mirror of
https://github.com/hackacad/bastille.git
synced 2025-12-17 15:50:11 +01:00
doc: reformat documentation for consistency and readability
- Keeps 80 columns for readability. - Moves comparison table from README to COMPARE file. This will help us to maintain that table in only one place.
This commit is contained in:
Juan David Hurtado G
39
COMPARE.md
39
COMPARE.md
@@ -1,30 +1,31 @@
|
|||||||
|
# Bastille Compared to Other Jail Managers
|
||||||
|
|
||||||
| Feature | BastilleBSD | Appjail | pot | ezjail | iocage |
|
| Feature | BastilleBSD | Appjail | pot | ezjail | iocage |
|
||||||
| --- | --- | --- | --- | --- | --- |
|
|------------------------------------------|----------------------------------------|----------------------------------------------------------|--------------------|---------------------|-----------------------------------------|
|
||||||
| OCI Compliant | No | Yes | No | No | No |
|
| OCI Compliant | No | Yes | No | No | No |
|
||||||
| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell | Bourne Shell | Bourne Shell, Rust |
|
| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell, Rust | Bourne Shell | Bourne Shell, Python |
|
||||||
| Dependencies | None | C | None | None | Rust|
|
| Dependencies | None | C | Rust | None | Python |
|
||||||
| Jail Types | vnet, bridged vnet, thin, thick, empty, clone, Linux | clone, copy, tiny thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick |
|
| Jail Types | clone, copy, thin, thick, empty, linux | clone, copy, tiny, thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick |
|
||||||
| Jail dependency | Yes | Yes | Yes | No | Yes |
|
| Jail dependency | Yes | Yes | Yes | No | Yes |
|
||||||
| Import/Export | Yes | Yes | Yes | Yes | Yes |
|
| Import/Export | Yes | Yes | Yes | Yes | Yes |
|
||||||
| Support Boot Order Priorities| Yes | Yes | No | Yes using `rcorder` | Yes |
|
| Boot Order Priorities | Yes | Yes | No | Yes using `rcorder` | Yes |
|
||||||
| Linux containers | Yes | Yes | No | No | Yes |
|
| Linux containers | Yes | Yes | No | No | Yes |
|
||||||
| Automation | Templates | Makejail, Initscripts, Images | Flavors, Images | Flavours | Plugins |
|
| Automation | Templates | Makejail, Initscripts, Images | Flavours, Images | Flavours | Plugins |
|
||||||
|
| Cloning | Yes | No | No | No | No |
|
||||||
| Package Management | Yes | No | No | No | No |
|
| Package Management | Yes | No | No | No | No |
|
||||||
| ZFS Support | Yes | Yes | Yes | No | No |
|
| ZFS Support | Yes | Yes | Yes | No | Yes |
|
||||||
| Volume management | No | Yes | Basic | No | Basic |
|
| Volume management | Basic | Yes | Basic | No | Basic |
|
||||||
| VNET Support | Yes | Yes | Yes | No | Yes |
|
| VNET Support | Yes | Yes | Yes | No | Yes |
|
||||||
| IPv6 Support| Yes | Yes | Yes | Yes | Yes |
|
| IPv6 Support | Yes | Yes | Yes | Yes | Yes |
|
||||||
| Dual Network Stack | Yes | ?? | Yes | No | No |
|
| Dual Network Stack | Yes | Yes | Yes | No | No |
|
||||||
| Netgraph | Yes | Yes | No | No | No | Netgraph |
|
| Netgraph | Yes | Yes | No | No | No |
|
||||||
| Dynamic Firewall | Yes | Yes | Yes | No | No|
|
| Dynamic Firewall | Yes | Yes | Yes | No | No |
|
||||||
| Network Management | VLANS, Bridges | Virtual Networks, Bridges | Subnet, requires `sysutils/potnet` | No | No |
|
|
||||||
| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No |
|
| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No |
|
||||||
| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only |
|
| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only |
|
||||||
| CPU Sets | No | Yes | Yes | Yes | Yes |
|
| CPU Sets | Yes | Yes | Yes | Yes | Yes |
|
||||||
| Parallel startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No |
|
| Parallel Startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No |
|
||||||
| Log Management | No | Yes | No | No | No |
|
| Multi-Target Commands | Yes | No | No | No | No |
|
||||||
|
| Log Management | Basic (console logs) | Yes | No | No | No |
|
||||||
| Copy Files Between Jails | Yes | No | No | No | No |
|
| Copy Files Between Jails | Yes | No | No | No | No |
|
||||||
| Top Support | Yes | No | No | No | No|
|
| Automated Jail Migration Between Servers | Yes | No | No | No | No |
|
||||||
| HTop Support | Yes | No | No | No | No |
|
| Top/Htop Support | Yes | No | No | No | No |
|
||||||
| X11 support | No | Yes | No | No | No |
|
|
||||||
|
|||||||
88
README.md
88
README.md
@@ -6,76 +6,54 @@ deployment and management of containerized applications on FreeBSD.
