1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Jail Portability

Discussion in 'General' started by mlager, Apr 29, 2012.

  1. mlager

    mlager New Member

    Thanks Received:
    I use FreeBSD 8.3 and ezjail to administrate and maintain my jails. I know ezjail has backup and restore capabilities, but I thought I'd see if people have real world successes with moving jails between FreeBSD hosts.

    My main assumption is that in order to move a jail from one physical host to another the destination host must be on the same release of FreeBSD, both version and CPU architecture wise. The destination kernel must be built consistent to the source kernel to avoid issues too. Obviously networking will have to be handled during the relocation of the jail as well. Beyond that, I can't think of any other variables I need to be aware of.

    My second quandary is the feasibility to relocating a 8.3 jail to a 9.0 host. I'm thinking I could relocate the jail into ezjail's environment, then do an update on the jail using the 9.0 source, and a mergemaster with the jail against the 9.0 source, and it would emulate doing a full update from 8.3 to 9.0 without needing to rebuild the jail.

    Any other input or thoughts would be appreciated, if this all works it really makes jails even more awesome simply from a hardware upgrade perspective.
  2. UNIXgod

    UNIXgod New Member

    Thanks Received:
    I recently decided that my jails where in too small of a space. I didn't use the backup but used mv(). If you look at the mv command man page you'll see that it deals across filesystems proper (i.e. dealing with permissions):

     As the rename(2) call does not work across file systems, mv uses cp(1)
         and rm(1) to accomplish the move.  The effect is equivalent to:
               rm -f destination_path && \
               cp -pRP source_file destination && \
               rm -rf source_file

    Interestingly my own jails retained themselves proper but did not move the base jail.

    I simply removed the old jail directory and edited the appropriate files and reinitialized ezjail to create a new base jail in the new slice. Started the processes and everything worked as planned.

    Since your referring to moving everything I imagine using tar(), cpio() or even pax() may be a better way of dealing with it. As you mentioned you need to be in sync with the OS and if your not you need to update your jails proper. Of course you'll want to shutdown your jails first before you do anything.
  3. olav

    olav New Member

    Thanks Received:
    I don't backup a whole jail, I have a wiki with the procedure about how to build a new identical jail. As a jail mostly only run one or two services, getting a new jail up and running shouldn't take too many minutes. I do take backup of ldap, postgres and config/script files though.
  4. SirDice

    SirDice Moderator Staff Member Moderator

    Thanks Received:
    It does deal with permissions properly but not with hardlinks. You end up with two files instead of one file and one hardlink. Even a copy will get it wrong.

    dice@molly:~/test%ls -Ali dir1/
    total 0
    1672274 -rw-r--r--  2 dice  dice  0 Apr 30 12:32 file1
    1672274 -rw-r--r--  2 dice  dice  0 Apr 30 12:32 link1
    dice@molly:~/test%cp -R dir1 dir2
    dice@molly:~/test%ls -Ali dir2
    total 0
    1672288 -rw-r--r--  1 dice  dice  0 Apr 30 12:34 file1
    1672318 -rw-r--r--  1 dice  dice  0 Apr 30 12:34 link1

    Note how link1 is now a file and not a hardlink anymore.

    The best way is to use tar(1). The best thing about it is that you can tunnel it through ssh(1) to another machine.

    # tar -C /base/dir -cf - jail_to_copy | tar -C /different/base/dir -xvf -

    Or push to remote:
    # tar -C /base/dir -cf - jail_to_copy | ssh admin@other.machine tar -C /different/base/dir -xvf -
    pull from remote:
    # ssh admin@other.machine tar -C /base/dir -cf - jail_to_copy | tar -C /different/base/dir -xvf -
    UNIXgod thanks for this.