moving to freebsd / jails / bhyve (part 2): jail creation

the vlan stuff isn’t important for joe single network but i wanted things separated so i created vlan 999 for creating the freebsd infrastructure. i’m going to start by creating a jail for the dc. my host hostname is devil (in keeping with the freebsd hell theme). so the assumption here is that freebsd is installed. bastille is installed. networking is functional. and zfs has been configured properly.

my vlan will use the network 192.168.99.x/24. for a quick overview of what is happening here just run bastille create and it will show you the flags.

root@devil:/usr/local/bastille # bastille create -V -v 999 -g 192.168.99.1 dc 15.0-RELEASE 192.168.99.2/24 lagg0

Attempting to create jail: dc

Valid: (192.168.99.2/24).

Creating a thinjail...

[dc]:
e0a_dc
e0b_dc
dc: created

[dc]:
Applying template: default/vnet...
[WARNING]: No value provided for arg: GATEWAY6
[WARNING]: No value provided for arg: IFCONFIG6

[dc]:
ifconfig_e0b_dc_name:  -> vnet0

[dc]:
ifconfig_vnet0:  -> inet 192.168.99.2/24

[dc]:
ifconfig_vnet0_descr:  -> jail interface for lagg0

[dc]:

[dc]:
defaultrouter: NO -> 192.168.99.1

[dc]:

Template applied: default/vnet

[dc]:
Applying template: default/vlan...

[dc]:
ifconfig_vnet0: inet 192.168.99.2/24 -> up[dc]:
vlans_vnet0:  -> 999

[dc]:
ifconfig_vnet0_999:  -> inet 192.168.99.2/24

Template applied: default/vlan

[dc]:
Applying template: default/thin...

[dc]:
Applying template: default/base...

[dc]:

[dc]:

[dc]:
daily_status_world_kernel:  -> NO

[dc]:

[dc]:
syslogd_flags: -s -> -ss

[dc]:
sendmail_enable: NONE -> NO

[dc]:
sendmail_submit_enable: YES -> NO

[dc]:
sendmail_outbound_enable: YES -> NO

[dc]:
sendmail_msp_queue_enable: YES -> NO

[dc]:
cron_flags:  -> -J 60

[dc]:
/etc/resolv.conf -> /usr/local/bastille/jails/dc/root/etc/resolv.conf

Template applied: default/base

Template applied: default/thin

[dc]:
dc: removed

[dc]:
e0a_dc
e0b_dc
dc: created

that’s it. in my case i am telling bastille to create a jail. use a vnet stack (-V). use my gateway (-g 192.168.99.1). create a vlan interface and set a vlan id (-v 999). give it a name (dc). which freebsd release to use (15.0-RELEASE). give it an ip (192.168.99.2). and use a host interface (lagg0).

my setup is a bit unique. if someone is using this on a home network and doesn’t care for all the vlan tomfoolery then they can just skip the -v part. i also have a lagg0 for failover since i have extra lan ports and have had controllers fail before so i just want to make sure it stays up if a card breaks.

once this is done you can use bastille to list and access the jail. 

root@devil:/usr/local/bastille # bastille list
 JID  Name Boot  Prio  State  Type   IP Address    Published Ports  Release          Tags
 5    dc   on    99    Up     thin   192.168.99.2  -                15.0-RELEASE-p1  -

root@devil:/usr/local/bastille # bastille console dc

[dc]:
root@dc:~ #

since this is a freebsd jail (meaning it uses a template derived from freebsd itself) you can just treat it (sort of) like a VM. it most definitely has its limitations though… some of which i may hit on while i work on this project.