 Now we are going to have Michael Dexter telling about the free BSD appliance Thank you Thank you for joining late on the last day of the conference. That's always a challenge Post lunch post Kirk you name it. My name is Michael Dexter. I'm relatively easy to find and I've been poking at some of these topics for 20 years. I hope you enjoy this So please read the paper it's short and sweet It is the paper that I wish someone had handed me 20 years ago because it maps out some key things that I had to learn the Hard way over the years It's linked here. It's linked from the BSD can site and possibly the age of BSD con site where I first gave it I've given three variations on this talk or two two plus today, but They're all very different, so thank you for joining So high-level briefly I won't get too hung up in this but what is a software appliance? Well, it's it's an application with just enough operating system. I had not come across that term juice J e os just enough operating system, which I think is out of Suza or somebody. That's sweet typically on commodity hardware or virtual machine And that OS is the firmware to achieve a goal and that's right out of Wikipedia nothing special So from a high level we go from general-purpose computing to single-purpose computing Fair enough, and any OS could arguably be the foundation for an appliance AV team. Could you check focus on the projector? It's a lot sharper here than on the projector Not the camera that the beamer Right about there. Yes. Thank you So Just enough OS So some of the most Significant appliances on planet earth have been built with BSD operating systems or at least the network stack Nokia routers Juniper networking devices net app open source products and services and you name it like true OS free-naz PF sense open sense plenty of them they do it for various reasons and Some of them have endured for a very long time quite successfully BSD gave us the internet internet appliances kind of our natural Extension of that so many of them have stayed laser focused on a single purpose and some have sort of strayed and suffered feature creep if you will And every appliance vendor struggles with well trying to Choose one moment in time from an upstream OS do their thing and balance things like well our hardware device has a five-year warranty and Our we'd love to offer our clients a five-year long-term support contract. Well, and there's not a commercial talk It's about the raw plumbing. Don't you worry, but those are often competing motivations It's like well, what does any given OS that we all came here to talk about look like five years later? That's a very long time. It's an insanely long time. So one thing I've observed working with a storage appliance for ten years now is Ultimately the diagnosing of that appliance comes down to diagnosing that OS its network stack its storage stack all of that and so The if the appliance happens to have a beautiful clicky interface Eventually, you'll need to just bypass all of that and go right to what's really happening So that was a lesson that's behind this So If you're working with upstream forking is expensive. There are great many vendors in the community who Proudly forked long ago and then they find like oh, we don't have 64 bit. It showed up upstream, but we don't have it That's that could be a problem ZFS came along. That's a rather powerful tool And if you've strayed off elsewhere and been tinkering with a file system, you might have Just had overnight much of your nifty new unique secret sauce features get obsolete it in an instant Resinking is expensive over the years have been quite a few talks in BSD circles of Vendor a is finally getting back to head some of them have been brave enough to say we run head Let's just stay current and deal with the fallout test appropriately We all benefit from that because they're testing trickles down to the rest of us or something more support So there's got to be a middle ground between leading edge living in the past you name it And I'd say one key point is to engage upstream. It's your friend. It's not your enemy and And get involved and the vendors have been great about that. There have been talks explicitly Supported supported by vendors at this conference. They did not market their products They just told us what they're doing right. I think I'm very very grateful for what they're doing. So ah Just enough that that's sticking with me just enough just enough. So what is radically just enough? I mean Let's let's explore that So from my perspective, it's been 20 years of being patient and waiting for certain components to work I'll touch on a specific one that's taken a very long time And that's led to extreme impatience now that those things are here And you get to benefit from that and also there's a broader theme. Please stop computing like it's 2003 Who remembers 2003 anyone anyone people were building world like all the time It's like you visit a friend and they're like up building world There's a white space change in head and we got a bill that's like wait, wait. This can't be very efficient. This