FreeNAS 11 + IOCAGE. How Do I Mount Host Datasets Inside Jails

[pschatz100]

A bit of caution about iocage: it is still under development, and there are some issues yet to be fixed. I had problems with VNET networking that ought to be fixed when the iocage version within FreeNAS is updated. YMMV.

One can still use the legacy FreeNAS jail system, or use a plugin if there is one for the application you want to install. When my issue with iocage has been fixed, I plan to migrate a legacy Plex jail to it.

 

[trentk10]

Really new at all of this, but I followed a link in a different thread to an example of how to install nextcloud 12 in a jail. The example used iocage to manage the jail. I tried this as well and got the same errors listed by others in a different iocage thread.

Would creating a new jail from scratch within freenas, and then installing iocage inside of the the new jail, and then installing the nextcloud jail(or any other desired jail) inside the newly jailed iocage be a viable workaround?

 

[scrappy]

Really new at all of this, but I followed a link in a different thread to an example of how to install nextcloud 12 in a jail. The example used iocage to manage the jail. I tried this as well and got the same errors listed by others in a different iocage thread.

Would creating a new jail from scratch within freenas, and then installing iocage inside of the the new jail, and then installing the nextcloud jail(or any other desired jail) inside the newly jailed iocage be a viable workaround?

Not sure that I can help, but can you post the command you are using and output from said command?

 

[trentk10]

I started out using this guys guide :https://ramsdenj.com/2017/06/05/nextcloud-in-a-jail-on-freebsd.html#security
I tried to create a jail using iocage;
iocage create tag="stratus" jail_zfs=on vnet=off ip4_addr="sge0|172.20.0.100/32" -r 11.0-RELEASE **I changed the parameters to work on my machine, didn't use exactly what is copied and pasted above**
I got the errors listed in this thread:
https://forums.freenas.org/index.php?threads/iocage-broke-in-11-0-u1-u2-cannot-start-jails.56387/

at that point I abandoned using iocage, and started using a different install guide from this forum, and eventually got nextcloud installed and working (until I broke it trying to secure it this morning lol)

 

[scrappy]

I started out using this guys guide :https://ramsdenj.com/2017/06/05/nextcloud-in-a-jail-on-freebsd.html#security
I tried to create a jail using iocage;
iocage create tag="stratus" jail_zfs=on vnet=off ip4_addr="sge0|172.20.0.100/32" -r 11.0-RELEASE **I changed the parameters to work on my machine, didn't use exactly what is copied and pasted above**
I got the errors listed in this thread:
https://forums.freenas.org/index.php?threads/iocage-broke-in-11-0-u1-u2-cannot-start-jails.56387/

at that point I abandoned using iocage, and started using a different install guide from this forum, and eventually got nextcloud installed and working (until I broke it trying to secure it this morning lol)

iocage on FreeNAS has a lot of rough edges to be worked out. I haven't been able to use it myself for at least a month due to the keyerror.

Many iocage issues should hopefully be addressed in the FN-11.1 update. Until then, you may not have much luck with it.

 

[pschatz100]

I had iocage working well for a while, but an update broke it. I would wait for the 11.1 release, when iocage will be updated. In the meantime, you can either install a plugin (if one exists) or use a legacy jail. There is nothing wrong with the legacy jails.

 

[StarkJohan]

My VNET networking has worked just fine until I updated to FreeNAS-11.0-U4 (54848d13b) today. Haven't had time to look into it yet.

More information on my VNET problem: https://github.com/iocage/iocage/issues/385

 

[JoeB]

How can I mount storage to a different location within the jail?
I'm trying to add storage to a jail like the warden jails, e.g.

(Dataset) /mnt/vol1/some/data/location/ -> (inside jail) /mnt/mydata/

 

[pschatz100]

How can I mount storage to a different location within the jail?
I'm trying to add storage to a jail like the warden jails, e.g.

(Dataset) /mnt/vol1/some/data/location/ -> (inside jail) /mnt/mydata/

I have not yet created any iocage jails from the new FreeNAS GUI, so I cannot comment on working through the GUI. If you are managing your iocage jails by hand, here is what you need to know:

Add storage to an iocage jail:

The iocage command has a fstab option that lets you add / edit / remove fstab lines, which are your nullfs mounts into the jail.

# iocage fstab -a <jailname> /the/dir --> That will nullfs mount "/the/dir" into the jail as "/the/dir".
or
# iocage fstab -a <jailname> "/the/source/host/dir /the/dest/dir/in/the/jail nullfs ro 0 0" --> you can replace ro with rw if you want read/write capability for the mounted volumes.

Note: If this doesn't put the mounts where you want them, you can edit the jail's fstab accordingly.

Working with iocage jails is documented reasonably well, just make certain you are using the documentation for the latest version that is included in FreeNAS.

 

[Drew Heath]

I also found the following commands useful:

iocage fstab --list <jailname>

Lists all of the mounts currently assigned to the jail

iocage fstab -r <jailname> <index number>

Removed a mount from the jail, the index number from the first command.

 

[Chronic]

Yeah, so I'm having no luck whatsoever getting mounts working in my iocage jail.
I ran this command to give the jail access to my main pool called HDD (iocage being on a pool called SSD):
iocage fstab -a Jailname "/mnt/HDD /mnt/HDD nullfs rw 0 0"

It mounts it but if I try to browse the mount in the jail I can get one level deep (/mnt/HDD/Storage) and then... nothing. Empty.
The fstab file:
/mnt/HDD /mnt/iocage/jails/Jailname/root/mnt/HDD nullfs rw 0 0

What am I doing wrong?

EDIT: Finally figured it out! I thought I could mount the pool itself but you need to use the actual dataset, in my case Storage. So this was the command that worked for me:
iocage fstab -a Jailname "/mnt/HDD/Storage /mnt/HDD/Storage nullfs rw 0 0"

Another note, I had to create the folders HDD and Storage under mnt in the jail or the jail wouldn't start (jail: mount.fstab: /mnt/iocage/jails/Jailname/root/mnt/HDD/Storage: No such file or directory).

 

[Tsaukpaetra]

Fun fact: When adding through the GUI, it doesn't auto-correct the path like the command line does, so you'll need to type in for the destination something like:

Code:

/mnt/iocage/jails/{jailname}/root/{actual internal mount point}

Also, seems that there is no "rw" option in the GUI yet, so by default it will be "ro" only.