# Does poudriere update its jails?



## blazingice (May 12, 2013)

I have tried to find out if ports-mgmt/poudriere has a command to update the jails, in which it builds the packages. Similar to `ezjail-admin update -u`

So far the man page mentions something about a jail option 


```
-t version   instead of upgrading to the latest security fix of the jail
              version, you can jump to the new specified version.
```

I am not sure what that does. Does that mean that instead of doing a `freebsd-update` inside a jail it re-downloads the most current files for the version that you specified for that jail?

What will happen if you build packages in an outdated jail and try to install them in an update system? Will there be any confusion? So for example my system is following RELEASE and it is updated regularly, however the packages are being build by Poudriere in a jail that follows RELEASE but is not updated at all. Will there be any problems? What about if I switch both to STABLE, but the jail that Poudriere uses is not updated regularly?


----------



## kpa (May 13, 2013)

It uses freebsd-update(8) to update the jail, however it will only work with jails that have been created from the distribution sets using ftp and http methods. Jails created with svn method are updated by building world.


----------



## blazingice (May 13, 2013)

Thanks. Is that done automatically everytime a build starts or do I need to enter some commands?


----------



## kpa (May 13, 2013)

There's no automatic update, you have to do it manually.

To update a jail with latest security patches but stay at the same version:

`poudriere jail -u -j jailname`

To upgrade to a newer version of FreeBSD, let's say from 9.0 to 9.1:

`poudriere jail -u -t 9.1-RELEASE -j jailname`


----------



## blazingice (May 13, 2013)

Thanks. The `jail -u` option is missing from the the man page. Is that a recent feature?


```
jail
     These subcommands are mutually exclusive.

     -c           Creates a jail.

     -d           Deletes a jail.

     -l           List all available jails.

     -s           Starts a jail.

     -k           Kills a jail (stops it).

     -i           Show information about the jail.

     Except for -l, all of the subcommands require the -j option (see below).

     Here are the options associated with the jail command.

     -J number    This argument specifies how many number jobs will run in
                  parallel for buildworld.

     -q           Remove the header when -l is the specified mandatory option.
                  Otherwise, it has no effect.

     -j name      Specifies the name of the jail.

     -v version   Specifies which version of FreeBSD to use in the jail.  If
                  you are using method ftp then the version should in the form
                  of: 9.0-RELEASE.  If you are using method csup then the
                  version should be in the form of cvs branches: RELENG_9 or .
                  for current.  If you are using method svn then the version
                  should be in the form of svn branches: stable/9 or head for
                  current.

     -a architecture
                  Specifies which architecture of FreeBSD to use in the jail.
                  (Default: same as host)

     -m method    Specifies which method to use to create the jail.  Could be
                  csup, svn{,+http,+https,+file,+ssh), ftp, allbsd, or gjb
                  (Default: ftp).

     -f filesystem
                  Specifies the filesystem name (${ZPOOL}/jails/filesystem).

     -M mountpoint
                  Gives an alternative mountpoint when creating jail.

     -t version   instead of upgrading to the latest security fix of the jail
                  version, you can jump to the new specified version.
```


----------



## kpa (May 13, 2013)

It's not that recent I believe. The manual page should have a mention of it.


----------



## grahamperrin@ (Oct 20, 2018)

Switching a jail from -CURRENT to -STABLE: 


```
# date
Sat 20 Oct 2018 02:35:43 BST
# poudriere jail -i -j current
Jail name:         current
Jail version:      12.0-ALPHA9 1200085
Jail vcs version:  r339274
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-10 10:07:40
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
# uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
# grep PARALLEL_JOBS /usr/local/etc/poudriere.conf | grep -v \#
PARALLEL_JOBS=3
# poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:00] Updating the sources with svn... done
[00:00:15] Starting make buildworld with 3 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 02:36:10 BST 2018
--------------------------------------------------------------
…
```


----------



## rigoletto@ (Oct 20, 2018)

It is faster to just delete the jail and create another with the new version you need/want. All packages you have built will be rebuilt anyway if you update an existing jail.


----------



## grahamperrin@ (Oct 20, 2018)

Yeah, I wondered about the time. Thanks.

https://wiki.freebsd.org/PkgBase looks promising.

Re: https://github.com/freebsd/poudriere/issues/337#issuecomment-429138920 I guessed that this would be the way to go:

`poudriere jail -c -j stable -v stable/12 -m http`

– and then (with PkgBase) updates would be a doddle. 

Unfortunately, 


```
# date ; uname -v
Sat 20 Oct 2018 05:20:05 BST
FreeBSD 12.0-BETA1 r339438 GENERIC
# poudriere jail -c -j stable -v stable/12 -m http
[00:00:00] Creating stable fs at /usr/local/poudriere/jails/stable... done
[00:00:01] FREEBSD_HOST from config invalid; defaulting to https://download.FreeBSD.org
[00:00:01] Fetching MANIFEST for FreeBSD stable/12 amd64
fetch: https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST: Not Found
fetch: https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST: Not Found
[00:00:01] Error: Failed to fetch from https://download.FreeBSD.org/ftp/releases/amd64/amd64/stable/12/MANIFEST
[00:00:01] Error while creating jail, cleaning up.
[00:00:01] Removing stable jail... done
[00:00:03] Cleaning stable data... done
#
```


----------



## kpa (Oct 20, 2018)

There are no distribution sets for current or stable, you have to install from a snapshot (from for example https://download.freebsd.org/ftp/snapshots/) or using -m src=/usr/src with the objects from `make buildworld` still at /usr/obj.