this this no, please There was This new thing free BSD jail and there was this news that net BSD Zen purely Paravirtualized and so it was a taste of what's to come and I was obviously excited to look at my talks since 2007 At your BSD con onward. I Got excited Free BSD 5 1 included jail tools It's like wait. We have management tools from the outside We have everything I've been looking for for years after being burned by our RPM hell I'll touch on that in a sec and storage was terrible discs were small slow. I suppose reliable, but Things got better things out much better. So all that world building. Well hardware is faster. That's a plus I do notice that if you look at a system It's like building clang and you look at a build and it's building clang and then there's the OS So there's that there's that but the thing I mentioned that's been a bit of a challenge for Decades are the build options in free BSD and a build option, but I'll get into detail is You build a component per your liking. I'll get to that in a sec so as for the the the the teaser of jail and Zen well Free BSD has a hypervisor. It also has active Zen, which a lot of people don't know Roger didn't make it to this conference, but it's there. Try it. Give it a try. Please please and Along came hardware assistance the Pop count and other extensions from Intel and AMD to make that Better there will always be concerns about security issues on x86 hardware from the 80s Being virtualized, but that's not a battle. I'm fighting and Storage well who remembers one ZFS and the one terabyte drive arrived life began for a bunch of us because you could meaningfully build large storage with Little more than the cost of the hardware the OS is free of charge. It's very good. It's your friend and a Great many things went out the window. Thanks to that. I'll touch on that briefly, but a 24-base system will do 30 NVMe drives for a lot of money, but Compared to the proprietary options. It's magic. It's awesome. So the OS is half the battle and these popular OSes all have many of these resources that FS they have Containers and hypervisors and you name it and the question becomes how well do they deliver all that be at ZFS on a Lumos from which it came or Linux to which it's bolted on etc etc so Illumos is not following open ZFS. They cherry-pick so they're not significantly missing features But that's a decision. They've made they might resynchronize I'm glad that it's no longer ZFS on Linux and then it was even a problem for free VSD that has have people been following the open ZFS community and the Hand in the back with the AV team. They have in October their developer summit. I Cannot believe how smoothly they went from Pure terror of Oracle taking over Sun to an open project that's running on Windows Mac OS I've run on Mac OS for a decade. I was first to run on Windows on bare metal hardware Obviously free BSD Linux you name it. That's an amazing project We should all look up to them for like examples of how to like work with each other and just it's awesome I'm not judging anyone there, but it's amazing what they've done. Thank you Matt Aaron seriously amazing. I'll just So In my circles storage When you get to fast wire speed that bolted on relationship of ZFS and You knew Linux and friends Many colleagues are seeing a 20% performance penalty just right off the bat So that's not detected at the lower end, but once you really start pushing things you start running into Limits, so you have to carefully choose your OS for what you're doing, and I will highlight this certain OS Illumos zones are awesome. They were inspired by jail, and then they took it like the next step the next step the next step Almost to a point that it would be tempting for other OSes to try to import zones It's really well done. It's beautifully integrated into the network stack kudos to a lume OS. Thank you very much. They get a lot right and I'm not here to beat up on GNU Linux, but they have C groups. They have various containers They've had them for years open VZ all these different efforts over the years and Some would argue it's not a true jail. It's not just simply kernel level process separation isolation it achieves some goals, but not others so fortunately Jails and zones get a lot right to this day in a year 2000 for jails. That's a pretty good run nicely done hypervisors Illumos imported free BST by Beehive. That's a very good sign of success It's in a contrib branch like cool. We finally BST has lots of contrib components. Well Illumos and has done that Patrick's been great to work with and Oxide launched a product with Beehive under the hood success now Linux KVM with all of its massive contribution of funding and you name it is a very good hypervisor It has nested virtualization. It has various processor models. It has lots of firmware and Name a firmware. It probably supports it That's cool. If you need to develop say even Beehive who's developed on VMware fusion Great use another hypervisor. It might even reveal issues that you wouldn't see otherwise. So that's all good If you need that go there If you can