gyptazy
@gyptazy@gyptazy.ch
Brewing new stuff for the BSD Cafe...
Just wrapped up the first virtual meeting of 'BSD Pub,' hosted by @gyptazy
Had a delightful and friendly conversation with wonderful folks, and some really interesting ideas emerged for the future. Thanks to everyone and... looking forward to the next meeting!
Details will be posted on the corresponding page: https://wiki.bsd.cafe/docs:weekly-bsdpub
#BSDPub #BSD #BSDCafe #OpenSource #Community #FreeBSD #OpenBSD #NetBSD #DragonFlyBSD #RunBSD
We had nice talks about improving #BoxyBSD, getting new users attracted into #BSD based systems like #FreeBSD, #OpenBSD, #NetBSD but also covering the lacks of it. Outcome was, that a one already worked on that which might result in a new community project (which may also result into a new service). I don’t want to teaser too much, the related persons will provide more details and insights. It was a great first meeting, looking forward into the next upcoming ones!
More details and participating informations at: https://wiki.bsd.cafe/docs:weekly-bsdpub
@stefano I'm really unlucky being night shift worker 😆 Have great time people!
@sourcerer We're considering holding some meetings at different times to allow those who are unable to join at the usual time to participate as well.
@stefano I will keep an eye on this. Thank You!
I don't have camera, but i can chat.
Currently i'm focused on hardware, new setup and making place for FreeBSD.
@sourcerer That'd be great. Chatting is a good way to participate, also if without mic/camera.
@stefano For this, i'm thinking about replacing my M-Audio Fast Track Pro with some scarlett 3rd gen.
Having mic is not problem.
🧙 This is massive
The Future of MySQL is PostgreSQL:
Today, at Postgres Conference 2024, we introduced a PostgreSQL extension we are developing, which enables MySQL applications to run on PostgreSQL without any code changes by supporting the MySQL wire protocol, SQL syntax, and procedural language.
https://news.ycombinator.com/item?id=40094160
https://nextgres.com/res/20240419-The-Future-of-MySQL-is-Postgres.pdf (edited)
@tobyhede great, great news!
@tobyhede this is cool 😎
For references:
Berlin: 07:00 PM
NewYork: 01:00 PM
Canberra: 03:00 AM
Moscow: 08:00 PM
@gyptazy @stefano there is also an iCal file which probably makes it easier for everyone https://wiki.bsd.cafe/docs:weekly-bsdpub
@BoxyBSD@bsd.cafe #hosting #opensource #BSD #freevm #education
@gyptazy matches perfectly to my bsdbox :)
Shhh! Something is coming... Don't tell anyone.
#BoxyBSD #OpenIndiana #OpenSolaris #Solaris #Illumos #Hipster #VM #Hosting
@BoxyBSD Ok, I'll keep the secret...
@BoxyBSD ooooooo
https://gyptazy.ch/blog/collection-of-vagrant-boxes-images-for-apple-silicon-based-on-arm64/
#fedora40 #aarch64 #arm64 #vagrant #vagrantcloud #applesilicon #vm #vmware #fusion #gyptazy #box #vagrantbox
@BoxyBSD the part BSD already says all, doesn’t it :)
Clearly, no!
@BoxyBSD you will have to deal with more bots and stuff like that. If you have the capacity, go ahead.
@BoxyBSD do you have new free slots available?
I do not have anything against ... but I believe there are dozens of such services for Linux systems while very few for BSD systems - so IMHO it would be a waste of resources (and Your time).
@BoxyBSD I don't know how you offer those VMs, perhaps something like "a linux running inside a jail/bhyve for testing purposes"?
It’s running on resource leftovers in my personal infrastructure. VMs may run in QEMU (Linux) or bhyve (FreeBSD).
The process is automated:
- copy template (basic OS install with an RFC1918 address)
- start vm
- replace IP, hostname, remove provisioning ssh key, set password
- poweroff
- adjust networking vswitch etc for the vm in hypervisor
- start vm
@BoxyBSD people would use them. Assuming you are running these on Bhyve?
Would be kinda cool if you automated the build process and had a few VMs around that just did benchmarking using popular phoronix test suites. Apples-to-apples compare BSD/Linux on identical hardware every release & published the tests over the web.
Would also be kinda cool if you automated the build process for the base VMs themselves and provided snapshots for download. Act as a trusted VM provider. I'd gobble them up.
see also the FAQ https://boxybsd.com/faq/
It’s running on resource leftovers in my personal infrastructure. VMs may run in QEMU (Linux) or bhyve (FreeBSD).
