3ofcoins / jetpack Goto Github PK

**PROTOTYPE** FreeBSD Jail/ZFS based implementation of the Application Container Specification

License: Other

Go 82.09% Makefile 6.16% Shell 6.23% Perl 3.86% C 1.66%

jetpack's Introduction

WARNING: This software is new, experimental, and under heavy development. The documentation is lacking, if any. There are almost no tests. The CLI commands, on-disk formats, APIs, and source code layout can change in any moment. Do not trust it. Use it at your own risk.

You have been warned

Jetpack

Jetpack is an experimental and incomplete implementation of the App Container Specification for FreeBSD. It uses jails as isolation mechanism, and ZFS for layered storage.

This document uses some language used in Rocket, the reference implementation of the App Container Specification. While the documentation will be expanded in the future, currently you need to be familiar at least with Rocket's README to understand everything.

Compatibility

Jetpack is developed and tested on an up-to-date FreeBSD 10.1 system, and compiled with Go 1.4. Earlier FreeBSD releases are not supported.

Getting Started

VM with vagrant

To spin up a pre configured FreeBSD VM with Vagrant

Make sure you have ansible installed on the host system.

Then boot and provision the VM by running $ vagrant up in the root directory of this repository. Run $ vagrant ssh to ssh into the machine. The code is mounted under /vagrant.

Configuring the system

First, build Jetpack and install it (see the INSTALL.md document for installation instructions).

You will obviously need a ZFS pool for Jetpack's datasets. By default, Jetpack will create a zroot/jetpack dataset and mount it at /var/jetpack. If your zpool is not named zroot, or if you prefer different locations, these defaults can be modified in the jetpack.conf file.

You will need a user and group to own the runtime status files and avoid running the metadata service as root. If you stay with default settings, the username and group should be _jetpack:

pw useradd _jetpack -d /var/jetpack -s /usr/sbin/nologin

Note: If you are upgrading from an earlier revision of Jetpack, you will need to change ownership of files and directories: chgrp _jetpack /var/jetpack/pods/* /var/jetpack/images/* /var/jetpack/*/*/manifest && chmod 0440 /var/jetpack/*/*/manifest

You will also need a network interface that the jails will use, and this interface should have Internet access. By default, Jetpack uses lo1, but this can be changed in the jetpack.conf file. To create the interface, run the following command as root:

ifconfig lo1 create inet 172.23.0.1/16

To have the lo1 interface created at boot time, add the following lines to /etc/rc.conf:

cloned_interfaces="lo1"
ipv4_addrs_lo1="172.23.0.1/16"

The main IP address of the interface will be used as the host address. Remaining addresses within its IP range (in this case, 172.23.0.2 to 172.23.255.254) will be assigned to the pods. IPv6 is currently not supported.

The simplest way to provide internet access to the jails is to NAT the loopback interface. A proper snippet of PF firewall configuration would be:

set skip on lo1
nat pass on $ext_if from lo1:network to any -> $ext_if

where $ext_if is your external network interface. A more sopihisticated setup can be desired to limit pods' connectivity. In the long run, Jetpack will probably manage its own pf anchor.

You will need to create a jetpack.conf file (by default, /usr/local/etc/jetpack.conf) with at least following settings:

mds.signing-key = RANDOM_HEX_KEY
mds.token-key = RANDOM_HEX_KEY

You can generate random hex keys by running openssl rand -hex 32 and pasting its output.

Using Jetpack

Run jetpack without any arguments to see available commands. Use jetpack help COMMAND to see detailed help on individual commands.

To initialize the ZFS datasets and directory structure, run jetpack init.

To get a console, run:

jetpack run -t 3ofcoins.net/freebsd-base

This will fetch our signing GPG key, then fetch the FreeBSD base ACI, and finally run a pod and drop you into its console. After you exit the shell, run jetpack list to see the pod, and jetpack destroy UUID to remove id.

Run jetpack images to list available images.

You create pods from images, then run the pods:

jetpack prepare 3ofcoins.net/freebsd-base

Note the pod UUID printed by the above command (no user-friendly pod names yet) or get it from the pod list (run jetpack list to see the list). Then run the pod:

jetpack run -t $UUID

The above command will drop you into root console of the pod. After you're finished, you can run the pod again. Once you're done with the pod, you can destroy it:

jetpack destroy $UUID

You can also look at the "showenv" example:

make -C images/example.showenv
jetpack prepare example/showenv
jetpack run $UUID

To poke inside a pod that, like the "showenv" example, runs a useful command instead of a console, use the console subcommand:

jetpack console $UUID

Run jetpack help to see info on remaining available commands, and if something needs clarification, create an issue at https://github.com/3ofcoins/jetpack/ and ask the question. If something is not clear, it's a bug in the documentation!

Running the Metadata Service

To start the metadata service, run $(jetpack config path.libexec)/mds.

Building Images

See the IMAGES.md file for details. Some example image build scripts (including the published 3ofcoins.net/freebsd-base image) are provided in the images/ directory.

Features, or The Laundry List

Stage0
- Image import from ACI
- Image building
- Clone pod from image and run it
- Full pod lifecycle (Stage0/Stage1 interaction)
- Multi-application pods
- Image discovery
Stage1
- Isolation via jails
- Volumes
- Multi-application pods
- Firewall integration
- Metadata endpoint
- Isolators
Stage2
- Main entry point execution
- Setting UID/GID
- Setting environment variables
- Event Handlers
- Isolators
CLI
- Specify image/pod by name & labels, not only UUID
- Consistent options for specifying application options (CLI, JSON file)
General TODO
- Refactor the Thing/ThingManager/Host sandwich to use embedded fields
- CLI-specified types.App fields for custom exec, maybe build parameters too?
- Live, movable "tags" or "bookmarks", to mark e.g. latest version of an image without need to modify its manifest. Possible search syntax: name@tag1,tag2,…, where a tag is an ACName, so it may be also a key/value pair like environment/production. - [ ] Maybe some variant of tags that would be unique per name?
- /etc/rc.d/jetpack (/etc/rc.d/jetpack_ for individual pods?) to start pods at boot time, and generally manage them as services
- Port to install Jetpack system-wide
- If/when we get enough live runtime data to make it complicated, maybe a centralized indexed storage, like SQLite? This could also solve some locking issues for long-running processes…

jetpack's People

Contributors

Stargazers

Watchers

jetpack's Issues

OCI compatibility roadmap

Hello there!

I'm interested to know if you plan to work on making jetpack a complete implementation of the OCI spec: https://github.com/opencontainers/runtime-spec

Thank you

Unable to run base image on EC2 instance

I have attempted to compile and run jetpack on a FreeBSD 10.2-RELEASE instance on Amazon/EC2.

Any help that can be provided in identifying what I may be doing wrong or if there is a bug of some sort would be GREATLY appreciated.

The instance was built from the ami-bbc43aff AMI provided by Colin Percival (http://www.daemonology.net/). All commands were executed as root (logging in as ec2-user then issuing "su").

I created a zpool named zroot of 10GB (from 5 EBS blocks of 2GB each).

I was able to install go and compile the source using "make", and install using "make install".

I added a user using "pw useradd _jetpack -d /var/jetpack -s /usr/sbin/nologin"

I added a network interface using "ifconfig lo1 create inet 172.23.0.1/16" and by adding the neccesary information to /etc/rc.conf.

I enabled PF and added the following to /etc/pf.conf "set skip on lo1
nat pass on $ext_if from lo1:network to any -> $ext_if".

I edited PF to define ext_if as lo0 (this is the public interface on the EC2 image).

I started PF.

I copied the sample jetpack.conf file to /usr/local/etc/jetpack.conf.
I edited /usr/local/etc/jetpack.conf to include the mds.signing-key and mds.token-key with random hex keys generated using "openssl rand -hex 32".

I ran "jetpack init" and got the following output:

cannot open 'zroot/jetpack': dataset does not exist
2015-11-13T19:25:04Z jetpack Creating ZFS dataset zroot/jetpack [-p -omountpoint=/var/jetpack]
2015-11-13T19:25:04Z jetpack Creating ZFS dataset zroot/jetpack/images [-oatime=off -ocompress=lz4]
2015-11-13T19:25:04Z jetpack Creating ZFS dataset zroot/jetpack/pods []

I then ran "jetpack run 3ofcoins.net/freebsd.base" and got the following output:

3ofcoins.net/freebsd.base
2015-11-13T19:27:57Z import:b62fb668-bf77-4e17-a2f9-cae6d5e942b7 Starting import of 3ofcoins.net/freebsd.base
tar: Error opening archive: Can't stat ''
2015-11-13T19:27:57Z image:b62fb668-bf77-4e17-a2f9-cae6d5e942b7 Destroying
cannot open 'zroot/jetpack/images/b62fb668-bf77-4e17-a2f9-cae6d5e942b7': dataset does not exist
panic: Not found

goroutine 1 [running]:
lib/jetpack.(_Image).getRootfs(0xc820497440, 0xc8200dcb58)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/image.go:102 +0x16f
lib/jetpack.(_Image).Destroy(0xc820497440, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/image.go:170 +0x975
lib/jetpack.(_Host).ImportImage.func1(0xc8204bab20, 0xc820497440)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:475 +0x2f
lib/jetpack.(_Host).ImportImage(0xc8200fe480, 0xc820100560, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:501 +0x12a4
lib/jetpack.(_Host).fetchImage(0xc8200fe480, 0xc820100560, 0x19, 0xd5e5a0, 0x0, 0x0, 0x19, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:401 +0x2c8
lib/jetpack.(_Host).getImage(0xc8200fe480, 0x0, 0x0, 0x0, 0x0, 0xc820100560, 0x19, 0xd5e5a0, 0x0, 0x0, ...)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:355 +0x220
lib/jetpack.(_Host).GetImage(0xc8200fe480, 0x0, 0x0, 0x0, 0x0, 0xc820100560, 0x19, 0xd5e5a0, 0x0, 0x0, ...)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:304 +0xb7
lib/jetpack.(_Host).getRuntimeImage(0xc8200fe480, 0xc820100580, 0x0, 0x0, 0x0, 0x0, 0xd5e5a0, 0x0, 0x0, 0x40, ...)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:291 +0xb0
lib/jetpack.(_Host).ReifyPodManifest(0xc8200fe480, 0xc8200fc000, 0x1, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:206 +0x15b
main.getPodManifest(0xc82000a200, 0x1, 0x1, 0x0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/command.go:259 +0x148
main.getOrPreparePod(0xc82000a200, 0x1, 0x1, 0xc8200108a0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/command.go:277 +0x148
main.cmdWrapPodPrepare0.func1(0xc82000a200, 0x1, 0x1, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/command.go:186 +0x4e
main.(_Command).Run(0xc8200e72c0, 0xc82000a200, 0x1, 0x1, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/command.go:80 +0xda
main.main()
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/main.go:37 +0x156

goroutine 17 [syscall, locked to thread]:
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1696 +0x1

goroutine 5 [syscall]:
os/signal.loop()
/usr/local/go/src/os/signal/signal_unix.go:22 +0x18
created by os/signal.init.1
/usr/local/go/src/os/signal/signal_unix.go:28 +0x37

goroutine 24 [IO wait]:
net.runtime_pollWait(0x80150cc98, 0x72, 0xc82000c1e0)
/usr/local/go/src/runtime/netpoll.go:157 +0x60
net.(_pollDesc).Wait(0xc820358300, 0x72, 0x0, 0x0)
/usr/local/go/src/net/fd_poll_runtime.go:73 +0x3a
net.(_pollDesc).WaitRead(0xc820358300, 0x0, 0x0)
/usr/local/go/src/net/fd_poll_runtime.go:78 +0x36
net.(_netFD).Read(0xc8203582a0, 0xc820480000, 0x2000, 0x2000, 0x0, 0x801507050, 0xc82000c1e0)
/usr/local/go/src/net/fd_unix.go:232 +0x23a
net.(_conn).Read(0xc820022040, 0xc820480000, 0x2000, 0x2000, 0x0, 0x0, 0x0)
/usr/local/go/src/net/net.go:172 +0xe4
crypto/tls.(_block).readFromUntil(0xc8204c6a80, 0x80150d100, 0xc820022040, 0x5, 0x0, 0x0)
/usr/local/go/src/crypto/tls/conn.go:455 +0xcc
crypto/tls.(_Conn).readRecord(0xc820084000, 0x9b1517, 0x0, 0x0)
/usr/local/go/src/crypto/tls/conn.go:540 +0x2d1
crypto/tls.(_Conn).Read(0xc820084000, 0xc8204cd000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/local/go/src/crypto/tls/conn.go:901 +0x167
net/http.noteEOFReader.Read(0x801517bb0, 0xc820084000, 0xc8203f63c8, 0xc8204cd000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/local/go/src/net/http/transport.go:1370 +0x67
net/http.(_noteEOFReader).Read(0xc8204c2200, 0xc8204cd000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
:126 +0xd0
bufio.(_Reader).fill(0xc8203d9380)
/usr/local/go/src/bufio/bufio.go:97 +0x1e9
bufio.(_Reader).Peek(0xc8203d9380, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/local/go/src/bufio/bufio.go:132 +0xcc
net/http.(_persistConn).readLoop(0xc8203f6370)
/usr/local/go/src/net/http/transport.go:876 +0xf7
created by net/http.(_Transport).dialConn
/usr/local/go/src/net/http/transport.go:685 +0xc78

goroutine 25 [select]:
net/http.(_persistConn).writeLoop(0xc8203f6370)
/usr/local/go/src/net/http/transport.go:1009 +0x40c
created by net/http.(_Transport).dialConn
/usr/local/go/src/net/http/transport.go:686 +0xc9d

XNU support (Mac)

Will this software run on XNU (Mac OS X) systems?

Vagrant up is not working

It is asking for a password during this step of vagrant up:
==> default: Preparing to edit /etc/exports. Administrator privileges will be required...
Password:

Proper, full-stack test suite

stack trace on FreeBSD 10.1 during `jetpack init`

git checkout today using 9c88b57 crashes during jetpack init.

zroot/var/jetpack created already, see https://dpaste.de/t1Xa for dataset setup (not very exciting).
FreeBSD 10.1-RELEASE-p10 (GENERIC) #0: Wed May 13 06:54:13 UTC 2015
go version go1.4.2 freebsd/amd64 (pkg)

wintermute# jetpack init
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0 pc=0x488385]

goroutine 1 [running]:
lib/jetpack.(*Host).Initialize(0x0, 0x0, 0x0)
    /usr/home/dch/src/jetpack/src/lib/jetpack/host.go:108 +0x45
lib/jetpack.*Host.Initialize·fm(0x0, 0x0)
    /usr/home/dch/src/jetpack/src/bin/jetpack/host.go:10 +0x39
main.func·002(0xc20800a010, 0x0, 0x0, 0x0, 0x0)
    /usr/home/dch/src/jetpack/src/bin/jetpack/command.go:81 +0x38
main.(*Command).Run(0xc2080823c0, 0xc20800a010, 0x0, 0x0, 0x0, 0x0)
    /usr/home/dch/src/jetpack/src/bin/jetpack/command.go:69 +0xe1
main.main()
    /usr/home/dch/src/jetpack/src/bin/jetpack/main.go:47 +0x274
wintermute#

Compatible containers?