survive without control T just saying just just saying just sorry if I'm to beat up on one thing Sorry, it's like you wait at the console and is it frozen? I don't know I am curious because I need to know so anyway, so net BSD bless their hearts. They have they imported ZFS They have several hypervisors. They're first to the table was then perhaps even before Linux. They have NBMM. They have Hexam Check out the beehive con talks on those great If any show of hands has someone worked with those because after this we're great. Let's talk Keep submit talks, please. I want to hear more. So This is a great start. We're talking about just solid fundamentals to move forward with Notably free BST, but those others have some special features like KVM if it has something you need go there so to state the obvious free BSD has a permissive license and I only use like Trunas and open sense which are permissively licensed and I suppose they might have either proprietary optional support contracts and stuff But I still want completely open source despite. There's no obligation to do so And thank you vendors who have done that They're doing arguably a better job of GPL compliance without having the requirement because of course you share It's your it's self-defeating not to share to all these wonderful people and have their feedback So open source for the win, maybe, you know, I shouldn't have to preach the converted But when it comes to all these appliances it matters and If you have a proprietary appliance, please ask for that GPL compliance package download that they might mail you on a floppy from Mudrim and you name it so Like anything free BST has real and perceived shortcomings and complaints There's no nested virtualization. Well VMware spent like three million dollars on that and three years and eventually got it working Great, that's good for them. It added massive complexity not that their code is open It's complex in KVM and elsewhere. So that's a very complex feature of questionable value. Apparently you can continuously nest Performance grinds to a halt and I don't know what the use case is, but if you find one and need that go use KVM NFS Ganesha fell out of the port street I think for Python to Dependencies would be great to have that back. Apparently it's got compatible locking models with NFS. So great and SMB rather There's no doctor on free BSD and there's a talk going on with Michael and OCI images in another room But I would argue free BST is to blame for Docker. We've had jail for a very long time and Proudly use it among ourselves, but didn't reach out and say hey, this is very useful and someday will Define how massive data centers operate container rising single applications and you name it, but we still have all those tools are fantastic Poor support support for poor hardware, I guess some of the vendors have been Hardware vendors have been great about free BSD support and much of the hardware that isn't well supported is already terrible hardware so I don't recommend it so that's I guess a complaint sort of maybe and There are fewer GUI management tools, which I guess guilty as charged fair enough, but I'm also going to talk about how we can Improve that so So back to just enough single computing OS I mentioned yeah free BSD 5 1 the jail tools JLS J exec It was human friendly rather than guessing and praying you could SSH in and all the acrobatics we did back in the four days The moment that worked and my motivation was just RPM hell I mean once on a RPM based distro you can install software, but never remove it that's a problem so containing it was the answer and If you have a dedicated container for a web server, you probably don't need a Toolchain GCC back then you probably don't need a whole lot of things So let's invert that and look at the bare minimum So I discovered build options. I gave them a try and it was rough. They they didn't work Very well for actually many years However, I love the free red hat 5 2 not to be confused with red hat enterprise Linux that came long later It was fully packaged and ergo Fully inventoryed so the OS What would have a default install and you could explain where everything came from that's cool That's great for learning it. I like that very cool But as I just mentioned once you add OS is on top of that pile Applications and packages you have very little chance of removing them successfully and fully and yeah containment was obviously critical real early Previously packaged base there have been counting five implementations and six if you count a joke one so it's Possibly here in 14. There are test builds out there It's been a lot of hard work by some very dedicated people so We can probably have that excitement, too but build options which I touched on earlier, so Show of hands is anyone familiar with build options about half excellent, so The BSDs are unified operating systems everything is in one little directory all the sources are right there You can do a recursive search for Function and get an answer and act on it or you can make changes across the whole OS without asking dozens of other