Jails. How should I do things?

Hi. I have been using FreeBSD for a while and knew that there was something called jails for a while. Recently I flipped threw through the handbook on jails and realized that this is probably something I should use. I have recently re-installed my server with 9.1-RELEASE and want to start using jails for stuff like Apache, FTP, MySQL, etc. From the material I have seen online regarding jails, I take it that managing jails the handbook way is not what everyone does. There are ports for this kind of thing. So before I get going I would like to here from other "jailers" how you prefer to do it. Do you use the "manual" handbook way, or maybe a port like warden? I would like to get all input and recommendations (or warnings).
 
I use both techniques. The manual way, which is a bit of a pain to update and with sysutils/ezjail. The latter is a lot easier to use if you have multiple jails, it can also make use of ZFS.
 
The ZFS part is interesting. I have a zpool on that server and have prepared a volume called storage/jails where I was going to put the jails, but I assume (without having read anything about ezjail yet) that it would give me some added functionality? Snapshots of individual jails for instance?
 
It does some ZFS 'trickery' by creating a base jail in a ZFS filesytem and uses clones to create the jails themselves. That basically means you can create a new jail almost instantly. And because it's ZFS you can make full use of snapshots.

I'd try to set up a jail by hand, it's not that difficult and is explained rather well in the jail(8) man page. Just so you can get a feel for jails and how they work. Once you're a bit familiar with them you should definitely try ezjail.
 
Thanks I'm probably going to do just that. The handbook does give a pretty easy to follow explanation so I have tried making a jail that way. I am going to read some more about ezjail while I build the "manual" way.

I had a quick try at sysutils/warden, but ran into some errors. From what I found online, it seams that the port isn't totally up to date in the FreeBSD ports tree.
 
I don't know, I've never tried warden. I don't have a GUI on my servers ;)
 
SirDice said:
I don't know, I've never tried warden. I don't have a GUI on my servers ;)

Neither do I, but it was the first thing I heard about when I started looking for jail ports. I have come to the same conclusion @adripillo, almost all the stuff I find on warden seems to be PC-BSD related. The version in the PC-BSD repository is also more up to date than FreeBSD's.
 
Last edited by a moderator:
crazychip said:
Neither do I, but it was the first thing I heard about when I started looking for jail ports.
I have come to the same conclusion adripillo, almost all the stuff i find on warden seams to be PC-BSD related. The version in PC-BSD repository is also more up to date than FreeBSD.

I have installed both, FreeBSD and PC-BSD, both on two different computers. I can tell you that warden on PC-BSD "comes with the system".
 
fbsd1 said:
If you're not a ZFS user, then look at sysutils/qjail. Qjail uses the jail(8) method while ezjail uses the rc.d jail script method. Qjail also creates VIMAGE jails while ezjail does not. There is also this http://www.a1poweruser.com/35.00-Jails_guide_article.php link for the background of jails.
Cool, good link also. I will definitely bookmark that for later. As I stated above, I am a ZFS user so I'm probably going for the ezjail port. Keeping qjail in mind thou for other servers where I don't.
 
Well, I probably can't comment much about the manual way seeing that I've never used it.
But since FreeNAS 9.1.1 comes standard with the warden, that's what I use.

From personal experience, it seems to be pretty solid and easy to use. The ZFS feature, in particular, is real nice when you want multiple jails.

Here's a snippet of one of the "help" info when you execute the command:
Code:
Warden version 1.3
---------------------------------
Available commands

Type in help <command> for information and usage about that command

         help - This help file
         auto - Toggles the autostart flag for a jail
      bspkgng - BootStrap pkgng and setup TrueOS repo
      checkup - Check for updates to a jail
       chroot - Launches chroot into a jail
       create - Creates a new jail
      details - Display usage details about a jail
       delete - Deletes a jail
       export - Exports a jail to a .wdn file
        fstab - Start users $EDITOR on jails custom fstab
          get - Gets options list for a jail
       import - Imports a jail from a .wdn file
         list - Lists the installed jails
         pkgs - Lists the installed packages in a jail
         pbis - Lists the installed pbi's in a jail
          set - Sets options for a jail
        start - Start a jail
         stop - Stops a jail
         type - Set the jail type (portjail|pluginjail|standard)
     template - Manage jail templates
    zfsmksnap - Create a ZFS snapshot of a jail
 zfslistclone - List clones of jail snapshots
  zfslistsnap - List snapshots of a jail
 zfsclonesnap - Clone a jail snapshot
  zfscronsnap - Schedule snapshot creation via cron
zfsrevertsnap - Revert jail to a snapshot
   zfsrmclone - Remove a clone directory
    zfsrmsnap - Remove snapshot of a jail
 
Back
Top