standardizing on container vs jail

2019-11-20 19:16:21 -07:00
parent 7e2b03b73b
commit e68bd1b3ae
18 changed files with 61 additions and 57 deletions
--- a/docs/chapters/jail-config.rst
+++ b/docs/chapters/jail-config.rst
@@ -1,3 +1,7 @@
 Note: FreeBSD introduced container technology twenty years ago, long before the
 industry standardized on the term "container". Internally, FreeBSD refers to
 these containers as "jails".
 jail.conf
 =========
 In this section we'll look at the default config for a new container. The
--- a/docs/chapters/networking.rst
+++ b/docs/chapters/networking.rst
@@ -114,7 +114,7 @@ Create the firewall rules:
 - Make sure to include the last line (`port ssh`) or you'll end up locked out.
 Note: if you have an existing firewall, the key lines for in/out traffic
-to jails are:
+to containers are:
 .. code-block:: shell
@@ -127,8 +127,8 @@ The `nat` routes traffic from the loopback interface to the external
 interface for outbound access.
 The `rdr pass ...` will redirect traffic from the host firewall on port X to
-the ip of Jail Y. The example shown redirects web traffic (80 & 443) to the
+the ip of Container Y. The example shown redirects web traffic (80 & 443) to the
-jails at `10.17.89.45`.
+containers at `10.17.89.45`.
 Finally, start up the firewall:
--- a/docs/chapters/subcommands/cmd.rst
+++ b/docs/chapters/subcommands/cmd.rst
@@ -2,7 +2,7 @@
 cmd
 ===
-To execute commands within the jail you can use `bastille cmd`.
+To execute commands within the container you can use `bastille cmd`.
 .. code-block:: shell
--- a/docs/chapters/subcommands/console.rst
+++ b/docs/chapters/subcommands/console.rst
@@ -1,7 +1,7 @@
 console
 =======
-This sub-command launches a login shell into the jail. Default is password-less
+This sub-command launches a login shell into the container. Default is password-less
 root login.
 .. code-block:: shell
@@ -31,6 +31,6 @@ root login.
  Edit /etc/motd to change this login announcement.
  root@folsom:~ #
-At this point you are logged in to the jail and have full shell access.  The
+At this point you are logged in to the container and have full shell access.  The
 system is yours to use and/or abuse as you like. Any changes made inside the
-jail are limited to the jail.
+container are limited to the container.
--- a/docs/chapters/subcommands/cp.rst
+++ b/docs/chapters/subcommands/cp.rst
@@ -1,7 +1,7 @@
 cp
 ==
-This command allows efficiently copying files from host to jail(s).
+This command allows efficiently copying files from host to container(s).
 .. code-block:: shell
--- a/docs/chapters/subcommands/create.rst
+++ b/docs/chapters/subcommands/create.rst
@@ -2,7 +2,7 @@ create
 ======
 Bastille create uses any available bootstrapped release to create a
-lightweight jailed system. To create a jail simply provide a name,
+lightweight container system. To create a container simply provide a name,
 bootstrapped release and a private (rfc1918) IP address.
 - name
@@ -18,10 +18,10 @@ bootstrapped release and a private (rfc1918) IP address.
  NAME: folsom.
  IP: 10.17.89.10.
-This command will create a 11.3-RELEASE jail assigning the 10.17.89.10 ip
+This command will create a 11.3-RELEASE container assigning the 10.17.89.10 ip
 address to the new system.
-I recommend using private (rfc1918) ip address ranges for your jails.  These
+I recommend using private (rfc1918) ip address ranges for your container.  These
 ranges include:
 - 10.0.0.0/8
--- a/docs/chapters/subcommands/destroy.rst
+++ b/docs/chapters/subcommands/destroy.rst
@@ -1,8 +1,8 @@
 destroy
 =======
-Jails can be destroyed and thrown away just as easily as they were
+Containers can be destroyed and thrown away just as easily as they were
-created.  Note: jails must be stopped before destroyed.
+created.  Note: containers must be stopped before destroyed.
 .. code-block:: shell
@@ -13,6 +13,6 @@ created.  Note: jails must be stopped before destroyed.
 .. code-block:: shell
  ishmael ~ # bastille destroy folsom
-  Deleting Jail: folsom.
+  Deleting Container: folsom.
-  Note: jail console logs not destroyed.
+  Note: containers console logs not destroyed.
  /usr/local/bastille/logs/folsom_console.log
--- a/docs/chapters/subcommands/htop.rst
+++ b/docs/chapters/subcommands/htop.rst
@@ -2,10 +2,10 @@
 htop
 ====
-This one runs `htop` inside the jail. 
+This one runs `htop` inside the container. 
-note: won't work if you don't have htop installed in the jail.
+note: won't work if you don't have htop installed in the container.
 .. image:: ../../images/htop.png
    :align: center
-    :alt: bastille htop jail
+    :alt: bastille htop container
--- a/docs/chapters/subcommands/pkg.rst
+++ b/docs/chapters/subcommands/pkg.rst
@@ -2,7 +2,7 @@
 pkg
 ===
-To manage binary packages within the jail use `bastille pkg`.
