All-In-One Redux – Proxmox & FreeNAS




After using my VMware/NexentaStor All-In-One for a while, I grew tired of VMware’s bloat & limitations. Doing “cool stuff” in VMware requires a license, & vSphere Client only runs on Windows. I got tired of starting up a Windows VM just to manage my hypervisor. That’s the only thing I started Windows up for, and it got old. I wanted something I could manage directly from my primary OS, OS X, as well as lightweight & preferably open source.

There are plenty of hypervisor products on the market today, but I wanted to move to something open source & unix based. KVM has quickly become a big presense in this market, and for a good reason: it’s awesome. It’ll run on just about any hardware you have, and has even been ported to Solaris in the form of SmartOS.



Of the many great projects that use KVM, I chose Proxmox. Here’s a few of the many reasons why:

  • It’s OSS licensed AGPLv3.
  • It’s based on Debian.
  • The management is all web-based & some CLI.
  • It supports QEMU & OpenVZ.
  • It supports OpenVSwitch.
  • It has a good community.
  • You can buy support if you want it.

I also checked out oVirt & plain KVM/libvirt on CentOS. oVirt was a bit too bloated for my tastes. KVM/libvirt on CentOS wasn’t web based, but I almost went with them because I could have ran virt-manager via ssh X forwarding. I liked the Proxmox project a bit better.


[Read more…]

More Bacula Excludes with Jails and FreeBSD

In this tutorial, user shows how to get Bacula Excludes set up in your FreeBSD jails.



Following on from my post about excluding the base OS with a Bacula FileSet, I decided to exclude some more.

The starting point

Here are the baselines:

*estimate level=full job="knew jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client knew-fd at
2000 OK estimate files=496,579 bytes=70,810,186,782
*estimate level=full job="tallboy jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client tallboy-fd at
2000 OK estimate files=163,040 bytes=3,628,862,728
*estimate level=full job="zuul jail snapshots"
Using Catalog "MyCatalog"
Connecting to Client zuul-fd at
2000 OK estimate files=574,237 bytes=117,950,136,800

What else will I exclude?

I decided to exclude the following as well:


Adding iocage support

Along the way, I extended the Exclude to work on server using the iocage jail management tool. I also split the Exclude out into its own file.

Here is the iocage Exclude:

[Read more…]

Yes You Can Virtualize FreeNAS

Josh Paetzel has confirmed that FreeNAS can be used in a virtualized environment. FreeNAS is an open source network attaced storage operating system based on FreeBSD. Check out the guide below to get an idea of your use case or visualization scenario.


FreeNAS is the world’s most popular open source storage OS, and one of the more popular questions I get asked is, “How do I run FreeNAS as a VM?” Due to the number of caveats required to answer that question, I would typically short-circuit the conversation by recommending against it, or only recommend it for test environments since the prerequisite knowledge required to “do it right” can’t be passed on quickly. Somehow over time, this message morphed into a general consensus that “you cannot (or shouldn’t) virtualize FreeNAS at all under any circumstances”, which wasn’t my intention. So, I’m here to set the record straight once and for all: You absolutely can virtualize FreeNAS.


Whether you are test driving the functionality of FreeNAS, testing an upgrade for compatibility in your environment, or you want to insulate your FreeNAS system from hardware faults, virtualization can provide many well understood benefits. That said, while FreeNAS can and will run as a virtual machine, it’s definitely not ideal for every use case. If you do choose to run FreeNAS under virtualization, there are some caveats and precautions that must be considered and implemented. In this post I’ll describe what they are so that you can make well-informed choices.

Before we get started though, I should probably start with a disclaimer…



If best practices and recommendations for running FreeNAS under virtualization are followed, FreeNAS and virtualization can be smooth sailing. However, failure to adhere to the recommendations and best practices below can result in catastrophic loss of your ZFS pool (and/or data) without warning. Please read through them and take heed.

[Read more…]

Adrian Chadd: freebsd-wifi-build, or “wait, you can run freebsd on atheros MIPS access points? where do I get that?”

In this blog, Adrian Chadd discusses FreeBSD on Atheros MIPS access points.


I’ve been running FreeBSD at home as my primary internet/wifi access for a few years now. It’s cheap, it’s easy to do, and I’ve tried very hard to wrap up the whole process into a mostly-simple build system that spits out a useful image to use.

It’s pretty simple in concept – I take FreeBSD-HEAD, build it with some cut-down options, create a custom filesystem image with some custom boot scripts and a custom configuration file, and provide an image that you can TFTP (using a serial console and ethernet cable) or upload directly to the AP if it supports it.

The supported hardware list is here:

Now, it’s not a huge list like OpenWRT, but that’s mostly because I don’t have an infinite supply of Atheros MIPS based routers. I think I’ll get some of the TP-Link Archer series stuff next.

Building it is pretty simple:

You checkout the build repo, check out FreeBSD-HEAD, install a couple of packages, and run the build for your board. Once it’s done, the images for your board appear in ../tftpboot/. There’s a wiki page for each of the supported boards with a walkthrough with how to get FreeBSD going on it.

[Read more…]

HOWTO: Use security/logcheck to keep tabs on your system

This tutorial by user junovitch shows us how to use security/logcheck to keep tabs on your FreeBSD system.

security/logcheck is a useful tool to help keep tabs on your system logs. Per the port’s pkg-descr:

Logcheck is fairly easy to initially set up but can take some time to trim down the list of what you consider “normal” to reduce the amount of noise produced. The purpose of this little guide will be to cover that initial setup, provide a few examples of configuration, and hopefully be a small stash of good examples from others.

