Page 12 of 25
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 27 Jun 2015 22:18
by RalMun
Hi I've added two jails into my NAS-DEV, one containing a MYSQL database and owncloud (tools) and one containing Crashplan. Both of them are working fine, I can do Backups with Crashplan, running Owncloud and my raspberries against MYSQL.
# Name Interface Start on boot IP Hostname Path
1 tools em0 YES 192.168.141.211 / 32 tools.local /mnt/raid1/jails/tools/
2 crashplan em0 YES 192.168.141.212 / 31 crashplan.local /mnt/raid1/jails/crashplan/
As you can see I've configured them with sub net 32 and 31. Every thing works fine. But when I configure them all with the same sub net (it is equal whether I use 32 or 31or 24 as alexey123 did) first every thing works fine as before. But after restarting the whole NAS the services (Crashplan and MYSQL) are still working, but I am unable to enter the web gui. After entering the NAS-DEV with SSH I can see in the system log that the lighttpd daemon hasn't been started due to the errors decribed above.
Ralph
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 28 Jun 2015 13:15
by cookiemonster
Ok that looks fine to me, although I would prefer in my setup to have either both /32 or /31, it won't cause a problem.
What's the ip address of your nas, and can you please post the values in the NAS4Free UI of: nas ip and subnet, jails ips and subnets (I'd like to see they match the config you posted), and finally I wonder if you have the "web server" service enabled on the host nas - can you confirm?
Finally, when I see your lines for those two jails, although I don't know what config file that would be in, I suspect the spaces aren't good, specially seeing that the error you posted contained the value 32 as in incorrect value in /var/etc/lighttpd.conf - so it seems to me lighttpd is getting a value of 32 from somewhere and is not right, hence unable to start.
We should move this conversation to its own thread by the way.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 29 Jun 2015 09:48
by zirum
RalMun wrote:- The error message told me s.th. like "Duplicate config variable in..." and as you can see in the extract of the config file, the last both "$HTTP["remoteip"]" entries are equal. Unfortunately I'm unable to modify this config file, because after restarting the web server, it has been overwritten. I assuem the config will be set during start time depending on the web GUI configuration.
I think it was in transmission where you have the same thing, that source for conf file is copied from somewhere else upon start. In the following post, it is reffered to a different path to the file than you posted:
viewtopic.php?t=256
Check if you can modify that instead. Or maybe the post got something else relevant to use
Btw, I am still a bit confused/worried about the netmask 32 especially, but also 31. I had not my facts right earlier, as I wrote the following:
I am not to steady on it, but normally /8 is sufficient (allow from ip's in range x.x.x.1 to x.x.x.256). /16 would equal to x.x.1.1 to x.x.256.256 and for /24 its x.1.1.1 to x.256.256.256.
It should have been (where x.x.x.x is hosts ip):
/8 - allow range x.1.1.1 to x.255.255.254.
/16 x.x.1.1 to x.x.255.254
/24 x.x.x.1 to x.x.x.254
x.x.x.255 is broadcast address
/31 allow range x.x.x.(x-1) to x.x.x.x
/32 allow range x.x.x.x only
At least it is how I interpret the calculator here:
http://www.aboutmyip.com/AboutMyXApp/Su ... 12&cidr=31
Sorry for not being a expert on this, and unable to help you straight to the problem. But I assume that any suggestion is better than none... We both may learn something on the way.
post repaired by alexey123
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 29 Jun 2015 22:42
by RalMun
cookiemonster wrote:
... although I would prefer in my setup to have either both /32 or /31, it won't cause a problem.
Funny, what are we talking about? This is what I would like to have too, but exact this is my problem
.
What's the ip address of your nas
Developement environment: 192.168.141.50
Both jails are defined on this NAS-DEV.
Type: DHCP
IP address 192.168.141.50/32
Gateway 192.168.141.1
IPv6 Configuration:Inactivate
Advanced Configuration
MTU : (empty)
Media: Auto
Extra options: (empty)
I wonder if you have the "web server" service enabled on the host nas
Webserver activ: Currently yes, but the problem occurs independently from this settings. The N4F it self starts an lighttpd daemon to be reachable via the web gui.
