Date: Tue, 13 May 2014 08:11:59 -0400 From: Fbsd8 <fbsd8@a1poweruser.com> To: freebsd_jail@dachev.info Cc: freebsd-jail@freebsd.org Subject: Re: new jail framework with vnet, zfs and jail.conf support Message-ID: <53720C0F.9010707@a1poweruser.com> In-Reply-To: <640993be45d72e4dac19181ae6644d27@dachev.info> References: <640993be45d72e4dac19181ae6644d27@dachev.info>
next in thread | previous in thread | raw e-mail | index | archive | help
freebsd_jail@dachev.info wrote: > Hi, > > I'm currently in process of development of new tool for easy jail > administration with zfs and vimage/vnet(bridge epair interface) support > The idea is to have a single application (python script) without any > other confg files and customization > This tool is written on Python, also work only with vnet, zfs and > FreeBSD 10 (probably will work on FreeBSD 9.1 but i never test it) > JADM work only with native /etc/jail.conf > When is started for first time jadm generate new /etc/jail.conf in > special format developed by me. > jail.conf file can be used and without JADM. > > for more information please contact me or visit: > https://github.com/NikolayDachev/jadm > > JADM is in development status more of functions work normal (with bugs > but work :)). > > Unfortunately i don't have a lot of time for it so i need test users. > At the moment last function for JADM is to support skeleton jail model > (similar to ezjail with base jail and etc.) > This function is still in progress meanwhile, if someone have a time to > test all other functions and to report any issue, bug or ideas > > > I think you have made some poor basic design choices. 1. Requiring python as a dependent. Thats a lot of overhead just for a script. Not a show stopper, but a csh script would have been better. 2. Using the highly experimental "vimage" as the cornerstone of the over all design. Vimage has many long standing PRs, does not work with any of the firewalls, has NO maintainer, requires a custom kernel to enable. This is a major show stopper. Can not risk a production jail environment on highly experimental software. Even if vimage gets a maintainer, all the firewalls need to be updated to play nice in an vimage environment, and there are existing PRs to that effect which the firewall maintainers are reluctant to address because of vimage's status as highly experimental. What your trying to do may never bare fruit due to things totally out of your control. 3. Should use the allow_zfs option of jail(8) instead of embedded native zfs commands. With surgery JADM could become a ZFS admin script, there is a need for that and one does not exist that I know of.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53720C0F.9010707>