Hello,
I am looking for some feedback to improve my current setup/flow.
What I have:
* home server, with 12.1R with ZFS
* a few jails that I manage with iocage (have a template that I clone to create new)
* I build world and kernel from source from now and then, following handbook steps, however I don't have a specific need to build it myself (at the moment i change just the IDENT). Basically I followed some instructions how to enable VNET through custom kernel, which I learned later that it's enabled in 12.x
* `/etc/freebsd-update.conf` - `Components world`
* I don't mind waiting for build world, I use -j11 and it takes ~40min + ~10min for the kernel
What I want:
* use the same server as home ZFS storage/NAS and a development machine (multiple jails)
* by development I mean create new jails as independent as possible so that I can experiment (I use ansible to provision new jails) with dbs, servers, etc.
* ideally I could even configure firewall rules for each jails, my understanding VNET helps with this, but I have not tried it yet
The main question is related to maintaining the system (both host and jails) up to date. Once I update (from sources) the host, what's the best way to update jails?
My current flow is:
* update host
** `beadm create xyz`
** `svnlite update /usr/src`, build world and kernel, install, reboot, merge etc..
* update jails
** `freebsd-update -b /z/iocage/jails/test/root fetch install`
But I am not sure if I am missing anything or I may get into problems in future. e.g. custom kernel may impact jail somehow.
A few options I was thinking
* go back to binary updates only (both system and kernel) - if yes, I want to avoid reinstalling everything
* go back to binary update (keeping custom kernel)
Any input is welcome. Thank you in advance.
I am looking for some feedback to improve my current setup/flow.
What I have:
* home server, with 12.1R with ZFS
* a few jails that I manage with iocage (have a template that I clone to create new)
* I build world and kernel from source from now and then, following handbook steps, however I don't have a specific need to build it myself (at the moment i change just the IDENT). Basically I followed some instructions how to enable VNET through custom kernel, which I learned later that it's enabled in 12.x
* `/etc/freebsd-update.conf` - `Components world`
* I don't mind waiting for build world, I use -j11 and it takes ~40min + ~10min for the kernel
What I want:
* use the same server as home ZFS storage/NAS and a development machine (multiple jails)
* by development I mean create new jails as independent as possible so that I can experiment (I use ansible to provision new jails) with dbs, servers, etc.
* ideally I could even configure firewall rules for each jails, my understanding VNET helps with this, but I have not tried it yet
The main question is related to maintaining the system (both host and jails) up to date. Once I update (from sources) the host, what's the best way to update jails?
My current flow is:
* update host
** `beadm create xyz`
** `svnlite update /usr/src`, build world and kernel, install, reboot, merge etc..
* update jails
** `freebsd-update -b /z/iocage/jails/test/root fetch install`
But I am not sure if I am missing anything or I may get into problems in future. e.g. custom kernel may impact jail somehow.
A few options I was thinking
* go back to binary updates only (both system and kernel) - if yes, I want to avoid reinstalling everything
* go back to binary update (keeping custom kernel)
Any input is welcome. Thank you in advance.
. Updating multiple jails (thick jails) or VMs I was hoping to do using Ansible.