Poudriere in a jail

Home

About
- FreeBSD Docs Committer and host of the TechSNAP, 2.5 Admins, and BSD Now podcasts.
On the Web
On IRC
- GeekShed: Allan
- Libera.Chat: AllanJude
- EFNet: AllanJude

2013-10-05

This short tutorial will walk through the steps of creating a poudriere build environment inside a jail.

This tutorial is for FreeBSD 9.2, earlier versions have a less complete /etc/rc.d/jail script, and will require setting some of the jail parameters with sysctl instead

First, since I prefer to use ezjail, you'll need that

make -C /usr/ports/sysutils/ezjail all install clean

Then we can configure ezjail to use ZFS

$EDITOR /usr/local/etc/ezjail.conf

ezjail_use_zfs="YES"
ezjail_use_zfs_for_jails="YES"
ezjail_jailzfs="poolname/ezjail"    #Whatever you prefer

In order to operate, ezjail requires a 'basejail', an install of FreeBSD. A copy of the ports tree is also useful

ezjail-admin install -r 9.2-RELEASE -p

Then, we'll freebsd-update and portsnap to the latest version

ezjail-admin update -up

Now we can create our jail, I use the special ezjail shorthand nic|ip to make ezjail automatically bind the alias IP to my interface, rather than having to statically configure the IPs, forgetting one, and having the jail not start properly at boot

ezjail-admin create poudriere.scaleengine.net 'em0|10.1.1.227'

Next, we need to create the ZFS dataset that we will delegate to the jail

zfs create -o jailed=on poolname/p

Poudriere also requires some kernel modules

kldload linux
kldload linprocfs

With the jailed dataset, we'll need the jail to bring the filesystem online

$EDITOR /usr/jails/poudriere.scaleengine.net/etc/rc.conf

zfs_enable="YES"

Now, we need to make some configuration changes to the jail so it will jail this dataset at startup, and allow the required operations to take place inside the jail

$EDITOR /usr/local/etc/ezjail/poudriere.scaleengine.net

export jail_poudriere_scaleengine_net_zfs_datasets="poolname/p"
export jail_poudriere_scaleengine_net_parameters="enforce_statfs=0 allow.mount=1 allow.mount.zfs=1 allow.mount.procfs=1 allow.mount.devfs=1"

Start the jail and get a shell in it

ezjail-admin start poudriere.scaleengine.net
ezjail-admin console poudriere.scaleengine.net

Now, inside the jail we can install poudriere

make -C /usr/jail/ports-mgmt/poudriere all install clean

Now you can just follow the instructions from BSD Now Episode #002

Allan Jude

Unix Sys Admin and Scalability Expert

About

On the Web

On IRC

Poudriere in a jail

Publications

Talks