projects Very cool that works so a build option Defined in the source.com manual page for example without beehive and it's like well don't build the beehive so Maybe that's just a random component example, and it's only on 64 bit. I guess come 15 that will be The default and you say simply in your source.com without beehive equals. Yes, and it doesn't build it now Beehive builds very quickly the tool chain builds very slowly. It feels like it's three-quarters of the modern build So that's the kind of thing you want to exclude under the hood. It's in a make file And this is where I've spent five plus years chasing bugs simply oh if someone said no beehive don't build these components and Those are hard to get right and developers often forget that this mechanism exists. So maybe a component You add a third component, but then you forget to add the option and then the build breaks and it's been very Frustrating but it's been working since 13.0 12 hopeless, but it's also end of life, but moving forward. It's been rock solid So you can use build options to cut the OS Down to nearly nothing using completely in base tools. That's the build that is the official build not tinkering with it not removing stuff and so With my weird project names I came up with Occam BSD or Occamization call it what you want, but it's I Make a list of the options Remove two or three that just are required for the build and then build start building. So the initial system Cannot be booted. Okay. Well, and you add what's needed to boot it and you work your way back up using completely in base tools and Then it occurred to me wait. I could add hardware support. Well, why not? You need a few just a few components for bear Minimum hardware support you might want networking will add in networking You might want only IPv6 add in only IPv6. So that's been fun and You know flashbacks to CS 101. I was like, this is this is hands-on The hard work is done and there are opportunities to fix things and contribute. So it's like this is great. So On any modern hardware you can build kernel and world in a few minutes on something like a AMD epic very very single digit minutes You get a working bootable OS be it under obviously a jail with no kernel tiny or VM image 150 or some megabytes boot times in seconds Thank You Colin Percival for the boot time work anyone anyone he's got it He first profiled it and then it's like, why are we spending time here? Let's see if we can speed that up So bless his heart. Thank you Colin Um When I got this working, I thought oh dear there will be this unrecognizable carcass I'm like That's the BSD for three from college. It's just a few little things the directories, you know Etsy directories tiny Been directory tiny. I'm like, this is great. This is full circle. I love it as opposed to what's left of the carcass And it was very educational. So When you do this, you're like, why do I have a a Network card management tool when I have no networking or drivers So you can find abandoned components that just need a simple little entry to say hey We need to make file entry to skip this if we're not doing networking because it's kind of implied you'd have it Undocumented components you look at the manual pages on one machine you look for what's left if it's not documented It's not documented. That's a problem Cross-building issues it reveals what issues you might have because free BS modern free BSE cross builds beautifully Congratulations, whoever's responsible go team. That's awesome. I Realize a little rescue ISO for like IPM I and such I don't need a toolchain to do that So one can quickly throw packages and you can put packages from a future version of the OS say 14 on 13 Package is smart enough to say, okay, this is 14. I'll give you a 14 package. It's great. It's awesome. So I'm happy. Sorry. I'm excited. It's like I've waited a long time for these things Entranig in Armenia Found it for a classroom. Well, here's a simple OS the basics work your way back up very helpful he confirmed that in person with students actual students and Free BST has been good about reproducible but builds Reproducible builds not with complete coverage I think Ed masks was very active and then got distracted perhaps. I don't know but if you're going to be Doing unholy things to the OS Anything you haven't changed shouldn't change So if a reproducible build can mean that the the release engineering official ISO snapshot has a certain Binary that you haven't changed those should be identical for the win moving on Start here literally so These base components are what every free BST user uses by turning on the machine if if it's the base kernel That's that's them So if you're going to audit them if you're going to review them if you're going to teach them if you're going to do A book about them start there It's it's the bare minimum because a modern OS and then the tool chains and all that are massive They're absolutely massive. So it's it's really Fun dare I say to just cut it down work your way back up So you can find it there. I'm just it's a tool 20 years in making I've I've ended