Finally, when I see your lines for those two jails, although I don't know what config file that would be in...
The both lines postet above represent my current jail configuration, which are working fine.
But if I configure them both to the same subnet value (e.g. 32) I have the error described above.
Here's the configuration file (configured with the problematic equal subnet value):
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<NAS4Free revision="1480" version="9.3.0.2">
<content>
<uuid>1ecfb71a-4198-4a54-ac6b-7cc091ad6c46</uuid>
<enable />
<jailno>1</jailno>
<jailname>tools</jailname>
<jail_type>slim</jail_type>
<if>em0</if>
<ipaddr>192.168.141.211</ipaddr>
<subnet>32</subnet>
<jailpath>/mnt/raid1/jails/tools/</jailpath>
<devfsrules />
<jail_mount />
<devfs_enable />
<proc_enable />
<exec_prestart />
<exec_start>/bin/sh /etc/rc</exec_start>
<afterstart0 />
<afterstart1 />
<exec_stop>/bin/sh /etc/rc.shutdown</exec_stop>
<extraoptions>-l -U root -n tools</extraoptions>
<jail_parameters />
<desc />
<base_ver>9.3-RELEASE</base_ver>
<lib_ver>9.3-RELEASE</lib_ver>
<src_ver>Not Installed</src_ver>
<doc_ver>Not Installed</doc_ver>
<image />
<image_type />
<attach_params />
<attach_blocking />
<force_blocking />
<zfs_datasets />
<fib />
<ports />
</content>
<content>
<uuid>da60e726-8039-4982-b1c5-9197702193c4</uuid>
<enable />
<jailno>2</jailno>
<jailname>crashplan</jailname>
<jail_type>slim</jail_type>
<if>em0</if>
<ipaddr>192.168.141.212</ipaddr>
<subnet>32</subnet>
<jailpath>/mnt/raid1/jails/crashplan/</jailpath>
<devfsrules />
<jail_mount />
<devfs_enable />
<proc_enable />
<auxparam>
<content>linprocfs /mnt/raid1/jails/crashplan/compat/linux/proc linprocfs rw 0 0</content>
<content>/mnt/backup /mnt/raid1/jails/crashplan/compat/linux/usr/local/var/crashplan nullfs rw 0 0</content>
</auxparam>
<exec_prestart />
<exec_start>/compat/linux/bin/bash /compat/linux/usr/local/crashplan/bin/CrashPlanEngine start</exec_start>
<afterstart0 />
<afterstart1 />
<exec_stop>/compat/linux/bin/bash /compat/linux/usr/local/crashplan/bin/CrashPlanEngine stop && /bin/sh /etc/rc.shutdown</exec_stop>
<extraoptions>-l -U root -n crashplan</extraoptions>
<jail_parameters />
<desc />
<base_ver>9.3-RELEASE</base_ver>
<lib_ver>9.3-RELEASE</lib_ver>
<src_ver>Not Installed</src_ver>
<doc_ver>Not Installed</doc_ver>
<image />
<image_type />
<attach_params />
<attach_blocking />
<force_blocking />
<zfs_datasets />
<fib />
</content>
</NAS4Free>
@zirum:
Thanks for this URL (
http://www.aboutmyip.com/...). Now I got the sense of this paramter and I think 24 is the value I should use. But also with 24 on both jails I run into my problem.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 30 Jun 2015 00:29
by cookiemonster
@RalMun thanks for posting the settings. Looks like various problems or various symptoms of at least one problem.
One thing out of the way, it might not be related but worth making a note: the LAN side setup of the router dishing out the ip addresses in your network(s) via DHCP. What's the scope? Just in case there are ip conflicts.
That aside, as that would cause problems accessing services served, it should not prevent the jails from starting.
I would disable the webserver service on your host nas. Then set in Network/LAN Management: Type=DHCP and the subnet mask /24. Then in the TheBrig config for your jails, I'd set them all to /24 subnet mask.
The idea is to take web server out of the equation, and look at the network configuration first.
