sudo issue

[krzysztofantczak]

Hi,

Please take a look at this cli output. First cbsd jimport was issued using "sudo" and "sh". Second one, was issued directly. Please compare IP addr which was set and selected (by cbsd) interfaces. The one with sudo is invalid here.

root@fe-fra1-do:~ # jls
   JID  IP Address      Hostname                      Path

root@fe-fra1-do:~ # /usr/local/bin/sudo -H sh -c '/usr/local/bin/cbsd jimport jname=/root/nginx.img newjname=nginx newip=172.23.0.4; /usr/local/bin/cbsd jstart jname=nginx;'
IP sets to: 172.23.0.4
NIC automatically selected: vtnet0
Starting jail: nginx, parallel timeout=5
nginx: created
Setting hostname: nginx.salva.sys.

Sun Apr 17 10:06:00 UTC 2016
root@fe-fra1-do:~ # jls
   JID  IP Address      Hostname                      Path
     3  172.23.0.2      foo1.salva.sys                /usr/jails/jails/foo1
     9  172.16.0.7      nginx.salva.sys               /usr/jails/jails/nginx

root@fe-fra1-do:~ # /usr/local/bin/cbsd jimport jname=/root/nginx.img newjname=nginx2 newip=172.23.0.5; /usr/local/bin/cbsd jstart jname=nginx2;
IP sets to: 172.23.0.5
NIC automatically selected: vlan0
Starting jail: nginx2, parallel timeout=5
nginx2: created
Setting hostname: nginx2.salva.sys.

Sun Apr 17 10:06:57 UTC 2016
root@fe-fra1-do:~ # jls
   JID  IP Address      Hostname                      Path
     3  172.23.0.2      foo1.salva.sys                /usr/jails/jails/foo1
     9  172.16.0.7      nginx.salva.sys               /usr/jails/jails/nginx
    10  172.23.0.5      nginx2.salva.sys              /usr/jails/jails/nginx2
root@fe-fra1-do:~ #

Can i get any hint on how can i make this work?

(cbsd-10.3.0)

[olevole]

Interesting. Do I understand correctly that the wrong ip in the first case - IP of image? Can you show

cbsd imgpart mode=extract part=rcconf jname=/root/nginx.img |grep ^ip

[olevole]

BTW, (this is not solution of your problem, just FYI). If you use ZFS-based system and prepare image as original for the newly created jail, you may be interested to use zfs_snapsrc params in jcreate / jconstruct-tui. , because, in contrast to jimport (with full copyinf of data) this operation is momentary: for example lets nginxsrc jail become to origin for any other new jail:

% cbsd jset ip4_addr=0 jname=nginxsrc  ;   (don't use any IP)
% cbsd jset astart=0 jname=nginxsrc  ;   ( no autostart )
% cbsd jsnapshot jname=nginxsrc mode=create snapname=20160419 ; ( create new snapshot with random name, e.g form of date as version )
% cbsd jsnapshot jname=nginxsrc mode=list
JNAME     SNAPNAME           CREATION           USED
nginxsrc  20160419  2016-04-19__01:25  0

% zfs list -t snapshot (we need full ZFS snapshot name for zfs_snapsrc params):
NAME                              USED  AVAIL  REFER  MOUNTPOINT
**zmirror/jails/nginxsrc@20160419**      0      -  64,3M  -

Now all what you want - create template of new jail for jcreate with follow dynamic variable:

1. ip4_addr (new ip address)
2. zfs_snapsrc ( source snapshot - maybe you will update periodically source jail with fresh software )
3. jname
4. host_hostname
5. path
6. mount_fstab
7. data
8. rcconf
9. ver and arch according to your system.

So, sample jcreate.conf ( e.g: /tmp/test1.jconf ):

# DO NOT EDIT THIS FILE. PLEASE USE INSTEAD:
# cbsd jconfig jname=nginx2
jname="nginx2";
path="/usr/jails/jails/nginx2";
host_hostname="nginx2.my.domain";
ip4_addr="172.23.0.5";
mount_devfs="1";
allow_mount="1";
allow_devfs="1";
allow_nullfs="1";
mount_fstab="/usr/jails/jails-fstab/fstab.nginx2";
arch="amd64";
mkhostsfile="1";
devfs_ruleset="4";
ver="11";
basename="";
baserw="0";
mount_src="0";
mount_obj="0";
mount_kernel="0";
mount_ports="1";
astart="1";
data="/usr/jails/jails-data/nginx2-data";
vnet="0";
applytpl="1";
mdsize="0";
rcconf="/usr/jails/jails-rcconf/rc.conf_nginx2";
floatresolv="1";
zfs_snapsrc="zmirror/jails/nginxsrc@20160419";

exec_poststart="0";
exec_poststop="";
exec_prestart="0";
exec_prestop="0";

exec_master_poststart="0";
exec_master_poststop="0";
exec_master_prestart="0";
exec_master_prestop="0";
pkg_bootstrap="1";
interface="auto"
jailskeldir="/usr/jails/share/FreeBSD-jail-skel"
jail_profile="default"
exec_start="/bin/sh /etc/rc"
exec_stop="/bin/sh /etc/rc.shutdown"
emulator="jail"

Use jcreate to create new jail via ZFS clone:

% cbsd jcreate jconf=/tmp/jail1.jconf

PS: if you use alternative workdir, some path need for correct. The best way to get template for jcreate - use cbsd jconstruct-tui, enter zfs_snapsrc params and answer 'no' on "Do you want to create jail immediately?" question - you get jconf sample for jcreate command.

PS2: keep in mind that the original snapshot can not be removed if there is created on the basis of its container.

[krzysztofantczak]

Hey,

Ok, i can confirm now, that this IP is original IP it had before exporting. I'm hitting this issue again today. Would it be possible to remove IP on the fly while exporting? With some additional export param perhaps? I understand that sometimes keeping the same IP is required. Or hmm, on import when newip was passed it should force it?

Those ZFS features are really cool, didn't knew about them, thank You, but above problem remains, because my current use case involves .img files which are transported thru CDN.

[olevole]

Looks like it was logical error, sets of newip must be on this place: https://github.com/olevole/cbsd/blob/master/jailctl/jimport#L152

Can you test this? Just get last modification from jimport and apply it:

% fetch --no-verify-peer -o /usr/local/cbsd/jailctl/jimport https://raw.githubusercontent.com/olevole/cbsd/master/jailctl/jimport
% chmod +x /usr/local/cbsd/jailctl/jimport
% cbsd initenv

[krzysztofantczak]

For now, it seems it works fine. But i'm hitting another issue, hehe. How can i change jail hostname while importing from image? Like, i'm using some generic images (with nginx or php setup), and it seems the only way to do that now is to jimport + jrename (old=jail1 new=jail1_tmp + new hostname) + jrename (old=jail1_tmp new=jail1 - no way to change hostname without changing name, as it seems).

Btw. i think by default it should change jail FQDN to newJailName.current_host_hostname.

[olevole]

Agreed with you about FQDN. I've rename newjname and newip to more relevant new_jname and new_ip4_addr and add optional new_host_hostname params:

olevole@bb66086

Most likely this is what you need within this issue ;)

% cbsd jimport jname=/usr/jails/export/nginxsrc.img new_ip4_addr=0 new_jname=temp
IP sets to: 0
Hostname sets to: temp.my.domain

% cbsd jls display=jname,ip4_addr,host_hostname
JNAME        IP4_ADDR         HOST_HOSTNAME
..
temp         0                temp.my.domain

[olevole]

feedback timeout, close