Is it possible to execute the same containers with different implementations of the App Container Specification? Or can I run a Rocket Container with JetPack?

interestingly, following your documentation... failures!

jetpack image freebsd-base/release build -cp=/root/jetpack/share/jetpack.image.mk /usr/bin/make .jetpack.build.
sed -i '' 's|^Components.*|Components world/base|' /etc/freebsd-update.conf
install -v -m 0644 rc.conf /etc/rc.conf
install: rc.conf -> /etc/rc.conf
install -v -m 0600 entropy /entropy
install: entropy -> /entropy
patch /usr/sbin/freebsd-update < freebsd-update.patch
Hmm... Looks like a unified diff to me...

The text leading up to this was:

|--- /usr/sbin/freebsd-update 2015-02-08 22:15:58.178818000 +0100

|+++ freebsd-update 2015-02-09 13:45:42.202917000 +0100

Patching file /usr/sbin/freebsd-update using Plan A...
Hunk #1 succeeded at 610 (offset -8 lines).
done
env PAGER=cat freebsd-update -s update6.freebsd.org fetch install
Looking up update6.freebsd.org mirrors... none found.
Fetching public key from update6.freebsd.org... failed.
No mirrors remaining, giving up.
*** Error code 1

Stop.
make: stopped in /.jetpack.build.
run.Command[/root/jetpack/bin/stage2 -jid 1 -chroot /0 -user 0 -group 0 -name jetpack/build -cwd /.jetpack.build. /usr/bin/make .jetpack.build.]: exit status 1
/root/jetpack/jetpack/image.go:331:
*** Error code 1

Stop.
make: stopped in /root/jetpack/images/freebsd-base
ERROR: run.Command[make -C /root/jetpack/images/freebsd-base]: exit status 1
cannot unmount '/var/jetpack/test.462087242/pods/0a5966da-e84c-4cd5-a14b-2c78c0a6fdd9/rootfs/0': Device busy
ERROR: run.Command[/sbin/zfs destroy -r zroot/jetpack/test.462087242]: exit status 1
run.Command[/root/jetpack/bin/test.integration dataset=zroot/jetpack]: exit status 2
root@xoa:/jetpack # ping update6.freebsd.org
PING update6.freebsd.org (198.148.79.66): 56 data bytes
64 bytes from 198.148.79.66: icmp_seq=0 ttl=49 time=270.566 ms
64 bytes from 198.148.79.66: icmp_seq=1 ttl=49 time=270.299 ms
^C
--- update6.freebsd.org ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 270.299/270.433/270.566/0.133 ms
root@xoa:/jetpack # freebsd-update -s update6.freebsd.org fetch install
Looking up update6.freebsd.org mirrors... none found.
Fetching public key from update6.freebsd.org... failed.
No mirrors remaining, giving up.

pods running, but cant console

This does work on run command, however fails to console later
jetpack pod 43986964-d255-47b0-9086-56780846b8d9 run
jetpack:43986964-d255-47b0-9086-56780846b8d9: run command: /sbin/ifconfig lo1 inet 172.23.0.2 netmask 255.255.255.255 alias
jetpack:43986964-d255-47b0-9086-56780846b8d9: run command: /sbin/mount -t devfs -o ruleset=4 . /var/jetpack/pods/43986964-d255-47b0-9086-56780846b8d9/rootfs/0/dev
jetpack:43986964-d255-47b0-9086-56780846b8d9: jail_set(JAIL_CREATE) name=jetpack:43986964-d255-47b0-9086-56780846b8d9 host.hostname=43986964-d255-47b0-9086-56780846b8d9 host.hostuuid=43986964-d255-47b0-9086-56780846b8d9 ip4.addr=172.23.0.2 path=/var/jetpack/pods/43986964-d255-47b0-9086-56780846b8d9/rootfs persist=true
jetpack:43986964-d255-47b0-9086-56780846b8d9: created
FreeBSD ?.?.? (UNKNOWN)

Welcome to FreeBSD!

then if i CTRL-D im back in my host OS

jetpack pod list
UUID STATUS IP APPS
43986964-d255-47b0-9086-56780846b8d9 running 172.23.0.2 freebsd-base
root@xoa:~/jetpack/images/freebsd-base # jetpack pod 43986964-d255-47b0-9086-56780846b8d9 console
panic: open /etc/passwd: no such file or directory

goroutine 1 [running]:
main.main()
/root/jetpack/stage2/main.go:59 +0x4bd

goroutine 2 [runnable]:
runtime.forcegchelper()
/usr/local/go/src/runtime/proc.go:90
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 3 [runnable]:
runtime.bgsweep()
/usr/local/go/src/runtime/mgc0.go:82
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 4 [runnable]:
runtime.runfinq()
/usr/local/go/src/runtime/malloc.go:712
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:2232 +0x1
run.Command[/root/jetpack/bin/stage2 -jid 4 -chroot / -user root -group -name /usr/bin/login -fp root]: exit status 2

Issues starting example images

Hello , i'll start by saying this is one awesome project , i have been using docker for a little while now in Linux and i'm amazed at how far this particular project has gone , i'm actually dying to use it or perhaps build a PaaS over it when its done .
To the issue , i've tried to start the example example.nginx and i get the following log ,

+ jail -f /home/william/.jetpack/pods/5866019e-abce-41db-8434-e69ac1b72e17/jail.conf -v -c jetpack:5866019e-abce-41db-8434-e69ac1b72e17
jetpack:5866019e-abce-41db-8434-e69ac1b72e17: run command: /sbin/ifconfig lo1 inet 172.23.0.15 netmask 255.255.255.255 alias
jetpack:5866019e-abce-41db-8434-e69ac1b72e17: run command: /sbin/mount -t devfs -o ruleset=4 . /home/william/.jetpack/pods/5866019e-abce-41db-8434-e69ac1b72e17/rootfs/0/dev
jetpack:5866019e-abce-41db-8434-e69ac1b72e17: jail_set(JAIL_CREATE) name=jetpack:5866019e-abce-41db-8434-e69ac1b72e17 allow.chflags=true host.hostname=5866019e-abce-41db-8434-e69ac1b72e17 host.hostuuid=5866019e-abce-41db-8434-e69ac1b72e17 ip4.addr=172.23.0.15 osrelease=10.1-RELEASE-p9 path=/home/william/.jetpack/pods/5866019e-abce-41db-8434-e69ac1b72e17/rootfs persist=true securelevel=0
jetpack:5866019e-abce-41db-8434-e69ac1b72e17: created
+ /usr/sbin/jls -d jid dying name | "1 0 jetpack:c49dae4c-382f-4721-827b-4849ae8544bd\n2 0 jetpack:5866019e-abce-41db-8434-e69ac1b72e17\n"
+ /usr/local/libexec/jetpack/stage2 2:0:0:freebsd-base:/.jetpack.build. 'AC_METADATA_URL=http://172.23.0.1:1104/~7cea07a38b1cf0693dd73b24e9d8fac161b47c3ae710e3c3656995fa52c43e947670d4f0fafbbf146b9a10d7a532d490627f7745ab60c7c2c14f7916e743edc7' USER=root LOGNAME=root HOME=/root SHELL=/bin/csh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm /usr/bin/make .jetpack.build. .jetpack.image.mk=./jetpack.image.mk
env ASSUME_ALWAYS_YES=YES pkg install nginx
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly, please wait...

Which after some time results in the error below

pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly/Latest/pkg.txz: No address record
A pre-built version of pkg could not be found for your system.
Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'.
*** Error code 1

Stop.
make: stopped in /.jetpack.build.
run.Command[/usr/local/libexec/jetpack/stage2 2:0:0:freebsd-base:/.jetpack.build. ''\''AC_METADATA_URL=http://172.23.0.1:1104/~7cea07a38b1cf0693dd73b24e9d8fac161b47c3ae710e3c3656995fa52c43e947670d4f0fafbbf146b9a10d7a532d490627f7745ab60c7c2c14f7916e743edc7'\''' USER=root LOGNAME=root HOME=/root SHELL=/bin/csh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm /usr/bin/make .jetpack.build. .jetpack.image.mk=./jetpack.image.mk]: exit status 1
/usr/home/william/Projects/Virtualization/jetpack/gopath/src/github.com/3ofcoins/jetpack/lib/jetpack/app.go:98: 
/usr/home/william/Projects/Virtualization/jetpack/gopath/src/github.com/3ofcoins/jetpack/lib/jetpack/build.go:217: 
/usr/home/william/Projects/Virtualization/jetpack/gopath/src/github.com/3ofcoins/jetpack/cmd/jetpack/image.go:173: 
/usr/home/william/Projects/Virtualization/jetpack/gopath/src/github.com/3ofcoins/jetpack/cmd/jetpack/command.go:101: 
*** Error code 1

Stop.
make: stopped in /usr/home/william/Projects/Virtualization/jetpack/images/example.nginx

I can only run the first demonstration and get into the root shell for the jail with
jetpack run -t 3ofcoins.net/freebsd-base

Any way i can get passed this and run the nginx example ?

debootstrap for hamm?

I see hamm listed in https://github.com/3ofcoins/jetpack/blob/master/images/debootstrap/debootstrap.sh , but when I try to debootstrap it, I get /usr/lib/debootstrap/scripts/hamm.

Proper feedback when image can't be fetched

Provide a meaningfull error if the image name has a typo, not the mess that can be seen in #11

VIMAGE support

It should be possible (but optional) to make use of the network stack separation (VIMAGE) feature when available (still experimental, purportedly stable on 11-CURRENT; see https://wiki.freebsd.org/VIMAGE).

ZFS dataset not being created during "make" or "make install"

In an attempt to provide a clean example for another bug I may have found while developing an integration test script, I destroyed my zroot zpool and recreated it. I then cleaned, rebuilt, and re-installed jetpack and was unable to run the MDS or the jetpack list command due to the fact that the "zroot/jetpack" dataset was not created. Here is my shell output:

root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # zpool list
no pools available
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # zpool create zroot raidz /dev/xbd6 /dev/xbd7 /dev/xbd8 /dev/xbd9 /dev/xbd10
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # zpool list
NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
zroot 9.94G 109K 9.94G - 0% 0% 1.00x ONLINE -
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # make
gb build -ldflags "-X lib/jetpack.prefix=/usr/local" bin/jetpack libexec/mds github.com/appc/spec/actool
code.google.com/p/go-uuid/uuid
github.com/appc/spec/Godeps/_workspace/src/github.com/coreos/go-semver/semver
github.com/appc/spec/Godeps/_workspace/src/github.com/spf13/pflag
github.com/appc/spec/Godeps/_workspace/src/speter.net/go/exp/math/dec/inf
github.com/juju/errors
github.com/appc/spec/Godeps/_workspace/src/golang.org/x/net/html/atom
github.com/coreos/ioprogress
github.com/hashicorp/go-multierror
github.com/magiconair/properties
golang.org/x/crypto/openpgp/errors
lib/drain
golang.org/x/crypto/cast5
golang.org/x/crypto/openpgp/elgamal
github.com/mattrobenolt/size
github.com/mgutz/ansi
golang.org/x/crypto/ssh/terminal
golang.org/x/sys/unix
github.com/appc/spec/Godeps/workspace/src/k8s.io/kubernetes/pkg/api/resource
lib/passwd
github.com/appc/spec/Godeps/workspace/src/golang.org/x/net/html
golang.org/x/crypto/openpgp/armor
golang.org/x/crypto/openpgp/s2k
lib/ui
github.com/appc/spec/schema/types
golang.org/x/crypto/openpgp/packet
lib/run
github.com/appc/spec/pkg/device
github.com/appc/spec/schema
github.com/appc/spec/discovery
golang.org/x/crypto/openpgp
lib/zfs
lib/keystore
lib/acutil
lib/fetch
github.com/appc/spec/pkg/tarheader
github.com/appc/spec/aci
github.com/appc/spec/actool
lib/jetpack
libexec/mds
bin/jetpack
mkdir -p bin
cc -O2 -pipe -o bin/stage2 stage2.c
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # make install
gb build -ldflags "-X lib/jetpack.prefix=/usr/local" bin/jetpack libexec/mds github.com/appc/spec/actool
github.com/appc/spec/schema/types
github.com/appc/spec/pkg/tarheader
golang.org/x/crypto/openpgp/armor
golang.org/x/crypto/openpgp/s2k
lib/ui
golang.org/x/crypto/openpgp/packet
github.com/appc/spec/schema
github.com/appc/spec/discovery
lib/run
golang.org/x/crypto/openpgp
github.com/appc/spec/aci
lib/acutil
lib/fetch
lib/zfs
lib/keystore
github.com/appc/spec/actool
lib/jetpack
libexec/mds
bin/jetpack
set -e -x ; prefix=$(./bin/jetpack -config=/dev/null config path.prefix) ; install -m 0755 -d ${prefix}/bin ${prefix}/libexec/jetpack ${prefix}/share/jetpack ${prefix}/etc ; install -m 0755 -s bin/jetpack ${prefix}/bin/jetpack ; install -m 0755 -s bin/stage2 bin/mds ${prefix}/libexec/jetpack/ ; install -m 0644 share/[^~] ${prefix}/share/jetpack/ ; for section in 5 ; do install -m 0755 -d ${prefix}/share/man/man${section} ; install -m 0644 man/.${section} ${prefix}/share/man/man${section} ; done ; install -m 0644 jetpack.conf.sample ${prefix}/etc/jetpack.conf.sample

./bin/jetpack -config=/dev/null config path.prefix
cannot open 'zroot/jetpack': dataset does not exist
prefix=/usr/local
install -m 0755 -d /usr/local/bin /usr/local/libexec/jetpack /usr/local/share/jetpack /usr/local/etc
install -m 0755 -s bin/jetpack /usr/local/bin/jetpack
install -m 0755 -s bin/stage2 bin/mds /usr/local/libexec/jetpack/
install -m 0644 share/jetpack.image.mk share/makeaci.sh /usr/local/share/jetpack/
install -m 0755 -d /usr/local/share/man/man5
install -m 0644 man/jetpack.conf.5 /usr/local/share/man/man5
install -m 0644 jetpack.conf.sample /usr/local/etc/jetpack.conf.sample
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # /usr/local/libexec/jetpack/mds &
[1] 42886
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # + /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack |cannot open 'zroot/jetpack': dataset does not exist
""
/sbin/zfs list -H -p -tall -oname | "zroot\n"
2015/11/16 02:35:47 Listening on: X.X.X.X:1104
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack # jetpack list
/sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack |cannot open 'zroot/jetpack': dataset does not exist
""
/sbin/zfs list -H -p -tall -oname | "zroot\n"
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0 pc=0x5fdbd5]

goroutine 1 [running]:
lib/zfs.(_Dataset).Path(0x0, 0xc82007fa50, 0x1, 0x1, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/zfs/zfs.go:296 +0x1f5
lib/jetpack.(_Host).Path(0xc8200fe440, 0xc82007fa50, 0x1, 0x1, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:79 +0x4e
lib/jetpack.(_Host).Pods(0xc8200fe440, 0x0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/lib/jetpack/host.go:268 +0xc1
main.cmdListPods(0xc82000a0f0, 0x0, 0x0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/list.go:46 +0x44
main.(_Command).Run(0xc8200df1a0, 0xc82000a0f0, 0x0, 0x0, 0x0, 0x0)
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/command.go:78 +0xda
main.main()
/usr/home/ec2-user/src/jetpack/src/bin/jetpack/main.go:37 +0x156

goroutine 17 [syscall, locked to thread]:
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1696 +0x1

goroutine 5 [syscall]:
os/signal.loop()
/usr/local/go/src/os/signal/signal_unix.go:22 +0x18
created by os/signal.init.1
/usr/local/go/src/os/signal/signal_unix.go:28 +0x37
root@ip-000-00-00-000:/usr/home/ec2-user/src/jetpack #

Specify DNS servers

Currently, runtime environment copies /etc/resolv.conf from host system to pod. While this is a reasonable default, it should be possible to override that system-wide (in jetpack.conf) and for individual pods (by an annotation).

jetpack init doesn't check for correct initialization of ZFS dataset

I misread the documentation and thought that if I wanted a custom ZFS dataset location, I should create the dataset manually, enter it into configuration and run jetpack init later. jetpack init responded with 'Host already initialized'. However, jetpack ... run ... results in

cannot create 'mycustompoolname/jetpack/images/...': parent does not exist
cannot open 'mycustompoolname/jetpack/images/...: dataset does not exist
panic: Not found

because mycustompoolname/jetpack/images doesn't exist. zfs destroy/jetpack init solved this, but I think jetpack init should check for the existence of necessary child datasets.

jetpack should check if IP address is in use

I have a single bridged network for Xen VMs and jails alike, and Jetpack VM got .128 IP address and .129 and .130 were already taken. The first two pods get .129 and .130 assigned, respectively, overriding the already running systems.

Please help: dial tcp 172.23.0.1:1104: getsockopt: connection refused

I'm aware this is an issue tracker, but I failed to find a mailing list or such, and am stuck following the Getting Started guide =(

Please help .. would be greatly appreciated!

I have closely followed the INSTALL.md and the Getting Started, but I am stuck at:

[oberstet@bvr-file1 ~]$ sudo jetpack run -t 3ofcoins.net/freebsd-base
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack | "type\tfilesystem\nmounted\tyes\nmountpoint\t/var/jetpack\norigin\t-\n"
2016-04-11T13:47:21+02:00 pod:0787097f-b195-4992-bfa7-18bcea17f3ba DEBUG: Initializing dataset [lib/jetpack/pod.go:84]
+ /sbin/zfs create zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba | "type\tfilesystem\nmounted\tyes\nmountpoint\t/var/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba\norigin\t-\n"
2016-04-11T13:47:21+02:00 pod:0787097f-b195-4992-bfa7-18bcea17f3ba DEBUG: Cloning rootfs.0 for app freebsd-base [lib/jetpack/pod.go:144]
2016-04-11T13:47:21+02:00 image:c5241ef8-727f-4dbc-b0fd-b27d6adf2a86 DEBUG: Cloning rootfs as zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0 at /var/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs/0 [lib/jetpack/image.go:184]
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack/images/c5241ef8-727f-4dbc-b0fd-b27d6adf2a86 | "type\tfilesystem\nmounted\tyes\nmountpoint\t/var/jetpack/images/c5241ef8-727f-4dbc-b0fd-b27d6adf2a86/rootfs\norigin\t-\n"
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack/images/c5241ef8-727f-4dbc-b0fd-b27d6adf2a86@seal | "type\tsnapshot\nmounted\t-\nmountpoint\t-\norigin\t-\n"
+ /sbin/zfs clone -o mountpoint=/var/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs/0 zroot/jetpack/images/c5241ef8-727f-4dbc-b0fd-b27d6adf2a86@seal zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0 | "type\tfilesystem\nmounted\tyes\nmountpoint\t/var/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs/0\norigin\tzroot/jetpack/images/c5241ef8-727f-4dbc-b0fd-b27d6adf2a86@seal\n"
+ /sbin/zfs set jetpack:name=freebsd-base zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0
+ /sbin/zfs snapshot zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0@parent
+ /sbin/zfs get -H -p -oproperty,value type,mounted,mountpoint,origin zroot/jetpack/pods/0787097f-b195-4992-bfa7-18bcea17f3ba/rootfs.0@parent | "type\tsnapshot\nmounted\t-\nmountpoint\t-\norigin\t-\n"
2016-04-11T13:47:21+02:00 pod:0ca389d6-49a9-4796-8aa0-4eeb18f983a2 DEBUG: Loading manifest [lib/jetpack/pod.go:301]
2016-04-11T13:47:21+02:00 pod:36736fad-80bb-43d6-b3f7-2fb403a8271c DEBUG: Loading manifest [lib/jetpack/pod.go:301]
2016-04-11T13:47:21+02:00 pod:be1c64e0-6a3d-4083-8f48-f2b3d51fc11a DEBUG: Loading manifest [lib/jetpack/pod.go:301]
2016-04-11T13:47:21+02:00 pod:0787097f-b195-4992-bfa7-18bcea17f3ba DEBUG: Using IP 172.23.0.5 [lib/jetpack/pod.go:248]
2016-04-11T13:47:21+02:00 pod:0787097f-b195-4992-bfa7-18bcea17f3ba DEBUG: Saving manifest [lib/jetpack/pod.go:256]
Get http://172.23.0.1:1104/~59dad476f1ff657bfe09c4641a296b1c3521ec9630cf46661e0cc42011d28d767265786000d9837fc4afd0148db2379b8bae6c0e25a5fb86af8762777310c082/_info: dial tcp 172.23.0.1:1104: getsockopt: connection refused
/usr/home/oberstet/scm/3rdparty/jetpack/gopath/src/github.com/3ofcoins/jetpack/lib/jetpack/mds.go:137:
/usr/home/oberstet/scm/3rdparty/jetpack/gopath/src/github.com/3ofcoins/jetpack/lib/jetpack/mds.go:192:
/usr/home/oberstet/scm/3rdparty/jetpack/gopath/src/github.com/3ofcoins/jetpack/lib/jetpack/app.go:68:
/usr/home/oberstet/scm/3rdparty/jetpack/gopath/src/github.com/3ofcoins/jetpack/cmd/jetpack/pod.go:102:
[oberstet@bvr-file1 ~]$

This is my configuration:

[oberstet@bvr-file1 ~]$ cat /usr/local/etc/jetpack.conf
debug = on
mds.signing-key = <SNIP>
mds.token-key = <SNIP>

and this is my env

[oberstet@bvr-file1 ~]$ cat /etc/pf.conf
ext_if="igb0"

set skip on lo1
nat pass on $ext_if from lo1:network to any -> $ext_if

[oberstet@bvr-file1 ~]$ ifconfig lo1
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 172.23.0.1 netmask 0xffff0000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
[oberstet@bvr-file1 ~]$ ifconfig igb0
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO>
        ether 0c:c4:7a:69:be:96
        inet 10.200.1.75 netmask 0xffffff00 broadcast 10.200.1.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
[oberstet@bvr-file1 ~]$ sudo service pf status
No ALTQ support in kernel
ALTQ related functions disabled
Status: Enabled for 0 days 00:22:44           Debug: Urgent

State Table                          Total             Rate
  current entries                        0
  searches                         4108228         3011.9/s
  inserts                                0            0.0/s
  removals                               0            0.0/s
Counters
  match                            4108228         3011.9/s
  bad-offset                             0            0.0/s
  fragment                               0            0.0/s
  short                                  0            0.0/s
  normalize                              0            0.0/s
  memory                                 0            0.0/s
  bad-timestamp                          0            0.0/s
  congestion                             0            0.0/s
  ip-option                              0            0.0/s
  proto-cksum                            0            0.0/s
  state-mismatch                         0            0.0/s
  state-insert                           0            0.0/s
  state-limit                            0            0.0/s
  src-limit                              0            0.0/s
  synproxy                               0            0.0/s
[oberstet@bvr-file1 ~]$ env | grep -i proxy
http_proxy=http://10.200.1.21:8080
npm_config_https_proxy=http://10.200.1.21:8080
https_proxy=http://10.200.1.21:8080
npm_config_proxy=http://10.200.1.21:8080

and

[oberstet@bvr-file1 ~]$ cat /etc/rc.conf
hostname="bvr-file1"
keymap="german.iso.kbd"

# ifb uplink
ifconfig_igb0="inet 10.200.1.75 netmask 255.255.255.0"
defaultrouter="10.200.1.1"

#3 ports on rack switch
ifconfig_igb1="inet 10.1.1.13 netmask 255.255.255.0"
ifconfig_ix0="inet 10.1.1.14 netmask 255.255.255.0"
ifconfig_ix1="inet 10.1.1.15 netmask 255.255.255.0"

# Jetpack networking
cloned_interfaces="lo1"
ipv4_addrs_lo1="172.23.0.1/16"

# Services
pf_enable="YES"
pflog_enable="YES"
sshd_enable="YES"
ntpd_enable="YES"
dumpdev="NO"
zfs_enable="YES"
ctld_enable="YES"
smartd_enable="YES"
linux_enable="YES"
samba_enable="YES"
rpcbind_enable="YES"
nfs_server_enable="YES"
#nfsv4_server_enable="YES"
#nfsuserd_enable="YES"
mountd_enable="YES"
mountd_flags="-r"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"
svscan_enable="YES"
[oberstet@bvr-file1 ~]$

The external interface (igb0) is the default gateway to the internet, but there is a firewall (on another system) that will block anything but ports 80/443.

[oberstet@bvr-file1 ~]$ telnet google.de 80
Trying 172.217.21.3...
Connected to google.de.
Escape character is '^]'.
GET / HTTP/1.1
Host: google.de

HTTP/1.1 301 Moved Permanently
Location: http://www.google.de/
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2016 12:09:43 GMT
Expires: Wed, 11 May 2016 12:09:43 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 218
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.de/">here</A>.
</BODY></HTML>

What could I try/do?

Thanks again for any help!

Support image dependencies

It should be possible to generate a 'delta' ACI layer using zfs snapshot /zfs diff. This would require a bit of a rewrite in the actool code though...