Check all services start ok as you come to expect from your one of your previous posts. Restart the as, check again.
Once network is fine, we can look at the additional service.
Note: when you say that once you do this you can't login to the nas, could you check the ip address on your browser. I'm thinking your sig shows three environments, I'm assuming three machines all in the same host (vmware guests). Things to check: what ip addresses they have? Are they static ips or dhcp clients from the same router? Are the guests then in the same subnet as the host they're in?
I sense you'd be getting more advice in the networking section.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 03 Jul 2015 17:27
by daoyama
jasch wrote:Centralports i not working,
i made a fresh 10 install with fresh the brig install.
Jails are fine, but when i go to centralports an press fetch i does nothing.
Yes, you are right. You cannot use ports on fresh installed TheBrig.
Also you cannot start checked jail.
Try this patch. (apply in conf/ext)
Note: if you get an error, try to remove /var/run/jail_xxx.id. (where xxx is jail name)
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 03 Jul 2015 21:38
by alexey123
Thanks
I will check it and will update thebrig.
UPD: Checked. I see problem with central port, I like patch idea for check before mount ports, but problem place at another place, it link to lang.inc file.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 05 Jul 2015 04:03
by daoyama
alexey123 wrote:Thanks
I will check it and will update thebrig.
UPD: Checked. I see problem with central port, I like patch idea for check before mount ports, but problem place at another place, it link to lang.inc file.
I notice one more. conf/portsnap.conf need update.
Code: Select all
--- portsnap.conf.orig 2015-07-03 05:59:47.521349150 +0000
+++ portsnap.conf 2015-07-05 01:07:53.884639515 +0000
@@ -20,3 +20,4 @@
INDEX INDEX-7 DESCRIBE.7
INDEX INDEX-8 DESCRIBE.8
INDEX INDEX-9 DESCRIBE.9
+INDEX INDEX-10 DESCRIBE.10
TODO:
config export/import
remove generic commands such as join from bin/sbin
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 05 Jul 2015 05:56
by alexey123
daoyama wrote:
I notice one more. conf/portsnap.conf need update.
I agree. More then I updated it yesterday on my test machine, but not push it on github. I rewrite thebrig for enable local language and I'll commit changes , when I make all.
TODO:
config export/import
remove generic commands such as join from bin/sbin
I'll check. Some generic command need for freebsd-update or portsnap operation . TheBrig make updates itself, even when jails stoped
UPD:
Central ports repaired
config export/inport repaired
portsnap repaired
add translator page - if user want to have TheBrig on his language.. ( I will upload at sunday russian lang file )
Wow.! I see you add binaries to main system!!
http://sourceforge.net/p/nas4free/code/ ... d00f2:1711 Thanks!!
TODO
I need convert fstab editor to new jqwery.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 09 Jul 2015 12:48
by jasch
Sorry was busy with work.
Patch is working.
Central ports are working now, start stop also working.
THx Alex
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 10 Jul 2015 08:31
by Parkcomm
Hey Alex, and anyone else who is smarter than me.
I'v upgraded Nas4Free to 10.1 and reinstalled theBrig using Alcatraz.
Code: Select all
mightymouse: ~# uname -a
FreeBSD mightymouse.lan 10.1-RELEASE-p13 FreeBSD 10.1-RELEASE-p13 #0 r284893M: Sun Jun 28 00:06:45 CEST 2015 root@dev.nas4free.org:/usr/obj/nas4free/usr/src/sys/NAS4FREE-amd64 amd64
mightymouse: ~# csh
mightymouse: ~# exit
So csh works in the host
Code: Select all
mightymouse: ~# jls
JID IP Address Hostname Path
1 - Test3.lan /mnt/MightyMouse/Jail/Test3
mightymouse: ~# jexec 1 uname -a
FreeBSD Test3.lan 10.1-RELEASE-p13 FreeBSD 10.1-RELEASE-p13 #0 r284893M: Sun Jun 28 00:06:45 CEST 2015 root@dev.nas4free.org:/usr/obj/nas4free/usr/src/sys/NAS4FREE-amd64 amd64
mightymouse: ~# jexec 1 csh
/bin/csh: Undefined symbol "__bsd_iconv_open"
csh does not work in the jail
Which seems odd, I get the same error if the guest OS is at 9.3. - any ideas?
