Read-only view of a ZFS filesystem inside a bhyve guest?
Daniel Braniss
danny at cs.huji.ac.il
Sat Apr 28 06:17:38 UTC 2018
> On 27 Apr 2018, at 19:43, Mark Raynsford via freebsd-virtualization <freebsd-virtualization at freebsd.org> wrote:
>
> Hello.
>
> I'm looking to do what the subject says: I have an existing ZFS
> filesystem (/storage/xyz) and I'd like to provide a read-only view of
> the filesystem to a set of bhyve guests. The guests in this case could
> be solely FreeBSD guests, but if there's a pleasant way to allow for
> OpenBSD or Linux guests, I'd like that.
>
> I'm essentially looking to move some jail-based infrastructure to bhyve
> guests. With the jails, I have a ZFS filesystem on the host that's
> mounted read-only inside some of the jails using nullfs. I'm not sure
> if there's something analogous for bhyve guests.
>
> I've looked at NFS, but this seems like overkill and possibly hard to
> secure. Same applies to Samba. sshfs might be an option, but I'd really
> prefer to have as few daemons listening on the host machine as possible
> for security reasons.
>
> --
> Mark Raynsford | http://www.io7m.com
>
since the clients and the server are sharing the zfs volume,
I’m doing the following:
on the server I did:
zfs create -sV 4G h/root.ro <http://root.ro/>
newfs /dev/zvol/h/root.ro <http://root.ro/>
mount /dev/zol/h/root.ro <http://root.ro/> /mnt
copy a working root image to it.
umount /mnt
the clients then mount it as ro,
the vm conflg file has:
disk0_type=virtio-blk”
disk0_name=“/dev/zvol/h/root.ro <http://root.ro/>”
disk0_dev=“custom”
one solution to the fact that the root is read-only is to use unionfs (probably nullfs will do too)
the only problem I have is updating the image.
hope this helps
danny
More information about the freebsd-virtualization
mailing list