FreeBSD 10.3 Jails with jail.conf - unable to start jails

E

euphrus

Any and all help is greatly appreciated.
Using FreeBSD 10.3 STABLE
I am new to FreeBSD and have been following this guide for thin jails and this guide for jail.conf.

This is what I get when I try to run service jail start:
Code: 
Starting jails:jail: qa: mount.fstab: /etc/fstab.qa: No such file or directory

This is my /etc/fstab:
Code: 
/home/j/mroot   /home/j/sb   nullfs   ro   0   0
/home/j/mroot   /home/j/dev   nullfs   ro   0   0
/home/j/mroot   /home/j/demo   nullfs   ro   0   0
/home/j/mroot   /home/j/qa   nullfs   ro   0   0
/home/js/sb   /home/j/sb/s   nullfs   rw   0   0
/home/js/dev   /home/j/dev/s   nullfs   rw   0   0
/home/js/demo   /home/j/demo/s   nullfs   rw   0   0
/home/js/qa   /home/j/qa/s   nullfs   rw   0   0

This is my /etc/rc.conf:
Code: 
hostname="warden.euphrus.com"
ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0"
defaultrouter="192.168.1.254"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
zfs_enable="YES"

jail_enable="YES"

This is my /etc/jail.conf:
Code: 
exec.start += "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
path = "/usr/home/j/$name";

sb {
   host.hostname = "sb.euphrus.com";
   ip4.addr = "192.168.1.11";
}

dev {
   host.hostname = "dev.euphrus.com";
   ip4.addr = "192.168.1.12";
}

demo {
   host.hostname = "demo.euphrus.com";
   ip4.addr = "192.168.1.13";
}

qa {
   host.hostname = "qa.euphrus.com";
   ip4.addr = "192.168.1.14";
}
 
Remington said:
Follow my guide at https://forums.freebsd.org/threads/49561/

Just ignore the VIMAGE sections since you may not need it. I still use this setups and it works very well.
Click to expand...

Thanks, but I'm not looking for an alternate way to do things. I can google that. I am trying to run thinjails using nullfs on FreeBSD 10.3.

Also, your guide is not very helpful. I am not the type of user that just goes and types what someone else put in their 'how to'. It lacks the why of things.
However, your guide may be great for someone who knows exactly why you did what you did and what it all means (not me - not yet).

Again, thank you very much for taking the time to read the post.
I hope your reply and guide will be useful to someone else.
 
Use srobb.net instead of scottro.net. (They're the same thing, but scottro is run on a home computer that has a slow connection and sometimes goes offline.)
 
I stopped at 14.5 because of

This section demonstrates one method to resolve this issue by safely sharing as much as is possible between jails using read-only mount_nullfs(8) mounts, so that updating is simpler. This makes it more attractive to put single services, such as HTTP, DNS, and SMTP, into individual jails. Additionally, it provides a simple way to add, remove, and upgrade jails.

Note:
Simpler solutions exist, such as ezjail, which provides an easier method of administering FreeBSD jails but is less versatile than this setup. ezjail is covered in more detail in Section 14.6, “Managing Jails with ezjail”.
Click to expand...

ezjail does seem like what I want...

Creating and managing multiple jails can quickly become tedious and error-prone. Dirk Engling's ezjail automates and greatly simplifies many jail tasks. A basejail is created as a template. Additional jails use mount_nullfs(8) to share many of the basejail directories without using additional disk space. Each additional jail takes only a few megabytes of disk space before applications are installed. Upgrading the copy of the userland in the basejail automatically upgrades all of the other jails.
Click to expand...

What's the benefit of doing it the hard way?
 
I haven't been able to get this to work.
As I understand this is a bug and the fix is merely a work around.
Perhaps just using ezjail is better, but I would like to understand the benefits of this method - perhaps it's worth learning - I don't know.
 
You're not doing the jail setups correctly because you're not following FreeBSD guides on how to setup jails. The guide is very simple to follow.

For example, you're missing jail_list="sb dev demo qa" for rc.conf and fstab.sb, fstab.dev, fstab.demo, and fstab.qa.

Using /etc/fstab is very bad idea. If you delete or change directory, delete jail then FreeBSD will not complete it booting process. That's the whole point of using fstab.sb is to prevent FreeBSD from hanging the system at boot process.

ezjail is better for setting up, managing and upgrading jails without so much hassles. There are other jail tools but I like ezjail better. I've done jails without the tools and its involves more work and errors. You're not going to get much help here if you don't follow the FreeBSD guides on Jails.

That's why you don't understand my guide on other thread because you have no idea what you're doing.
 
Remington said:
You're not doing the jail setups correctly because you're not following FreeBSD guides on how to setup jails. The guide is very simple to follow.

For example, you're missing jail_list="sb dev demo qa" for rc.conf and fstab.sb, fstab.dev, fstab.demo, and fstab.qa.

Using /etc/fstab is very bad idea. If you delete or change directory, delete jail then FreeBSD will not complete it booting process. That's the whole point of using fstab.sb is to prevent FreeBSD from hanging the system at boot process.

ezjail is better for setting up, managing and upgrading jails without so much hassles. There are other jail tools but I like ezjail better. I've done jails without the tools and its involves more work and errors. You're not going to get much help here if you don't follow the FreeBSD guides on Jails.

That's why you don't understand my guide on other thread because you have no idea what you're doing.
Click to expand...


This has been an ongoing battle. It does not work. I have tried following the examples. See this thread.

I went with alternatives because they have been suggestions from senior FreeBSD community members like SCOTTRO - great docs by the way...

I've read it may have something to do with not enabling ipv6... - still reading.
 
Alternative is good if you know what you're doing but for starting to learn how jails work then ezjail(7) is a best place to start. People here will more likely will help you if they know ezjail(7). There are many ways to do jails but not everyone knows scottro's suggestions. I don't either.

Beside IPV6 has nothing to do with this since you're not using IPV6 addresses.
 
Yeah, I don't trust my own guides either. :) Seriously, it is something that we've used in production successfully. However, we were planning to move away from it. There is no reason to not use ezjails, and there is almost certainly better documentation on it than anything I wrote about the way we do it. (There's also the handbook page, linked from my page, with a somewhat more complex way of using nullfs).

Actually, these days, I want to recommend iocage, but unfortunately, it's being rewritten (it was in shell, and is getting rewritten in Go), and while it currently works and should continue to work, I have no idea when the newest version will be ready.

https://github.com/iocage/iocage/commit/3f394561a3dde55cd3ac7911be313c5df5865183

At any rate, my writeup, which was a simplified version of a method in the handbook, is just something we started doing for various reasons instead of using ezjail, we thought it might give us more flexibility. In retrospect, it probably hasn't. :) and I would join in suggesting you might have better luck with ezjail.
 
I just got my first ezjail(7) started - woohoo!!!

I know - no big deal, but after all this...
WOOHOO!!!

I did have one issue, but I deleted and recreated and it worked - not sure what I might have done...

Thank you all for your help - I have so much reading to do...
 
Good. It was pretty easy. :)

I use ezJail to create, destroy, and update jails. I understand ezJail use their own config to start jails but I use FreeBSD to start jails using /etc/jail.conf so I don't use full ezJail features but I do understand how it works. ezJail doesn't work with vimage so that's why I use different setups for my production servers. Vimage provides its own network stacks for each jails so my clients can use their own network settings and its still highly experimental. I only provide vimage if my clients really needs it.

Once you start to understand how it works then you can tweak it to your own flavors that works best for you.
 
You must log in or register to reply here.
Back
Top