Brendan
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 10 Jul 2015 08:51
by alexey123
Hi Parkcomm
in first I see you have jail without IP address. May be you use vnet enabled jail?
In all cases - try update jail over FreeBSD update page
Code: Select all
root@omega:/ # uname -a
FreeBSD omega.local 10.1-RELEASE-p13 FreeBSD 10.1-RELEASE-p13 #0 r284893M: Sun Jun 28 00:06:45 CEST 2015 root@dev.nas4free.org:/usr/obj/nas4free/usr/src/sys/NAS4FREE-amd64 amd64
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 10 Jul 2015 14:14
by Parkcomm
No, I just took out every option one by one to see what might have caused the problem.
In the end I deleted the brig, reinstalled Nas4Free 10.1, reinstalled the brig and now csh is working. ;0)
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 10 Jul 2015 21:12
by daoyama
daoyama wrote:
TODO:
config export/import
remove generic commands such as join from bin/sbin
portsnap is bundled with N4F 10.x now.
You can use portsnap for jail and NFS share.
More patch again for broken installer:
Code: Select all
--- thebrig_install.sh.orig 2015-07-10 18:52:01.748397000 +0000
+++ thebrig_install.sh 2015-07-10 19:03:47.083382489 +0000
@@ -45,11 +45,11 @@
START_FOLDER=$(dirname $FULL_PATH | sed 's|/thebrig_install.sh||')
# First stop any users older than 9.3 from installing
-MAJ_REL=$(uname -r | cut -d- f1 | cut -d. -f1)
-MIN_REL=$(uname -r | cut -d- f1 | cut -d. -f2)
+MAJ_REL=$(uname -r | cut -d- -f1 | cut -d. -f1)
+MIN_REL=$(uname -r | cut -d- -f1 | cut -d. -f2)
# Prevent users from breaking their system
-if [ $MAJ_REL -lt 9 -o $MIN_REL -lt 3 ]; then
+if [ $MAJ_REL -lt 9 -o $MAJ_REL -eq 9 -a $MIN_REL -lt 3 ]; then
echo "ERROR: This version of TheBrig is incompatible with your system!"
exerr "ERROR: Please upgrade Nas4Free to version 9.3 or higher!"
fi
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 10 Jul 2015 23:47
by alexey123
Done!
Thank you
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 11 Jul 2015 04:51
by Parkcomm
Hey guys I think I've uncovered a serious problem.
I created a jail - but when I entered the location i accidentally put thebrig root directory, without a jail name. It would not run obviously.
When I realise what I had done I deleted the jail from the GUI.
It deleted (as expected) the jail directory which in this case was thebrig - no more jails!
I'm not too upset, I'm not trusting anything important to a beta release - but if someone makes this mistake on a production system, they are gonna be pretty upset.
This was the only jail I had configured at the time.
Hope this is of help.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 11 Jul 2015 10:32
by Parkcomm
Here's a more minor issue - three vnet jails.
On the Jails page the Jail IPs (table at the top of the page) are displayed as follows
Jail 1 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252
Jail 2 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252,fe80::ff:50ff:fe00:80b%epair4b,192.168.1.254
Jail 3 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252,fe80::ff:50ff:fe00:80b%epair4b,192.168.1.254,fe80::ff:50ff:fe00:a0b%epair5b,192.168.1.250
As you can see the MAC and IP address from the previous jail are added.
Also there is a problem with the bridge configs
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 11 Jul 2015 13:08
by alexey123
Parkcomm wrote:Here's a more minor issue - three vnet jails.
On the Jails page the Jail IPs (table at the top of the page) are displayed as follows
Jail 1 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252
Jail 2 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252,fe80::ff:50ff:fe00:80b%epair4b,192.168.1.254
Jail 3 - fe80::ff:50ff:fe00:60b%epair3b,192.168.1.252,fe80::ff:50ff:fe00:80b%epair4b,192.168.1.254,fe80::ff:50ff:fe00:a0b%epair5b,192.168.1.250
As you can see the MAC and IP address from the previous jail are added.
