How to define the order of starting jails?
Michael Grimm
trashcan at ellael.org
Mon Dec 21 18:30:33 UTC 2015
Bertram Scharpf <lists at bertram-scharpf.de> wrote:
>
> On Sunday, 20. Dec 2015, 17:50:28 +0100, Michael Grimm wrote:
>> But I am bit stuck in finding a way to start my jails in a
>> pre-defined order (e.g. first DNS, then mail, …). Well, I
>> can achieve that during boot time by using jail_list="dns
>> mail …" in rc.conf. But, this is respected during boot
>> time, *only*. Whenever I do run a "jail -rc '*'" that
>> shutdown and starting order becomes arbitrary. It doesn't
>> follow the sequence of my jail definitions in jail.conf,
>> either.
>
> When I hear something about dependencies what first comes
> into my mind is to map it to a hierarchy, in this case maybe
> nested jails. Is this approach legitimate or is it too
> weird?
I need to start my jail running UNBOUND (besides NSD), first. Here UNBOUND acts as the *only* local, trustworthy resolver for all the other service jails. (Their starting sequence is uninteresting to me, though.) Reason for that prerequisite is: I am using DNSSEC/DANE.
Thus, hierarchical jails are a solution, but that would mean, that I will end up with more running DNS jails. Doable, but I'm somehow lazy ;-)
Thanks and regards,
Michael
More information about the freebsd-questions
mailing list