  1. Install security/logcheck
    pkg install logcheck
  2. Monitoring /var/log/auth.log makes sense as a best practice, modify newsyslog.conf(5) to allow the logcheck group access to /var/log/auth.log and then fix permissions on the current file.
    perl -pwi -e 'if (/auth\.log/) {s/auth\.log\t\t/auth.log\troot:logcheck/; s/600/640/; }' /etc/newsyslog.conf
    chown root:logcheck /var/log/auth.log
    chmod 640  /var/log/auth.log
  3. Finally, copy the default file for crontab(1) from the installed example and fix permissions.
    cp /usr/local/share/examples/logcheck/ /var/cron/tabs/logcheck
    chmod 600 /var/cron/tabs/logcheck

At this point, Logcheck is fully setup and will email you every hour.

  • Don’t like the default interval? Change it.
    crontab -u logcheck -e
  • Don’t like all the emails accumulating for the logcheck user? Add an entry to /etc/mail/aliases.
    logcheck:  jason
  • Not enough noise? Enable logging to /var/log/all.log to get even more detail.
    perl -pwi -e 'if (/all\.log/)  {s/#\*\.\*/\*\.\*/;}' /etc/syslog.conf
    perl -pwi -e 'if (/all\.log/)  {s/all\.log\t\t/all.log\troot:logcheck/;   s/600/640/; }' /etc/newsyslog.conf
    touch /var/log/auth.log
    chown root:logcheck /var/log/all.log
    chmod 640 /var/log/all.log
    service syslogd restart

    Now set Logcheck to check /var/log/all.log instead of /var/log/messages.

    cat > /usr/local/etc/logcheck/logcheck.logfiles << 'EOF'


How to Install MongoDB on FreeBSD 10.1

This tutorial by user Hathy A of DigitalOcean shows us how to get MongoDB set up on FreeBSD 10.1.




MongoDB is a free and open-source NoSQL database. It is one of the most popular databases used in web applications today because it offers high performance, scalability, and lots of flexibility in database schema design. In this tutorial, you will learn how to install and run MongoDB on FreeBSD 10.1.


To follow this tutorial, you need to have:

  • A FreeBSD 10.1 server which is accessible over SSH
  • A user with root privileges; the default freebsd user on DigitalOcean is fine
  • SSH key

A FreeBSD Droplet requires an SSH Key for remote access. The freebsd user is automatically created, and your SSH key is added to this user account. A root password will not be emailed out for FreeBSD. For help on setting up an SSH Key, read How To Configure SSH Key-Based Authentication on a FreeBSD Server.

Note: Check out the Getting Started with FreeBSD Tutorial Series for help on installing and using FreeBSD 10.1.

Step 1 — Installing the Package Management Tool

[Read more…]

Recompile A FreeBSD Kernel With A Custom Configuration

This tutorial by user anismaj shows us how to recompile your FreeBSD kernel with a custom configuration.

Original post:

FreeBSD is a free Unix-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD). Although for legal reasons FreeBSD cannot use the Unix trademark, it is a direct descendant of BSD, which was historically also called “BSD Unix” or “Berkeley Unix”. The first version of FreeBSD was released in 1993, and today FreeBSD is the most widely used open-source BSD distribution, accounting for more than three-quarters of all installed systems running open-source BSD derivatives.

FreeBSD has similarities with Linux, with two major differences in scope and licensing: FreeBSD maintains a complete operating system, i.e. the project delivers kernel, device drivers, userland utilities and documentation, as opposed to Linux delivering a kernel and drivers only and relying on third-parties for system software and FreeBSD source code is generally released under a permissive BSD license as opposed to the copyleft GPL.

It uses the GENERIC kernel by default. FreeBSD’s kernel provides support for some essential tasks such as managing processes, communication, booting and filesystems. In this article, we will show you how you can recompile a FreeBSD kernel with a custom configuration.

Some Features of FreeBSD and kernel

From the different features we can list the following ones:

  • FreeBSD 10.0 now supports a truly tickless kernel, enhancing battery performance on laptops and general resource effectiveness in virtual machines.
  • AMD GPUs kernel mode setting supports the use of newer xf86-video-ati drivers and AMD GPUs
  • FreeBSD 10.0 brings with it support for ZFS TRIM and it also supports LZ4 compression support which compresses much better (up to 50%) than the default LZJB compression
  • BSD-kernel are not stand-alone kernels but are developed as being part of a whole. Of course, this is merely a philosophical point of view and not a technical one, but this give system coherence


As prerequisites for this article you need to need just to have a one FreeBSD 10.1 Droplet to be able to use the following commands; we assume that you are a FreeBSD user.

[Read more…]

Difference between FreeBSD versions

New to FreeBSD? Make sure you are choosing the right version suitable for you, if you plan on installing FreeBSD. Thanks to user Chris S for the tip.

What is the difference between the three FreeBSD versions (Current, Release and Stable)?

  • Current is the latest “beta” software.This is what the developers are working on mainly. It has minimal testing, basically if it compiles they’ll push it into the repository. If you’re interested in developing or testing development version this is what you’re looking for.
  • Release is the software as it first appeared under a certain release version.This is the software exactly as it was “released”. If you’re running 9.3-RELEASE then it is that version as originally released, without base or kernel updates. If you update a RELEASE version it will append a revision tag. This is typically what people run when they used precompiled versions of FreeBSD.
  • Stable is the latest “supported” software within a version branch.This is tested versions of the software published between releases. It has more rigerous testing than the Current branch, but will change as new fixes and sometimes features are added. It doesn’t have the same feature stability a release.

Original post: