bsdploy 1.1.0

A tool to provision, configure and maintain FreeBSD jails

BSDploy – FreeBSD jail provisioning

BSDploy is a comprehensive tool to provision, configure and maintain FreeBSD jail hosts and jails.

Its main design goal is to lower the barrier to repeatable jail setups.

Instead of performing updates on production hosts you are encouraged to update the description of your setup, test it against an identically configured staging scenario until it works as expected and then apply the updated configuration to production with confidence.

Main Features

• provision complete jail hosts from scratch

• describe one or more jail hosts and their jails in a canonical configuration

• declarative configuration – apply Ansible playbooks to hosts and jails

• imperative maintenance – run Fabric scripts against hosts and jails

• configure ZFS pools and filesystems with whole-disk-encryption

• modular provisioning with plugins for VirtualBox and Amazon EC2 and an architecture to support more.

How it works

BSDploy takes the shape of a commandline tool by the name of ploy which is installed on a so-called control host (typically your laptop or desktop machine) with which you then control one or more target hosts. The only two things installed on target hosts by BSDploy are Python and ezjail – everything else stays on the control host.

Example Session

Here’s what an abbreviated bootstrapping session of a simple website inside a jail on an Amazon EC2 instance could look like:

# ploy start ec-instance
[...]
# ploy bootstrap jailhost
[...]
# ploy configure jailhost
[...]
# ploy start webserver
[...]
# ploy configure webserver
[...]
# ploy do webserver upload_website

Best of both worlds

Combining a declarative approach for setting up the initial state of a system combined with an imperative approach for providing maintenance operations on that state has significant advantages:

1. Since the imperative scripts have the luxury of running against a well-defined context, you can keep them short and concise without worrying about all those edge cases.

2. And since the playbooks needn’t concern themselves with performing updates or other tasks you don’t have to litter them with awkward states such as restarted or updated or – even worse – with non-states such as shell commands.

Under the hood

BSDploy’s scope is quite ambitious, so naturally it does not attempt to do all of the work on its own. In fact, BSDPloy is just a fairly thin, slightly opinionated wrapper around existing excellent tools.

In addition to the above mentioned Ansible and Fabric, it uses ezjail on the host to manage the jails and on the client numerous members of the ployground family for pretty much everything else.

Full documentation

The full documentation is hosted at RTD.

Changes

1.1.0 - Unreleased

• use FreeBSD 10.0 as default for bootstrapping and documentation

• always encode result of templates as utf-8

• fix compatibility with ansible 1.7

1.0.0 - 2014-07-20

• added bsdploy.fabutils with a wrapper for rsync_project

• automatically set env.shell for fabric scripts.

• generate ssh host keys locally during bootstrap if possible.

• set fingerprint option for ezjail master automatically if a ssh host key exists locally.

1.0b4 - 2014-07-08

• remove custom ploy and ploy-ssh console scripts.

1.0b3 - 2014-07-07

• make ploy_virtualbox an optional dependency

1.0b2 - 2014-07-07

• migrate from mr.awsome* dependencies to ploy*

• various bugfixes

• added tests

1.0b1 - 2014-06-17

• Initial public release