The FreeBSD Diary

FreeBSD jails are a great tool. Whether you are using them to virtualize some of your systems (like I am) or to isolate certain processes, they are flexible enough and reliable enough to use for production.

Recently, I had to retire some old jails and add some new jails. Instead of just deleting one and creating an new jail, I wanted to rename the existing jail. I figured this was easier than recompiling all the apps that my jail would require.

A few notes on this decision:

• My jails are all very similar.
• In this case, I was moving from one version of PostgreSQL to another
• One jail is called pg74 (as in PostgreSQL 7.4)
• I was going to retire pg74 (which does regression tests on Bacula against PostgreSQL 7.4) and create pg91

Also, I am using ezjail to administer my jails. This tool is used several times in this article. That said, you will still see what I'm doing, and if you're not using ezjail, you'll be able to do the same thing with your admin tool[s] of choice.

The first step: stop the old jail.

# /usr/local/etc/rc.d/ezjail stop pg74.example.org
Stopping jails: pg74.example.org.

# ezjail-admin delete pg74_example_org

At this point, the jail is no longer running. However, the files are still present on disk:

# ls /usr/jails/pg74.example.org/
.cshrc    COPYRIGHT bin       dev       home      libexec   mnt       rescue    sbin      tmp       var
.profile  basejail  boot      etc       lib       media     proc      root      sys       usr

In my case, I wanted to create a new hostname to go with the new jail. But I was going to use the same IP address. This is the patch to my DNS zone files.

$ cvs di example.org.db example.org.rev.db
Index: example.org.db
===================================================================
RCS file: /home/repositories/websites/dns-private/example.org.db,v
retrieving revision 1.101
diff -r1.101 example.org.db
5c5
<                               2012011700      ; Serial
---
>                               2012060800      ; Serial
157c157
< pg74     IN A 10.0.0.104
---
> pg91     IN A 10.0.0.104
Index: example.org.rev.db
===================================================================
RCS file: /home/repositories/websites/dns-private/example.org.rev.db,v
retrieving revision 1.32
diff -r1.32 example.org.rev.db
3c3
<                               2011072600      ; Serial
---
>                               2012060800      ; Serial
33c33
< 104 IN  PTR pg74.example.org.
---
> 104 IN  PTR pg91.example.org.

Making these changes and updating your DNS is outside the scope of this article. I'm mentioning it here so I remember this step when I need to do this again.

In this step, we rename the directory and create the new jail.

First, we rename the directory. Strictly speaking, this is optional. The name of the directory is not related to the hostname of the jail. But convention dictates that the jail directory name should reflect the hostname for that jail.

# cd /usr/jails/
# mv -i pg74.example.org pg91.example.org

Now, let's start the new jail:

# ezjail-admin create -x pg91.example.org 10.0.0.104
Warning: Some services already seem to be listening on IP 10.0.0.104
  This may cause some confusion, here they are:
root     ntpd       1459  27 udp4   10.0.0.104:123       *:*
Warning: Some services already seem to be listening on all IP, (including 10.0.0.104)
  This may cause some confusion, here they are:
root     ntpd       1459  20 udp4   *:123                 *:*
root     ntpd       1459  21 udp6   *:123                 *:*

This was easier than I thought. Starting the new jail is simple:

# /usr/local/etc/rc.d/ezjail start pg91.example.org

Then you ssh to it and check the host name:

$ ssh -A pg91
The authenticity of host 'pg91.example.org (10.0.0.104)' can't be established.
RSA key fingerprint is 0a:03:db:1a:b4:28:da:fd:66:c0:29:a4:0a:4b:77:30.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pg91.example.org' (RSA) to the list of known hosts.
Last login: Fri Jun  8 22:58:22 2012 from 10.0.0.104
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights reserved.

FreeBSD 8.2-STABLE (KRAKEN) #3: Fri Nov 18 22:07:46 UTC 2011

Welcome to FreeBSD!

Before seeking technical support, please use the following resources:

o  Security advisories and updated errata information for all releases are
   at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
   for your release first as it's updated frequently.

o  The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
   along with the mailing lists, can be searched by going to
   http://www.FreeBSD.org/search/.  If the doc distribution has
   been installed, they're also available formatted in /usr/share/doc.

If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list.  If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page.  If you are not familiar with manual pages, type `man man'.

You may also use sysinstall(8) to re-enter the installation and
configuration utility.  Edit /etc/motd to change this login announcement.

You can install extra packages for FreeBSD by using the ports system.
If you have installed it, you can download, compile, and install software by
just typing

        # cd /usr/ports//
        # make install && make clean

as root.  The ports infrastructure will download the software, change it so
it works on FreeBSD, compile it, install it, register the installation so it
will be possible to automatically uninstall it, and clean out the temporary
working space it used.  You can remove an installed port you decide you do not
want after all by typing

        # cd /usr/ports//
        # make deinstall

as root.
$ hostname
pg91.example.org
$

There. Done. Now all I need to do is remove PostgreSQ 7.4 and install PostgreSQL 9.1