|vnet||Jadm use bridge interface with epair interfaces, also jid is used for epair interface number. Bridge interface should contain at leas one ip address which will be used for vnet-jail gateway. We can use multiple (alias) ip addresses from different networks.|
|ip address from host system|
|Can be used any already assigned ip address of system interfaces|
|BASE (skeleton model)|
When we need BASE skeleton model, first we should create jail called BASE with jadm create command. When BASE jail is created jadm will create 3 different zfs folders.
This folder content jail base files which will be used for all BASE-jails. Mounted under / inside BASE-jail with (RO), only jail with name BASE-update is mounted with (RW).
Can be installed via (BSD, SRC or Template)
To update BASE and all BASE- jails, create jail called BASE-update which will have BASE (RW) mounted or /etc/fstab can be changed for any BASE-jail.
When create new jail enter only a jail name, if (skel) install source is used jadm will add BASE- automatically in the name.
|Normal jails are regular jail which can be installed via BSD - bsd installer, SRC - builded/pre-builded freebsd /usr/src or templates.|
Every existing jail can be used as template. Vnet jail cannot be used as a template for NoVnet jail and vice versa. Jadm will create the new jail from the same type (BASE or normal)
When template is used jadm create zfs snapshot and send/restore it to new jail home. This require additional free space but we avoid zfs clone dependency. Also jadm copy all jail local settings from the template jail.
Every jail created with jadm can be managed and with freebsd native tools.
Please do not change comments # in jail.conf if is used by jadm. |
(This is jadm settings section please do not edit it manually if you dont know what to do)
(Jadm generate random mac address for each new epairb interface on each jail start. ifconfig create dont know (but FreeBSD kernel know) mac addresses for previously created epairb interfaces after we move them in vnet - network stack.)
(Those settings apply to all jails)
(This is BASE jail - do not change)
### local settings ###
options VIMAGE in FreeBSD custom kernel already existing bridge interface with ip address you can use multiple ips which are used for jails gateways for different network
initsetup select existing bridge interface as default and jails home zfs (zpool should exist) setup change bridge interface (if you change it please change and jails gatways/ip via modify option) and default jail home zfs (jadm will rename all jails home path to new zfs home) create
Jail Name:> this name will be used also and for jail zfs home
Hostname:> jail hostname example: jail.local.lan
Jail ID:> will be used and for jail epair inteface number (vnet / bridge interface conection)
Vnet support (y):> if (y) is selected jail will be created with vnet support.
Gateway number:> if is (vnet) bridge interfaces assigned ip addresses which are used for jail default gateway and jail network, just select a number.
Jail IP Address:> if is (vnet) jail ip address should be from them same network with gateway ip, network mask will be added automatically, if is not (vnet) you can enter any valid ip address from the host system.
Jail ZFS Quota (M)egabytes, (G)igabytes, (none) for unlimited:> enter zfs quota for jail or use none (or leave it empty) if quota is not needed example: 10G
install source:> jadm will ask how to install new jail
(template) use existing jail like a template - (vnet) jaill cannot be used as (novnet) jail and vice versa. All jail local settings will be copyed to new jail
(bsd) use bdsinstaller which is similiar to new freebsd instalation. During this process bsdinstaller will use internet to donwload FreeBSD pkgs
(src) jadm will build jail environment from FreeBSD sources /usr/src. You can make new buildworld or you can use already builded. Ony bsd system envoirment will be installed evrething else shold be installed manualy (like /usr/ports and etc.)
(skel) jail skeleton model BASE jails
After all required data is entered jadm will show summarise config and will ask for confirmation (y/n) In this stage jadm will create zfs path for your jail if this zfs path already exist jadm will ask how to proceed (recreate) will destroy zfs path and existing data and will create new one with same name
(use) will use existing zfs path (jail environment) and will complete installation
After jail installation, jadm will execute post install function with default settings for jail /etc/rc.conf and /etc/resolv.conf
modify modify existing jail (name, hostname, jid, gateway, ip addr and zfs quota) destroy remove jail config from /etc/jail.conf and destroy jail zfs data remove remove jail config from /etc/jail.conf but will keep jail zfs data migrate migrate jail from on host to other. Jadm will migrate jail config via his own client/server. Jail zfs will be migrated via ssh.
1. server/client comunicate with jadm socket server (AES encrypted)
- password for AES encription must be exactly 16 symbols if not jadm will add 0
2. ssh public key for current user must be added to remote user@server:~/.ssh/authorized_keys
- remote user should be able to use (sudo zfs receive), do not use root!
- zfs pool will be transferd via ssh
3. start server on remote machine before client on local
- migrate server (ip address: def *) (port: def 4555) (server password)
- migrate client (remote user@host/ip) (remote port: def 4555) (server password) (jail name/id)
snap Create/Restore from jail zfs snapshot start, stop or reboot jadm will skip all jails which include template in their name shell Enter in jail. Jadm check for shell which is set for jail root user in /etc/passwd and execute jexec jid shell local Jails local settings
For local setting you can use any sysctl jail settings like mount.ftab and etc. Local setting apply only to jail.
global Jails global settings
For global etting you can use any sysctl jail settings like mount.ftab and etc. Global setting apply only to all jails.
gateways List available Jail gateways on the system bridge interface (vnet) list or jls List Jais by name, hostname, ipaddress, gateway, active, inactive (jls - short table) about show jadm version and license agreement help list available commands with "help" or detailed help with "help cmd". verbose by default is off. Show detailed message when jail is started log add custom log messge in /var/log/jadm.log quit or exit exit from jadm
If you find any bugs, or if you experience any crashes, please send report to firstname.lastname@example.org
Nikolay Georgiev Dachev (email@example.com)
|1.0||MAN (8)||09 Sep 2014|