----------



## grahamperrin@ (Oct 20, 2018)

Thanks, 


kpa said:


> … from a snapshot (from for example https://download.freebsd.org/ftp/snapshots/) …



AFAICT after browsing a few directories, there's not (yet) a -STABLE 12.


----------



## kpa (Oct 20, 2018)

Not a big surprise since the stable/12 branch was created only 31 hours ago. The snapshot builders haven't caught up yet.


----------



## grahamperrin@ (Oct 20, 2018)

I specified `stable/12` but got `13.0-CURRENT`.

Below, did I do something wrong at the first line? 


```
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:01] Updating the sources with svn... done
[00:00:41] Starting make buildworld with 2 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 05:28:38 BST 2018
--------------------------------------------------------------
…
[03:48:35] Recording filesystem state for clean... done
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -i -j current
Jail name:         current
Jail version:      13.0-CURRENT 1300000
Jail vcs version:  r339436
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-20 09:16:33
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # 

[CODE]root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -u -v stable/12 -j current
[00:00:00] Upgrading using svn
[00:00:01] Updating the sources with svn... done
[00:00:41] Starting make buildworld with 2 jobs
--- buildworld ---
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 343: SYSTEM_COMPILER: libclang will be built for bootstrapping a cross-compiler.
make[1]: "/usr/local/poudriere/jails/current/usr/src/Makefile.inc1" line 346: SYSTEM_LINKER: Determined that LD=ld matches the source tree.  Not bootstrapping a cross-linker.
--- buildworld_prologue ---
--------------------------------------------------------------
>>> World build started on Sat Oct 20 05:28:38 BST 2018
--------------------------------------------------------------
…
[03:48:35] Recording filesystem state for clean... done
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # poudriere jail -i -j current
Jail name:         current
Jail version:      13.0-CURRENT 1300000
Jail vcs version:  r339436
Jail arch:         amd64
Jail method:       svn
Jail mount:        /usr/local/poudriere/jails/current
Jail fs:           hpelitebook8570p/poudriere/jails/current
Jail updated:      2018-10-20 09:16:33
Tree name:         default
Tree method:       portsnap
Status:            stopped:sigint:
Building started:  2018-10-20 02:05:26
Elapsed time:      00:13:59
Packages built:    7
Packages failed:   0
Packages ignored:  0
Packages skipped:  0
Packages total:    71
Packages left:     64
root@momh167-gjp4-hpelitebook8570p-freebsd:~ # uname -v
FreeBSD 12.0-BETA1 r339438 GENERIC
root@momh167-gjp4-hpelitebook8570p-freebsd:~ #
```


----------



## talsamon (Oct 20, 2018)

I see no sense in update a jail from one major version to the next. In such case I always delete the jail and make a new one for the new major version. I think this a much "cleaner" solution.


----------



## grahamperrin@ (Oct 20, 2018)

talsamon said:


> … from one major version to the next. …



I'm trying to _avoid_ that_; _trying to keep what was 12  … at 12, and stable. 

Following the attempt above, I ran: 

`poudriere jail -u -v stable@339445 -j current`

– expecting r339445 but the result was (again) r339436. Puzzling.


----------



## SirDice (Oct 22, 2018)

You're checking out SVN HEAD aka -CURRENT, which is 13.0-CURRENT (since this weekend). Just remove the old jail and create a new one, for base/stable/12 instead of base/head.


----------



## grahamperrin@ (Oct 23, 2018)

I did eventually create the new jail but it took … nine hours, if I recall correctly. I imagine that a successful update could/should have been less time-consuming. 

Still, I'm puzzled by some aspects of the update routines. 

Does the `-v stable@339445` part of the update command (I mean, the `[I]stable[/I]@` part) *not* prevent going 'too far' to unstable 13.0-CURRENT?


----------



## SirDice (Oct 24, 2018)

grahamperrin said:


> I did eventually create the new jail but it took … nine hours, if I recall correctly.


For -RELEASE version repositories I simply use the default FTP to download and create a -RELEASE jail. For my -STABLE versions I first update the poudriere host using the standard buildworld/buildkernel mantra. When the host is updated (always make sure the host is newer or the same version) you can use the built world to create a basic release(7):

```
cd /usr/src/release
make -DNOPKG -DNODOC -DNOPORTS KERNCONF="GENERIC" release
make -DNOPKG -DNODOC -DNOPORTS KERNCONF="GENERIC" DESTDIR=/storage/release/12-stable install
```
This serves multiple purposes, first you get a nice CD and memory stick image for the -STABLE version. But you also get a FTP file structure you can use for poudriere:
`poudriere jail -c -j 12-stable -v 12-STABLE -m url=file:///storage/release/12-stable/ftp`
You can update it easily once you have it built:
`poudriere jail -u -j 12-stable`


----------



## xtaz (Oct 24, 2018)

It's also worth pointing out that you don't necessarily need to do the make release steps for a STABLE jail. It is perfectly possible to use -m src=/usr/src to create the jail using make installworld from your previously built world. And then this can easily be upgraded using the -u flag as well whenever you do a new buildworld.


----------



## SirDice (Oct 24, 2018)

xtaz said:


> It is perfectly possible to use -m src=/usr/src to create the jail using make installworld from your previously built world. And then this can easily be upgraded using the -u flag as well whenever you do a new buildworld.


For a single jail this works really well. Just make sure you have done a complete buildworld on your sources first. Which you probably already have done any way in order to update the host itself.


----------

