initial release
This commit is contained in:
136
README.md
136
README.md
@ -1,3 +1,135 @@
|
||||
# freebsd_jails
|
||||
# FreeBSD Jails implementación
|
||||
|
||||
Una implementación de jails en FreeBSD
|
||||
Un ejemplo de implementar Jails mediante el uso de [ThinJails/NullFS](https://docs.freebsd.org/en/books/handbook/jails/#thin-jail).
|
||||
|
||||
Probablemente no sea la mejor ni la manera mas eficiente de hacerlo, pero puede servir para aprender como funcionan las jails en FreeBSD.
|
||||
|
||||
Recuerda que la comunidad dispone de otras maneras de hacer esto:
|
||||
[Jail Managers](https://docs.freebsd.org/en/books/handbook/jails/#jail-managers-and-containers).
|
||||
|
||||
## Detalle
|
||||
|
||||
Las Jails se van a apoyar en ZFS para su creacion y mantenimiento.
|
||||
Se va a seguir esta estructura de archivos
|
||||
|
||||
### Base de la distribucion
|
||||
El directorio donde se descarga el release de FreeBSD correspondiente que actuara como base para las jails usara el zfs slice / directorio:
|
||||
```
|
||||
zroot/jails/releases /usr/local/jails/releases
|
||||
```
|
||||
|
||||
Ejemplo:
|
||||
|
||||
```shell
|
||||
zroot/jails 1.14T 384G 88K /usr/local/jails
|
||||
zroot/jails/releases 5.47G 384G 96K /usr/local/jails/releases
|
||||
zroot/jails/releases/13.1-RELEASE 2.32G 384G 1.40G /usr/local/jails/releases/13.1-RELEASE
|
||||
zroot/jails/releases/13.2-RELEASE 1.41G 384G 1.41G /usr/local/jails/releases/13.2-RELEASE
|
||||
zroot/jails/releases/14.0-RELEASE 1.30G 384G 1.30G /usr/local/jails/releases/14.0-RELEASE
|
||||
zroot/jails/releases/14.1-RELEASE 451M 384G 451M /usr/local/jails/releases/14.1-RELEASE
|
||||
```
|
||||
|
||||
### Base jails
|
||||
Una vez descarado el sistema base se separa en dos partes, por un lado el "userspace" de FreeBSD en solo ReadOnly y por otro los directorios escribibiles en modo RW clonando el release anterior y dividiendo en dos partes:
|
||||
|
||||
```shell
|
||||
zroot/jails/templates /usr/local/jails/templates
|
||||
|
||||
# Parte solo lectura
|
||||
zroot/jails/templates/base-$FREEBSD_RELEASE-RELEASE /usr/local/jails/templates/base-$FREEBSD_RELEASE-RELEASE
|
||||
|
||||
# Parte lectura/escritura
|
||||
zroot/jails/templates/skeleton-$FREEBSD_RELEASE-RELEASE /usr/local/jails/templates/skeleton-$FREEBSD_RELEASE-RELEASE
|
||||
```
|
||||
|
||||
Por ejemplo:
|
||||
|
||||
```
|
||||
zroot/jails/templates 84.5M 384G 120K /srv/jails/templates
|
||||
zroot/jails/templates/base-13.1-RELEASE 50.1M 384G 1.36G /srv/jails/templates/base-13.1-RELEASE
|
||||
zroot/jails/templates/base-13.2-RELEASE 568K 384G 1.40G /srv/jails/templates/base-13.2-RELEASE
|
||||
zroot/jails/templates/base-14.0-RELEASE 552K 384G 1.29G /srv/jails/templates/base-14.0-RELEASE
|
||||
zroot/jails/templates/base-14.1-RELEASE 232K 384G 447M /srv/jails/templates/base-14.1-RELEASE
|
||||
zroot/jails/templates/skeleton-12.1-RELEASE 4.85M 384G 4.46M /srv/jails/templates/skeleton-12.1-RELEASE
|
||||
zroot/jails/templates/skeleton-12.2-RELEASE 4.92M 384G 4.49M /srv/jails/templates/skeleton-12.2-RELEASE
|
||||
zroot/jails/templates/skeleton-13.0-RELEASE 4.78M 384G 4.34M /srv/jails/templates/skeleton-13.0-RELEASE
|
||||
zroot/jails/templates/skeleton-13.1-RELEASE 4.82M 384G 4.38M /srv/jails/templates/skeleton-13.1-RELEASE
|
||||
zroot/jails/templates/skeleton-13.2-RELEASE 4.48M 384G 4.41M /srv/jails/templates/skeleton-13.2-RELEASE
|
||||
zroot/jails/templates/skeleton-14.0-RELEASE 4.52M 384G 4.43M /srv/jails/templates/skeleton-14.0-RELEASE
|
||||
zroot/jails/templates/skeleton-14.1-RELEASE 4.42M 384G 4.42M /srv/jails/templates/skeleton-14.1-RELEASE
|
||||
```
|
||||
Mas detalle:
|
||||
```shell
|
||||
# ls -lah /usr/local/jails/templates/base-14.1-RELEASE/
|
||||
total 88
|
||||
drwxr-xr-x 15 root wheel 24B Jun 20 2024 .