The process is automated:
- copy template (basic OS install with an RFC1918 address)
- start vm
- replace IP, hostname, remove provisioning ssh key, set password
- poweroff
- adjust networking vswitch etc for the vm in hypervisor
- start vm
Even providing the images, you would not have the possibility to verify if this image is really being used. But you can of course audit from the inside and validate all files/checksums based against your own image.
@gyptazy@gyptazy.ch @kta@hostux.social @BoxyBSD@bsd.cafe certain benchmarks are misleading at best in this environment. Synthetic filesystem benchmarks are a no go. They're not a useful metric to begin with but they get clusterfucked with qcow2 and other methods of storing vm disk images on another file system. I mean yeah you can keep it consistent but it’s not an adequate reflection of the combinations. I have a bone to pick with SQL based synthetic benchmarks being virtualized as well because without cpu affinity (basically provisioning a cpu core/thread for those out of the loop) you’re misrepresenting things. Cpu cache is very important and the context switching alone from different vms running at the same time will skew the numbers. Networking benchmarks may be worthwhile though. it’s really interesting the performance differences in tcp/ip in particular between kernels. That would be of interest, though it may be hard to separate quirks due to differences in how virtualized networking is handled between qemu and bhyve. I wonder if there’s any sort of scheduler benchmarks? It’d be interesting to see how FreeBSD’s scheduler (idr the name off the top of my head) compares to linux CFS in virtualized workloads. Hmmm… this is intriguing
@gyptazy@gyptazy.ch @kta@hostux.social @BoxyBSD@bsd.cafe yeah automated benchmarks are a resource hog. They use up resources, and for the reasons I outlined they’re just not that effective at learning anything from? If someone really wanted to see the difference between CFS and how FreeBSD schedules things they can do that manually no? Presumably that’s still learning while not overtaking everyone else’s needs. I was much more on the fence in my approach but yeah I mean for a project like this automated benchmark suites are costly. Benchmarks as an educational thing done manually? Hell yeah I mean learning the difference between how kernels handle stuff is part of what intrigues me about the BSD community. FreeBSD’s approach to things vastly differs from OpenBSD.
@puppygirlhornypost @gyptazy @BoxyBSD we benchmark systems almost constantly where I've worked. Databases, web servers, filesystems, Linux distributions, different versions of software, bare metal vs VMs vs containers. The gammut. Most of the tests are fairly generic and are platform agnostic. And they are automated. They're a great resource for finding regressions introduced from recent code changes from dev. And also for making decisions about bringing systems from staging into production
@kta@hostux.social @gyptazy@gyptazy.ch @BoxyBSD@mastodon.bsd.cafe Oh yeah absolutely they can be insightful. It’s incredibly useful during the prototyping stage, when you’re trying to finalize your starting point. Knowing how things react, especially having agnostic benchmarks for software to see how your deployment interacts with a variety of different components. Very nice stuff. I tend not to work on that high of a level but I can appreciate it, distributing cross platform software is a big pain. Knowing things like how certain databases perform better on certain stacks can help you design deployments. Understanding the expectation of virtual deployments when it comes to databases. I run mariadb and some other small databases virtualized without problem. Cpu affinity doesn’t matter there because I’m not optimizing for performance. They run tiny things that not very many people use, and are not mission critical. The knowledge regarding cpu cache missing impacting performance on certain workloads would not have been gained if people did not benchmark it.
@gyptazy @BoxyBSD it could function a bit like an artifacts registry with Kubernetes. Use a sha256 hash of the snapshot to validate the transfer. Could even write a manifest entry to /root that is signed with a private GPG key to verify authenticity after the VM is created. I should look into the OCI specification for container registries to see how they do it. No need to reinvent the wheel.
Thanks to everyone for voting! #BoxyBSD will keep focused on BSD based systems - but I still like to teaser something: #OpenSolaris will be available soon. And there’s even one more thing… @gyptazy will announce this in the beginning of the next month.
The Double-Edged Sword of Docker: Balancing Benefits and Risks
https://it-notes.dragas.net/2024/04/22/the-doubled-edge-sword-of-docker/
@stefano honestly, I don't think that article is a lot about docker but more about a lack of good practice that is possible since someone started to throw docker over the fence.
The author provides solutions for each of the mentioned problems which sound like the breakdown between Dev and Ops is still waiting to take place. It looks like most of it could be solved by a wholesome "okay guys, let me help you out here and put my knowledge into your software projects".