|
|||||||
[Bastille Documentation](https://bastille.readthedocs.io/en/latest/)
|
[Bastille Documentation](https://bastille.readthedocs.io/en/latest/)
|
||||||
|
|
||||||
1.0 Potentially Breaking Changes
|
1.0 Potentially Breaking Changes
|
||||||
================================
|
==============================
|
||||||
|
|
||||||
Up until version 1.0.20250714, Bastille has handled epairs for `-V` jails using the
|
Up until version 1.0.20250714, Bastille has handled epairs for `-V` jails
|
||||||
jib script included in FreeBSD installs. However, for `-B` jails, Bastille statically
|
using the jib script included in FreeBSD installs. However, for `-B` jails,
|
||||||
assigned an epair to each jail. This means you can only run one type (`-V` or `-B`) of VNET jails on
|
Bastille statically assigned an epair to each jail. This means you can only
|
||||||
a given system.
|
run one type (`-V` or `-B`) of VNET jails on a given system.
|
||||||
|
|
||||||
Starting with version 1.0.20250714, we are now handling all epairs dynamically, allowing
|
Starting with version 1.0.20250714, we are now handling all epairs
|
||||||
the use of both types of VNET jails without issue. We have also selected a naming scheme
|
dynamically, allowing the use of both types of VNET jails without issue. We
|
||||||
that will allow for consistency across these jail types. The naming scheme is as follows...
|
have also selected a naming scheme that will allow for consistency across
|
||||||
|
these jail types. The naming scheme is as follows...
|
||||||
|
|
||||||
`e0a_jailname` and `e0b_jailname` are the default epair interfaces for every jail. The `a` side
|
`e0a_jailname` and `e0b_jailname` are the default epair interfaces for every
|
||||||
is on the host, while the `b` is in the jail. This will allow better management
|
jail. The `a` side is on the host, while the `b` is in the jail. This will
|
||||||
when trying to figure out which jail a given epair is linked to. Due to a limitation in how long
|
allow better management when trying to figure out which jail a given epair is
|
||||||
an interface name can be, Bastille will truncate "jailname" to avoid errors if it is too long. So, `mylongjailname`
|
linked to. Due to a limitation in how long an interface name can be, Bastille
|
||||||
will be `e0a_mylongjxxme` and `e0b_mylongjxxme`. The `xx` part is necessary due to another limitation
|
will truncate "jailname" to avoid errors if it is too long. So,
|
||||||
that does not allow dots (\.) in interface names when using the jib script.
|
`mylongjailname` will be `e0a_mylongjxxme` and `e0b_mylongjxxme`. The `xx`
|
||||||
|
part is necessary due to another limitation that does not allow dots (\.) in
|
||||||
|
interface names when using the jib script.
|
||||||
|
|
||||||
If you decide to add an interface using the `network` sub-command, they will be named
|
If you decide to add an interface using the `network` sub-command, they will
|
||||||
`e1a_jailname` and `e1b_jailname` respectively. The number included will increment by 1
|
be named `e1a_jailname` and `e1b_jailname` respectively. The number included
|
||||||
for each interface you add.
|
will increment by 1 for each interface you add.
|
||||||
|
|
||||||
Mandatory
|
Mandatory
|
||||||
---------
|
---------
|
||||||
|
|
||||||
We have tried our best to auto-convert each jails `jail.conf` and `rc.conf` to the new
|
We have tried our best to auto-convert each jails `jail.conf` and `rc.conf`
|
||||||
syntax (this happens when the jail is stopped). It isn't a huge change (only a handful
|
to the new syntax (this happens when the jail is stopped). It isn't a huge
|
||||||
of lines), but if you do have an issue please open a bug report.
