increases. ezjail has no provisions >> to address this problem. qjail on the other hand is designed from the >> ground floor to simplify the administration of large scale jail >> environments [1 to 2000+ jails]. > > Where can I read more about the unique and advanced features of qjail > missing in ezjail? I have never come across a feature comparison between the two. But qjail is a fork of an old ezjail-3.1 version so much of the feel is the same. http://svnweb.freebsd.org/ports/head/sysutils/qjail/pkg-descr?revision=HEAD This link is a good place to start, then pkg install qjail & ezjail and read their man pages for the details your looking for. For a more general background on jails http://svnweb.freebsd.org/ports/head/sysutils/jail-primer/pkg-descr?revision=HEAD will bring you up to the current status as of release 9.2. > > I am especially interested in features which help update and upgrade > multiple jails and software therein. > > I must admit it's a bit of PITA in ezjail when it comes to upgrading > third party software. I have set up a pkg repository for that purpose, > but still I have to visit each jail individually and run "pkg upgrade" > from inside. > > jail updates is really 2 different arenas. You have the update of the host system binaries and the update of ports. ezjail relies on the old "make buildworld" method. qjail has function to refresh the sharedfs from the running host. You can use what ever method you want to update your host running system and just copy the host running system to qjail. For maximum security and reliability the host and the jails MUST be running the same release level. The second arena is updating your installed ports. Before 10.0 and pkgng this was always a time consuming task. Ports running in jails are bound by the same requirements as running ports on the host. FreeBSD only guarantees ports to function across minor releases. such as moving from 9.0 to 9.1, but when moving across major releases such as moving from 8.2 to 9.0 your inventory of installed ports have to be updated by re-compiling using a current ports filesystem. This is also true for jails. Basing your ports major release update plans on pkgng instead of compiling the port and all its dependents is a great time saver. The only reason to visit each jail individually is if each jail has different mix of installed ports. In large scale jail environments the same port mix is often used in many jails and this is easy for qjail to duplicate.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?535A9154.4010205>