@sheogorath Exactly. The general problem, in my opinion, is the (false) feeling of being able to do without system administrators, thinking that Docker (and related solutions) are the solution. Collaboration between the parties always remains the basis for a good result.
@stefano @sheogorath In the coming years I imagine we'll see business execs try to replace humans with AI. I don't think it will work but some will certainly try.
@0x1eef @sheogorath I agree that some business executives will attempt to replace humans with AI in the coming years. But I think it's a recipe for disaster. Not only will they fail to achieve their goals, but they'll also create chaos and disrupt the delicate balance of human collaboration and innovation. Meanwhile, we'll be left cleaning up the mess.
@stefano The solution to all the problems we have known was one: 42. And we all know how that turned out” is a line from Douglas Adams' The Hitchhiker's Guide to the Galaxy
. In the book, the supercomputer Deep Thought calculates that 42 is the answer to the “Great Question” of “Life, the Universe, and Everything
”. The supercomputer calculates the answer over 7.5 million years, but no one remembers what the question is. The book uses this paradoxical scenario for humorous effect.
@matuzalem Exactly, and that's the point. Sometimes, we search for solutions to all problems without realizing that we're just transferring them elsewhere. In the end, we don't even remember what the original problem was anymore. 🙂
Enabling ipfw and pf at the same time certainly is begging for (networking) trouble.
@matuzalem Hard mode.
Guess, I spoilered something for #BoxyBSD now.
@gyptazy Not intentional but since nobody in the Regions where most contributors are coming from is going to have IPv6 only for the foreseeable future it's not really on people front row of priorities. I am happy to help out with adding it though. The config utilities and the auto installer that is on hold have support for that but it needs to be wired up and tested by somebody that has an IPv6 setup. I don't even now how correct my providers setup is.
@gyptazy Depends a bit on the goal. I can get autoconfigure finished within reasonable time. The installer would need more work that would take me about 3-5 months with my currently limited time budget. The autoconfigure Is mostly testing work and adapting to proxmox config. It would then be a cloud image that you download and boot. Basically, I would prefer to use the cloud image for those setups and document it for people.
If you need access to an IPv6 only test env for tests, feel free to reach out to me at any time
@gyptazy It's not wired up into the installer, and I rather replace this installer than wire it up :) It can be manually configured and there is some support in the cloud-image since I made https://github.com/illumos/metadata-agent/pull/6 I'll reach out when I want to test this PR with an IPv6 setup only.
@gyptazy In its slight defence, the original intention for IPv6 was that it would always be autoconfigured (although I'm not sure it's really such a good idea). Whereas IPv4 started out as all-static and added automatic (dhcp) later. In that context, manually configuring IPv4 would be normal, while doing so for IPv6 would be unusual.
Hey #SelfHosting folks, what do you use to monitor your VPS servers? Basic things like disk space, CPU usage?
I currently have a Prometheus + Grafana setup but wondering if there isn't something simpler to configure/maintain?
@konstantin I'm using different tools, but mainly:
- Uptime Kuma and Nagios for service reachability/availability and certificates expiration - with different notification transports/priorities (for example: https://status.bsd.cafe/status/bsdcafe )
- Munin and the excellent LibreNMS for resources usage/alerts
@konstantin
Web Alert on a mobile phone watching for changes or downtime of a web site.
@stefano
@konstantin For self-hosting I wanted something simpler than the simplest OSS monitoring solution available - so I wrote Gogios: https://foo.zone/gemfeed/2023-06-01-kiss-server-monitoring-with-gogios.html
@gyptazy @konstantin yeah more features and PRs are very welcomed - even though it will make it less KISS. Go is dead simple I'm comparison to Rust. But there are also some Go idiomatic things.
Our first weekly will start on the 25th, April 2024 at 7 PM (GMT+2).
You can find all the details on the #BSDCafe wiki:
https://wiki.bsd.cafe/docs:weekly-bsdpub
For the first one, I already created a small agenda (https://wiki.bsd.cafe/docs:weekly-bsdpub-meeting-minutes-2024-04-25). You are highly encouraged to modify and extend this, as well as upcoming agendas!
