Closed igalic closed 7 years ago
That should be the behavior anyways, but that wouldn't make sense in this case. As the jail doesn't exist, so pkg
has nothing to run inside.
the jail does exist!, well, as template…
Can you provide a full command output that I can see including creation showing that failure? If you can I'll reopen this as a bug
okay! let's start fresh:
~ # iocage destroy -f f11-ats6
f11-ats6 not found!
~ #
weird…
~ # iocage list -Ht
- f946372e down f11-ats6 11.0-RELEASE 172.16.0.6
- e27b37fe down f11-php71 11.0-RELEASE 172.16.0.4
- 6cfbc2fb down f11-puppet4 11.0-RELEASE -
~ #
weird indeed, maybe the UUID will work?
~ # iocage destroy -f f946372e
yup… okay, let's start fresh: here's the pkglist JSON:
{
"pkgs": [
"puppet4",
"trafficserver"
]
}
and go:
~ # iocage create --pkglist=pkgphp.json --release=11.0-RELEASE tag=f11-ats6 ip4_addr="vtnet0|172.16.0.6/12" template="yes"
2319532e-72b8-4227-a0d3-2e234109936b (f11-ats6) successfully created!
Testing SRV response to FreeBSD
Testing DNSSEC response to FreeBSD
Installing pkg...
Installing supplied packages:
- puppet4...
===> Creating groups.
Creating group 'puppet' with gid '814'.
===> Creating users
Creating user 'puppet' with uid '814'.
Message from ruby-2.3.3_2,1:
====
Some of the standard commands are provided as separate ports for ease
of upgrading:
devel/ruby-gems: gem - RubyGems package manager
devel/rubygem-rake: rake - Ruby Make
And some of the standard libraries are provided as separate ports
since they require extra dependencies:
databases/ruby-gdbm: GDBM module
Install them as occasion demands.
====
Message from puppet4-4.9.4:
To enable the puppet agent, add the following to /etc/rc.conf:
puppet_enable="YES"
To enable the puppetmaster, add the following to /etc/rc.conf:
puppetmaster_enable="YES"
Individual config files such as /usr/local/etc/puppetmasterd.conf are
deprecated. Use a single file, /usr/local/etc/puppet/puppet.conf.
The default PID directory is /var/run/puppet
- trafficserver...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
Message from ca_root_nss-3.31:
********************************* WARNING *********************************
********************************* WARNING *********************************
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.
Assessment and verification of trust is the complete responsibility of the
system administrator.
*********************************** NOTE **********************************
This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.
This enables SSL Certificate Verification by client software without manual
intervention.
If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.
* /etc/ssl/cert.pem
* /usr/local/etc/ssl/cert.pem
* /usr/local/openssl/cert.pem
***************************************************************************
Message from perl5-5.24.1:
The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:
#!/usr/local/bin/perl
or
#!/usr/bin/env perl
The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
~ #
let's see:
~ # iocage list -Ht
- 2319532e down f11-ats6 11.0-RELEASE 172.16.0.6
- e27b37fe down f11-php71 11.0-RELEASE 172.16.0.4
- 6cfbc2fb down f11-puppet4 11.0-RELEASE -
~ #
cool, now let's look inside:
~ # iocage pkg f11-ats6 info
f11-ats6 not found!
~ #
maybe by uuid?
~ # iocage pkg 2319532e info
2319532e-72b8-4227-a0d3-2e234109936b (f11-ats6 (template)) is not running, starting jail
Traceback (most recent call last):
File "/usr/local/bin/iocage", line 10, in <module>
sys.exit(cli())
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 722, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 697, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 895, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 535, in invoke
return callback(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/iocage/cli/pkg.py", line 38, in cli
ioc.IOCage(jail).exec(cmd)
File "/usr/local/lib/python3.6/site-packages/iocage/lib/iocage.py", line 558, in exec
silent=self.silent).exec_jail()
File "/usr/local/lib/python3.6/site-packages/iocage/lib/ioc_exec.py", line 82, in exec_jail
"Please convert back to a jail before trying to start"
RuntimeError: Please convert back to a jail before trying to start 2319532e-72b8-4227-a0d3-2e234109936b (f11-ats6 (template))
~ #
okay, so that works
now let's create a new jail from that template:
~ # iocage create --template=f11-ats6 tag=cdn01 ip4_addr="vtnet0|172.16.0.8/12" ip6_addr="vtnet0|2a03:b0c0:3:d0::4c97:6008"
This may be a short UUID, template creation only supports TAGs
Proceed? [y/N]: ^CAborted!
