Another Data Center Site Visit – NYI

Glen Barber at the FreeBSD Foundation made a visit to New York Internet data center, which houses some FreeBSD servers. Follow them along on their journey through the internet’s closets:

Original: http://freebsdfoundation.blogspot.com/2015/05/another-data-center-site-visit-nyi.html

No Systems Administrators Were Harmed While Writing This Blog Entry

Mmm…  Freshly-unboxed servers.  There really is nothing better to wake up to in the morning.

Well, okay, coffee.  But new servers – definitely second.

In late April, the FreeBSD Foundation generously purchased more machines to keep the FreeBSD.org infrastructure operating smoothly.  While the new servers are not yet in production (a task the Cluster Administrators will undertake while at BSDCan in June), we have planned far in advance what we intend to do with the new hardware.

In mid-May, I spent several days at our East-Coast US colocation facility, racking, cabling, installing, and configuring the new servers.

As They Say in Real-Estate: Colocation, Colocation, Colocation

The new hardware is located at New York Internet in Bridgewater, New Jersey, who generously provides colocation services to the FreeBSD Project.  They have an amazing staff, and whether we are on-site or working with them through their ticket system, are always friendly, knowledgeable, and of course, helpful.

New Hardware Specs

[Read more…]

PC-BSD 10.1.2: an Interview with Kris Moore

Mark VonFange interviews developer Kris Moore about PC-BSD 10.1.2 and what’s in store for future releases.

Original: http://blog.pcbsd.org/2015/05/pc-bsd-10-1-2-an-interview-with-kris-moore/

PC-BSD 10.1.2 has been released, so we thought we’d talk to project lead, Kris Moore, to see what’s in store!

KrisMug2015

Q: What new features and improvements are available in PC-BSD 10.1.2?

This quarterly update got a LOT of new features, partly so we would have time to really play with them before the 10.2 release later this summer.  Most of them are security and privacy focused, but there are some other neat things as well.  In no particular order, these are some of the best ones:

* PersonaCrypt – Our new privacy utility that offers a few cool new features.

In its default mode, it can setup your entire user $HOME directory on a geli-backed external device, such as a fast SSD Flash Stick (Using the 256GB Corsair Flash Voyager GTX here). At the login screen, you will then enter your normal user password, along with a decryption password to mount your home-directory. The GELI key is split in two, so you can “pair” the memory stick with your system, so even if the stick is stolen, and somebody gets the password, it is still worthless without the “paired” system. Another benefit of this technology is that you can bring your work with you when you travel between desktops, or jump from a desktop to laptop. I’m using it now for conferences and being on the road, since all my development work and important data is on my $HOME, meaning I can just unplug and keep working on my laptop without  having to keep files in sync.

Another side of PersonaCrypt is something we call “Stealth” mode, which allows you to do a desktop login with a one-time GELI-key encrypted $HOME directory with no personal data. Think of it as privacy mode  in a web-browser, but for your entire desktop session. This also plays nicely with the following new feature.

* Tor transparent proxy support

10.1.2 includes an easy way to switch between your normal internet connectivity, and “Tor” mode by clicking a single button on the system tray. In Tor mode, the firewall acts as a transparent proxy, forcing all internet traffic to be routed through the Tor network, including DNS requests. All other traffic which may expose your system on the internet is blocked. This goes a step beyond just running Tor as a browser proxy, since you can’t always trust plugins (cough *flash/java*) and other apps to behave properly.

* 4K Monitor support

[Read more…]

For FreeBSD automatic installation of using bsdinstall [ZFS Operations]

This tutorial by user kunst1080 shows us how to get an FreeBSD automatic installation set up using bsdinstall. *Note that this is a translated article.

Original: http://kunst1080.hatenablog.com/entry/2015/05/30/181955, translated:  http://kunst1080.hatenablog.com/entry/2015/05/31/221431

bsdinstall-config-components

Now, we take a look at how to install to ZFS using bsdinstall.

Installation of ZFS in an auto layout

As it is described in the manual, to the first half (PREAMBLE), if describe the environment variable “ZFSBOOT_DISKS” instead of “PARTITIONS”, ZFS allows you to install to.

However, care must be taken of the following two points.

  • If you want to automatically install, set environment variable “nonInteractive”.
  • It needs to be export environment variables “ZFSBOOT_DISKS” and “nonInteractive”.

In particular, care must be taken with regard to the second point.