Overview:
Day: Thursdays (weekly)
Time: 7 PM - 8 PM (GMT +2)
Where: https://meet.gyptazy.ch/BSDPub (Jitsi)
Infos: https://wiki.bsd.cafe/docs:weekly-bsdpub
Agenda: https://wiki.bsd.cafe/docs:weekly-bsdpub-meeting-minutes-2024-04-25
Info: No recordings, no deep tech dives (keep it simple, we have calls for the details, no pressures to anyone, have fun and enjoy)
When I started the poll to ask for interests in such a meeting I wasn’t sure that even more than 5 people would be interested. I’m happy to see this amount of interested BSD users. I’m aware of the different timezones and it might make sense to have a second timeslot. This one mostly covers the European and near-east users. I’m happy to hear suggestions regarding preferred timeslots for the US, Asia,… so far, I’m happy to see at least a few of you next Thursday in the call!
#FreeBSD #OpenBSD #NetBSD #helloSystem #BSDCafe #BSDNetwork #OpenSource #Solaris #illumos #openindiana #community #meeting #havefun #fun #BSDPub
@gyptazy Great initiative!!!
Won't be able to join next week but definitely will try to come the week after.
@gyptazy Thank you for this initiative 🙏🏻
I will try to join.
I'll be out next week with limited internet access, but I'll definitely try to join and put some faces to nicknames 😀
Honestly, vServer and also dedicated servers are getting really cheap and there’re also some free ones with some limitations.
I know it's not just about electricity, but still...
spare parts, true, but imagine that you're paying for the same thing I have home. you can almost buy spare parts every month with that money 😆 plus you own the whole thing! and all the data is truly yours.
The static IP is true, but for example, it has been more than 5 years since my ISP changed my public IP (if not more). Maybe I'm lucky? I don't know 😅
and like I said... it depends on your needs. but for a lot of use cases, I'm not sure cloud is better, to be honest
@ClickyMcTicker never thought about that 🤔 in any case, I don't have that need (at least for now)...
but you pose a good question, and now I'm curious 😅
@gyptazy@gyptazy.ch @jcamos@bsd.cafe okay but consider context switching on vms. Most vps providers are thin provisioning their servers to maximize profit. This has disastrous consequences on workloads that try to utilize cpu cache such as an SQL database. Cpu affinity is a real thing but again you have to pay $$$ for that, not to mention can you trust your cheap provider to actually mitigate side channel attacks such as speculative execution? I mean most cheap providers are still running shit like haswell.
@puppygirlhornypost
I understand, but I'm talking about the common believe nowadays that everything should be cloud based and that it's cheaper than running your own server. Most of the times there is no need for that.
Sure, if you have a company that needs several servers available in different places in the world, or to be able to escalate or reduce resources quickly, than it might make sense... but again, it depends on your needs 🙂
So, wen can have a public agenda with topics we want to talk to, which can be created weekly. We can jump in open-minded like a meeting in a pub or restaurant and talk spontaneously about everything. What I really want to avoid is having deep dive tech talks where only a few ones can talk about it and there also might be dedicated call for, targeting the users.
But this is my current IMHO, if no one complains, this sessions could be recorded and published.
What do you mean by „announced“? Within the first iteration it was more about getting feedback, but I think the first meeting could start next Thursday at 7PM GMT+2. I’m not sure if it may make sense to have two meetings to cover the different timezones or if it would fragment the call…
Different timezones make it really hard to just have a single meeting and it might end up in two or even three ones but also trying to avoid fragmentation. But this will probably work out more in an iterative way…
The current idea is to start Thursdays, 7pm GMT+2 in an unmoderated public jitsi session where everyone can join. I think the targeted user group is able to handle it in that way, like we always do.
The question is also, do we want to have an agenda or only open minded jump in and see how it works out?! My experience is, that people might be shy to start talking, it’ll be silent and people start to drop’s drop. An agenda might be helpful for an initial start but I also want to avoid having an introduction round where everyone tells something about himself. I mean, this can be done optionally, but I’m also aware of it that some may feel uncomfortable with this. This round should just make fun and not make any pressure or someone feeling uncomfortable.
So, agenda or open minded and free to talk for the first sessions?
#BSDPub #BSDCafe #BSDNetwork
#helloSystem #DragonFlyBSD #HardenedBSD #GhostBSD #pfSense #illumos #tribblix #solaris #opensolaris #zfs #community #social
But getting real mail feels different! Getting mail from a foreign country feels insanely cool and having #FreeBSD stickers included is absolutely perfect! Awesome!
Thanks a lot @fosdembsd@bsd.cafe!
Hey #BSD Fans!
We all share the same interests - #BSD based systems like #FreeBSD, #OpenBSD and #NetBSD.
We chat all day, sharing thoughts, questions and help. We talk on Matrix across different channels, we share on the #Fediverse. We have @vermaden@bsd.cafe's newsletter, we have @dexter@bsd.network's #FreeBSD #Jails and #bhyve calls and many other ones I can't list here.
