Worth The Wait
Pre-releaseBastille Version 0.10.20231013 Release Announcement
Greetings!
I am excited to announce the long-awaited release of Bastille version 0.10.20231013. This release has been worth the wait, and I'm thrilled to present you with a host of great improvements.
The astute reader may notice that much of these release notes are similar or duplicated from the previous release. Good eye. The previous release, 0.10.20230714, was tagged and published but never packaged for FreeBSD ports. Due to lack of time and resources surrounding that release, it was primarily used by testers but never released more widely.
Well, I'm pleased now to re-release those changes (with a few minor improvements) to a wider audience and give them the credit they are due. Some great work went into making this the best version of Bastille to date. I truly hope you enjoy!
I want to express my gratitude to everyone who contributed to this project, including the sixteen first-time contributors. Your time and effort have played a vital role in shaping this release, and I appreciate your dedication to improving Bastille.
Thank you for your continued support, and I hope you enjoy using Bastille version 0.10.20231013. It's my commitment to keep improving and simplifying container management on FreeBSD.
Christer
Improvements & New Features
Dual Stack Networking
One of the major highlights of this release is the introduction of Dual Stack Networking. You can now create containers with both IPv4 and IPv6 stacks, opening up new possibilities for networking configurations. We've also added DHCP support, making it easier than ever to manage IP addresses within your containers.
Important changes:
- we now support passing "DHCP" in the IP parameter.
- we also support "SLAAC" as a value for the IP parameter, which enables accepting route advertisement
- fixed an oddity in the way the gateway was being handled for IPv6 (in certain cases it was being passed as the GATEWAY template parameter
- allow passing multiple values to the IP parameter, this would work as a quoted parameter that means that, e.g.
bastille create -V test 13.2-RELEASE "SLAAC DHCP"
is possible and creates a dual-stack jail - passing both DHCP, SLAAC and fixed IPs is also possible, but only one IP per protocol number is supported; last one wins
bastille setup [--help]
We understand that setting up Bastille hosts for the first time can take a little time. No more! We're introducing the new bastille setup
command. This command automates the initial configuration of firewall settings, networking, and ZFS storage, streamlining the setup process.
You can use this command for individual components (zfs, pf, bastille0) or run it without arguments to configure all options at once.
Note: This command is new. Please double-check the configuration and provide us any feedback you can on improving this new utility.
Usage: bastille setup [pf|bastille0|zfs|vnet]
Extended Linux Support
Bastille continues to push boundaries by supporting experimental Linux containers. In this release, we've extended our Linux container support with two exciting additions:
- Ubuntu Jammy (22.04) support has been added, allowing you to containerize applications on the latest Ubuntu release.
- Debian 12 "Bookworm" support is now available for those who prefer Debian-based systems.
- Please note that support for Debian 9 "Stretch" has been dropped in this release.
Getting started with these Linux containers is as simple as using the following commands:
bastille bootstrap jammy
(for Ubuntu 22.04)bastille bootstrap bookworm
(for Debian 12)
bastille tags [--help]
We've added a new tags
sub-command for tagging containers. You can use this to add arbitrary tags to your containers for internal labeling and tracking.
bastille tags --help
Usage: bastille tags TARGET add tag1[,tag2,...]
bastille tags TARGET delete tag1[,tag2,...]
bastille tags TARGET list [tag]
bastille pkg -H
The pkg
sub-command can now be used with -H
or --host
to use the host's package manager instead of the in-jail pkg
binary, offering more flexibility.
To keep your containers even more lightweight, use bastille pkg -H TARGET ...
. The container will not need to install the pkg
binary or use container storage / resources to track packages. All container packages are tracked by the host.
bastille pkg -H ALL upgrade
Additional Enhancements
We haven't stopped there. This release also brings several miscellaneous improvements:
- When installing Bastille from source code using the
make install
method, the bastille version variable will now match the commit hash, providing better version tracking. - We've addressed regressions in cmd and VNET creation to ensure smoother operations.
- Our documentation has received extensive updates, making it easier for you to find the information you need. The README has been cleaned up and migrated to the docs website.
What's Changed
- rdr disable directive fix by @bmac2 in #610
- prep & cleanup for 0.10.20231013 release by @cedwards in #611
Full Changelog: 0.10.20230714...0.10.20231013