Setting up a (Debian) Linux jail on FreeBSD

Vadim_Mkk

Member

Reaction score: 5
Messages: 56

If you need mostly to use Linux software that doesn't ported FreeBSD - easy way to use native Debian Linux without any software crooked nails, braces and the big time consumption.
I don't want use the linux-c7-7.7.1908 port - because I agree with M.W Lucas - "Be warned, though: once you install something outside of the Ports Collection, you’ll need to maintain it by hand"©
Offensively that Devuan doesn't take off in the FreeBSD Jail - I haven't a free time for experiments with not predictable results. Good luck to everybody, I gone to learn Debian and Anaconda Distribution.
I hope that FreeBSD sooner or later to make working jails with Linux - for example Devuan or Void.
Buy,,,






 

shkhln

Daemon

Reaction score: 365
Messages: 1,114

Doing this they translate system calls from one API/ABI to another and emulate the Linux system call table.
I hate to disappoint you, but that is how Linuxulator works in the first place.

If you need mostly to use Linux software that doesn't ported FreeBSD - easy way to use native Debian Linux without any software crooked nails, braces and the big time consumption.
That's just wrong.
 

Vadim_Mkk

Member

Reaction score: 5
Messages: 56

That's just wrong.
Why I need to jump with a tambourine and spend a lot of time on it is not clear and not predictable results if I can run needed me applications on another OS without those problems?
Time is the very expensive and non-renewable resource.
The hell with systemd , 20M lines code - but I have what I need. I work with laptop, no heavy loaded server. Something like this :)
 

Vadim_Mkk

Member

Reaction score: 5
Messages: 56

My target was to run Anaconda distribution on FreeBSD in the Jevuan jail. This attempts failed and this experiments over.
 

gpb

New Member

Reaction score: 1
Messages: 8

I hate to disappoint you, but that is how Linuxulator works in the first place.



That's just wrong.
There was a reason why it was a big task for Sun and Joyent to develop it for zones. lx-brand zones are a type of zone, like whole root and sparse zones, as well as KVM and now bhyve zones, which isn't the same as installing a Linux compatibility layer on your host, then creating a jail and adding some Linux files to it.

While no doubt the OP took time to do what they did, but that is not comparing apples to apples. Imagine all the work Sun and Joyent did if it was that simple.
 

gpb

New Member

Reaction score: 1
Messages: 8

The branded zone (BrandZ) framework extends the Solaris Zones infrastructure, to include the creation of brands. The term brand can refer to a wide range of operating environments. BrandZ enables the creation of non-global zones that contain non-native operating environments used for running applications. The brand type is used to determine the scripts that are executed when a zone is installed and booted. In addition, a zone's brand is used to properly identify the correct application type at application launch time. All brand management is performed through extensions to the current zones structure.

A brand can provide a simple or a complex environment. For example, a simple environment could replace the standard Solaris utilities with their GNU equivalents. A complex environment could provide a complete Linux user space which supports the execution of Linux applications.

Every zone is configured with an associated brand. The default is the native brand, Solaris. A branded zone will support exactly one brand of non-native binary, which means that a branded zone provides a single operating environment.

Branded zones provide a set of interposition points in the kernel that are only applied to processes executing in a branded zone.
  • These points are found in such paths as the syscall path, the process loading path, and the thread creation path.
  • At each of these points, a brand can choose to supplement or replace the standard Solaris behavior.
A brand can also provide a plug-in library for librtld_db. The plug-in library allows Solaris tools such as the debugger, to access the symbol information of processes running inside a branded zone.

The devices supported by each zone are documented in the man pages and other documentation for that brand. Device support is defined by the brand. A brand can choose to disallow the addition of any unsupported or unrecognized devices.

The file systems required for a branded zone are defined by the brand.

The privileges available in a branded zone are defined by the brand.

The lx brand uses the branded zones framework to enable Linux binary applications to run unmodified on a machine with a Solaris Operating System kernel.

The lx brand includes the tools necessary to install a CentOS or Red Hat Enterprise Linux distribution inside a non-global zone. The brand supports the execution of 32-bit Linux applications on x86 and x64 machines running the Solaris system in either 32-bit or 64-bit mode.

The lx brand emulates the system call interfaces provided by the Linux kernel, as modified by Red Hat in the RHEL distributions. This kernel provides the system call interfaces consumed by the glibc version released by Red Hat.

In addition, the lx brand partially emulates the Linux /dev and /proc interfaces.
 

shkhln

Daemon

Reaction score: 365
Messages: 1,114

Looks this was copy-pasted from the (obsolete) Oracle documentation, otherwise the text would mention ability to run 64-bit Linux binaries, which I presume Illumos supports. In any case, this mostly describes container management and not emulation itself.
 

shkhln

Daemon

Reaction score: 365
Messages: 1,114

Why are we going through this exercise anyway? I'm just curious how many posts it would take you to admit that there exist only one (!) way of emulating the Linux kernel. That is, implementing it's public API, which means implementing Linux syscalls.
 

gpb

New Member

Reaction score: 1
Messages: 8

Dude, it came from the source when it was originally created, so of course it wouldn't mention 64-bit that it now handles. But it clearly explains exactly what branded zones are, which is what you asked for. So you're going to complain if someone says to read a man page? Or if somone here links the handbook, even though some pages are old? Get over your bitterness that the Linux hack for jails is not actually like a branded zone.

An lx-brand zone is not the same as KVM. Just the same as a jail is not the same as bhyve. I've ran Solaris 8, 9, 10, 11, OpenSolaris, OpenIndiana, SXCE, OmniOS and SmartOS for 20 years for Fortune 400 companies and US government agencies, so I'm well versed in zones and LDOMS. I've also worked with AIX for Fortune 400 companies and also US DoD, so I also know about Workload Partitions (WPARs) and Logical Partitions (LPARs).

But whatever, it doesn't matter to me. You can believe the original post is the exact same as an lx-brand zone if you choose. I likely won't be back to this forum. I run SmartOS and OmniOS anyway. Was thinking of switching to FreeBSD for my personal mail/web servers (again). I first installed FreeBSD on my home system in 1995 and have ran it off and on since that time. But I'll stick with illumos derivatives.
 

shkhln

Daemon

Reaction score: 365
Messages: 1,114

Nobody ever claimed FreeBSD jails have the same management capabilities, that's a straw man argument. The Linux emulation, however, is quite comparable. I wouldn't be surprised if Linuxulator runs circles around Illumos' implementation with regard to the completeness/compatibility.

But it clearly explains exactly what branded zones are, which is what you asked for.
I didn't.
 
Top