up with profiles because it's like these drivers to boot to hardware these to do ZFS these these these these and then There is new magic and I'll talk quite a bit about this VM image support and So I'll come BSE will support ZFS base root images In the read me having looked at this for 20 years I looked up nano BST Pico BST tiny BST crochet Poitier image, which is actively maintained make jail People have been looking at this, you know for years and they've had the reasons The free BST router project came up in a recent talk Great. He's doing good work and it can be done with in base tools I've not added a single thing to free BSE to achieve this. Yay free BST for the win in this case For me it's been Inspiring I gave a talk at Fosse on falling in love with free BST again because hey We have really cool tools to play with and that's why I'm all excited up here telling you about them. So Um In this Occamized view of the world You build your world you build your kernel as you always would be just a lot less and You can install world like we did back in the day with jails You wait and install a jail and set it up Or generate a VM image because Glenn Barber's release tools Generate virtual machine images or they're called virtual machine images and over the years Something something VMDK QCOW 2 and copy on right and VHD X and OCI and a tarble and a mountable route all the stuff Well, we have ZFS ZFS throws those all out the window. We don't have to worry anymore Between raw images and Z vols. We have what those are aimed to achieve. We have the snapshots We have the encryption. We have all these things that were kind of bolted on and then any two Hypervisors I'm surprised how few support raw images, but they each have their own format and you can convert the format but why why so this VM image and I put in in parentheses for good reason It's a boot image. It's not a work. You you can do it on a virtual machine, but it's a boot image Nothing more nothing less So all those virtualized storage. No, it's storage ZFS does so much of this heavy lifting for us that just do it imagine it do it VM image It's a boot image and I I love how previous he gets us right. So Thank You Mark Johnston. I don't think he's in here, but make FS Thank You net BSE for no make FS it has sprouted route on ZFS support So an unproved user can generate a bootable image after they built world and all that Root on ZFS on that image and that image can go anywhere Colin late yesterday said Percival said there might be a little Corruption issue. So I need to jump on that but clearly we all want to fix that before 14. So there's time So here's a syntax right out of the release tools If you want a source comf great, you want to use your own kernel configuration file great The heavy lifting is with VM image with images. Yes format raw I personally could not I never want to see a kukau 2 or VMDK or all those things again that we've solved It's there if it's on a compressed file system ZFS with LZ for the compressions there It's it's it and anyway good stuff good stuff and then the root partition and a swap partition simple so It's raw format Can anyone name of an OS other than free BSD that can boot Legacy and UEFI with the same install Are there any I can't find one so Free BSD just doesn't here. It's like pick one in BIOS and go. That's it. It works That's nice, especially when you're going through generations of hypervisors that might only support BIOS legacy You name it or only UEFI like beehive They get that right so Hypervisor boot and hardware boot are Indistinguishable for that block device and you can drop that block device on a hardware device and just boot it. It's a real system It's not it's not a shim. It's not a trick. It's not a bunch of nonsense. So Someone's like a snark elite imagine that so I have a tool I've been maintaining for about a year of Imagine sh it retrieves an official image from any branch of free BSD It drops it down as is or it drops it down expanded or it drops it to hardware Which lets you choose which device like a stick in a USB SATA drive make that your boot drive for a server and For me I don't want to see the installer again I've just blasted right past it if it's root on ZFS I can expand it to fill my 120 gig boot drive It's like no more installing and then configure it from there It has some basic defaults like DHCP configuration You can intrude in and set SSH and you name it. I'll get to that in a sec. So That has sprouted I don't know what that was that has sprouted Dabajan I need a better name. I always have terrible names Debian the project those Linux folks can do Linux produce no cloud images Which means no password by the way, which is fine like the free BSD one So do set a password before you put it in the wild but Those images are available raw those images. I haven't tried a legacy, but they have UEFI support they work equally in beehive on a Physical boot drive. It's just a raw image. You expand it as appropriate and off you go. So for Doing pretty much anything with free BSD or Debian in the lab It can be very quick a few minutes