+To manage binary packages within the container use `bastille pkg`.
 .. code-block:: shell
--- a/docs/chapters/subcommands/restart.rst
+++ b/docs/chapters/subcommands/restart.rst
@@ -1,7 +1,7 @@
 restart
 =======
-To restart a jail you can use the `bastille restart` command.
+To restart a container you can use the `bastille restart` command.
 .. code-block:: shell
--- a/docs/chapters/subcommands/start.rst
+++ b/docs/chapters/subcommands/start.rst
@@ -1,7 +1,7 @@
 start
 =====
-To start a jail you can use the `bastille start` command.
+To start a container you can use the `bastille start` command.
 .. code-block:: shell
--- a/docs/chapters/subcommands/stop.rst
+++ b/docs/chapters/subcommands/stop.rst
@@ -1,7 +1,7 @@
 stop
 ====
-To stop a jail you can use the `bastille stop` command.
+To stop a container you can use the `bastille stop` command.
 .. code-block:: shell
--- a/docs/chapters/subcommands/sysrc.rst
+++ b/docs/chapters/subcommands/sysrc.rst
@@ -3,7 +3,7 @@ sysrc
 =====
 The `sysrc` sub-command allows for safely editing system configuration files.
-In jail terms, this allows us to toggle on/off services and options at startup.
+In container terms, this allows us to toggle on/off services and options at startup.
 .. code-block:: shell
--- a/docs/chapters/subcommands/top.rst
+++ b/docs/chapters/subcommands/top.rst
@@ -2,9 +2,9 @@
 top
 ===
-This one runs `top` in that jail. 
+This one runs `top` in that container. 
 .. image:: ../../images/top.png
    :align: center
-    :alt: bastille top jail
+    :alt: bastille top container
--- a/docs/chapters/subcommands/update.rst
+++ b/docs/chapters/subcommands/update.rst
@@ -2,8 +2,8 @@
 update
 ======
-The `update` command targets a release instead of a jail. Because every jail is
+The `update` command targets a release instead of a container. Because every container is
-based on a release, when the release is updated all the jails are automatically
+based on a release, when the release is updated all the containers are automatically
 updated as well.
 If no updates are available, a message will be shown:
@@ -38,4 +38,4 @@ The older the release, however, the more updates will be available:
  The following files will be added as part of updating to 10.4-RELEASE-p13:
  ...[snip]...
-To be safe, you may want to restart any jails that have been updated live.
+To be safe, you may want to restart any containers that have been updated live.
--- a/docs/chapters/targeting.rst
+++ b/docs/chapters/targeting.rst
@@ -2,20 +2,20 @@ Targeting
 =========
 Bastille uses a `command-target-args` syntax, meaning that each command
-requires a target. Targets are usually jails, but can also be releases.
+requires a target. Targets are usually containers, but can also be releases.
-Targeting a jail is done by providing the exact jail name.
+Targeting a containers is done by providing the exact containers name.
 Targeting a release is done by providing the release name. (Note: do note
 include the `-pX` point-release version.)
-Bastille includes a pre-defined keyword ALL to target all running jails.
+Bastille includes a pre-defined keyword ALL to target all running containers.
 In the future I would like to support more options, including globbing, lists
 and regular-expressions.
-Examples: Jails
+Examples: Containers
-===============
+====================
 .. code-block:: shell
@@ -24,25 +24,25 @@ Examples: Jails
 +-----------+--------+------------------+-------------------------------------------------------------+
 | command   | target | args             | description                                                 |
 +===========+========+==================+=============================================================+
-| cmd       | ALL    | 'sockstat -4'    | execute `sockstat -4` in ALL jails (listening ip4 sockets)  |
+| cmd       | ALL    | 'sockstat -4'    | execute `sockstat -4` in ALL containers (ip4 sockets)       |
 +-----------+--------+-----+------------+-------------------------------------------------------------+ 
 | console   | mariadb02    | ---        | console (shell) access to mariadb02                         |
 +----+------+----+---------+------------+--------------+----------------------------------------------+ 
-| pkg       | web01  | 'install nginx'  | install nginx package in web01 jail                         |
+| pkg       | web01  | 'install nginx'  | install nginx package in web01 container                    |
 +-----------+--------+------------------+-------------------------------------------------------------+
-| pkg       | ALL    | upgrade          | upgrade packages in ALL jails                               |
+| pkg       | ALL    | upgrade          | upgrade packages in ALL containers                          |
 +-----------+--------+------------------+-------------------------------------------------------------+ 
-| pkg       | ALL    | audit            | (CVE) audit packages in ALL jails                           |
+| pkg       | ALL    | audit            | (CVE) audit packages in ALL containers                      |
 +-----------+--------+------------------+-------------------------------------------------------------+ 
-| sysrc     | web01  | nginx_enable=YES | execute `sysrc nginx_enable=YES` in web01 jail              |
+| sysrc     | web01  | nginx_enable=YES | execute `sysrc nginx_enable=YES` in web01 container         |
 +-----------+--------+------------------+-------------------------------------------------------------+ 
