Does poudriere update its jails?

I have tried to find out if ports-mgmt/poudriere has a command to update the jails, in which it builds the packages. Similar to ezjail-admin update -u

So far the man page mentions something about a jail option

Code:
 -t version   instead of upgrading to the latest security fix of the jail
              version, you can jump to the new specified version.

I am not sure what that does. Does that mean that instead of doing a freebsd-update inside a jail it re-downloads the most current files for the version that you specified for that jail?

What will happen if you build packages in an outdated jail and try to install them in an update system? Will there be any confusion? So for example my system is following RELEASE and it is updated regularly, however the packages are being build by Poudriere in a jail that follows RELEASE but is not updated at all. Will there be any problems? What about if I switch both to STABLE, but the jail that Poudriere uses is not updated regularly?
 
It uses freebsd-update(8) to update the jail, however it will only work with jails that have been created from the distribution sets using ftp and http methods. Jails created with svn method are updated by building world.
 
There's no automatic update, you have to do it manually.

To update a jail with latest security patches but stay at the same version:

poudriere jail -u -j jailname

To upgrade to a newer version of FreeBSD, let's say from 9.0 to 9.1:

poudriere jail -u -t 9.1-RELEASE -j jailname
 
Thanks. The jail -u option is missing from the the man page. Is that a recent feature?

Code:
jail
     These subcommands are mutually exclusive.

     -c           Creates a jail.

     -d           Deletes a jail.

     -l           List all available jails.

     -s           Starts a jail.

     -k           Kills a jail (stops it).

     -i           Show information about the jail.

     Except for -l, all of the subcommands require the -j option (see below).

     Here are the options associated with the jail command.

     -J number    This argument specifies how many number jobs will run in
                  parallel for buildworld.

     -q           Remove the header when -l is the specified mandatory option.
                  Otherwise, it has no effect.

     -j name      Specifies the name of the jail.

     -v version   Specifies which version of FreeBSD to use in the jail.  If
                  you are using method ftp then the version should in the form
                  of: 9.0-RELEASE.  If you are using method csup then the
                  version should be in the form of cvs branches: RELENG_9 or .
                  for current.  If you are using method svn then the version
                  should be in the form of svn branches: stable/9 or head for
                  current.

     -a architecture
                  Specifies which architecture of FreeBSD to use in the jail.
                  (Default: same as host)

     -m method    Specifies which method to use to create the jail.  Could be
                  csup, svn{,+http,+https,+file,+ssh), ftp, allbsd, or gjb
                  (Default: ftp).

     -f filesystem
                  Specifies the filesystem name (${ZPOOL}/jails/filesystem).

     -M mountpoint
                  Gives an alternative mountpoint when creating jail.

     -t version   instead of upgrading to the latest security fix of the jail
                  version, you can jump to the new specified version.
 
Switching a jail from -CURRENT to -STABLE:

Code:
# date
Sat 20 Oct 2018 02:35:43 BST
# poudriere jail -i -j current
Jail name:         current
Jail version:      12.0-ALPHA9 1200085
Jail vcs version:  r339274
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-10 10:07:40
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
# uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
# grep PARALLEL_JOBS /usr/local/etc/poudriere.conf | grep -v \#
PARALLEL_JOBS=3
# poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:00] Updating the sources with svn... done
[00:00:15] Starting make buildworld with 3 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 02:36:10 BST 2018
--------------------------------------------------------------
…
 
Yeah, I wondered about the time. Thanks.

https://wiki.freebsd.org/PkgBase looks promising.

Re: https://github.com/freebsd/poudriere/issues/337#issuecomment-429138920 I guessed that this would be the way to go:

poudriere jail -c -j stable -v stable/12 -m http

– and then (with PkgBase) updates would be a doddle.