just a Without inner interaction just take an official image and splat it down and rinse and repeat to regression tests do whatever you got to do so The whole process with Occam BSD and imagine and this is all stock tools You I scripted it my way you can script it your way. I'm not pushing anything here You build the OS build world build kernel release make the image and you put out the image to the bootable drop device That's it. That's the whole process is it there's no you can you can configure it either in your sources or At a late stage or after it's installed. It's up to you. So That choice is awesome if you're trying to get the OS to very quickly repeat reproducibly Do something you want without a whole lot of hand holding? what happened Okay, so I Said hey Debian. Yes, they have a non-profit fiscal sponsor and Given the recent drama in the I'll just say operating systems community That's really refreshing and if it comes down to free BSD with its foundation and Debian with software in the public interest I'm like I'd rather work with those people than some comm funded distro that Years on might decide that they're suddenly upstream and you shouldn't ever rebuild their software I'm like what we're open source people. I literally don't understand the sentence. So They've worked very hard on zero trust builds. They start with like a 200 line Hex file that's more or less human readable for those who celebrate hex and then they build up the entire tool chain from there if you want zero trust we have it within reach with The I think it's either bootstrapping.org and these guys and it's easy to find on github plus cherry build the cherry project cherry out of Cambridge is it? They are cross building like a like a storm on Mac on Debian You name it so there's some very good work there to cross build free BSD outside of free BSD so If you're getting it if a Debian image just shows up and you can zero trust you build your tool chain and then from there build an image It's it's easy. It's easy. So Free BSD is remarkably Debian friendly in so far as or Unix in general, but maybe they use XFS blah blah blah So with Debian specifically there are tools to mount ext for file systems create them resize them like I'm discussing They have something called the fully automatic installer. That's what's generating those no cloud images If anyone needs a pet project for like the next few weeks, whatever, please build dev one the wounded the dev one the the non-system Debian because that would be really nice for those using it in jails And there's very clear open ZFS project route on ZFS for Debian The project isn't doing that it would be great to include that So there's a little project great some boot images just like release engineering is doing for free BSD as of September 1st It's like this is this is new. This is arriving as we speak so a Term I like for all this is just owning the stack if your entire source tree is in this directory You can build it and put it on an image. You can just step back and make meaningful changes across it Again rather than hoping to talk to dozens of projects that may have never spoken to one another We have free BSD and Linux API's at our disposal the Linux compatibility and free BSD is quite good We have containers have for 23 years and virtual machines and Again ZFS is doing a lot of heavy lifting for us so a Bunch of us meet every week and while there was pent up excitement about jail Mecca can confirm Jail hasn't changed a lot It's not for want of change or it's just not clear where that source of change would be No LFS sprouted the ability to mount a file in a another file system rather than a directory Which has some need of implications for building minimal user lands that are the things you need nothing more nothing less Thank You Jamie for adding the dot include functionality Mecca who's in the room had a very sophisticated component to Balance a bunch of configuration files and the group stepped back and thought well What if you could simply specify I want to include this in my jailed configuration and That arrives in free BSD 14. It went from idea to code in a matter of weeks So this whole user friendliness thing Ah Any appliance with pretty gooey and all that has changed typically over the years so they move stuff They can make it they make it interactive they make it all stuff stuff stuff Well, I personally I've done certain things the same way for 20 years Not everything but certain things I learned at once and you know user training. Let's talk about that user training 10 minutes Someone said you just comment this out or change this and that Deconfig is my example here in the lab. Yeah, Root can get in the lab and I learned it once That knowledge has worked for like decades. I like that, you know, I think I talk about little dogs here Free BSD has been very good about the principle of least astonishment pull a Multi-decade mouthful memory works for me. I love it. It's great Something something about old dogs and new tricks. They now have a new formula for calculating dog years And I'm now 250 using that calculation