i know what i'm doing:
~ # iocage create --force --template=f11-ats6 tag=cdn01 ip4_addr="vtnet0|172.16.0.8/12" ip6_addr="vtnet0|2a03:b0c0:3:d0::4c97:6008"
c14cf55b-8aa9-4fd7-a3b7-5956c78c1b31 (cdn01) successfully created!
~ # iocage pkg cdn01 info
c14cf55b-8aa9-4fd7-a3b7-5956c78c1b31 (cdn01) is not running, starting jail
Command output:
augeas-1.7.0 Configuration editing tool
ca_root_nss-3.31 Root certificate bundle from the Mozilla Project
curl-7.54.1 Non-interactive tool to get files from FTP, GOPHER, HTTP(S) servers
dmidecode-3.0 Tool for dumping DMI (SMBIOS) contents in human-readable format
hwloc-1.11.1 Portable Hardware Locality software package
indexinfo-0.2.6 Utility to regenerate the GNU info page index
libedit-3.1.20150325_2,1 Command line editor library
libffi-3.2.1 Foreign Function Interface
libnghttp2-1.21.0 HTTP/2.0 C Library
libpciaccess-0.13.4 Generic PCI access library
libxml2-2.9.4 XML parser library for GNOME
libyaml-0.1.6_2 YAML 1.1 parser and emitter written in C
pciids-20170316 Database of all known IDs used in PCI devices
pcre-8.40 Perl Compatible Regular Expressions library
perl5-5.24.1 Practical Extraction and Report Language
pkg-1.10.1 Package manager
puppet4-4.9.4 Configuration management framework written in Ruby
readline-6.3.8 Library for editing command lines as they are typed
ruby-2.3.3_2,1 Object-oriented interpreted scripting language
ruby23-gems-2.6.12 Package management framework for the Ruby language
rubygem-facter-2.4.6 Cross-platform Ruby library for retrieving facts from OS
rubygem-hiera-3.3.1 Pluggable data store for hierarchical data
rubygem-json_pure-2.0.3 Parse JSON texts and generate them from ruby data structures in Ruby
rubygem-ruby-augeas-0.5.0_2 Ruby bindings for Augeas
sqlite3-3.17.0 SQL database engine in a C library
tcl86-8.6.6_2 Tool Command Language
trafficserver-6.2.0 Fast, scalable and extensible HTTP proxy server
this ⏫ whole scenario here leads me to conclude that the issue is related to however short-uuids are parsed.
Indeed, and man you really did go complete! Thanks!
We should possibly fix the title of the bug report then
This code needs to be replicated to destroy… or, abstracted:
~ # iocage list -t
+-----+----------+-------+--------------+--------------+-----------+
| JID | UUID | STATE | TAG | RELEASE | IP4 |
+=====+==========+=======+==============+==============+===========+
| - | 891c4be4 | down | f11-apache24 | 11.0-RELEASE | 17.16.0.2 |
+-----+----------+-------+--------------+--------------+-----------+
~ # iocage destroy -f f11-apache24
f11-apache24 not found!
~ #
The code is already abstracted, but yes destroy
doesn't fully utilize the API as it was done quite early in that process. I'll circle back and finish that up.
Right now (master / cd9464527b3876157461631ea7ac3c89382b4de2 )
iocage pkg some-template info
will fail with the following message:I was wondering if it would make sense to transparently allow this subcommand on template type jails, and let it fail on its own merits…