summaryrefslogtreecommitdiff
path: root/man7/ezjail.7
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2011-01-22 17:11:05 +0000
committererdgeist <erdgeist@erdgeist.org>2011-01-22 17:11:05 +0000
commitd9ba6ce81145a787852ed08a2b84288eadd04282 (patch)
tree8de0104736b2a681e4cb4146ae0208f03f5dcc32 /man7/ezjail.7
parent48b7585e0cd3a7d89cf1bc30f8bac91974d735db (diff)
Some clarifications to basic concepts of ezjail
Diffstat (limited to 'man7/ezjail.7')
-rw-r--r--man7/ezjail.744
1 files changed, 22 insertions, 22 deletions
diff --git a/man7/ezjail.7 b/man7/ezjail.7
index 95fde42..0e87bf5 100644
--- a/man7/ezjail.7
+++ b/man7/ezjail.7
@@ -7,7 +7,7 @@
7.Sh SYNOPSIS 7.Sh SYNOPSIS
8.Nm ezjail-admin Ar command arguments... 8.Nm ezjail-admin Ar command arguments...
9.Sh OVERVIEW 9.Sh OVERVIEW
10The ezjail commands provides a simple way to create multiple jails 10The ezjail commands provide a simple way to create multiple jails
11using FreeBSD's jail system. It simplifies jail administration effort 11using FreeBSD's jail system. It simplifies jail administration effort
12and minimizes jail system resource usage. 12and minimizes jail system resource usage.
13.Pp 13.Pp
@@ -30,14 +30,14 @@ the world. This eats disk space, inodes, and more importantly,
30prevents the sharing of binaries images between jails, thus increasing 30prevents the sharing of binaries images between jails, thus increasing
31the memory pressure on the host system. In addition, this causes a 31the memory pressure on the host system. In addition, this causes a
32major administration headache when comes the time to update the host 32major administration headache when comes the time to update the host
33system, as each jail need to be updated independently. 33system, as each jail needs to be updated independently.
34.Pp 34.Pp
35Ezjail addresses these problems by creating a single basejail (a read-only 35Ezjail addresses these problems by creating a single basejail (a read-only
36.Xr nullfs 4 ) 36.Xr nullfs 4
37populated with the same running binaries as the host system and them 37mounted directory) populated with the same binaries as the host
38shares that basejail with all the other service jails created by 38system which is then shared across all the other service jails created
39ezjail. Is is possible to update the base jail (and thus all the 39by ezjail. Is is possible to update the base jail (and thus all the jails) in
40jails) in a single ezjail command. 40a single ezjail command.
41.Pp 41.Pp
42Typical usage of jails include separation of services, creating test 42Typical usage of jails include separation of services, creating test
43environments, consolidation of different services on a single physical 43environments, consolidation of different services on a single physical
@@ -50,31 +50,31 @@ jails, archive, restore, delete and update jails, open a jail console,
50and list the status of all the jails. See below for example usage, and 50and list the status of all the jails. See below for example usage, and
51refer to its man page for complete usage details. 51refer to its man page for complete usage details.
52.Pp 52.Pp
53The configuration is done in the 53Ezjail reads its configuration from its
54.Xr ezjail.conf 5 54.Xr ezjail.conf 5 .
55file, which see. It will not be necessary to edit this file for most 55Normally it will not be necessary to edit this file, as some sane defaults
56users. A sample file is installed as 56are provided. A sample configuration is installed as
57.Pa EZJAIL_PREFIX/etc/ezjail.conf . 57.Pa EZJAIL_PREFIX/etc/ezjail.conf.sample .
58.Pp 58.Pp
59A rc script is also installed to allow the ezjail to be started 59A script is also installed as
60at boot time, as 60.Pa ezjail.sh
61.Pa ezjail.sh . 61in the rc.d system to allow jails under ezjails control to be started at boot
62It is enabled by setting the 62time, given ezjail is enabled by setting the
63.Xr rc.conf 5 63.Xr rc.conf 5
64variable 64variable
65.Dq Li $ezjail_enable 65.Dq Li $ezjail_enable
66to 66to
67.Dq Li YES . 67.Dq Li YES .
68.Sh WHAT'S IN A JAIL 68.Sh WHAT'S IN A JAIL
69.Ss The Life of an Ezjail Installation 69.Ss The life of an ezjail installation
70The base jail is first created by running 70The base jail is first created by running
71.Nm Cm update 71.Nm Cm update
72or 72or
73.Nm Cm install . 73.Nm Cm install .
74Example usage of this command is section 74Example usage of this command is section
75.Sx EXAMPLES . 75.Sx EXAMPLES .
76This will create the base jail, setup a template jail used when 76This will create the base jail, setup a template jail used to
77setting up new jails, install an example flavour (see below), 77setting up new jails, install an example flavour (see below) and
78configure miscellaneous things. 78configure miscellaneous things.
79.Pp 79.Pp
80This step is necessary before using the ezjail system. In particular, 80This step is necessary before using the ezjail system. In particular,
@@ -83,9 +83,9 @@ jail in advance.
83.Pp 83.Pp
84Once the base jail has been created, new jails may be created with 84Once the base jail has been created, new jails may be created with
85.Nm Cm create . 85.Nm Cm create .
86A new jail is defined by its name and its IP address (or addresses). 86A new jail is defined by its name and can have one or multiple IP
87Creating a new jail involves copying the template jail to the new 87addresses. Creating a new jail involves copying the template jail to the
88location, configuring 88new location, configuring
89.Xr nullfs 4 89.Xr nullfs 4
90mounts for giving access to the base jail, and little more. A jail 90mounts for giving access to the base jail, and little more. A jail
91that has just be created occupies about 2MB of disk space ; when 91that has just be created occupies about 2MB of disk space ; when