BSD Now - Episodes Tagged with “Openstack”

43: Package Design

JT Pennington — Wed, 25 Jun 2014 08:00:00 -0400

It's a big show this week! We'll be interviewing Marc Espie about OpenBSD's package system and build cluster. Also, we've been asked many times "how do I keep my BSD box up to date?" Well, today's tutorial should finally answer that. Answers to all your emails and this week's headlines, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

EuroBSDCon 2014 talks and schedule

The talks and schedules for EuroBSDCon 2014 are finally revealed
The opening keynote is called "FreeBSD, looking forward to another 10 years" by jkh
Lots of talks spanning FreeBSD, OpenBSD and PCBSD, and we finally have a few about NetBSD and DragonflyBSD too! Variety is great
It looks like Theo even has a talk, but the title isn't on the page... how mysterious
There are also days dedicated to some really interesting tutorials
Register now, the conference is on September 25-28th in Bulgaria
If you see Allan and Kris walking towards you and you haven't given us an interview yet... well you know what's going to happen
Why aren't the videos up from last year yet? Will this year also not have any? ***

FreeNAS vs NAS4Free

More mainstream news covering BSD, this time with an article about different NAS solutions
In a possibly excessive eight-page article, Ars Technica discusses the pros and cons of both FreeNAS and NAS4Free
Both are based on FreeBSD and ZFS of course, but there are more differences than you might expect
Discusses the different development models, release cycles, features, interfaces and ease-of-use factor of each project
"One is pleasantly functional; the other continues devolving during a journey of pain" - uh oh, who's the loser? ***

Quality software costs money, heartbleed was free

PHK writes an article for ACM Queue about open source software projects' funding efforts
A lot of people don't realize just how widespread open source software is - TVs, printers, gaming consoles, etc
The article discusses ways to convince your workplace to fund open source efforts, then goes into a little bit about FreeBSD and Varnish's funding
The latest heartbleed vulnerability should teach everyone that open source projects are critical to the internet, and need people actively maintaining them
On that subject, "Earlier this year the OpenSSL Heartbleed bug laid waste to Internet security, and there are still hundreds of thousands of embedded devices of all kinds—probably your television among them—that have not been and will not ever be software-upgraded to fix it. The best way to prevent that from happening again is to avoid having bugs of that kind go undiscovered for several years, and the only way to avoid that is to have competent people paying attention to the software"
Consider donating to your favorite BSD foundation (or buying cool shirts and CDs!) and keeping the ecosystem alive ***

Geoblock evasion with pf and OpenBSD rdomains

Geoblocking is a way for websites to block visitors based on the location of their IP
This is a blog post about how to get around it, using pf and rdomains
It has the advantage of not requiring any browser plugins or DNS settings on the users' computers, you just need to be running OpenBSD on your router (hmm, if only a website had a tutorial about that...)
In this post, the author wanted to get an American IP address, since the service he was using (Netflix) is blocked in Australia
It's got all the details you need to set up a VPN-like system and bypass those pesky geographic filters ***

Interview - Marc Espie - espie@openbsd.org / @espie_openbsd

OpenBSD's package system, building cluster, various topics

Tutorial

Keeping your BSD up to date

News Roundup

BoringSSL and LibReSSL

Yet another OpenSSL fork pops up, this time from Google, called BoringSSL
Adam Langley has a blog post about it, why they did it and how they're going to maintain it
You can easily browse the source code
Theo de Raadt also weighs in with how this effort relates to LibReSSL
More eyes on the code is good, and patches will be shared between the two projects ***

More BSD Tor nodes wanted

Friend of the show bcallah posts some news to the Tor-BSD mailing list about monoculture in the Tor network being both bad and dangerous
Originally discussed on the Tor-Relays list, it was made apparent that having such a large amount of Linux nodes weakens the security of the whole network
If one vulnerability is found, a huge portion of the network would be useless - we need more variety in the network stacks, crypto, etc.
The EFF is also holding a Tor challenge for people to start up new relays and keep them online for over a year
Check out our Tor tutorial and help out the network, and promote BSD at the same time! ***

