iocell - A FreeBSD jail manager

Oko said:
Apparently somebody has forked sysutils/iocage

https://github.com/bartekrutkowski/iocell

I don't see the port. Could anybody possibly with some affiliation to the project tell me a bit more about the project. Is it possible to import jails created with iocage into iocell ? iocell mailing list looks dead too

https://groups.google.com/forum/#!forum/iocell
Click to expand...

Did you directly try asking to Bartek Rutkowski <robak@FreeBSD.org>?

Some comments about iocell development:

https://news.ycombinator.com/item?id=12946860
 
Thank you for your work! We definitely need maintaned jail manager.
Any gotchas we should be aware when migrating from iocage?
 
abishai Patches welcome! ;) I am not aware of any gotchas, beside the fact, that I don't have a clear and working migration path for using iocell on existing iocage installation. However, if you're using automation for your host and jails, replacing one with another shouldn't be an issue. Using iocell on a fresh host should be smoother sail than with iocage, since iocell already fixes few major and minor issues seen in iocage-devel (this is what iocell is based on, so iocage stable users are going to be a bit more suprised). There's a pull request already introducing nullfs based volumes, that I am reviewing currently, and will be most probably a next major feature of iocell, meanwhile, bugfixes is the main priority.
 
Hm, but iocage-develop was really broken and incompatible with stable one. I remember I tried it before and was disappointed that all jail types except thick has gone. Also, it has slightly different naming convention.
Simple flip between this versions is impossible. Sad news :(
Was it necessary to pick up devel branch? I doubt is used in production and stable contains much less bugs. Probably I'll stay with iocage.
 
  • Thanks
Reactions: Oko
abishai I can't really speak for differences in iocage stable and devel. I remember trying stable and finding some things really broken, that pushed me to use devel version, where things were different, true, but at least fixed, when compared to stable version. Of course, devel had its own issues, and that's what caused the fork into iocell, but that's a different story. I am afraid you're in the worst possible position, since even when/if clear migration path from iocage-devel to iocell is going to be available, I don't think the same thing will ever happen for iocage stable -> iocell scenario. The best thing that comes to my mind is, again, automating creation of the things you have *inside* of the jails with Ansible/Puppet/whatever and once you have that, it is simply a matter of creating new jail containers for your automation to run in - it should Just Work(™) and this is exactly how I migrated myself.
 
  • Thanks
Reactions: Oko
I just started trying iocell today. I did iocell fetch and got a message that I had to activate a pool first, which I think iocage did in the fetch part of its command. I think that the github quickstart and man page might be a bit clearer on that. The man page says in the activate section that it's mostly for automation, and doesn't mention that it's required.


Otherwise, seems almost a drop in replacement. I haven't done anything complex with it yet, just trying it out on my workstation. My only worry is that which Oko has mentioned somewhere (different thread, not sure which) that at present, it seems to be a one man project, and what happens if you get busy or bored? (If that sounds confrontational in writing, it truly isn't meant to be, it's a question I will have to answer if I recommend that we start using it.)

A few small things different---rather than iocage chroot you use iocell exec <jail-name> sh and instead of template= one uses istemplate---that one, at least, was given me by the error message. Anyway, looks good to me so far, though I haven't looked into the more sophisticated uses.
 
scottro I don't know what will happen to iocell if I'll get busy or lose the interest in developing it, all things are possible - somone could step in and drive the project forward, it could be forked by someone else and developed in new direction and it could die a slow death. There is no answer to this, but even you could influence the possible outcome by providing patches, helping in development, testing and so on. Also, keep in mind, that iocage is one man project as well ;)

When it comes to iocell differences - there are none so far, the code changes are mostly bugfixes. What you describe is the difference between iocage stable and iocage devel, from which iocell was forked.
 
That's true, iocage is also a one man project, and like Oko, I was upset when things changed. (Though its current iteration is still usable.)

I know Mike Lucas is, or was, making another of his excellent books and was wondering which jail management tools to cover. Maybe it should be iocell.
 
robak can you give som more information about using the ports-tree in iocell, there is a iocell update -p <release> which fetches the ports-tree with portsnap(8) into the base jail, but how to extract and use it in your jail(s)?
 
You must log in or register to reply here.
Back
Top