Unfortunately,

Code:
# date ; uname -v
Sat 20 Oct 2018 05:20:05 BST
FreeBSD 12.0-BETA1 r339438 GENERIC
# poudriere jail -c -j stable -v stable/12 -m http
[00:00:00] Creating stable fs at /usr/local/poudriere/jails/stable... done
[00:00:01] FREEBSD_HOST from config invalid; defaulting to https://download.FreeBSD.org
[00:00:01] Fetching MANIFEST for FreeBSD stable/12 amd64
fetch: https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST: Not Found
fetch: https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST: Not Found
[00:00:01] Error: Failed to fetch from https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST
[00:00:01] Error while creating jail, cleaning up.
[00:00:01] Removing stable jail... done
[00:00:03] Cleaning stable data... done
#
 
Not a big surprise since the stable/12 branch was created only 31 hours ago. The snapshot builders haven't caught up yet.
 
I specified stable/12 but got 13.0-CURRENT.

Below, did I do something wrong at the first line?

Code:
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:01] Updating the sources with svn... done
[00:00:41] Starting make buildworld with 2 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 05:28:38 BST 2018
--------------------------------------------------------------
…
[03:48:35] Recording filesystem state for clean... done
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -i -j current
Jail name:         current
Jail version:      13.0-CURRENT 1300000
Jail vcs version:  r339436
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-20 09:16:33
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # 

[CODE]root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:01] Updating the sources with svn... done
[00:00:41] Starting make buildworld with 2 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 05:28:38 BST 2018
--------------------------------------------------------------
…
[03:48:35] Recording filesystem state for clean... done
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -i -j current
Jail name:         current
Jail version:      13.0-CURRENT 1300000
Jail vcs version:  r339436
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-20 09:16:33
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
root@momh167-gjp4-hpelitebook8570p-freebsd:~ #
 
I see no sense in update a jail from one major version to the next. In such case I always delete the jail and make a new one for the new major version. I think this a much "cleaner" solution.
 
… from one major version to the next. …

I'm trying to avoid that; trying to keep what was 12 … at 12, and stable.

Following the attempt above, I ran:

poudriere jail -u -v stable@339445 -j current

– expecting r339445 but the result was (again) r339436. Puzzling.
 
You're checking out SVN HEAD aka -CURRENT, which is 13.0-CURRENT (since this weekend). Just remove the old jail and create a new one, for base/stable/12 instead of base/head.
 
I did eventually create the new jail but it took … nine hours, if I recall correctly. I imagine that a successful update could/should have been less time-consuming.

Still, I'm puzzled by some aspects of the update routines.

Does the -v stable@339445 part of the update command (I mean, the [I]stable[/I]@ part) not prevent going 'too far' to unstable 13.0-CURRENT?
 
I did eventually create the new jail but it took … nine hours, if I recall correctly.
For -RELEASE version repositories I simply use the default FTP to download and create a -RELEASE jail. For my -STABLE versions I first update the poudriere host using the standard buildworld/buildkernel mantra. When the host is updated (always make sure the host is newer or the same version) you can use the built world to create a basic release(7):
Code:
cd /usr/src/release
make -DNOPKG -DNODOC -DNOPORTS KERNCONF="GENERIC" release
make -DNOPKG -DNODOC -DNOPORTS KERNCONF="GENERIC" DESTDIR=/storage/release/12-stable install
This serves multiple purposes, first you get a nice CD and memory stick image for the -STABLE version. But you also get a FTP file structure you can use for poudriere:
poudriere jail -c -j 12-stable -v 12-STABLE -m url=file:///storage/release/12-stable/ftp
You can update it easily once you have it built:
poudriere jail -u -j 12-stable
 
It's also worth pointing out that you don't necessarily need to do the make release steps for a STABLE jail. It is perfectly possible to use -m src=/usr/src to create the jail using make installworld from your previously built world. And then this can easily be upgraded using the -u flag as well whenever you do a new buildworld.
 
It is perfectly possible to use -m src=/usr/src to create the jail using make installworld from your previously built world. And then this can easily be upgraded using the -u flag as well whenever you do a new buildworld.
For a single jail this works really well. Just make sure you have done a complete buildworld on your sources first. Which you probably already have done any way in order to update the host itself.
 
Back
Top