Episode 101

I'll Fix Everything

Download Subscribe
00:00:00
/
01:33:09
RSS Feed Download (64 MB) Link with Timestamp

August 5th, 2015

1 hr 33 mins 9 secs

Link with Timestamp

Download MP3 (64 MB)

Your Hosts
Tags
cii bsdcan valleyview offsite backups zfs octeon hackathon c2k15 reddit server gateway firewall pf quakecon interview bsd guide howto tutorial pcbsd dragonflybsd netbsd openbsd freebsd

About this Episode

Coming up this week, we'll be talking with Adrian Chadd about an infamous reddit thread he made. With a title like "what would you like to see in FreeBSD?" and hundreds of responses, well, we've got a lot to cover...

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

Headlines

OpenBSD, from distribution to project

  • Ted Unangst has yet another interesting blog post up, this time covering a bit of BSD history and some different phases OpenBSD has been through
  • It's the third part of his ongoing series of posts about OpenBSD removing large bits of code in favor of smaller replacements
  • In the earliest days, OpenBSD collected and maintained code from lots of other projects (Apache, lynx, perl..)
  • After importing new updates every release cycle, they eventually hit a transitional phase - things were updated, but nothing new was imported
  • When the need arose, instead of importing a known tool to do the job, homemade replacements (OpenNTPD, OpenBGPD, etc) were slowly developed
  • In more recent times, a lot of the imported code has been completely removed in favor of the homegrown daemons
  • More discussion on HN and reddit ***

Remote ZFS mirrors, the hard way

  • Backups to "the cloud" have become a hot topic in recent years, but most of them require trade-offs between convenience and security
  • You have to trust (some of) the providers not to snoop on your data, but even the ones who allow you to locally encrypt files aren't without some compromise
  • As the author puts it: "We don't need live synchronisation, cloud scaling, SLAs, NSAs, terms of service, lock-ins, buy-outs, up-sells, shut-downs, DoSs, fail whales, pay-us-or-we'll-deletes, or any of the noise that comes with using someone else's infrastructure."
  • This guide walks you through setting up a FreeBSD server with ZFS to do secure offsite backups yourself
  • The end result is an automatic system for incremental backups that's backed (pun intended) by ZFS
  • If you're serious about keeping your important data safe and sound, you'll want to give this one a read - lots of detailed instructions ***

Various DragonFlyBSD updates

  • The DragonFly guys have been quite busy this week, making an assortment of improvements throughout the tree
  • Intel ValleyView graphics support was finally committed to the main repository
  • While on the topic of graphics, they've also issued a call for testing for a DRM update (matching Linux 3.16's and including some more Broadwell fixes)
  • Their base GCC compiler is also now upgraded to version 5.2
  • If your hardware supports it, DragonFly will now use an accelerated console by default ***

QuakeCon runs on OpenBSD

  • QuakeCon, everyone's favorite event full of rocket launchers, recently gave a mini-tour of their network setup
  • For such a crazy network, unsurprisingly, they seem to be big fans of OpenBSD and PF
  • In this video interview, one of the sysadmins discusses why he chose OpenBSD, what he likes about it, different packet queueing systems, how their firewalls and servers are laid out and much more
  • He also talks about why they went with vanilla PF, writing their ruleset from the ground up rather than relying on a prebuilt solution
  • There's also some general networking talk about nginx, reverse proxies, caching, fiber links and all that good stuff
  • Follow-up questions can be asked in this reddit thread
  • The host doesn't seem to be that familiar with the topics at hand, mentioning "OpenPF" multiple times among other things, so our listeners should get a kick out of it ***

Interview - Adrian Chadd - adrian@freebsd.org / @erikarn

Rethinking ways to improve FreeBSD

News Roundup

CII contributes to OpenBSD

  • If you recall back to when we talked to the OpenBSD foundation, one of the things Ken mentioned was the Core Infrastructure Initiative
  • In a nutshell, it's an organization of security experts that helps facilitate (with money, in most cases) the advancement of the more critical open source components of the internet
  • The group is organized by the Linux foundation, and gets its multi-million dollar backing from various big companies in the technology space (and donations from volunteers)
  • To ensure that OpenBSD and its related projects (OpenSSH, LibreSSL and PF likely being the main ones here) remain healthy, they've just made a large donation to the foundation - this makes them the first "platinum" level donor as well
  • While the exact amount wasn't disclosed, it was somewhere between $50,000 and $100,000
  • The donation comes less than a month after Microsoft's big donation, so it's good to see these large organizations helping out important open source projects that we depend on every day ***

Another BSDCan report

  • The FreeBSD foundation is still getting trip reports from BSDCan, and this one comes from Mark Linimon
  • In his report, he mainly covers the devsummit and some discussion with the portmgr team
  • One notable change for the upcoming 10.2 release is that the default binary repository is now the quarterly branch - Mark talks a bit about this as well
  • He also gives his thoughts on using QEMU for cross-compiling packages and network performance testing ***

Lumina 0.8.6 released

  • The PC-BSD team has released another version of Lumina, their BSD-licensed desktop environment
  • This is mainly a bugfix and performance improvement release, rather than one with lots of new features
  • The on-screen display widget should be much faster now, and the configuration now allows for easier selection of default applications (which browser, which terminal, etc)
  • Lots of non-English translation updates and assorted fixes are included as well
  • If you haven't given it a try yet, or maybe you're looking for a new window manager, Lumina runs on all the BSDs ***

More c2k15 hackathon reports

  • Even more reports from OpenBSD's latest hackathon are starting to pour in
  • The first one is from Alexandr Nedvedicky, one of their brand new developers (the guy from Oracle)
  • He talks about his experience going to a hackathon for the first time, and lays out some of the plans for integrating their (very large) SMP PF patch into OpenBSD
  • Second up is Andrew Fresh, who went without any specific plans, but still ended up getting some UTF8 work done
  • On the topic of ARMv7, "I did enjoy being there when things weren't working so [Brandon Mercer] could futilely try to explain the problem to me (I wasn't much help with kernel memory layouts). Fortunately others overheard and provided words of encouragement and some help which was one of my favorite parts of attending this hackathon."
  • Florian Obser sent in a report that includes a little bit of everything: setting up the hackathon's network, relayd and httpd work, bidirectional forwarding detection, airplane stories and even lots of food
  • Paul Irofti wrote in as well about his activities, which were mainly focused on the Octeon CPU architecture
  • He wrote a new driver for the onboard flash of a DSR-500 machine, which was built following the Common Flash Interface specification
  • This means that, going forward, OpenBSD will have out-of-the-box support for any flash memory device (often the case for MIPS and ARM-based embedded devices) ***

Feedback/Questions