Poudriere in a jail


This short tutorial will walk through the steps of creating a poudriere build environment inside a jail.

This tutorial is for FreeBSD 9.2, earlier versions have a less complete /etc/rc.d/jail script, and will require setting some of the jail parameters with sysctl instead

First, since I prefer to use ezjail, you'll need that

make -C /usr/ports/sysutils/ezjail all install clean

Then we can configure ezjail to use ZFS

$EDITOR /usr/local/etc/ezjail.conf

ezjail_jailzfs="poolname/ezjail"    #Whatever you prefer

In order to operate, ezjail requires a 'basejail', an install of FreeBSD. A copy of the ports tree is also useful

ezjail-admin install -r 9.2-RELEASE -p

Then, we'll freebsd-update and portsnap to the latest version

ezjail-admin update -up

Now we can create our jail, I use the special ezjail shorthand nic|ip to make ezjail automatically bind the alias IP to my interface, rather than having to statically configure the IPs, forgetting one, and having the jail not start properly at boot

ezjail-admin create poudriere.scaleengine.net 'em0|'

Next, we need to create the ZFS dataset that we will delegate to the jail

zfs create -o jailed=on poolname/p

Poudriere also requires some kernel modules

kldload linux
kldload linprocfs

With the jailed dataset, we'll need the jail to bring the filesystem online

$EDITOR /usr/jails/poudriere.scaleengine.net/etc/rc.conf


Now, we need to make some configuration changes to the jail so it will jail this dataset at startup, and allow the required operations to take place inside the jail

$EDITOR /usr/local/etc/ezjail/poudriere.scaleengine.net

export jail_poudriere_scaleengine_net_zfs_datasets="poolname/p"
export jail_poudriere_scaleengine_net_parameters="enforce_statfs=0 allow.mount=1 allow.mount.zfs=1 allow.mount.procfs=1 allow.mount.devfs=1"

Start the jail and get a shell in it

ezjail-admin start poudriere.scaleengine.net
ezjail-admin console poudriere.scaleengine.net

Now, inside the jail we can install poudriere

make -C /usr/jail/ports-mgmt/poudriere all install clean

Now you can just follow the instructions from BSD Now Episode #002