ZFS + jail best approach

[gregober]

Hi,

I wanted to have the point of view of the community on the best approach in order to handle a quite large system with couple of jails (shouldn't have more than 5 to 10). Whole system is based on zfs. I'll use this as a backup server.

I have been using the "handbook" approach so far. It is quite stable but the linked directories inside each jail is quite error prone and may be confusing. With this approach you can update all your jails at once… this is quite tempting, but if you have an error… all your jails are gone at once ! == you can't afford to have a kernel compile problem while updating your system or you're dead !!

http://www.freebsd.org/doc//handbook/jails-build.html


The other approach that I have found is to use create a base jail system using sysinstall and then zfs snapshot to clone It. You then use this to create a jail. You end up with couple of independent jails which are not linked to each other in any way. You can / need to update each jail one by one.

http://vocalbit.com/article/402/freebsd-jails-using-zfs-and-bsdinstall


• I wanted to know if the handbook approach is still the most recent one considering the latest progress in FBSD jail management ?

• I wanted to know if you had some "mixed" approach that can leverage the risk of the handbook approach ?

• Last but not least - do you have any good pointer to recent guide / howto / studies on the subject ?


Thanks

 

[Beeblebrox]

* An easier way to manage jails & updates is sysutils/ezjail and sysutils/qjail. And it easily does this:

you can update all your jails at once

* Where are you getting this from? Are you using a jail to build ports or kernel?

you can't afford to have a kernel compile problem while updating your system or you're dead

Even then, a build break will not affect any of the other jails. If you get a problem when you run installkernel on the host, then you will also not be able to boot into the host (nevermaind jails), but for that you can use KODIR to specify a one-time-only boot into the newly built kernel.

* With zfs and multiple jails placed on their own file system, you can use zfs's dedup to save on HDD space (look it up).

* What does this mean? No such thing...

linked directories inside each jail is quite error prone and may be confusing

 

[grabes]

I use MFSBSD to setup all my ZFS based systems. Its lightweight, and lets me setup my ZFS based system easily. After that ezjail has been kind to me over the years. It you use ZFS it uses a common base system across all your jails, and upgrades are a snap.

 

[JohnElder]

I'm using ZFS, and I want to use ezjail. After I run this command: ezjail-admin update -ip it shows:

install -s -o root -g wheel -m 555   ldd32 /usr/jails/fulljail/usr/bin/ldd32
"/usr/src/etc/Makefile", line 147: Malformed conditional (${MK_DEBUG_FILES} != "no")
"/usr/src/etc/Makefile", line 149: if-less endif
"/usr/src/etc/Makefile", line 316: Malformed conditional (${MK_DEBUG_FILES} != "no")
"/usr/src/etc/Makefile", line 318: if-less endif
make: fatal errors encountered -- cannot continue
Error: The command 'make distribution' failed.
  Refer to the error report(s) above.

I don't know what's wrong with it. I search online through Google, nothing useful.

ps; I have made buildworld and installworld.