How to create FreeNAS Jails with iocage

How do I install and use a FreeBSD jail manage called iocage on FreeNAS server from the command line? How do I create FreeNAS jail with iocage command?

iocage is a jail or container manager tool for FreeBSD. It is also available on FreeNAS based NAS system. It comes with some of best features and technologies the FreeBSD operating system has to offer. The iocage tool provides ease of use with a simple and easy to understand command syntax for managing jails. This page shows how to manage FreeNAS Jails with iocage command line option.

Step 1 – Login to FreeNAS server

Use the ssh command:
ssh user@freenas-box-name
ssh vivek@nas04

Become a root user using sudo command:
$ sudo -i
Find our your FreeNAS server IP address and interface name, enter:
# ifconfig
FreeNAS find ip address and interface name
Please note down your real network interface. You must activate i.e. set a zpool active for iocage usage. My zpool name is nixcraft (use zpool list to get a list of zpool), so I run:
# iocage activate nixcraft

Step 2 – Fetch a version of FreeBSD for jail usage

Type the following command (this need to be done once only):
# iocage fetch

Use the following zpool/zfs command to verify:
# zpool list
# zfs list

Step 3 Create FreeNAS Jails with iocage command

Create a jail named backup with IP address for jail interface named igb1:
# iocage create -n backupjail ip4_addr="igb1|" -r 11.1-RELEASE
Sample outputs:

backup successfully created!

List the jails

To list newly created jail run:
# iocage list
Sample outputs:

| JID |    NAME    | STATE |   RELEASE    |     IP4      |
| -   | backupjail | down  | 11.1-RELEASE | |

Start the jail named backup

# iocage start {jailNameHere}
# iocage start backupjail

Sample outputs:

* Starting backupjail
  + Started OK
  + Starting services OK

How to automatically start jail when FreeNAS reboots

# iocage set boot=on backupjail
Sample outputs:
Property: boot has been updated to on
Verify it:
# iocage get all backupjail | less
# iocage get all backupjail | grep boot
# iocage get boot backupjail

How to login to my jails

The syntax is:
# iocage console {yourJailNameHere}
# iocage console backupjail

Once logged in install the pkg command on backupjail:
# pkg

Step 4 – Useful jail management commands

Let us see some useful iocage commands.

Show resource usage of all jails

# iocage df

Run a command inside a specified jail

# iocage exec {jailNameHere} {FreeBSDCOmmandHERE}
# iocage exec backupjail ifconfig

How to stop the specified jails or ALL

# iocage stop ALL
# iocage stop backupjail

Restart the specified jails or ALL

# iocage restart ALL
# iocage restart backupjail

Destroy/delete/remove specified jail(s)

This will destroyte all data, so be careful:
# iocage destroy backupjail

Run freebsd-update to update a specified jail to the latest patch level

# iocage update backupjail
Here is my sample jail:

Summary of commands to create a new jail on FreeNAS

Create a jail named rsyncjail:
# iocage create --release 11.1-RELEASE --name rsyncjail \
boot="on" \
allow_raw_sockets="1" \
ip4_addr="igb1|" \

In the jail, update all packages, enable SSHD, add a new user and install rsnapshot package:
# iocage console rsyncjail
# pkg update && pkg upgrade
# echo 'sshd_enable="YES"' >> /etc/rc.conf
# service sshd start
# pw useradd -n vivek -G wheel -s /bin/tcsh -m -d /home/vivek
# passwd vivek
# pkg install rsnapshot

Creating jail that can run OpenVPN server or client

In this following example, I am going to enable vnet, allow ping via raw sockets, for openvpn client jail to connect to my Ubuntu OpenVPN server:
# iocage create --release 11.1-RELEASE --name openvpnjail \
vnet="on" boot="on" allow_raw_sockets="1" \
ip4_addr="vnet0|" \
defaultrouter="" \

Run the following command to allow creation of tap device for the FreeBSD/FreeNAS jail:
/sbin/devfs rule -s 4 add path 'tun*' unhide
Please note that you must add the following pre init tasks in FreeNAS UI so that OpenVPN can create tap device

I usually install jail per service. For example, I create a jail for each FreeBSD service such as Nginx/PHP/Perl/Python web service, MariaDB database server, Deluge, Duplicity/Rsnapshot backup service and more.


And there you have it. You just created a jail that automatically starts for the FreeNAS system. For more info see the official FreeNAS docs here and iocage command docs here.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum