ZFS zfs volume

zader

Member

Reaction score: 3
Messages: 51

HI all,

Been working on a little project but only managed to get half of it working as I want..

In short I've set up Iocage and zfs by creating a normal vdev and sharing it as a pool.

for reference..

host:
Code:
zfs create vms/gameserver
zfs set mountpoint=/gameserver vms/gameserver

iocage create -n dayz ip4_addr="192.168.1.225/24" -r 12.0-RELEASE jail_zfs=on jail_zfs_dataset=gameserver boot=on
as expected when I enter the jail, the zpool shows up as gameserver and that's fine for a file system in the jail ... but my problem is..
I'm trying to run a vm inside the jail and I can't seem to get access to a created volume..

Any idea if this is possible or how / what I'm missing? I know cbsd/clon/freenas seems to have it down pat.. but I really want to understand ALL of the steps to do it myself.

thanks.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,292
Messages: 29,742

I'm trying to run a vm inside the jail and I can't seem to get access to a created volume..
Why separate a VM even further? What's the idea behind that?

In order to make volumes (or filesystems) available inside a jail you'll need to use zfs jail and enable allow.mount.zfs on the jail:
Code:
     allow.mount.zfs
             privileged users inside the jail will be able to mount and
             unmount the ZFS file system.  This permission is effective only
             together with allow.mount and only when enforce_statfs is set to
             a value lower than 2.  See zfs(8) for information on how to
             configure the ZFS filesystem to operate from within a jail.
From jail(8).
 
OP
OP
Z

zader

Member

Reaction score: 3
Messages: 51

ahh thanks, Ok I missed that..

the purpose is ..

the game server I'm running is an arma 2 DayZ server.. so its old and crusty and vulnerable to a lot of potential nastiness. The other problem is that the newest version messed up a ton of perl modules.. thus it wont run on linux/unix system easily.

My idea (and it may not be the best way, so if you have any suggestions I'm all ears)

install freebsd12 host jail a windows vm on a zvol with bhyve...
then run all of the supporting services on release 12 jails on the host ie: postgres, www, discord etc..

then I can can just set up a snapshot rotation on the jails and the zvol and just rollback if theres any issue.


thanks for your help
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,292
Messages: 29,742

the game server I'm running is an arma 2 DayZ server
I had that running too :) I used Wine to get it going. It worked quite well. But we moved to Arma 3 Epoch and I've never been able to get that working. So the game server was replaced with a Debian 8. That ran perfect until I got bored with it and cancelled the VPS.

o its old and crusty and vulnerable to a lot of potential nastiness.
Sure, but a VM by itself would already provide enough "separation" from the host. Why put the VM inside a jail and add a bunch of unneeded complexity without any security gains?
 
OP
OP
Z

zader

Member

Reaction score: 3
Messages: 51

Sure, but a VM by itself would already provide enough "separation" from the host. Why put the VM inside a jail and add a bunch of unneeded complexity without any security gains?
I can work with that, I guess your right.. theres no point in making life more difficult that it needs to be .. lol I already call that "monday" :p

thanks
 
Top