FreeBSD 10 OpenStack images

OpenStack, to quote Wikipedia, is "a free and open-source software cloud computing platform. It is primarily deployed as an infrastructure as a service (IaaS) solution."
The article goes into detail about creating a FreeBSD instant, installing and converting it for use with "bsd-cloudinit"
The author of the article is a regular listener and emailer of the show, hey! ***

BSDday 2014 call for papers

BSD Day, a conference not so well-known, is going to be held August 9th in Argentina
It was created in 2008 and is the only BSD conference around that area
The "call for papers" was issued, so if you're around Argentina and use BSD, consider submitting a talk
Sysadmins, developers and regular users are, of course, all welcome to come to the event ***

Feedback/Questions

42: Devious Methods

JT Pennington — Wed, 18 Jun 2014 08:00:00 -0400

Coming up this week, we'll be showing you how to chain SSH connections, as well as some cool tricks you can do with it. Going along with that theme, we also have an interview with Bryce Chidester about running a BSD-based shell provider. News, emails and cowsay turkeys, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

PIE and ASLR in FreeBSD update

A status update for Shawn Webb's ASLR and PIE work for FreeBSD
One major part of the code, position-independent executable support, has finally been merged into the -CURRENT tree
"FreeBSD has supported loading PIEs for a while now, but the applications in base weren't compiled as PIEs. Given that ASLR is useless without PIE, getting base compiled with PIE support is a mandatory first step in proper ASLR support"
If you're running -CURRENT, just add "WITH_PIE=1" to your /etc/src.conf and /etc/make.conf
The next step is working on the ASLR coding style and getting more developers to look through it
Shawn will also be at EuroBSDCon (in September) giving an updated version of his BSDCan talk about ASLR ***

Misc. pfSense news

Couple of pfSense news items this week, including some hardware news
Someone's gotta test the pfSense hardware devices before they're sold, which involves powering them all on at least once
To make that process faster, they're building a controllable power board (and include some cool pics)
There will be more info on that device a bit later on
On Friday, June 27th, there will be another video session (for paying customers only...) about virtualized firewalls
pfSense University, a new paid training course, was also announced
A single two-day class costs $2000, ouch ***

ZFS stripe width

A new blog post from Matt Ahrens about ZFS stripe width
"The popularity of OpenZFS has spawned a great community of users, sysadmins, architects and developers, contributing a wealth of advice, tips and tricks, and rules of thumb on how to configure ZFS. In general, this is a great aspect of the ZFS community, but I’d like to take the opportunity to address one piece of misinformed advice"
Matt goes through different situations where you would set up your zpool differently, each with their own advantages and disadvantages
He covers best performance on random IOPS, best reliability, and best space efficiency use cases
It includes a lot of detail on each one, including graphs, and addresses some misconceptions about different RAID-Z levels' overhead factor ***

FreeBSD 9.3-BETA3 released

The third BETA in the 9.3 release cycle is out, we're slowly getting closer to the release
This is expected to be the final BETA, next will come the RCs
There have mostly just been small bug fixes since BETA2, but OpenSSL was also updated and the arc4random code was updated to match what's in -CURRENT (but still isn't using ChaCha20)
The FreeBSD foundation has a blog post about it too
There's a list of changes between 9.2 and 9.3 as well, but we'll be sure to cover it when the -RELEASE hits ***

Interview - Bryce Chidester - brycec@devio.us / @brycied00d

Running a BSD shell provider

Tutorial

Chaining SSH connections

News Roundup

My FreeBSD adventure

A Slackware user from the "linux questions" forum decides to try out BSD, and documents his initial impressions and findings
After ruling out PCBSD due to the demanding hardware requirements and NetBSD due to "politics" (whatever that means, his words) he decides to start off with FreeBSD 10, but also mentions trying OpenBSD later on
In his forum post, he covers the documentation (and how easy it makes it for a switcher), dual booting, packages vs ports, network configuration and some other little things
So far, he seems to really enjoy BSD and thinks that it makes a lot of sense compared to Linux
Might be an interesting, ongoing series we can follow up on later ***