|
change (only a handful of lines), but if you do have an issue please open a
|
||||||
|
bug report.
|
||||||
|
|
||||||
After updating, you must restart all your jails (probably one at a time, in case of issues)
|
After updating, you must restart all your jails (probably one at a time, in
|
||||||
to have Bastille convert the `jail.conf` and `rc.conf` files. This simply involves renaming
|
case of issues) to have Bastille convert the `jail.conf` and `rc.conf` files.
|
||||||
the epairs to the new syntax.
|
This simply involves renaming the epairs to the new syntax.
|
||||||
|
|
||||||
If you have used the `network` sub-command to add any amount of interfaces, you will have to edit the `jail.conf`
|
If you have used the `network` sub-command to add any number of interfaces, you
|
||||||
and `rc.conf` files for each jail to update the names of the epair interfaces. This is because all epairs will have been renamed to
|
will have to edit the `jail.conf` and `rc.conf` files for each jail to update
|
||||||
`e0...` in both files. For each additional one, simply increment the number by 1.
|
the names of the epair interfaces. This is because all epairs will have been
|
||||||
|
renamed to `e0...` in both files. For each additional one, simply increment
|
||||||
|
the number by 1.
|
||||||
|
|
||||||
Bastille Compared to Other Jail Managers
|
Bastille Compared to Other Jail Managers
|
||||||
========================================
|
========================================
|
||||||
|
|
||||||
|
See the [comparison table.](COMPARE.md)
|
||||||
|
|
||||||
| Feature | BastilleBSD | Appjail | pot | ezjail | iocage |
|
|
||||||
| --- | --- | --- | --- | --- | --- |
|
|
||||||
| OCI Compliant | No | Yes | No | No | No |
|
|
||||||
| Writen In | Bourne Shell | Bourne Shell, C | Bourne Shell, Rust | Bourne Shell | Bourne Shell, Python |
|
|
||||||
| Dependencies | None | C | Rust | None | Python |
|
|
||||||
| Jail Types | clone, copy, thin, thick, empty, linux | clone, copy, tiny, thin, thick, empty, linux+debootstrap | thick | basejail | clone, basejail, template, empty, thick |
|
|
||||||
| Jail dependency | Yes | Yes | Yes | No | Yes |
|
|
||||||
| Import/Export | Yes | Yes | Yes | Yes | Yes |
|
|
||||||
| Boot Order Priorities| Yes | Yes | No | Yes using `rcorder` | Yes |
|
|
||||||
| Linux containers | Yes | Yes | No | No | Yes |
|
|
||||||
| Automation | Templates | Makejail, Initscripts, Images | Flavours, Images | Flavours | Plugins |
|
|
||||||
| Cloning | Yes | No | No | No | No |
|
|
||||||
| Package Management | Yes | No | No | No | No |
|
|
||||||
| ZFS Support | Yes | Yes | Yes | No | Yes |
|
|
||||||
| Volume management | Basic | Yes | Basic | No | Basic |
|
|
||||||
| VNET Support | Yes | Yes | Yes | No | Yes |
|
|
||||||
| IPv6 Support| Yes | Yes | Yes | Yes | Yes |
|
|
||||||
| Dual Network Stack | Yes | Yes | Yes | No | No |
|
|
||||||
| Netgraph | Yes | Yes | No | No | No |
|
|
||||||
| Dynamic Firewall | Yes | Yes | Yes | No | No |
|
|
||||||
| Dynamic DEVFS Ruleset Management | No | Yes | No | No | No |
|
|
||||||
| Resource Control | Yes | Yes | CPU and Memory | No | Legacy Only |
|
|
||||||
| CPU Sets | Yes | Yes | Yes | Yes | Yes |
|
|
||||||
| Parallel Startup | Yes | Yes (Healthcheckers, jails & NAT) | No | No | No |
|
|
||||||
| Multi-Target Commands | Yes | No | No | No | No |
|
|
||||||
| Log Management | Basic (console logs) | Yes | No | No | No |
|
|
||||||
| Copy Files Between Jails | Yes | No | No | No | No |
|
|
||||||
| Automated Jail Migration Between Servers | Yes | No | No | No | No |
|
|
||||||
| Top/Htop Support | Yes | No | No | No | No|
|
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
============
|
============
|
||||||
|
|||||||
Reference in New Issue
Block a user