Mount zfs dataset inside jail

[Johan Hendriks]

Hello all.

I have a question regarding iocage and zfs datasets

I cant seem to mount a zfs dataset that is not part of the jail itself,
I can not seem to get that working.
Is it possible with iocage to do that, it would be nice because that way
I can export the jail without a huge zfs dataset within it.

Or is there an option to export the jail and exclude the
pool/iocage/UUID/root/data dataset.

One other thing is an option to mount the ports tree from the host itself.
I could not find it within iocage, but it would be nice if I could set
the option to nullfs mount the ports tree from the host or maybe even
nicer a seperate ports tree managed by iocage.
So a command iocage portsnap update that updates the ports tree for the
jails.
Now I did it by manually adding the file /iocage/jails/UUID/fstab.


Thanks for your time and a wonderful tool.

regards
Johan

[Peter Toth]

Hi Johan,

Yes, zfs jailing for custom datasets will be included in the upcoming days.

Basically just need to commit.

So after that you can jail any dataset which is not part of iocage in a jail even from different ZFS pools.

For the export you could set "iocage set jail_zfs=off myjail" and restart your jail then export.

For ports the custom fstab with nullfs works - why do you need ports in a jail - do you run software which is not in PKG repos?

Cheers

Peter 

Johan


--
You received this message because you are subscribed to the Google Groups "iocage" group.
To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.
To post to this group, send email to ioc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/55E8C1B5.1040608%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Peter Toth]

Johan, please try latest iocage from develop branch - zfs jailing of custom datasets should work now.

Cheers

Peter

[Peter Toth]

Should be the following:

1. iocage set jail_zfs=on myjail

2. if you want to have a custom dataset iocage set jail_zfs_dataset=full_dataset_name myjail

3. start jail iocage start myjail

4. inside the jail do "zfs list" should show your jailed dataset

5. inside the jail set the mountpoint to whatever you need zfs set mountpoint=/mypath dataset (you can force mount with zfs mount dataset inside the jail)

Multiple datasets are only supported under a single dataset tree, so once you jail a dataset into a jail you can create as many datasets as you want inside the jail.

Let me know if this makes sense.

Cheers

Peter  

On Sat, Sep 5, 2015 at 2:47 AM, Johan Hendriks <joh.he...@gmail.com> wrote:

Can you give me some example how to mount a zfs dataset within iocage.
Some things are unclear to me!
Also can I mount multiple datasets?

thanks again

regards
Johan

Op 04/09/15 om 01:13 schreef Peter Toth:

[Peter Toth]

This is most likely two issues, zfs dataset jailing works fine for me after reboot, I can confirm the dataset is not auto mounted tho - will be fixing this.

Do you have multiple pools?

On Sat, Sep 5, 2015 at 9:48 AM, Johan Hendriks <joh.he...@gmail.com> wrote:

Thank you, all looks fine except after a reboot of the host.

The only thing that is not working is after a restart of the whole machine.
The server comes up, the jails are started only the zfs dataset is not mounted. I need to go inside the jail and give it a zfs mount -a, after that the zfs dataset is mounted.
So if the server comes up after a reboot and I go into the jail with iocage console UUID I see the following
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount
zroot/iocage/jails/f6d5ba16-5356-11e5-8414-00215aa4de05/root  /
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount -a
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount
zroot/iocage/jails/f6d5ba16-5356-11e5-8414-00215aa4de05/root  /
zroot/owncloud-data             /usr/local/owncloud-data
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ #

If I stop the jail and start it again, the dataset is mounted, so this is only happening after a full reboot of the host.

One more question !
Do I need to set jailed=on for the zfs dataset ? 


Another thing I noticed, but I do not know if it was not there with the 1.7.3 version is that there is no output after the create command.

root@node3:/usr/ports/sysutils/iocage # iocage create tag=owncloud.mytest.domain ipv4_addr="bge0:192.168.1.115"
root@node3:/usr/ports/sysutils/iocage #

I could remember that I saw all the jail properties when I created my first jail.

And  I noticed  that with the command above I did have a typo in my network settings. I typed ipv4_addr= instead of ip4_addr and I used the : instead of | between the interface and the address.  iocage did not tell me the property ipv4 does not excists. also it let me use the wrong syntax.  It would have been nice if I got an error message at least for the not valid property.

Here are the steps I did.


root@node3:/usr/ports/sysutils/iocage # zfs create zroot/owncloud-data
root@node3:/usr/ports/sysutils/iocage # zfs set jailed=on zroot/owncloud-data
root@node3:/usr/ports/sysutils/iocage # zfs set compression=lz4 zroot/owncloud-data
root@node3:/usr/ports/sysutils/iocage # iocage create tag=owncloud.mytest.domain ip4_addr="bge0|192.168.1.115"
root@node3:/usr/ports/sysutils/iocage # iocage list
JID   UUID                                  BOOT  STATE  TAG
1     383dc096-51c9-11e5-b0fc-00215aa4de05  on    up     poudriere.mytest.domain
-     f6d5ba16-5356-11e5-8414-00215aa4de05  off   down   owncloud.mytest.domain
root@node3:/usr/ports/sysutils/iocage # iocage set jail_zfs=on f6
root@node3:/usr/ports/sysutils/iocage # iocage set jail_zfs_dataset=zroot/owncloud-data f6
root@node3:/usr/ports/sysutils/iocage # iocage start f6
* Starting f6d5ba16-5356-11e5-8414-00215aa4de05 (owncloud.mytest.domain)
  + Started (shared IP mode) OK
  + Starting services        OK
root@node3:/usr/ports/sysutils/iocage # iocage console f6
FreeBSD 10.2-RELEASE (GENERIC) #0 r286666: Wed Aug 12 15:26:37 UTC 2015

Welcome to FreeBSD!

Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories:   https://www.FreeBSD.org/security/
FreeBSD Handbook:      https://www.FreeBSD.org/handbook/
FreeBSD FAQ:           https://www.FreeBSD.org/faq/
Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/
FreeBSD Forums:        https://forums.FreeBSD.org/

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

Edit /etc/motd to change this login announcement.
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs list
NAME                  USED  AVAIL  REFER  MOUNTPOINT
zroot                4.51G  65.2G    96K  /zroot
zroot/owncloud-data    96K  65.2G    96K  /zroot/owncloud-data
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # mkdir /usr/local/owncloud-data
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs set mountpoint=/usr/local/owncloud-data zroot/owncloud-data
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount
zroot/iocage/jails/f6d5ba16-5356-11e5-8414-00215aa4de05/root  /
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount -a
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ # zfs mount
zroot/iocage/jails/f6d5ba16-5356-11e5-8414-00215aa4de05/root  /
zroot/owncloud-data             /usr/local/owncloud-data
root@f6d5ba16-5356-11e5-8414-00215aa4de05:~ #


Thanks again for your time.

Op 04/09/15 om 22:23 schreef Peter Toth: