 Have my free nash shirt on today. So I said, you know, I should do a video about jails There's something that I wrap my head around a long time ago to get a good concept of them They're a little bit different and there's some nuances to setting them up that sometimes causes some confusion And I have a love hate relationship with jails So I don't run a lot of things in them But it's actually very practical especially for people asking like hey Can I run this in a jail? For example Plex media because maybe you store all your media on free nash You want to run in a jail? This will help you in general with jails and kind of give you an idea of how they work and They're like I said, I have a love hate relationship and I'll show you why I jump over to here get my face out of the way So there is an update coming to jails. So this so you know we're on free nash 11.1 you for it's April of 2018. So that's what I'm running. That's the latest current stable release They are doing some changes in them and of course then there's going to be migrations For the way it used to work in the warden system and the new way it works in the I okay channel Even links so you can read through all the documentation, but this is just the docked up free nasa d'oreg and the details of the jails So let's start with what is a jail and what makes it different than a VM? and I found this on straddle scale, but you can just google docker Versus VM and it's the same equivalence concept I know someone's screaming that the free BSD jails are different than doctor But it was kind of giving an idea because this graphic still represents how it works in general not going to cover every little specific So if you have a VM you have your physical layer your hardware the bare metal infrastructure here at the bottom Then we have the operating system running on there and let's use Citrix for example the operating system being sent to us Linux and then we have the Zen hypervisor that runs on top and then each VM is fully a P is containered All the way top to bottom from the guest OS to the bins and libraries that run it to the application So for example, if it's a the guest OS is windows It has all the windows support libraries in there and then you run your windows apps It's if it's Linux whatever flavor you can run the Linux on there Then it has all the libraries to support whatever app you're on there each one's completely containerized That means that these individual VMs can easily just be passed generally speaking if they're an OVF format From one machine to another because everything is self-contained So when you update or move let's say from the Citrix and server to XCP Zen server And you just take the VMs and move them over and they work perfectly fine Not a problem same thing goes like for example, I've talked about virtual box Which I still use on my desktop I can export the entire VM to virtual box and just bring it into another System over here because it's a VM and all the libraries and support is there Free BSD jails work differently. So here's your bare metal. Here's your free BSD We're gonna use an example and instead of the word Docker. Let's just say it said jails here Now that means they're going to share the kernel So we have the bins and libs being separate, but the kernel there's some sharing going on So what that does is there's an interdependency So these have to depend on the ability for the kernel support it that means free BSD jails will run free BSD based things because the Underline kernel is the same so they have to have support for it This is why you just can't throw anything you want in a jail It has to be something for example that supports free BSD and has a compilation for it If it doesn't well, it's not necessarily going to work So that's just something to keep in mind when you're there This also is why when you update the kernel and update the operating system You can cause problems with the jails because as they progress if the jail was built with an old version of the jail You're going to need the newer version of that system So that's why they talk about that here is as they're moving There's going to be some transitions and hopefully there'll be some scripts to bring the jails up to date But this is just a concern now the data within the jails is stored on the free NAS drives itself So it's not like you'd lose data, but you can lose compatibility between upgrades This is my one thing about running anything absolutely mission critical in jails Is make sure you back them up and are prepared for any problems that may arise by moving to a new version Of free BSD or as free NAS updates It's sometimes based on the new version of free BSD and they have notes in there of what breaks So just thoughts to have in there and why I don't just take everything in a jail You know, it's it's good It's a great way to use up some of the resources that are mostly sitting idle on your machine But it can cause those issues. So that's my caveat with jails and why I'm not like The biggest put everything in a jail person because of the troubleshooting that comes with it But let's talk about putting things in a jail and I do run my sync thing in a jail I was running externally and I moved it back into jail partly to do this video And it's just convenient and my system mostly sits idle despite having iSCSI and everything else that this system supports This is actually my production system for the other servers that attach to it. It really doesn't Use a lot of power. So we said, hey, why not run sync thing in there so it can run in in that as a jail Now first thing is how do you get a jail installed? Well Usually pick the plug in you want and it builds the jail And the way that works is we're going to go here and we can choose sync thing again because it will install multiple versions Of the same software if you want or I could choose transmission or whatever I do plex but there's a lot more setup because plex has an entire Setup process after you get it in there and I don't really have time to do that Or to desire to put that on my server right now But if you add this you're going to run through the install For sync thing and we'll go ahead and add it Are you sure you want to put the sync thing plug in and we hit okay It's going to run through the download and we'll fast forward through this real quick And now I go to the installed plugins and now there's two sync things Pretty simple. So here's the first one that's running and here's another copy of it and it creatively calls it sync thing two And when we go to my jails We have sync thing one and sync thing two pretty straightforward now the ip addresses I have my jail set to hand out addresses that are outside my dhcp range And we're going to go over and show you the configuration of the jail here So here's where it relies So jail root is on my creatively named four drives rate slash jails You can pick whichever Storage container you want to hold the jails by default. It just grabs the first storage container when you're setting this up When you go to advanced here, I have the network setup is that And I have the start address and end address and I happen to like them being in a static range And this is just my preference. You can let the jails grab a dhcp But I just like to predictably know make sure they're going to be at the same point all the time and not Possibly get a different address So you set up that a network insider notation pick the beginning pick the end by the way make sure it is outside of your dhcp range My dhcp range stops at 239 And so I began this at 240 to 250 so I can have up to 10 jails running in here. I never need really more than one now by default the jails Darts running, but the plugin does not run and then we have to add storage now I've already added some storage to jail But I'll add storage to this one just to give you an example and then we're going to jump into my working one So you can get an idea how it works So by default there's no storage in a jail because a jail is containerized and it When it loads it does not get to see all the drives. So if we Go here and we're going to go to mount Nothing there nothing mounted. There's no storage on here It only has what the jail can see because the jail starts Inside the jail. It's not starting at the root of your system versus let me close this window We go over your shell Here is the root of my system. I know it's kind of small, but it says for drives range and jupiter Actually, let me open up a new window to make it bigger and give you a better idea here So here's logged into my free nas machine and here is for drives range and jupiter. So the mount has something when we go into the Jails And we have see how we have sink thing one and sink thing two. So we're going to go into sink thing two This is the root of the jail. So it actually starts here So when you log into the jail, it's starting at this root Not your other this is part of the way jails keep you protected. So the software inside them is Inside and nested in being that it's nested in you have to add what storage you want it to touch And this is part of a security So jails to keep them secure. They can't just go wherever they want on the operating system So now you have to share in the data that you want with them and we're going to go out to sink thing One go to the mount inside of here. This is my running one and we have three folders Sink time backup and web work Now these are the files. These are the folders that i'm using for sink thing. How did I get them there? Well, let's talk about that So we're going to go ahead and delete this one because I just don't actually i'm going to delete the plugin which will Delete that so I don't really need this version on here So delete say yes I don't really need it. It's going to go ahead and destroy that jail All right, that's destroyed. So we go back over to the jails. We see this one here Now we can start and stop the jail here. We can open up a shell which starts inside the jail There is a way to if you want you can ssh into the jail as opposed to into the machine because the jail does have its own Network stack hence the reason it has a different ip address here So if we look real quick and hit edit jail go to advanced mode as well By default too you can auto start to jail and whether or not you want to put it in that and you can also pass A few of your parameters just so you know that's where this is for that I could force a different ip address on it, but I just let it assign based on the previous settings we talked about so Add storage right here down at the bottom. This is the part people get confused about so When you have source and destination storage, you're like, what does that mean? And let's say you have a media library because you're setting up plex or in this case sink thing And I want to give data to it so we go to mount We pick from our storage Sources and we say for drives raid and we can say I want the clone zilla folder to go into there and then we're going to go over here Mount Hey, and there's those ones here and we're just going to say go ahead and make it here Slash clone zilla and I'm not gonna I got spelled right And then this would create a mount inside of there now a couple caveats with this This is important and this is where people get stuck a lot permissions the way free free nash jails work You pretty much need to have the permissions wide open in order to do this and let me give you any examples So we're going to go over here storage We're going to look at one of my existing shares that I have in here like the sink thing data folder Please note the permissions of that you have to give all the permissions and set them recursively because the free nash jail Needs to have especially this other permission in order to read and write in those directories Maybe you only want the free nash jail to read only that's fine too But set the permissions accordingly if you don't do that It will not have permission to read and write and the jail won't work properly So that is the thing about jail because it runs as its own separate user On there and it creates a user inside the jail. It doesn't relate to the users in the system And because of that There is a discrepancy in permissions and if you don't have the permissions opened up for that you will have some issues So if you have your media library, you want to make sure the media library has full open permission like that And then you share it into there now let's go back to the jails and we look at the storage And here's what the storage looks like once you have it mounted. So Here's the sink thing data Lts mounted to slash sink. Here's this one here to tom back up and here's the web work to Web work now all these and like I said if you go to any one of them on storage They have all their permissions and this is the source and destination. So when you are Creating the source the source is your actual free nash machine destination is the place Where you want it to show up inside the jail. So it starts at slash mnt And that's where we go here and this is inside the jail itself And we can see those folders there. So it's the forage rise raid jails sink thing underscore one Slash mount so the jail itself is completely stored on forage rise raid Then it's subbed out and then mount is mnt is the default But you could actually sort anywhere we could create if we wanted we could store it here in the root of the jail For example create like a media folder and then store everything there. So it's this kind of preference General when you're working with linux you mount things under mount Like I said comes down to preference now with that being said, how does it work once you want to access the plugin? Well, when you want to access the plugins And once you're installed so right here make sure it's on This is something that was just the way the interface works a little bit strange So when you're on the plugins you go over here to plugins on this side go here to plugins And then it can be found there Now here is my Plug-in for this and how I can load into it So there's all the things that I have synced in here And you can see there now if you know the ip address And this is something really handy and you know the port it's running on and when you set up the jail to have static I predictable ip addresses and we go over to jails and we know it's right here Even without going to the plugin link I know I could get to it by typing in 192.1683.240 and I happen to know syncing by default runs on 8384 So you can get right to it hence the advantage and part of the reason I like them running static So you can use this to set up plex you can use to set up a lot of other things on here Now one of the other things that I've noted that I used to run clone deploy and it broke Recently and it's the project's been out of date for a while A few people have asked me about it and this is one of those problems that you run into with jails The project no longer was supported it had some problems and we got rid of it And even once it's installed through the jail It can have problems later as you update versions back to the very first part of this talk We were talking about so that is an issue now You can if you get really fancy with this when you go over here to plugins You can upload your own plugins You can just build your own jails separately from the plugins itself by default when you load a plugin It has parameters that it downloads to install this these are maintained over at freedast So when you pull the plugins it pulls in all the parameters to get it up and running But you can go raw and just build your own you can start by just going in here Build a jail Put whatever you want inside of it as long as it's supported in free bsd Because like I said, there's an interdependency. I'm walking running there I've seen some people run a few different things in the forums and have some custom options that you can do So hopefully this gives you a better idea of how that works and how the storage works as a storage parts one What I think people get stuck they can click the plugin and they go yes I got it working But if you don't map the storage properly to a storage on your machine, you're going to have problems Now the good news is by default some jails don't need the storage because It's going to be whatever you do is going to be stored within the jail So if you set something up, let's say own cloud and you don't give it an external storage It'll all still be stored within the jail itself without any external storage So it's still protected by zfs. Just make sure you know when you're backing things up You have to back the jail up. That's where all your data is stored versus me with syncing I have syncing pointing to external spots and on different arrays if you notice That syncing is under mount jupyter web work mount jupyter here, but the jails themselves go to jails Are actually stored actually where's it configuration is stored on my other Array the four drives rate. So I have multiple rays and you can do that. You can move the jails You can move them around. They all like I said, this is all something that You can configure if you have a lot of custom places and you can move them around to wherever you want So like I said, hopefully it's helpful and gives you a better understanding of how the jails work in Freenas and kind of gives you some overall better understanding of the storage part and like I said permissions permissions permissions The permissions on these have to be open in order for this For it to work So they have to make sure that they're owned by the process that the jail's running in or just check all the boxes make them open And away you go Thanks for watching. If you like this video, go ahead and click the thumbs up Leave us some feedback below to let us know any details what you like and didn't like as well because we love hearing the feedback Or if you just want to say thanks, leave a comment If you wanted to be notified of new videos as they come out go ahead and subscribe and the bell icon That lets youtube know that you're interested in notifications. Hopefully they send them As we've learned with youtube Anyways, if you want to contract us for consulting services You go ahead and hit laurance systems.com and you can reach out to us for all the projects that we can do and help you We work with a lot of small businesses it companies even some large companies And you can farm different workout to us or just hire us as a consultant to help design your network Also, if you want to help the channel in other ways, we have a patreon We have affiliate links. You'll find them in the description You'll also find recommendations to other affiliate links and things you can sign up for on laurance systems.com Once again, thanks for watching and i'll see you in the next video