Poudriere in a jail: Difference between revisions
From TykWiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 3: | Line 3: | ||
* Create a ZFS dataset for the jail | * Create a ZFS dataset for the jail | ||
<pre> | <pre> | ||
$ sudo zfs create -o jailed=on | $ sudo zfs create -o jailed=on tyktank/poudriere | ||
</pre> | </pre> | ||
* Change settings in ezjail config | * Change settings in ezjail config | ||
<pre> | <pre> | ||
export jail_poudriere_tyknet_dk_zfs_datasets="tyktank/poudriere" | |||
export jail_poudriere_tyknet_dk_parameters="children.max=100 allow.mount allow.mount.tmpfs allow.mount.devfs allow.mount.procfs allow.mount.zfs allow.mount.nullfs allow.raw_sockets allow.socket_af allow.sysvipc allow.chflags enforce_statfs=1 ip6=inherit ip4=inherit" | export jail_poudriere_tyknet_dk_parameters="children.max=100 allow.mount allow.mount.tmpfs allow.mount.devfs allow.mount.procfs allow.mount.zfs allow.mount.nullfs allow.raw_sockets allow.socket_af allow.sysvipc allow.chflags enforce_statfs=1 ip6=inherit ip4=inherit" | ||
</pre> | </pre> |
Revision as of 11:03, 3 August 2016
- Create a normal ezjail
- Create a ZFS dataset for the jail
$ sudo zfs create -o jailed=on tyktank/poudriere
- Change settings in ezjail config
export jail_poudriere_tyknet_dk_zfs_datasets="tyktank/poudriere" export jail_poudriere_tyknet_dk_parameters="children.max=100 allow.mount allow.mount.tmpfs allow.mount.devfs allow.mount.procfs allow.mount.zfs allow.mount.nullfs allow.raw_sockets allow.socket_af allow.sysvipc allow.chflags enforce_statfs=1 ip6=inherit ip4=inherit"
- Add needed kld modules to rc.conf (and load them manually)
kld_list="zfs aesni geom_mirror tmpfs linux linprocfs nullfs procfs fdescfs"
- Install needed ports
$ sudo portmaster www/nginx ports-mgmt/poudriere