Jail templates

Status
Not open for further replies.
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
I tried searching around the forums and it seems like no one's asked this yet.
Is it possible to create your own custom jail template and using that to create new jails instead of the built-in ".warden-template-*" datasets?

Having this capability would save a lot of time for initial common configurations (like having vim installed on all of them, etc...).
Anyone have tried this?
 
D

dlavigne

Guest
I'll be writing that section in the PC-BSD Handbook later this week and will have a better idea after testing it. It seems reasonable that this would also work with the warden CLI in Shell on FreeNAS.
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
Sweet, I'll be waiting for your good news!
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
I'm surprised there isn't much activity on this thread :confused:.
I would think this is a feature that a lot of people would like. Am I alone here or there are others like me?

Let's see a show of hands!
 
D

dlavigne

Guest
It is probably because the feature is so new. It's only been in PC-BSD for a month or so. I finished doc'ing the GUI version yesterday in the PC-BSD docs but am still testing the CLI version.

If your FreeNAS system is handy, type "warden" inside of a jail and post the version of warden it displays.
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
Hm, I typed "warden" in a jail and it doesn't recognize the command.
I also tried that command in the FreeNAS system itself and had more luck.
It still did not display a version number though, just a bunch of possible commands and none of them looked like it would display the version.

Is there a command switch or something else that I could use to display the version?
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
I see it. It's version 1.3
 
D

dlavigne

Guest
Good, I should have a series of commands for you by Monday then. Though if you are impatient, you can experiment with warden help and the rest of the page in that URL.
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
Haha, Monday is fine with me. It's not quite a matter of national security just yet.
 
D

dlavigne

Guest
OK, this is how it works in PC-BSD. Let us know if it also works from the FreeNAS shell. Refer to http://wiki.pcbsd.org/index.php/Warden®#Using_Template_Manager for more information about the templating system.

warden template create -fbsd 8.2-RELEASE -arch amd64 -nick template1

warden create myjail --ipv4 192.168.1.1 --template template1

warden start myjail

warden chroot myjail

file /bin/sh

Note that running uname within the jail will show the version of the host operating system, not the jail. However, all binaries within the jail should be linked to the architecture and version of the template.
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
Those commands indeed work perfectly. Now here's my next question.
Suppose I've configured a jail to a certain way (has 5 applications installed, default shell changed, 3 users configured).
How do I go about creating a template out of that particular jail so that any future jail created out of that template shares the same characteristics?
 
D

dlavigne

Guest
Method 1: Make a tar.gz archive of the jail. Then, refer to the archive when creating a new jail:

Code:
warden create newjail --ipv4 10.0.0.1 --archive oldjail.tar.gz


Method 2: Export the jail then import it elsewhere:

Code:
warden export jailname --dir/path/to/savecontents
 
warden import /path/to/savecontents/jailname.wdn


Note, when importing, read "warden help import" if you wish to specify a different IP address and/or hostname for the new jail (needed if importing onto the same system).

Isn't warden neat?
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
dlavigne said:
Method 1: Make a tar.gz archive of the jail. Then, refer to the archive when creating a new jail:

Code:
warden create newjail --ipv4 10.0.0.1 --archive oldjail.tar.gz
Click to expand...
By making an archive, do you mean to simply tar the entire jail data set, or is there a specific warden command for it?

dlavigne said:
Method 2: Export the jail then import it elsewhere:

Code:
warden export jailname --dir/path/to/savecontents
 
warden import /path/to/savecontents/jailname.wdn


Note, when importing, read "warden help import" if you wish to specify a different IP address and/or hostname for the new jail (needed if importing onto the same system).

Isn't warden neat?
Click to expand...
That's pretty cool. I suppose, this is probably the route I will follow.
Just out of curiosity, does this mean that custom jails can only be created out of exports and not from templates?
Is it possible to convert a .wdn file into a template and then add that template into the dropdown list on the FreeNAS GUI during jail creation?
 
D

dlavigne

Guest
By making an archive, do you mean to simply tar the entire jail data set, or is there a specific warden command for it?
Click to expand...

Yes, tar the entire dataset. This is useful when the jail is a Linux jail as there is no templating system for that. In that case, use --linuxarchive instead of --archive. Note that FreeNAS does not support Linux jails yet.

Just out of curiosity, does this mean that custom jails can only be created out of exports and not from templates?
Click to expand...

Correct. Templates only grab the default version of the specified RELEASE.

Is it possible to convert a .wdn file into a template and then add that template into the dropdown list on the FreeNAS GUI during jail creation?
Click to expand...

That is a good question for the PC-BSD testing mailing list.
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
Thanks for the speedy and helpful replies!!! I will post that question on the mailing list.
 
fracai

fracai

Guru
Joined
Aug 22, 2012
Messages
1,212
dlavigne said:
Yes, tar the entire dataset. This is useful when the jail is a Linux jail as there is no templating system for that. In that case, use --linuxarchive instead of --archive. Note that FreeNAS does not support Linux jails yet.
Click to expand...
To what degree are Linux jails available in 9.1? I know they were removed from the GUI, but your comment implies that they can be created with warden. Is that all that is required? Does /conf/base/etc/rc.conf need to be edited to load the Linux module? ( see the CrashPlan thread )

Note that FreeNAS does not support Linux jails yet.
Click to expand...
... I really need to work on my reading comprehension...
 
Whattteva

Whattteva

Wizard
Joined
Mar 5, 2013
Messages
1,824
mstrent said:
Did anyone ever figure out how to create a Linux jail in FreeNAS?
Click to expand...
Not sure if it's officially supported yet, but you can use this command:
Code:
warden create jailname --linuxjail scriptname

Obviously substitute jailname with whatever you like to name your jail.
I'm not too sure on which script to use though since I've never done it.

Pretty sure dlavigne can tell you a lot more about this if he's around.

EDIT: Silly me, he says a few posts above that FreeNAS does not yet support Linux jails.
 
M

mstrent

Dabbler
Joined
Oct 11, 2012
Messages
21
Thanks, Whattteva. I looked at going that route but noticed FreeNAS lacks, for instance, debootstrap. So the warden linux install script doesn't work.

I'm hoping to find a method that doesn't involve too much hacking/modifying FreeNAS from stock...
 
Status
Not open for further replies.

Similar threads

S
  • Locked
Deleted Jails dataset, cant fix or find templates
Replies
5
Views
2K
Jurgen Segaert
J
Fish
  • Locked
Default jail templates?
Replies
5
Views
1K
dlavigne
D
pitt1717
  • Locked
How to delete Jail Dataset
Replies
2
Views
4K
m0nkey_
m0nkey_
S
  • Locked
SOLVED Locally host jail templates
Replies
3
Views
2K
Sakuru
Sakuru
jeffprandall
  • Locked
Error: Unable to find template!
Replies
3
Views
2K
zemun2
Z
Top