The translation is temporarily closed for contributions due to maintenance, please come back later.

Source string Read only

(itstool) path: step/para
Context English State
Upgrading
The design of this setup provides an easy way to upgrade existing jails while minimizing their downtime. Also, it provides a way to roll back to the older version should a problem occur.
The first step is to upgrade the host system. Then, create a new temporary read-only template in <filename>/home/j/mroot2</filename>.
<prompt>#</prompt> <userinput>mkdir /home/j/mroot2</userinput>
<prompt>#</prompt> <userinput>cd /usr/src</userinput>
<prompt>#</prompt> <userinput>make installworld DESTDIR=/home/j/mroot2</userinput>
<prompt>#</prompt> <userinput>cd /home/j/mroot2</userinput>
<prompt>#</prompt> <userinput>cpdup /usr/src usr/src</userinput>
<prompt>#</prompt> <userinput>mkdir s</userinput>
installworld
The <_:buildtarget-1/> creates a few unnecessary directories, which should be removed:
<prompt>#</prompt> <userinput>chflags -R 0 var</userinput>
<prompt>#</prompt> <userinput>rm -R etc var root usr/local tmp</userinput>
Recreate the read-write symlinks for the master file system:
<prompt>#</prompt> <userinput>ln -s s/etc etc</userinput>
<prompt>#</prompt> <userinput>ln -s s/root root</userinput>
<prompt>#</prompt> <userinput>ln -s s/home home</userinput>
<prompt>#</prompt> <userinput>ln -s ../s/usr-local usr/local</userinput>
<prompt>#</prompt> <userinput>ln -s ../s/usr-X11R6 usr/X11R6</userinput>
<prompt>#</prompt> <userinput>ln -s s/tmp tmp</userinput>
<prompt>#</prompt> <userinput>ln -s s/var var</userinput>
Next, stop the jails:
<prompt>#</prompt> <userinput>service jail stop</userinput>
Unmount the original file systems as the read-write systems are attached to the read-only system (<filename>/s</filename>):
<prompt>#</prompt> <userinput>umount /home/j/ns/s</userinput>
<prompt>#</prompt> <userinput>umount /home/j/ns</userinput>
<prompt>#</prompt> <userinput>umount /home/j/mail/s</userinput>
<prompt>#</prompt> <userinput>umount /home/j/mail</userinput>
<prompt>#</prompt> <userinput>umount /home/j/www/s</userinput>
<prompt>#</prompt> <userinput>umount /home/j/www</userinput>
Move the old read-only file system and replace it with the new one. This will serve as a backup and archive of the old read-only file system should something go wrong. The naming convention used here corresponds to when a new read-only file system has been created. Move the original FreeBSD Ports Collection over to the new file system to save some space and inodes:
<prompt>#</prompt> <userinput>cd /home/j</userinput>
<prompt>#</prompt> <userinput>mv mroot mroot.20060601</userinput>
<prompt>#</prompt> <userinput>mv mroot2 mroot</userinput>
<prompt>#</prompt> <userinput>mv mroot.20060601/usr/ports mroot/usr</userinput>
At this point the new read-only template is ready, so the only remaining task is to remount the file systems and start the jails:
Use <command>jls</command> to check if the jails started correctly. Run <command>mergemaster</command> in each jail to update the configuration files.
Managing Jails with <application>ezjail</application>
Creating and managing multiple jails can quickly become tedious and error-prone. Dirk Engling's <application>ezjail</application> automates and greatly simplifies many jail tasks. A <emphasis>basejail</emphasis> is created as a template. Additional jails use <citerefentry><refentrytitle>mount_nullfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> to share many of the basejail directories without using additional disk space. Each additional jail takes only a few megabytes of disk space before applications are installed. Upgrading the copy of the userland in the basejail automatically upgrades all of the other jails.
Additional benefits and features are described in detail on the <application>ezjail</application> web site, <link xlink:href="https://erdgeist.org/arts/software/ezjail/"/>.
Installing <application>ezjail</application>
Installing <application>ezjail</application> consists of adding a loopback interface for use in jails, installing the port or package, and enabling the service.
To keep jail loopback traffic off the host's loopback network interface <literal>lo0</literal>, a second loopback interface is created by adding an entry to <filename>/etc/rc.conf</filename>:
cloned_interfaces="lo1"
The second loopback interface <literal>lo1</literal> will be created when the system starts. It can also be created manually without a restart:
<prompt>#</prompt> <userinput>service netif cloneup</userinput>
Created clone interfaces: lo1.
Jails can be allowed to use aliases of this secondary loopback interface without interfering with the host.
Inside a jail, access to the loopback address <systemitem class="ipaddress">127.0.0.1</systemitem> is redirected to the first <acronym>IP</acronym> address assigned to the jail. To make the jail loopback correspond with the new <literal>lo1</literal> interface, that interface must be specified first in the list of interfaces and <acronym>IP</acronym> addresses given when creating a new jail.
Give each jail a unique loopback address in the <systemitem class="ipaddress">127.0.0.0</systemitem><systemitem class="netmask">/8</systemitem> netblock.
Install <package role="port">sysutils/ezjail</package>:
<prompt>#</prompt> <userinput>cd /usr/ports/sysutils/ezjail</userinput>
<prompt>#</prompt> <userinput>make install clean</userinput>

Loading…

No matching activity found.

Browse all component changes

Source information

Source string comment
(itstool) path: step/para
Flags
read-only
Source string location
book.translate.xml:30793
String age
a year ago
Source string age
a year ago
Translation file
books/handbook.pot, string 4991