Also there is a problem with the bridge configs
Thank you for reports - This was only display fault - I repair it
https://github.com/fsbruva/thebrig/comm ... 0edd2ed090
Parkcomm wrote:Hey guys I think I've uncovered a serious problem.
I created a jail - but when I entered the location i accidentally put thebrig root directory, without a jail name. It would not run obviously.
When I realise what I had done I deleted the jail from the GUI.
It deleted (as expected) the jail directory which in this case was thebrig - no more jails!
I'm not too upset, I'm not trusting anything important to a beta release - but if someone makes this mistake on a production system, they are gonna be pretty upset.
This was the only jail I had configured at the time.
Hope this is of help.
Added thebrig rootfolder to reserved path
https://github.com/fsbruva/thebrig/comm ... ae59e0cec7
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 04:55
by Parkcomm
Cheers Alexy - you move quickly.
I would like to configure my NAS so that jails use one NIC and high speed storage uses the other. The problem with non VNET jails is that outgoing traffic from the Jail will use the default NIC based (so long as you use a single fib). So I have been very keen to get VNET working to solve this issue.
And guess what, for a single jail it works like a bloody charm. And the interface is very clean and usable. Niiice!
The display options are fixed, well done, but there is still a problem with the bridge configs
Bridge for first configured jail - from ifconfig output. Note the epair interface and the physical interface are included:
Code: Select all
bridge13: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:bd:63:0f:28:0d
inet 192.168.5.251 netmask 0xffffff00 broadcast 192.168.5.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 5 priority 128 path cost 2000
member: bge0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 20000
epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:05:0a
inet6 fe80::ff:ff:fe00:50a%epair3a prefixlen 64 scopeid 0x5
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
Now I configure a second jail on separate physical interface - the epair device is missing from the bridge
Code: Select all
bridge14: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9000
ether 02:bd:63:0f:28:0e
inet 192.168.1.251 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
epair4a: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:07:0a
inet6 fe80::ff:ff:fe00:70a%epair4a prefixlen 64 scopeid 0x7
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
Also note that I add to add the default route by hand - but I think the system could do this, since the default route of the host on each interface would be the default route of a jail. I would't sweat this though, I think most people who know enough to use vnet should know enough to configure the routes.
If we are trying to make VNET foolproof I would make one other suggestion. There are two lines:
Code: Select all
System side of interface, eq: 192.168.1.251/24
Jail side of interface, eq: 192.168.1.252/24
That should be eg. instead of eq.
and also this makes it look like the host side of the epair the same ip subnet as the jail side of the epair and and host physical - this is not necessary. Personally if the jail side of the interface of the epair is 192.168.1.xx/24, I'll use something like 10.1.0.xx/24 for the host side of the epair.
I also think that if the default behaviour is to tie an epair to a physical interface (its limiting but I think it makes sense for a NAS), then I would expect one bridge per interface (per physical) rather than creating a new bridge for each epair. This my working configuration
Code: Select all
bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c2099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
ether e4:11:5b:b2:76:69
inet 192.168.5.20 netmask 0xffffff00 broadcast 192.168.5.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet 1000baseT <full-duplex>
status: active
bridge11: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:bd:63:0f:28:0b
inet 10.1.0.1 netmask 0xff000000 broadcast 10.255.255.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 7 priority 128 path cost 2000
member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 5 priority 128 path cost 2000
member: bge0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 20000
epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:05:0a
inet6 fe80::ff:ff:fe00:50a%epair1a prefixlen 64 scopeid 0x5
inet 10.1.0.21 netmask 0xff000000 broadcast 255.255.255.0
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:07:0a
inet6 fe80::ff:ff:fe00:70a%epair3a prefixlen 64 scopeid 0x7
inet 10.1.0.23 netmask 0xff000000 broadcast 255.255.255.0
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
and from the jails
Code: Select all
epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:05:0a
inet6 fe80::ff:ff:fe00:50a%epair1a prefixlen 64 scopeid 0x5
inet 10.1.0.21 netmask 0xffffff00 broadcast 10.1.0.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
and
Code: Select all
epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:07:0a
inet6 fe80::ff:ff:fe00:70a%epair3a prefixlen 64 scopeid 0x7
inet 10.1.0.21 netmask 0xffffff00 broadcast 10.1.0.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
Am I making sense?
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 05:03
by Parkcomm
aaah - I just did something stupid again.
Created a jail with no name
Get and error message and return to config screen (the options I had selected are gone, minor bug)
Reselect options save, apply, start
Jail does not start
Kill jail and start from command line
Code: Select all
mightymouse: /etc# /etc/rc.d/thebrig onestart Blue
Starting jails: security.jail.enforce_statfs: 0 -> 0
Blue mount_nullfs: /mnt/MightyMouse/DATA/thebrig/basejail (/mnt/MightyMouse/DATA/thebrig/basejail) and /mnt/MightyMouse/DATA/thebrig/basejail are not distinct paths
jail: Blue: /sbin/mount -t nullfs -o ro /mnt/MightyMouse/DATA/thebrig/basejail /mnt/MightyMouse/DATA/thebrig/basejail: failed
Ok so no basejail (I'm about 99% I had selected the base jail in config scree)
Then I delete jail - takes a long time, thebrig main page is filling up with warning messages.
The Brig is gone again (jails are still in the directory, but everything else is gone)
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 22:59
by alexey123
OK - I totaly check jailname and add default entry jailname as "jail<jailnumber>"
https://github.com/fsbruva/thebrig/comm ... ebda13e979
I not see any strangle or wrong into ifconfig output. I have running 2 jails and see all interfaces.
Main:
Code: Select all
$ ifconfig
msk0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c0018<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWTSO,LINKSTATE>
ether dc:9c:52:07:a5:51
inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
inet6 fe80::de9c:52ff:fe07:a551%msk0 prefixlen 64 scopeid 0x1
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex,flowcontrol,rxpause,txpause>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
urtwn0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 2290
ether 80:1f:02:64:dc:b8
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
status: no carrier
wlan0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 80:1f:02:64:dc:b8
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
status: no carrier
ssid "" channel 1 (2412 MHz 11b)
country US authmode OPEN privacy OFF txpower 0 bmiss 7 scanvalid 60
bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 1
bintval 0
bridge13: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:fe:4a:c8:9c:0d
inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 6 priority 128 path cost 2000
member: msk0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:06:0a
inet6 fe80::ff:ff:fe00:60a%epair3a prefixlen 64 scopeid 0x6
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
bridge14: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:fe:4a:c8:9c:0e
inet 10.0.0.100 netmask 0xffffff00 broadcast 10.0.0.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 8 priority 128 path cost 2000
epair4a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:00:00:08:0a
inet6 fe80::ff:ff:fe00:80a%epair4a prefixlen 64 scopeid 0x8
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
Jail1:
Code: Select all
$ jexec git ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair3b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:50:00:07:0b
inet6 fe80::ff:50ff:fe00:70b%epair3b prefixlen 64 scopeid 0x2
inet 10.0.0.3 netmask 0xffffff00 broadcast 10.0.0.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
Jail2:
Code: Select all
$ jexec vnet1 ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair4b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:50:00:09:0b
inet6 fe80::ff:50ff:fe00:90b%epair4b prefixlen 64 scopeid 0x2
inet 10.0.0.101 netmask 0xffffff00 broadcast 10.0.0.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
I think output is OK. Why?
Code: Select all
$ jexec git ping -c 3 www.google.com
PING www.google.com (64.233.167.106): 56 data bytes
64 bytes from 64.233.167.106: icmp_seq=0 ttl=45 time=84.280 ms
64 bytes from 64.233.167.106: icmp_seq=1 ttl=45 time=84.344 ms
64 bytes from 64.233.167.106: icmp_seq=2 ttl=45 time=83.680 ms
--- www.google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 83.680/84.101/84.344/0.299 ms
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 23:21
by almartin
Hi, I'm trying to install TheBrig, but when I try to fetch it gives "No address record".
