Skip to main content.

Episode 118: BSD is go for Launch

2015-12-02

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

iX Systems Mission Complete

  • Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal!

Headlines

Interview with Renato Westphal

  • An interview with Brazilian OpenBSD developer Renato Westphal
  • He describes how he first got into OpenBSD, working on a University-Industry partnership program and looking to deploy LDP (Label Distribution Protocol) for MPLS.
  • He ported OpenBSDs ldpd(8) to Linux, but then contributed his bug fixes and improvements back to OpenBSD
  • When asked if he was motivated to replace closed-source router implementations with OpenBSD: “Well, I don't administer any network, I work full time as a programmer. I have some friends however that succeeded replacing closed vendor solutions with OpenBSD boxes and that for sure motivates me to keep doing what I'm doing. My biggest motivation, however, is the challenge of resolving complex problems writing trivially simple code that is both secure and efficient.”
  • They also go on to discuss some of the interesting features of EIGRP, and developing eigrpd(8)
  • What do you think is missing from routing in OpenBSD: “Implementing new features and protocols while they are in their draft stage in IETF. I'd like to see OpenBSD as the reference platform for the development of new routing and networking technologies in general”

Let’s Encrypt on a FreeBSD NGINX reverse proxy

  • We have a neat guide/story today on how to setup the “Let’s Encrypt” certificates on a FreeBSD / nginx reverse proxy
  • Backstory: For those who don’t know, “Let’s Encrypt” (https://letsencrypt.org) is a new Certificate Authority, which will allow you to create free and automated certificates.
  • They have been in closed beta for several months now, and will be opening to a public beta Dec 3rd (tomorrow)
  • This guide is particularly timely, since by the time most of you are watching this episode, the public beta will be up and running.
  • Most of the instructions are fairly straight-forward. She starts by installing the lets-encrypt package from ports/pkg and modifying her nginx with a ‘catch-all’ vhost that re-directs traffic to the https versions of a site.
  • With that done, the certificate creation is just a few commands to get started, in which she shows creating a cert for multiple domains
  • As a bonus! She includes a nice renewal script which can be run from cron. It will monitor the certs daily, and renew it when it’s 14 days from expiring, or throw an error for somebody to look at.

Mike Larkins OpenBSD vmm subsystem now in tree

  • An openBSD native hypervisor has taken another step closer to reality, with Mike Larkin pushing the initial bits of “vmm” into the base kernel/world
  • He mentions in the commit message that it still needs a lot of work, and as such is disabled by default.
  • However for the adventurous among you, it can be turned on and tested
  • Right now there is no BIOS, and as such it can only be used to boot other OpenBSD instances, although he mentions other BSD’s could be supported fairly quickly (He did a 1 hour port to bootstrap NetBSD)
  • No big documentation expected for this release, since there is so much ongoing churn. Take a look at the man page for details on getting started.

The story of how Yahoo switched to FreeBSD

  • Yahoo originally started running on SunOS, but quickly found it not able to cope with the high frequency of HTTP requests
  • “Having spend many frustrating hours trying to install other PC OS's, I was a bit skeptical. I had no intention of spending three days trying to install yet another one. To my surprise I went to the FreeBSD Web site, downloaded the floppy boot image, booted a PC with the created floppy, answered a few install questions, and a few minutes later FreeBSD was installing over the Net. The real surprise was when I came back later to a fully configured system that actually worked.”
  • “If anything had gone wrong with that install it would likely been the end of that trial. Luckily for us that it was the easiest and most painless OS installs I had ever experienced.”
  • Just that easily, Yahoo might never have ended up on FreeBSD
  • “A couple of days later we added a FreeBSD box to our cluster of Web servers. Not only did it out-perform the rest of our machines, but it was more stable.”
  • From my understanding of stories told over dinner, Yahoo had a few very important perl scripts, and they tended to crash on Linux, but kept running without issue on FreeBSD
  • Related hackernews thread

iXsystems


Interview - Mark Heily - mark@heily.com / @MarkHeily


News Roundup

Inline Intrusion Prevision System is an upcoming OPNSense Feature

  • The next OPNSense release, 16.1 is around the corner and today we have a sneak peek at their new Inline Intrusion Prevention system
  • Suricata working with Netmap 2.1 enabled version, which allows Deep Packet Inspection of traffic. Such as looking at each packet individually and only blocking specific ones. They use the example of blocking Warcraft (oh noes!)
  • Enabling this feature is just a simple mouse-click away, and various default rules are included as part of the Emerging Threats Community rules.

Matthew Dillion working on Hardlinks in Hammer2

  • We have an interesting commit from Matthew Dillon for Hammer2, specifically targeted at hard-links
  • The backstory he gives us: “The H2 design has had a long-standing problem of losing track of hardlinks when intermediate directories are renamed, breaking the common-parent-directory design for the inode target.”
  • The implemented fix was one which instead places the hardlink target in the first common parent directory, which is marked with “xlink” via chflag
  • If no parent directory is marked “xlink”, it will fall-through instead to the root of the mount
  • They also modified their installworld to set “/” /usr/,/var/,/home/ as “xlink” flagged
  • This prevents moving hard-links across these directories, but is similar to dealing with multiple partitions / datasets already.

Japan's NetBSD User Group showed off some NetBSD machines at the 2015 Tokushima Open Source Conference

  • It’s been a little while since we’ve shown off a bunch of odd devices running NetBSD, but we have an update from the 2015 Tokushima Open Source Conference.
  • This time around, we have pictures of the booth, as well as a variety of oddities such as:
  • ODroid-C1 / Sharp X68030
  • Sharp NetWalker
  • Sharp WZero3 (Cell phone)
  • Give them a look, this time around they have nice cards pictured which details the hardware being used (in english none the less!)

One of the three OpenBSD users Blog Post by Adam Wolk

  • An OpenBSD user comments on a recent interaction with the syncthing project (a dropbox like alternative)
  • The application has an auto-update feature (which doesn’t mix well with package systems in the first place), but it doesn’t work on OpenBSD because there is no /proc/curproc/file to determine the filename of the executable. This is a trivially easy task, but when the bug was reported, syncthings response was “Maybe one of the three OpenBSD users feel strongly enough about this to propose a patch. :D”
  • Part of the issue is that many users (especially the type that would run OpenBSD) opt out of reporting metrics, so OpenBSD is under-represented in the metrics the project developers are basing their decisions on
  • Maybe someone can post a patch to solve the problem. While FreeBSD can provide a linux procfs, it would be better to use a more portable way to get the location of the process binary

BeastieBits


Feedback/Questions


  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Latest News

Two Year Anniversary

2015-08-08

We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...


Episode 170: Sandboxing Cohabitation

2016-11-30

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines EuroBSDcon 2016 Presentation Slides Due to circumstances beyond the control of the organizers of EuroBSDCon, there were not recordings of the talks given at the event. However, they have collected the slide decks from each of the speakers and assembled them on...

Episode 169: Scheduling your NetBSD

2016-11-23

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines Production ready Ted Unangst brings us a piece on what it means to be Production Ready He tells the story of a project he worked on that picked a framework that was “production ready” They tested time zones, and it all seemed to...

Episode 168: The Post Show Show

2016-11-16

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines Build a FreeBSD 11.0-release Openstack Image with bsd-cloudinit We are going to prepare a FreeBSD image for Openstack deployment. We do this by creating a FreeBSD 11.0-RELEASE instance, installing it and converting it using bsd-cloudinit. We'll use the CloudVPS...

Episode 167: Playing the Long Game

2016-11-09

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Interview - Scott Long - scottl@freebsd.org FreeBSD & Netflix Feedback/Questions Zack - USB Config Jens - VMs, Jails and Containers Ranko - Tarsnap Keys Alex - OpenBSD in Hyper-V Curt - Discussion Segment Send questions, comments, show ideas/topics, or stories you want mentioned...