tredly / tredly-host

[DEPRECATED] Please use https://github.com/tredly/tredly instead
MIT License
21 stars 1 forks source link

Add support for DHCP hosts #11

Closed laurieodgers closed 8 years ago

laurieodgers commented 8 years ago

Currently tredly-host only supports static IP addresses. From a hosting/datacentre point of view this is fine, but from a home/local development environment point of view this is required.

We need the ability for tredly hosts to have their IP addresses assigned via DHCP.

In order for this to be achieved, we need to track any time the IP changes on the host, and update the relevant configs (ipfw/ssh etc).

cmanns commented 8 years ago

I run my tredly-host on DHCP, however it's set static on pfsense VM on same vm host system. It wont be changing.

dinapappor commented 8 years ago

but from a home/local development environment point of view this is required.

Not only local or for development purposes. But also for production purposes. On AWS for instance you're getting IP addresses from DHCP. The IP given does not change during instance lifetime.

On AWS when spinning up an freebsd instance for the first time it acts on /firstboot file being in the filesystem[1]. Perhaps that could be a basis for setting up new tredly hosts on atleast AWS?

I could volounteer building these images, or atleast provide a script that would set everything up (since AWS instances doesn't come with zfs on root by default).

  1. http://www.daemonology.net/freebsd-on-ec2/
laurieodgers commented 8 years ago

This is fantastic! ZFS on root on AWS is actually something I was going to ask if you could provide some info on as I am interested in setting up Tredly within AWS for my own reasons.

I note that only 10.2-RELEASE is listed on that page - be aware that we have had some issues with VIMAGE/VNET crashing (kernel panic) 10.2 hosts. This was rectified once 10.3 came out.

dinapappor commented 8 years ago

There are 10.3 images if you search for them in the community console.

The procedure to get zfs on root is actually quite simple. I attached a larger hdd to the running instance and ran bsdinstall, in bsdinstall I then choose to install to the newly attached hdd. Then I powered off the instance, removed the default hdd and attached the new bigger hdd which I installed zfsonroot to as /dev/sda1. Et voilà, zfs on root. :)

When installation was finished I made sure that I copied over some of the loadables in /boot/loader.conf to the newly created installation.

Currently my (only for now) production machine looks like this:

vfs.root.mountfrom="zfs:zroot/ROOT/default"
kern.geom.label.gptid.enable="0"
zpool_cache_load="YES"
zpool_cache_type="/boot/zfs/zpool.cache"
zpool_cache_name="/boot/zfs/zpool.cache"

#Boot delay is unneeded.
autoboot_delay="-1"
#boot menu is unneeded
beastie_disable="YES"

# Set console to comconsole
console="comconsole"
hw.broken_txfifo="1"
hw.xbd.xbd_enable_indirect="0"
zfs_load="YES"
hw.bce.tso_enable=0
kern.racct.enable=1

This gives me a fully working zfs on root host as well as allowing be to see kernel messages etc in the aws/ec2 management console. I then installed tredly onto it. Be aware though to backup /boot/loader.conf and /etc/rc.conf before tredly is installed.

My rc.conf looks like this:

ec2_configinit_enable=YES
ec2_fetchkey_enable=YES
ec2_ephemeralswap_enable=YES
ec2_loghostkey_enable=YES
firstboot_freebsd_update_enable=YES
firstboot_pkgs_enable=YES
ifconfig_DEFAULT="SYNCDHCP"

# Hostname
hostname="tredly01.prd.nv.us.company.aws"

# Set up bridge interfaces
cloned_interfaces="bridge0 bridge1"
# bridge external interface to bridge0 for public containers
ifconfig_bridge0="addm xn0 up"

# Local interface on container interface
ifconfig_bridge1="inet 10.99.255.254 netmask 255.255.0.0"

# Tredly API
tredlyapi_enable="YES"

# SSH
sshd_enable="YES"

# Crash dumps (AUTO/NO)
dumpdev="AUTO"

# IPFW
firewall_enable="YES"
firewall_nat_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"
firewall_logging="YES"
firewall_quiet="YES"
gateway_enable="YES"

# ZFS
zfs_enable="YES"

# Unbound
unbound_enable="YES"

# Syslogd
syslogd_flags="-ss"

# NTP
openntpd_enable="YES"
openntpd_flags="-sv"

# Nginx/HTTP Proxy
nginx_enable="YES"

ifconfig_DEFAULT="SYNCDHCP" is probably the most important thing in the rc.conf. It stops the init/boot process until it has gotten an IP from the dhcp server. It's probably from that point any ipfw stuff should be set up.

The first 6 lines can probably be left out though. I left them in there because I wanted to create AMIs once I had the time to dig deeper through the tredly code.

I note that only 10.2-RELEASE is listed on that page - be aware that we have had some issues with VIMAGE/VNET crashing (kernel panic) 10.2 hosts. This was rectified once 10.3 came out.

Yes, IIRC creating the jail with vimage/vnet worked out perfectly, while destroying/stopping the jail would kernel panic.

pointybeard commented 8 years ago

Moved to https://github.com/tredly/tredly/issues/45