To follow is a complete set of instructions to update the ZFS based Jails we previously created.
It is in one section.
* Upgrading the Multi-Jail Infrastructure [instead of HB-15.5.3]
These instructions have been updated in:
-
https://www.amazon.com/FreeBSD-v10-J.../dp/099719460X
As noted in earlier, I had problems when following the instructions in the Handbook (15.5.1,2&3). I liked the way the Handbook structured the Jails but some steps are missing. The same applies to this section. (mostly about Mergemaster)
I have performed this update about 3 times in the past few months.
Code:
Instructions for v10 UPDATING a Multi-FreeBSD-JAIL configuration.
Thanks in part to: http://srobb.net/nullfsjail.html and the FBSD Handbook
ASSUMPTIONS:
* FreeBSD v10.x
* BuildWorld on Host is complete (because the Jails are using same kernel as host) (Handbook 24.5; 24.6)
* Host is ZFS based filesystem
* cpdup is installed
UPDATING A MULTI-JAIL INFRASTRUCTURE
= First, create a directory structure for the read-only file system which will
contain the FreeBSD binaries for the jails. Then, change directory to the FreeBSD
source tree and install the read-only file system to the jail template:
Log into Jail Host
# su - root
# setenv D /jpool/jails/j
# zfs create jpool/jails/j/mroot2
# mkdir -p $D/mroot2
# cd /usr/src
# make installworld DESTDIR=$D/mroot2
# make distribution DESTDIR=$D/mroot2
= Next, prepare a FreeBSD Ports Collection for the jails as well as a FreeBSD source
tree, which is required for mergemaster:
# cd $D/mroot2
# cpdup /usr/src $D/mroot2/usr/src
= Create a skeleton for the read-write portion of the system:
{Of course use your own date: skel.YYYYMMDD on the backup of old "skel"}
# zfs rename jpool/jails/j/skel jpool/jails/j/skel.20141120
# zfs create jpool/jails/j/skel
# mkdir $D/skel/home $D/skel/usr-X11R6 $D/skel/distfiles
# mv etc $D/skel
# mv usr/local $D/skel/usr-local
# mv tmp $D/skel
# mv var $D/skel
# mv root $D/skel
= Prepare /etc/rc.conf in each new Jail for basics
# cp -p $D/skel.20141120/etc/rc.conf $D/skel/etc
# cp -p $D/skel.20141120/etc/make.conf $D/skel/etc
# cp -p $D/skel.20141120/etc/resolv.conf $D/skel/etc
= Use mergemaster to install missing configuration files. Then, remove the extra
directories that mergemaster creates:
# mergemaster -t $D/skel/var/tmp/temproot -D $D/skel -i #(CHOOSE DEFAULTS)
# cd $D/skel
# rm -R bin boot lib libexec mnt proc rescue sbin sys usr dev
= Now, symlink the read-write file system to the read-only file system.
Ensure that the symlinks are created in the correct /s/ locations as the
creation of directories in the wrong locations will cause the installation to fail.
# cd $D/mroot2
# mkdir s
# ln -s /s/etc etc
# ln -s /s/home home
# ln -s /s/root root
# ln -s /s/usr-local usr/local
# ln -s /s/usr-X11R6 usr/X11R6
# ln -s /s/tmp tmp
# ln -s /s/var var
= Now stop all running jails. Update Ports. Backup old mroot. Install new mroot.
# service jail stop
NOTE: make sure all jail mounts are unmounted.
# mv $D/mroot/usr/ports $D/mroot2/usr
# portsnap -p $D/mroot2/usr/ports fetch update
{Of course use your own date: mroot.YYYYMMDD}
# cd $D
# zfs rename jpool/jails/j/mroot jpool/jails/j/mroot.20141120
# zfs rename jpool/jails/j/mroot2 jpool/jails/j/mroot
# exit
Reboot the Host
= Adding temproot to each existing jail {just hold enter key to leave everything for later}
Log into Jail Host
# su - root
# mergemaster -t /jpool/jails/js/www/var/tmp/temproot -D /tmp/ignore
# mergemaster -t /jpool/jails/js/dns/var/tmp/temproot -D /tmp/ignore
# mergemaster -t /jpool/jails/js/mail/var/tmp/temproot -D /tmp/ignore
= TESTING
Use jls to check if the jails started correctly.
ssh into the jails (or jexec JID tcsh)
Run "mergemaster -r" as root in each jail to update the configuration files.
( answer all with "i" )