I'm new to Nas4free, how can I resolve this?
TIA
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 23:30
by alexey123
TODO:
fstab entries: - With new JQwery I cannot give to work fstab edItor. May be remove it?
In case remove fstab editor I can modify current textarea to something as network entry
Also I want check fstab for valid pathes and fstypes
I need feedback from users.
I want add wait_on based utilite also- for give to work fail2ban and another similar programs inside jail. ( I want compille NAS4Free inside jail)
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 12 Jul 2015 23:48
by alexey123
almartin wrote:Hi, I'm trying to install TheBrig, but when I try to fetch it gives "No address record".
I'm new to Nas4free, how can I resolve this?
TIA
Connect to server over ssh as root, then fetch installer
Code: Select all
fetch https://raw.githubusercontent.com/fsbruva/thebrig/alcatraz/thebrig_install.sh
run it
Code: Select all
sh thebrig_install.sh /mnt/path/to/brig/folder 3
Then observe webgui, Extension tab
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 13 Jul 2015 02:01
by almartin
tryed fetch
https://raw.githubusercontent.com/fsbru ... install.sh
fetch:
https://raw.githubusercontent.com/fsbru ... install.sh: No address record
still it says no address record.
I've been banging my head, and can't find a solution...
TIA
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 13 Jul 2015 10:34
by almartin
When I try to follow this howto, from the webgui I get:
$ /bin/sh /tmp/thebrig_install.sh /mnt/Pool1/Jail 2
Retrieving the testing branch as a zip file
Unpacking the tarball...
X-Powered-By: PHP/5.5.8
Content-type: text/html
Warning: Unexpected character in input: '' (ASCII=15) state=0 in /bin/sh on line 117
Warning: Unexpected character in input: '' (ASCII=3) state=0 in /bin/sh on line 117
Warning: Unexpected character in input: '' (ASCII=2) state=0 in /bin/sh on line 117
Warning: Unexpected character in input: ' in /bin/sh on line 117
Warning: Unexpected character in input: ' in /bin/sh on line 117
Warning: Unexpected character in input: '' (ASCII=15) state=0 in /bin/sh on line 117
You use fresh version
I don't know what to do...
TIA
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 14 Jul 2015 06:27
by Parkcomm
Started unloading the src tarball and noticed the following (FreeBSD-amd64-10.1-RELEASE-src.txz should not be there until the download is complete)
Code: Select all
FreeBSD-amd64-10.1-RELEASE-base.txz FreeBSD-amd64-10.1-RELEASE-lib32.txz FreeBSD-amd64-10.1-RELEASE-src.txz
FreeBSD-amd64-10.1-RELEASE-src_partial_115049476.txz
- you can even build a new jail - even though down loading is not complete.
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 14 Jul 2015 07:38
by Parkcomm
almartin - I've had some trouble with the online installer as well, so I fell back to the offline installer at the top of this thread. You can then update thebrig to the lates version from the "/thebrig/Updates/Thebrig Manager" menu tab
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 14 Jul 2015 07:45
by Parkcomm
Hey Alexy
fstab entries: - With new JQwery I cannot give to work fstab edItor.
I can live without the fstab editor, I'm happy to type into the window
Also I want check fstab for valid pathes and fstypes
If the the editor autocompleted the path as you typed (like bash) it would be indispensable!
Re: [HOWTO] Install TheBrig - one Jail manager for N4F
Posted: 15 Jul 2015 03:36
by Parkcomm
Hey Alexy
I not see any strangle or wrong into ifconfig output. I have running 2 jails and see all interfaces.
I do ...
Code: Select all
bridge14: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:fe:4a:c8:9c:0e
inet 10.0.0.100 netmask 0xffffff00 broadcast 10.0.0.255
nd6 options=1<PERFORMNUD>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 8 priority 128 path cost 2000
Bridge14 only has one member - the epair interface, this has to connect somewhere, (could be another virtual interface) in this case the host systems physical interface.
Jail 3 is fine, so your ping test works - the problem is jail 4 (vnet1) is where I see the problem.