Even more BSDCan trip reports

BSDCan may be over until next year, but trip reports are still pouring in
This time we have a summary from Li-Wen Hsu, who was paid for by the FreeBSD foundation
He's part of the "Jenkins CI for FreeBSD" group and went to BSDCan mostly for that
Nice long post about all of his experiences at the event, definitely worth a read
He even talks about... the food ***

FreeBSD disk partitioning

For his latest book series on FreeBSD's GEOM system, MWL asked the hackers mailing list for some clarification
This erupted into a very long discussion about fdisk vs gnop vs gpart
So you don't have to read the 500 mailing list posts, he's summarized the findings in a blog post
It covers MBR vs GPT, disk sector sizes and how to handle all of them with which tools ***

BSD Router Project version 1.51

A new version of the BSD Router Project has been released, 1.51
It's now based on FreeBSD 10-STABLE instead of 10.0-RELEASE
Includes lots of bugfixes and small updates, as well as some patches from pfSense and elsewhere
Check the sourceforge page for the complete list of changes
Bad news... the minimum disk size requirement has increased to 512MB... getting pretty bloated ***

Feedback/Questions

24: The Cluster & The Cloud

JT Pennington — Wed, 12 Feb 2014 08:00:00 -0500

This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

FreeBSD 10 as a firewall

Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead
Now, with the release of 10.0, he's apparently changed his mind and switched back over
It mentions the SMP version of pf, general performance advantages and more modern features
The author is a regular listener of BSD Now, hi Joe! ***

Network Noise Reduction Using Free Tools

Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD
Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD's spamd and other security features to combat spam and malware
He goes through his experiences with content filtering and disappointment with a certain proprietary vendor
Not totally BSD-specific, lots of people can enjoy the article - lots of virus history as well ***

FreeBSD ASLR patches submitted

So far, FreeBSD hasn't had Address Space Layout Randomization
ASLR is a nice security feature, see wikipedia for more information
With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)
We might have Shawn on the show to talk about it, but he's also giving a presentation at BSDCan about his work with ASLR ***

Old-style pkg_ tools retired

At last the old pkg_add tools are being retired in FreeBSD
pkgng is a huge improvement, and now portmgr@ thinks it's time to cut the cord on the legacy toolset
Ports aren't going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go
All pkg_ tools will be considered unsupported on September 1, 2014 - even on older branches ***

Interview - Luke Marsden - luke@hybridcluster.com / @lmarsden

BSD at HybridCluster

Tutorial

Filesharing with chrooted SFTP

News Roundup

FreeBSD on OpenStack

OpenStack is a cloud computing project
It consists of "a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API."
Until now, there wasn't a good way to run a full BSD instance on OpenStack
With a project in the vein of Colin Percival's AWS startup scripts, now that's no longer the case! ***

FOSDEM BSD videos

This year's FOSDEM had seven BSD presentations
The videos are slowly being uploaded for your viewing pleasure
Not all of the BSD ones are up yet, but by the time you're watching this they might be!
Check this directory for most of 'em
The BSD dev room was full, lots of interest in what's going on from the other communities ***

The FreeBSD challenge finally returns!

Due to prodding from a certain guy of a certain podcast, the "FreeBSD Challenge" series has finally resumed
Our friend from the Linux foundation picks up with day 11 and day 12 on his switching from Linux journey
This time he outlines the upgrade process of going from 9 to 10, using freebsd-update
There's also some notes about different options for upgrading ports and some extra tips ***

PCBSD weekly digest

After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while
During their "fine tuning phase" users are encouraged to submit any and all bugs via the trac system
Warden got some fixes and the package manager got some updates as well
Huge size reduction in PBI format ***