Niels Erik
Dabbler
- Joined
- Aug 9, 2015
- Messages
- 18
I have updated two boxes, same problem.
None of the 10 jails had network connection. (VNET)
Symptoms:
None of the services running inside jails are accessible
Cant ping the jail from the host shell.
Cant ping the host form inside the jail.
Everything looks normal on the surface, epair on the outside is connected to the bridge.
Epair inside jail have the correct ip address.
There is a correct default route inside the jail.
My patience quickly ran out, and I replaced the complete iocage folder (/usr/local/lib/python3.6/site-packages/iocage) with the U4 version..
Now everything works like before..
None of the 10 jails had network connection. (VNET)
Symptoms:
None of the services running inside jails are accessible
Cant ping the jail from the host shell.
Cant ping the host form inside the jail.
Everything looks normal on the surface, epair on the outside is connected to the bridge.
Epair inside jail have the correct ip address.
There is a correct default route inside the jail.
My patience quickly ran out, and I replaced the complete iocage folder (/usr/local/lib/python3.6/site-packages/iocage) with the U4 version..
Now everything works like before..
Code:
diff iocage/lib/ioc_create.py iocage.2.jul.18/lib/ioc_create.py
49,50c49,50
< short=False, basejail=False, empty=False, uuid=None,
< clone=False, exit_on_error=False, callback=None):
---
> short=False, basejail=False, thickjail=False, empty=False,
> uuid=None, clone=False, exit_on_error=False, callback=None):
63a64
> self.thickjail = thickjail
266,268c267,297
< su.Popen(["zfs", "clone", "-p",
< f"{self.pool}/iocage/releases/{self.release}/root@"
< f"{jail_uuid}", jail], stdout=su.PIPE).communicate()
---
> if not self.thickjail:
> su.Popen(["zfs", "clone", "-p",
> f"{self.pool}/iocage/releases/"
> f"{self.release}/root@"
> f"{jail_uuid}",
> jail], stdout=su.PIPE).communicate()
> else:
> try:
> su.Popen(["zfs", "create", "-p", jail],
> stdout=su.PIPE).communicate()
> zfs_send = su.Popen(["zfs", "send",
> f"{self.pool}/iocage/releases/"
> f"{self.release}/root@"
> f"{jail_uuid}"], stdout=su.PIPE)
> su.check_call(["zfs", "receive", "-F", jail],
> stdin=zfs_send.stdout)
> except su.CalledProcessError:
> su.Popen(["zfs", "destroy", "-rf",
> f"{self.pool}/iocage/jails/{jail_uuid}"],
> stdout=su.PIPE).communicate()
> su.Popen(["zfs", "destroy", "-r",
> f"{self.pool}/iocage/releases/"
> f"{self.release}/root@"
> f"{jail_uuid}"],
> stdout=su.PIPE).communicate()
> iocage.lib.ioc_common.logit({
> "level": "EXCEPTION",
> "message": "Can't copy release!"
> }, exit_on_error=self.exit_on_error,
> _callback=self.callback,
> silent=self.silent)
345c374,382
< if not self.clone:
---
> if self.empty:
> open(f"{location}/fstab", "wb").close()
>
> config["release"] = "EMPTY"
> config["cloned_release"] = "EMPTY"
>
> iocjson.json_write(config)
>
> elif not self.clone:
415,420d451
< if self.empty:
< config["release"] = "EMPTY"
< config["cloned_release"] = "EMPTY"
<
< iocjson.json_write(config)
<
469a501
> jail_props["hostid_strict_check"] = "off"
493c525
< srv_connect_cmd = ["drill", f"_http._tcp.{repo}", "SRV"]
---
> srv_connect_cmd = ["drill", "-t", f"{repo} SRV"]
507,508c539,544
< raise RuntimeError(f"{srv_connection}\n"
< f"Command run: {' '.join(srv_connect_cmd)}")
---
> iocage.lib.ioc_common.logit({
> "level": "EXCEPTION",
> "message": "{repo} could not be reached, please check your DNS"
> },
> _callback=self.callback,
> silent=self.silent)
521,522c557,563
< raise RuntimeError(f"{dnssec_connection}\n"
< f"Command run: {' '.join(dnssec_connect_cmd)}")
---
> # Not fatal, they may not be using DNSSEC
> iocage.lib.ioc_common.logit({
> "level": "ERROR",
> "message": "{repo} could not be reached via DNSSEC, check DNS"
> },
> _callback=self.callback,
> silent=self.silent)