So I don't want to learn like the new gooey for you know the different gooey for different differences sake really and There is always the easy button if you have this awesome OS stack that does so much for you Ansible ansible now it's great webman webman's alive and well. It's still there still pearl a little hint I learned the Solaris packages will work on Illumos without much effort like that's cool. That's cool and Moving on ansible puppet chef terraform all these cool components. I'm like, okay I didn't install it but on my package add terraform. It's like one one component. That's cool And I hope I got the right one package install Python 39 ansible It's like okay a dozen or so components and a few more for puppet And I don't know if that's the right chef and I don't even know if you can read it but as package and package install Ruby gem chef and their pages and pages of dependencies and That scares me. I don't know if it's the age 250 years or what but No, and it's not to be confused with the chef package, which is like seven kilobytes That's the sweetest chef dictionary. So He's like Borki Borki Borki. So don't confuse those don't confuse us so All this configuration management we're configuring we're we're deployment managing managing managing. Well, what are they doing? With the dozens of packages there must they must be doing a lot. Well a Lot of it is item potents and this came up very beautifully and Dave DCH's talk yesterday item potents You set a desired state and you work to achieve it. That's it And I get that all these management things need to make Ten Linux distributions behave the same way. I don't have that problem. I'm good I'm willing to invest in Debian. I'm willing to invest here and in the BSDs But this idea of making everything work the same I don't have that problem. So Free BSD has CIS RC for safely managing RC files and you like, okay CIS RC host name equals this and you can check which is nice. So is it the correct host name? Yes, it is great, but it's not item potent and and here's how you work around it But I will submit a PR like let's make it item potent Does it have to be changed? Nope. We're good. If you have to change it you change it as simple as that The most amazing thing in computer science is when you have to do nothing if the host name is correct Zero not a thing. It's great because you can do nothing efficiently all day long. It's fantastic So you set the state you work to achieve it fetch fetch is awesome on free BSD along with Lib archive you can like open up ISOs and other stuff you just throw stuff at it But when you compare an on-disk file to upstream that's retrieving from it compares them Yay, but if it's missing it it complains and fails like well you're fetching something by definition You're trying to get software from upstream. So don't worry about if it's not being there It's like that's what you're there for so I'll try and do a PR on that So in this whole notion of owning a stack, it's a foundation for lots of nifty tools and Yes, the world wants web interfaces web sockets and rest apis and mechanical apis Great great great some human readable some mechanical machine-to-machine great. I'm not disagreeing so a Huge epiphany in my storage experiences Smart control. It's neither human nor machine readable Nope, please don't do that Then they added JSON support great I can parse that then they modified the schema without updating a version number. It's like no. No, you're so close so close so We have this foundation and on top of that previous he's been sprouting live XO Structured output simple command. So if you want JSON out of JLS, thank you juniper. You can do it There are a few things in ports that handle it that coverage is limited. I'll admit But there was a fervor a few years ago But it's come along Opens that FS JSON status output is coming I'm very happy about that if you're dealing with ZFS at scale. That's awesome fantastic. Thank you Clara and company now moving on UCL there was a big push a few years back universal config language. It really didn't make it very far CTLD the Storage framework in previous D that does ice-cozy fiber channel and and other neat things with Beehive supports it IOB CTL Envy list support is showing up in beehive config if you want those mechanisms now Where are we at? Where we at? So? This whole just enough OS. Yeah, we can tear it down to unbootable and work our way back up We have Linux and previous the APIs that are at our disposal. Yes, there might be some limits on Linux Always and system D and you name it We have pads for reducible builds. I just didn't have time to reprint zero trust bills I didn't have a chance to try that We have our containers No, the fast amounts have like Innovated in tiny awesome little ways. I'm wrapping up. Don't worry so In base item potents there are steps towards that. Let's let's push on that if there's nothing to do do nothing Human and machine readability. It's great and the OS is doing the heavy lifting So may a thousand flowers bloom. We're in a university It's like oh you're building an appliance an appliance an appliance well Each of those CS 201 students should be able to create a nifty web socket interface or rest interface as just that monthly project and Rinse and repeat over and over rather than fork the OS and then regret that oh, we don't have 64-bit support Oh, no, what do we do? Do we change it to a no OS? Do we resynchronize you name it? So in parallel to what I'm doing There's some there's some great activity from non developers or production users and heavy users so In discussing jails Entrenig Saw that yes jail has an API so he quickly banged out a Fluor free BSD Lua in base front-end to jails because it's just an API just talk to it Don't reinvent anything Yon goes by crest. He's doing very clever work with CTL back end as a verge. I owe scuzzy support mechanism for be hive to have Like pluggable scuzzy devices. This is good. He also produced a wire guy I see script going which hopefully we'll make it into 14. It's gorgeous John Debussy He's looking at an NFS client within a beehive VM So if in a testing environment that one VM can do some NFS stuff without breaking the host, especially when you know things are breaking So that's cool Dave is doing some really good things His talk yesterday was fantastic on immutable BSD check that out And there are weekly calls on jail opens out of SNB hive and last night at the social event It's like wait, most of the group is here. Let's just at least get a photo I almost instinctively started the recordings recordings are online. Everyone's welcome This may change, but they're currently at beehive con. It'll redirect if you want to join a call great Free BSD AM is on Trinidad's Armenian site. I threw the link on beehive.org It's organically become a ZFS call and needs a home that FS and some quick. Thank you send this last minute Thank You John Baldwin for maintaining beehive and a thousand other things Corvin He's doing free full-time and free BSD develop beehive development. Yes, he's here today Hopefully saw his talk yesterday Jamie Gritton the beehive about the jail maintainer really nice guy. He's taking in ideas Processing them and producing things like the dot include Mark Johnston made them make FS ZFS support work and a thousand other things Christoppe provost a faster bridge for virtual machines. Yay. Thank you Thank you Christophe and of course open ZFS. It's one of the few software projects that just gets better over time in a nice freight train manner and Everyone who's making these tools amazing. So thank you any questions the fire hose Louder Flood the zone with greatness Others and you can catch me other outside of this. I'm easy to find Yes, sir. Oh So the question was and I'll try to find the thing I shot right past regarding that I'll try to find it. Okay So the question was well, yeah, we quickly jump in blast out of a system What happens over time maintaining it? but accurate so Just after doing that sort of pseudo item potent or hacker round sis RC. I put an RC dot local in the outcome BSD repo Which handles a whole bunch of other things and again things I have been maintaining the same way for a decade or two so the Principle of least astonishment is your friend the OS will generally not change on you or it will do so with warning So to build that out Often once You spend your time on stack overflow and whatever they call those to like find the said syntax to change something to your liking that endures really well and it's all a cart per thing you're configuring and I Think one can safely step back and have pretty much item potent storage arrays We know where we want to be we know what a bad disc looks like and a human might have to get involved but Knowing the OS and having the OS do so much for you. I'd say it was actually a relief for adding what you want to add rather than Lightly forking the OS or heavily forking the OS. I hope that helps Working with the OS precisely and I haven't seen anything like this elsewhere I've politely asked other like the Lumos are there build options open BSD are there build options I'm just curious because it's so cool that you can net BSD does excellent Are there any tools to use the net BSD build options to tear it down and work your way back up Let's try that Well, I'll make another paper here. So BSD build options Others yes, sir So the question is in Occam BSD. What's the point of making it smaller? I admit it. I blasted through it pretty quickly So what it does is? Initially turn on all build options. So basically Like a firewall block all get rid of it all and work your add things back there are two or so options required to build or else you get nowhere and You can then step through if you add networking add networking add pf add pf add beehive And I gave the example with the code of what that looks like. So it's not Compressing it's not doing anything exotic shorter just not building what you ask it not to build Does that make better sense? I'll gladly sit down with you and walk through the code, but It was such a pleasant epiphany to realize you can just work your way back up anyway Anything else last chance? Thank you so much