(I tried to read freebsd/script at master · freebsd/freebsd · GitHub, I am feeling that because DISTRIBUTIONS has been export, but such ZFSBOOT_DISKS has not been export, …… and it is the cause)

First half (PREAMBLE)

[Read more…]

How to Run a Django Site with Apache, mod_wsgi, and MySQL on FreeBSD 10.1

This tutorial by FreeBSD user Chad Stovern (DigitalOcean) shows us how to get a Django website set up with Apache, mod_wsgi, and MySQL on FreeBSD 10.1.

Original: https://www.digitalocean.com/community/tutorials/how-to-run-a-django-site-with-apache-mod_wsgi-and-mysql-on-freebsd-10-1

django apache_software_foundation_logo_3074   mysql-logo

Introduction

This article shows you how to deploy a web application using Django, the popular Python framework. The beauty of developing with popular web frameworks is that a lot of repetitious work has been done for you, so you can focus on building your site.

Whether you’re a developer or not, it’s great to know that the core of what you’re running on your Droplet has undergone the scrutiny of a large open-source community and should be less susceptible to large security holes.

One thing that is not inherently simple is knowing how to get these web frameworks up and running outside of your own development or testing environment. In this article we’ll show you how to do just that, using a standard Apache, mod_wsgi, and MySQL stack running on top of FreeBSD 10.1.

Goals

  • Install and configure a Python virtual environment for your Django site
  • Create and configure a sample Django site for testing
  • Configure a simple and secure MySQL server
  • Configure a simple Apache virtual host that will serve your Django site
  • Test that the newly minted site works properly

Prerequisites

Before you begin this guide you’ll need the following:

  • A FreeBSD 10.1 Droplet
  • Access to your root account or an account with sudo privileges following this tutorial
  • A working knowledge of how to edit text files from the command line
  • The Bash shell environment, since we’ll be using Virtualenv later on this tutorial. Follow the instructions in the Changing the Default Shell section of the How To Get Started with FreeBSD 10.1 tutorial. You may need to log out and log in again to get the Bash shell for your freebsd user

FreeBSD Foundation May 2015 Update

The FreeBSD Foundation have published their updates for May 2015. Follow the link for news on development projects, conferences, a behind-the-scene look on FreeBSD running on servers, as well as this year’s fundraising goals. We would also like to extend our condolences to long time BSD advocate, Paul Schenkeveld, his contributions to the community will be remembered.

freebsdfoundationThe start of summer is upon us and that also means the beginning of a particularly fun few months at the Foundation. From meeting FreeBSD developers at BSD events to installing new hardware, we’re continuing to come up with new ways to support the Project. As always, we can’t do anything without your help so, thank you again for all you do, and enjoy our latest update!
Deb
View the FreeBSD Foundation May 2015 Update: https://www.freebsdfoundation.org/press/2015mayupdate.pdf

A Repository with 44 Years of Unix Evolution

provenance.png

Interested in a bit of some FreeBSD history? This article by, Diomidis Spinellis (Department of Management Science and Technology, Athens University of Economics and Business), details the history of Unix’s evolution of the repository system all the way to its use in FreeBSD.

Original PDF: http://www.dmst.aueb.gr/dds/pubs/conf/2015-MSR-Unix-History/html/Spi15c.pdf
Original HTML: http://www.dmst.aueb.gr/dds/pubs/conf/2015-MSR-Unix-History/html/Spi15c.html

A Repository with 44 Years of Unix Evolution

Abstract

The evolution of the Unix operating system is made available as a version-control repository, covering the period from its inception in 1972 as a five thousand line kernel, to 2015 as a widely-used 26 million line system. The repository contains 659 thousand commits and 2306 merges. The repository employs the commonly used Git system for its storage, and is hosted on the popular GitHub archive. It has been created by synthesizing with custom software 24 snapshots of systems developed at Bell Labs, Berkeley University, and the 386BSD team, two legacy repositories, and the modern repository of the open source FreeBSD system. In total, 850 individual contributors are identified, the early ones through primary research. The data set can be used for empirical research in software engineering, information systems, and software archaeology.

