Renaming a jail
FreeBSD jails are a great tool. Whether you are using them to virtualize
some of your systems (like I am) or to isolate certain processes, they
are flexible enough and reliable enough to use for production.
Recently, I had to retire some old jails and add some new jails. Instead
of just deleting one and creating an new jail, I wanted to rename the existing
jail. I figured this was easier than recompiling all the apps that my jail
would require.
A few notes on this decision:
- My jails are all very similar.
- In this case, I was moving from one version of PostgreSQL to another
- One jail is called pg74 (as in PostgreSQL 7.4)
- I was going to retire pg74 (which does regression tests on Bacula against PostgreSQL 7.4)
and create pg91
Also, I am using ezjail to administer
my jails. This tool is used several times in this article. That said, you will still see
what I’m doing, and if you’re not using ezjail, you’ll be able to do the same thing with
your admin tool[s] of choice.
Removing, but not deleting, the old jail
The first step: stop the old jail.
# /usr/local/etc/rc.d/ezjail stop pg74.example.org Stopping jails: pg74.example.org.
Now, let’s remove the jail from ezjail’s configuration. Note that I could have
skipped the previous step by adding the -f flag to this step:
# ezjail-admin delete pg74_example_org
At this point, the jail is no longer running. However, the files are still present
on disk:
# ls /usr/jails/pg74.example.org/ .cshrc COPYRIGHT bin dev home libexec mnt rescue sbin tmp var .profile basejail boot etc lib media proc root sys usr
Modifying the DNS (optional)
In my case, I wanted to create a new hostname to go with the new jail.
But I was going to use the same IP address.
This is the patch to my DNS zone files.
$ cvs di example.org.db example.org.rev.db Index: example.org.db =================================================================== RCS file: /home/repositories/websites/dns-private/example.org.db,v retrieving revision 1.101 diff -r1.101 example.org.db 5c5 < 2012011700 ; Serial --- > 2012060800 ; Serial 157c157 < pg74 IN A 10.0.0.104 --- > pg91 IN A 10.0.0.104 Index: example.org.rev.db =================================================================== RCS file: /home/repositories/websites/dns-private/example.org.rev.db,v retrieving revision 1.32 diff -r1.32 example.org.rev.db 3c3 < 2011072600 ; Serial --- > 2012060800 ; Serial 33c33 < 104 IN PTR pg74.example.org. --- > 104 IN PTR pg91.example.org.
Making these changes and updating your DNS is outside the scope of this article.
I’m mentioning it here so I remember this step when I need to do this again.
‘Creating’ the ‘new’ jail
In this step, we rename the directory and create the new jail.
First, we rename the directory. Strictly speaking, this is optional. The name
of the directory is not related to the hostname of the jail. But convention dictates
that the jail directory name should reflect the hostname for that jail.
# cd /usr/jails/ # mv -i pg74.example.org pg91.example.org
Now, let’s start the new jail:
# ezjail-admin create -x pg91.example.org 10.0.0.104 Warning: Some services already seem to be listening on IP 10.0.0.104 This may cause some confusion, here they are: root ntpd 1459 27 udp4 10.0.0.104:123 *:* Warning: Some services already seem to be listening on all IP, (including 10.0.0.104) This may cause some confusion, here they are: root ntpd 1459 20 udp4 *:123 *:* root ntpd 1459 21 udp6 *:123 *:*
Starting the new jail
This was easier than I thought. Starting the new jail is simple:
# /usr/local/etc/rc.d/ezjail start pg91.example.org
Then you ssh to it and check the host name:
$ ssh -A pg91 The authenticity of host 'pg91.example.org (10.0.0.104)' can't be established. RSA key fingerprint is 0a:03:db:1a:b4:28:da:fd:66:c0:29:a4:0a:4b:77:30. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'pg91.example.org' (RSA) to the list of known hosts. Last login: Fri Jun 8 22:58:22 2012 from 10.0.0.104 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 8.2-STABLE (KRAKEN) #3: Fri Nov 18 22:07:46 UTC 2011 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases are at http://www.FreeBSD.org/releases/ - always consult the ERRATA section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search/. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the questions@FreeBSD.org mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) manual page. If you are not familiar with manual pages, type `man man'. You may also use sysinstall(8) to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. You can install extra packages for FreeBSD by using the ports system. If you have installed it, you can download, compile, and install software by just typing # cd /usr/ports/<category>/<portname> # make install && make clean as root. The ports infrastructure will download the software, change it so it works on FreeBSD, compile it, install it, register the installation so it will be possible to automatically uninstall it, and clean out the temporary working space it used. You can remove an installed port you decide you do not want after all by typing # cd /usr/ports/<category>/<portname> # make deinstall as root. $ hostname pg91.example.org $
There. Done. Now all I need to do is remove PostgreSQ 7.4 and install PostgreSQL 9.1