-| template  | ALL    | username/base    | apply `username/base` template to ALL jails                 |
+| template  | ALL    | username/base    | apply `username/base` template to ALL containers            |
 +-----------+--------+------------------+-------------------------------------------------------------+ 
-| start     | web02  | ---              | start web02 jail                                            |
+| start     | web02  | ---              | start web02 container                                       |
 +-----------+--------+-----+------------+-------------------------------------------------------------+ 
-| cp | bastion03 | /tmp/resolv.conf-cf etc/resolv.conf | copy host-path to jail-path in bastion03     |
+| cp | bastion03 | /tmp/resolv.conf-cf etc/resolv.conf | copy host-path to container-path in bastion03|
 +----+------+----+---+------------------+--------------+----------------------------------------------+ 
-| create    | folsom | 12.0-RELEASE 10.17.89.10        | create v12.0 jail named `folsom` with IP     |
+| create    | folsom | 12.0-RELEASE 10.17.89.10        | create 12.0 container named `folsom` with IP |
 +-----------+--------+------------------+--------------+----------------------------------------------+
--- a/docs/chapters/template.rst
+++ b/docs/chapters/template.rst
@@ -3,7 +3,7 @@ Template
 ========
 Bastille supports a templating system allowing you to apply files, pkgs and
-execute commands inside the jail automatically.
+execute commands inside the containers automatically.
 Currently supported template hooks are: `PRE`, `OVERLAY`, `PKG`, `SYSRC`, `CMD`.
 Planned template hooks include: `FSTAB`, `PF`, `LOG`.
@@ -48,20 +48,20 @@ Note: SYSRC requires that NO quotes be used or that quotes (`"`) be escaped.
 ie; `\"`)
 In addition to supporting template hooks, Bastille supports overlaying
-files into the jail. This is done by placing the files in their full path,
+files into the container. This is done by placing the files in their full path,
 using the template directory as "/".
 An example here may help. Think of `bastille/templates/username/base`, our
 example template, as the root of our filesystem overlay. If you create an
 `etc/hosts` or `etc/resolv.conf` *inside* the base template directory, these
-can be overlayed into your jail.
+can be overlayed into your container.
 Note: due to the way FreeBSD segregates user-space, the majority of your
 overlayed template files will be in `usr/local`. The few general
 exceptions are the `etc/hosts`, `etc/resolv.conf`, and
 `etc/rc.conf.local`.
-After populating `usr/local/` with custom config files that your jail will
+After populating `usr/local/` with custom config files that your container will
 use, be sure to include `usr` in the template OVERLAY definition. eg;
 .. code-block:: shell
@@ -76,7 +76,7 @@ line.
 Applying Templates
 ------------------
-Jails must be running to apply templates.
+Containers must be running to apply templates.
 Bastille includes a `template` command. This command requires a target and a
 template name. As covered in the previous section, template names correspond to
--- a/docs/chapters/usage.rst
+++ b/docs/chapters/usage.rst
@@ -4,34 +4,34 @@ Usage
 .. code-block:: shell
    ishmael ~ # bastille -h
-    Bastille is an open-source system for automating deployment and management
+    Bastille is an open-source system for automating deployment and management of
-    of containerized applications on FreeBSD.
+    containerized applications on FreeBSD.
-
+    
    Usage:
-    bastille command [ALL|glob] [args]
+      bastille command [ALL|glob] [args]
-
+    
    Available Commands:
      bootstrap   Bootstrap a FreeBSD release for container base.
      cmd         Execute arbitrary command on targeted container(s).
      console     Console into a running container.
      cp          cp(1) files from host to targeted container(s).
-      create      Create a new container.
+      create      Create a new thin container or a thick container if -T|--thick option specified.
      destroy     Destroy a stopped container or a FreeBSD release.
      help        Help about any command
      htop        Interactive process viewer (requires htop).
-      list        List containers (running and stopped).
+      list        List containers, releases, templates, or logs.
      pkg         Manipulate binary packages within targeted container(s). See pkg(8).
      restart     Restart a running container.
-      service     Manage services within targeted jail(s).
+      service     Manage services within targeted containers(s).
      start       Start a stopped container.
      stop        Stop a running container.
      sysrc       Safely edit rc files within targeted container(s).
-      template    Apply file templates to targeted jail(s).
+      template    Apply file templates to targeted container(s).
      top         Display and update information about the top(1) cpu processes.
      update      Update container base -pX release.
      upgrade     Upgrade container release to X.Y-RELEASE.
      verify      Compare release against a "known good" index.
-      zfs         Manage (get|set) zfs attributes on targeted jail(s).
+      zfs         Manage (get|set) zfs attributes on targeted container(s).
    Use "bastille -v|--version" for version information.
    Use "bastille command -h|--help" for more information about a command.