diff --git a/COMPARE.md b/COMPARE.md index 9f265996..1be6a618 100644 --- a/COMPARE.md +++ b/COMPARE.md @@ -1,30 +1,31 @@ +# Bastille Compared to Other Jail Managers -| Feature | BastilleBSD | Appjail | pot | ezjail | iocage | -| --- | --- | --- | --- | --- | --- | -| OCI Compliant | No | Yes | No | No | No | -| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell | Bourne Shell | Bourne Shell, Rust | -| Dependencies | None | C | None | None | Rust| -| Jail Types | vnet, bridged vnet, thin, thick, empty, clone, Linux | clone, copy, tiny thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick | -| Jail dependency | Yes | Yes | Yes | No | Yes | -| Import/Export | Yes | Yes | Yes | Yes | Yes | -| Support Boot Order Priorities| Yes | Yes | No | Yes using `rcorder` | Yes | -| Linux containers | Yes | Yes | No | No | Yes | -| Automation | Templates | Makejail, Initscripts, Images | Flavors, Images | Flavours | Plugins | -| Package Management | Yes | No | No | No | No | -| ZFS Support | Yes | Yes | Yes | No | No | -| Volume management | No | Yes | Basic | No | Basic | -| VNET Support | Yes | Yes | Yes | No | Yes | -| IPv6 Support| Yes | Yes | Yes | Yes | Yes | -| Dual Network Stack | Yes | ?? | Yes | No | No | -| Netgraph | Yes | Yes | No | No | No | Netgraph | -| Dynamic Firewall | Yes | Yes | Yes | No | No| -| Network Management | VLANS, Bridges | Virtual Networks, Bridges | Subnet, requires `sysutils/potnet` | No | No | -| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No | -| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only | -| CPU Sets | No | Yes | Yes | Yes | Yes | -| Parallel startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No | -| Log Management | No | Yes | No | No | No | -| Copy Files Between Jails | Yes | No | No | No | No | -| Top Support | Yes | No | No | No | No| -| HTop Support | Yes | No | No | No | No | -| X11 support | No | Yes | No | No | No | +| Feature | BastilleBSD | Appjail | pot | ezjail | iocage | +|------------------------------------------|----------------------------------------|----------------------------------------------------------|--------------------|---------------------|-----------------------------------------| +| OCI Compliant | No | Yes | No | No | No | +| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell, Rust | Bourne Shell | Bourne Shell, Python | +| Dependencies | None | C | Rust | None | Python | +| Jail Types | clone, copy, thin, thick, empty, linux | clone, copy, tiny, thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick | +| Jail dependency | Yes | Yes | Yes | No | Yes | +| Import/Export | Yes | Yes | Yes | Yes | Yes | +| Boot Order Priorities | Yes | Yes | No | Yes using `rcorder` | Yes | +| Linux containers | Yes | Yes | No | No | Yes | +| Automation | Templates | Makejail, Initscripts, Images | Flavours, Images | Flavours | Plugins | +| Cloning | Yes | No | No | No | No | +| Package Management | Yes | No | No | No | No | +| ZFS Support | Yes | Yes | Yes | No | Yes | +| Volume management | Basic | Yes | Basic | No | Basic | +| VNET Support | Yes | Yes | Yes | No | Yes | +| IPv6 Support | Yes | Yes | Yes | Yes | Yes | +| Dual Network Stack | Yes | Yes | Yes | No | No | +| Netgraph | Yes | Yes | No | No | No | +| Dynamic Firewall | Yes | Yes | Yes | No | No | +| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No | +| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only | +| CPU Sets | Yes | Yes | Yes | Yes | Yes | +| Parallel Startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No | +| Multi-Target Commands | Yes | No | No | No | No | +| Log Management | Basic (console logs) | Yes | No | No | No | +| Copy Files Between Jails | Yes | No | No | No | No | +| Automated Jail Migration Between Servers | Yes | No | No | No | No | +| Top/Htop Support | Yes | No | No | No | No | diff --git a/README.md b/README.md index bfaa8dd3..a70689d7 100644 --- a/README.md +++ b/README.md @@ -6,76 +6,54 @@ deployment and management of containerized applications on FreeBSD. [Bastille Documentation](https://bastille.readthedocs.io/en/latest/) 1.0 Potentially Breaking Changes -================================ +============================== -Up until version 1.0.20250714, Bastille has handled epairs for `-V` jails using the -jib script included in FreeBSD installs. However, for `-B` jails, Bastille statically -assigned an epair to each jail. This means you can only run one type (`-V` or `-B`) of VNET jails on -a given system. +Up until version 1.0.20250714, Bastille has handled epairs for `-V` jails +using the jib script included in FreeBSD installs. However, for `-B` jails, +Bastille statically assigned an epair to each jail. This means you can only +run one type (`-V` or `-B`) of VNET jails on a given system. -Starting with version 1.0.20250714, we are now handling all epairs dynamically, allowing -the use of both types of VNET jails without issue. We have also selected a naming scheme -that will allow for consistency across these jail types. The naming scheme is as follows... +Starting with version 1.0.20250714, we are now handling all epairs +dynamically, allowing the use of both types of VNET jails without