1  Introduction

The Unix operating system stands out as a major engineering breakthrough due to its exemplary design, its numerous technical contributions, its development model, and its widespread use. The design of the Unix programming environment has been characterized as one offering unusual simplicity, power, and elegance [1]. On the technical side, features that can be directly attributed to Unix or were popularized by it include [2]: the portable implementation of the kernel in a high level language; a hierarchical file system; compatible file, device, networking, and inter-process I/O; the pipes and filters architecture; virtual file systems; and the shell as a user-selectable regular process. A large community contributed software to Unix from its early days [3], [4,pp. 65-72]. This community grew immensely over time and worked using what are now termed open source software development methods [5,pp. 440-442]. Unix and its intellectual descendants have also helped the spread of the C and C++ programming languages, parser and lexical analyzer generators (yacc, lex), document preparation tools (troff, eqn, tbl), scripting languages (awk, sed, Perl), TCP/IP networking, and configuration management systems (SCCS, RCS, Subversion, Git), while also forming a large part of the modern internet infrastructure and the web.

Luckily, important Unix material of historical importance has survived and is nowadays openly available. Although Unix was initially distributed with relatively restrictive licenses, the most significant parts of its early development have been released by one of its right-holders (Caldera International) under a liberal license. Combining these parts with software that was developed or released as open source software by the University of California, Berkeley and the FreeBSD Project provides coverage of the system’s development over a period ranging from June 20th 1972 until today.

Curating and processing available snapshots as well as old and modern configuration management repositories allows the reconstruction of a new synthetic Git repository that combines under a single roof most of the available data. This repository documents in a digital form the detailed evolution of an important digital artefact over a period of 44 years. The following sections describe the repository’s structure and contents (Section II), the way it was created (Section III), and how it can be used (Section IV).

2  Data Overview

[Read more…]

All-In-One Redux – Proxmox & FreeNAS

Original: http://churnd.net/2014/03/30/all-in-one-redux-proxmox-and-freenas

Logo-ProxmoxVERGB_FreeNAS_Shark_Logo_Onlight_Lg

Why?

After using my VMware/NexentaStor All-In-One for a while, I grew tired of VMware’s bloat & limitations. Doing “cool stuff” in VMware requires a license, & vSphere Client only runs on Windows. I got tired of starting up a Windows VM just to manage my hypervisor. That’s the only thing I started Windows up for, and it got old. I wanted something I could manage directly from my primary OS, OS X, as well as lightweight & preferably open source.

There are plenty of hypervisor products on the market today, but I wanted to move to something open source & unix based. KVM has quickly become a big presense in this market, and for a good reason: it’s awesome. It’ll run on just about any hardware you have, and has even been ported to Solaris in the form of SmartOS.

What?

Host

Of the many great projects that use KVM, I chose Proxmox. Here’s a few of the many reasons why:

  • It’s OSS licensed AGPLv3.
  • It’s based on Debian.
  • The management is all web-based & some CLI.
  • It supports QEMU & OpenVZ.
  • It supports OpenVSwitch.
  • It has a good community.
  • You can buy support if you want it.

I also checked out oVirt & plain KVM/libvirt on CentOS. oVirt was a bit too bloated for my tastes. KVM/libvirt on CentOS wasn’t web based, but I almost went with them because I could have ran virt-manager via ssh X forwarding. I liked the Proxmox project a bit better.

Storage

[Read more…]

More Bacula Excludes with Jails and FreeBSD

In this tutorial, user shows how to get Bacula Excludes set up in your FreeBSD jails.

Original: http://dan.langille.org/2015/05/15/more-bacula-exclude

borg-logo

Following on from my post about excluding the base OS with a Bacula FileSet, I decided to exclude some more.

The starting point

Here are the baselines:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
*estimate level=full job="knew jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client knew-fd at knew.int.unixathome.org:9102
2000 OK estimate files=496,579 bytes=70,810,186,782
*estimate level=full job="tallboy jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client tallboy-fd at tallboy.vpn.unixathome.org:9102
2000 OK estimate files=163,040 bytes=3,628,862,728
*estimate level=full job="zuul jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client zuul-fd at zuul.unixathome.org:9102
2000 OK estimate files=574,237 bytes=117,950,136,800

What else will I exclude?

I decided to exclude the following as well:

1
2
3
4
5
6
7
8
/tmp
/usr/local/man
/usr/local/share/licenses
/usr/local/share/locale
/var/cache/pkg
/var/db/ports
/var/db/portsnap
/var/tmp/nginx

Adding iocage support

Along the way, I extended the Exclude to work on server using the iocage jail management tool. I also split the Exclude out into its own file.

Here is the iocage Exclude:

[Read more…]