|
||||
drwxr-xr-x 13 root wheel 13B Jun 20 2024 ..
|
||||
-rw-r--r-- 1 root wheel 1.0K May 31 2024 .cshrc
|
||||
-rw-r--r-- 1 root wheel 495B May 31 2024 .profile
|
||||
-r--r--r-- 1 root wheel 6.0K May 31 2024 COPYRIGHT
|
||||
drwxr-xr-x 2 root wheel 49B Jun 20 2024 bin
|
||||
drwxr-xr-x 15 root wheel 69B Jun 20 2024 boot
|
||||
dr-xr-xr-x 2 root wheel 2B May 31 2024 dev
|
||||
lrwxr-xr-x 1 root wheel 12B Jun 20 2024 etc -> skeleton/etc
|
||||
lrwxr-xr-x 1 root wheel 13B Jun 20 2024 home -> skeleton/home
|
||||
drwxr-xr-x 4 root wheel 78B Jun 20 2024 lib
|
||||
drwxr-xr-x 3 root wheel 5B May 31 2024 libexec
|
||||
drwxr-xr-x 2 root wheel 2B May 31 2024 media
|
||||
drwxr-xr-x 2 root wheel 2B May 31 2024 mnt
|
||||
drwxr-xr-x 2 root wheel 2B May 31 2024 net
|
||||
dr-xr-xr-x 2 root wheel 2B May 31 2024 proc
|
||||
drwxr-xr-x 2 root wheel 150B Jun 20 2024 rescue
|
||||
lrwxr-xr-x 1 root wheel 13B Jun 20 2024 root -> skeleton/root
|
||||
drwxr-xr-x 2 root wheel 150B Jun 20 2024 sbin
|
||||
drwxr-xr-x 2 root wheel 2B Jun 20 2024 skeleton
|
||||
lrwxr-xr-x 1 root wheel 11B May 31 2024 sys -> usr/src/sys
|
||||
lrwxr-xr-x 1 root wheel 12B Jun 20 2024 tmp -> skeleton/tmp
|
||||
drwxr-xr-x 13 root wheel 14B Jun 20 2024 usr
|
||||
lrwxr-xr-x 1 root wheel 12B Jun 20 2024 var -> skeleton/var
|
||||
```
|
||||
|
||||
```shell
|
||||
ls -lah /usr/local/jails/templates/skeleton-14.1-RELEASE/
|
||||
total 37
|
||||
drwxr-xr-x 9 root wheel 9B Jun 20 2024 .
|
||||
drwxr-xr-x 13 root wheel 13B Jun 20 2024 ..
|
||||
drwxr-xr-x 30 root wheel 106B Jun 20 2024 etc
|
||||
drwxr-xr-x 2 root wheel 2B Jun 20 2024 home
|
||||
drwxr-xr-x 2 root wheel 2B Jun 20 2024 portsbuild
|
||||
drwxr-x--- 2 root wheel 7B May 31 2024 root
|
||||
drwxrwxrwt 2 root wheel 2B May 31 2024 tmp
|
||||
drwxr-xr-x 4 root wheel 4B Jun 20 2024 usr
|
||||
drwxr-xr-x 24 root wheel 24B May 31 2024 var
|
||||
```
|
||||
### Jails
|
||||
|
||||
Cuando se crea una jail se clonan el base / skeleton del release correspondiente con el nombre de la jail y se establece su fstab y su configuracion.
|
||||
|
||||
|
||||
## Configuración host
|
||||
|
||||
Archivo /etc/rc.conf
|
||||
```shell
|
||||
## Jails
|
||||
jail_enable="YES"
|
||||
jail_set_hostname_allow="NO"
|
||||
jail_list=""
|
||||
jailsffss_enable="YES"
|
||||
jail_sysvipc_allow="YES"
|
||||
```
|
||||
Archivo /etc/jail.conf
|
||||
|
||||
```shell
|
||||
# Networking
|
||||
interface = "lagg0";
|
||||
ip4.addr = 192.168.50.$ip;
|
||||
# Config
|
||||
host.hostname = "$name.local";
|
||||
path = "/usr/local/jails/services/$name";
|
||||
mount.devfs;
|
||||
mount.fstab = "/usr/local/jails/jail.fstab.d/$name.fstab";
|
||||
exec.start = "/bin/sh /etc/rc";
|
||||
exec.stop = "/bin/sh /etc/rc.shutdown";
|
||||
exec.poststop = "/sbin/umount /usr/local/jails/$name/skeleton; /sbin/umount /usr/local/jails/$name";
|
||||
exec.clean;
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user