issue. We +have also selected a naming scheme that will allow for consistency across +these jail types. The naming scheme is as follows... -`e0a_jailname` and `e0b_jailname` are the default epair interfaces for every jail. The `a` side -is on the host, while the `b` is in the jail. This will allow better management -when trying to figure out which jail a given epair is linked to. Due to a limitation in how long -an interface name can be, Bastille will truncate "jailname" to avoid errors if it is too long. So, `mylongjailname` -will be `e0a_mylongjxxme` and `e0b_mylongjxxme`. The `xx` part is necessary due to another limitation -that does not allow dots (\.) in interface names when using the jib script. +`e0a_jailname` and `e0b_jailname` are the default epair interfaces for every +jail. The `a` side is on the host, while the `b` is in the jail. This will +allow better management when trying to figure out which jail a given epair is +linked to. Due to a limitation in how long an interface name can be, Bastille +will truncate "jailname" to avoid errors if it is too long. So, +`mylongjailname` will be `e0a_mylongjxxme` and `e0b_mylongjxxme`. The `xx` +part is necessary due to another limitation that does not allow dots (\.) in +interface names when using the jib script. -If you decide to add an interface using the `network` sub-command, they will be named -`e1a_jailname` and `e1b_jailname` respectively. The number included will increment by 1 -for each interface you add. +If you decide to add an interface using the `network` sub-command, they will +be named `e1a_jailname` and `e1b_jailname` respectively. The number included +will increment by 1 for each interface you add. Mandatory --------- -We have tried our best to auto-convert each jails `jail.conf` and `rc.conf` to the new -syntax (this happens when the jail is stopped). It isn't a huge change (only a handful -of lines), but if you do have an issue please open a bug report. +We have tried our best to auto-convert each jails `jail.conf` and `rc.conf` +to the new syntax (this happens when the jail is stopped). It isn't a huge +change (only a handful of lines), but if you do have an issue please open a +bug report. -After updating, you must restart all your jails (probably one at a time, in case of issues) -to have Bastille convert the `jail.conf` and `rc.conf` files. This simply involves renaming -the epairs to the new syntax. +After updating, you must restart all your jails (probably one at a time, in +case of issues) to have Bastille convert the `jail.conf` and `rc.conf` files. +This simply involves renaming the epairs to the new syntax. -If you have used the `network` sub-command to add any amount of interfaces, you will have to edit the `jail.conf` -and `rc.conf` files for each jail to update the names of the epair interfaces. This is because all epairs will have been renamed to -`e0...` in both files. For each additional one, simply increment the number by 1. +If you have used the `network` sub-command to add any number of interfaces, you +will have to edit the `jail.conf` and `rc.conf` files for each jail to update +the names of the epair interfaces. This is because all epairs will have been +renamed to `e0...` in both files. For each additional one, simply increment +the number by 1. Bastille Compared to Other Jail Managers ======================================== +See the [comparison table.](COMPARE.md) -| Feature | BastilleBSD | Appjail | pot | ezjail | iocage | -| --- | --- | --- | --- | --- | --- | -| OCI Compliant | No | Yes | No | No | No | -| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell, Rust | Bourne Shell | Bourne Shell, Python | -| Dependencies | None | C | Rust | None | Python | -| Jail Types | clone, copy, thin, thick, empty, linux | clone, copy, tiny, thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick | -| Jail dependency | Yes | Yes | Yes | No | Yes | -| Import/Export | Yes | Yes | Yes | Yes | Yes | -| Boot Order Priorities| Yes | Yes | No | Yes using `rcorder` | Yes | -| Linux containers | Yes | Yes | No | No | Yes | -| Automation | Templates | Makejail, Initscripts, Images | Flavours, Images | Flavours | Plugins | -| Cloning | Yes | No | No | No | No | -| Package Management | Yes | No | No | No | No | -| ZFS Support | Yes | Yes | Yes | No | Yes | -| Volume management | Basic | Yes | Basic | No | Basic | -| VNET Support | Yes | Yes | Yes | No | Yes | -| IPv6 Support| Yes | Yes | Yes | Yes | Yes | -| Dual Network Stack | Yes | Yes | Yes | No | No | -| Netgraph | Yes | Yes | No | No | No | -| Dynamic Firewall | Yes | Yes | Yes | No | No | -| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No | -| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only | -| CPU Sets | Yes | Yes | Yes | Yes | Yes | -| Parallel Startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No | -| Multi-Target Commands | Yes | No | No | No | No | -| Log Management | Basic (console logs) | Yes | No | No | No | -| Copy Files Between Jails | Yes | No | No | No | No | -| Automated Jail Migration Between Servers | Yes | No | No | No | No | -| Top/Htop Support | Yes | No | No | No | No| Installation ============