Wondering if there would be and interests in the #BSDNetwork, #BSDCafe, etc., for a weekly smalltalk session like in a pub. Just a Jitsi based video/audio call where we can meet, discuss things from newsletter, trending things from the #Fediverse or just have off-topic and openminded discussions. This could result into the #BSDPub meeting.
I know, some people are shy - keep your cam off until you feel comfortable and feel free to join the discussions. Even this meetings should make fun and no pressure - so if someone is not in the mood or can't make it - no worries. No one will judge.
Would you be interested?
#helloSystem #DragonFlyBSD #HardenedBSD #GhostBSD #pfSense #illumos #tribblix #solaris #opensolaris #zfs #community #social
Yes: | 44 |
No: | 4 |
Following issues I encountered:
* Browsing the photo gallery in general is even on mid-sized hosted servers (ryzon epic 4th gen with 32gb+ ram slow)
* Mobile App of NC does not provide solutions to filter for faces/objects
* I tend to use "Babe + red dress + beach + high heels" or "mercedes + Zurich + summer" as search terms which do not provide me what I what expect
* indexing the initial data takes long time (in the previous mentioned areas we don't speak about day or weeks, we speak about months!)
* NC requires so much more around to run well in general (caching!! Did I already mention caching?)
Currently, I think, Immich the better way to go which also lacks several problems but got at least working mobile apps.
sorry, just my 2 cents from someone who's looking to migrate 20+ TB of data into any suitable opensource solution and always failed.
#arm64 #aarch64 #vagrant #vagrantcloud #applesilicon #vm #vmware #fusion #bsdcafe #netbsd10 #Proxmox #ProxmoxBackup #VagrantCollection #gyptazy
#FreeBSD jails final part, after this i may start with examples, something new with design, hope you like it.
Configuring everything automated I don’t care if it is native or NAT.
Not everyone can afford an own server, not everyone has the knowledge, not everyone has the time to maintain and (security)patch it. Next problem is, as soon as it gets to legal problematic content hosting an own solution might still get taken offline easily.
If the DMCA report is filled to Discord or to your server hoster who takes your whole server offline doesn't really matter.
You can find all #BSD & #Linux boxes right here:
https://gyptazy.ch/blog/collection-of-vagrant-boxes-images-for-apple-silicon-based-on-arm64/
#aarch64 #applesilicon #vm #virtualmachine #NobleNumbat #noble #numbat #Vagrant #DevOps #Canonical #Ubuntu #Linux #release #pipeline
But of course there're also people who want to abuse everything (within the first iteration last year
, BoxyBSD got abused for spamming). While spamming is just an easy thing to deal with, things can escalate quickly. That's why I need somehow an easy verification system that is not too annoying. If PayPal is no option (which I can fully understand), there could also be a fallback solution.
Within the signup process the same email address must be used and a dummy payment of 0,01USD be performed. Via the API I can get validate the email address. The idea is that all person verification have already been done by PayPal. Next, I'm not processing any financial data because PayPal has dedicated contracts with each user. But I need to get my point of view safe because I don't want to get sued for any mistakes or wrong assumptions I made by providing a valuable service for free for the community.
I really like this approach because of the data minimalism. It just needs a pubkey and the related user for authentication. No email, no password,… nothing. Doing this in a webinterface could also be possible but with much more efforts by creating client certificates from BoxyBSD CA.
But I’m still not quite sure if this will make it to prod
Having a look at the specs of the VF2 doesn’t solve the issue for me:
https://doc-en.rvspace.org/VisionFive2/Datasheet/VisionFive_2/power_consumption.html
So the standby is 4.1W in table 1 and full 9.3W in table 3.
But I think element 1 and 2 in table 3 are mixed? They’re the same except of a fan on top, but with fan lower consumption?
In my tests (https://gyptazy.ch/misc/collection-of-images-and-information-for-risc64-board-visionfive2/) I came always over 70° without active cooling. Running geekbench it consumed more than 13W.
Measured with a Refoss power plug. Even in idle I had more than 7W.
(measured without any device attached/plugged in, running from SD (no NVME attached), so basically no additional consumers).
#SecurityPatchManagement tools like #QualvoSec may help integrating automated security patches.
#infosec #linux #BSD #Debian #RockyLinux #CentOS #RedHat #FreeBSD #patchManagement #SecurityPatching #Patching
Currently, I only have only bandwidth & connection notifiers. Each VM is monitored for the network stats. I don't want to filter any traffic right now (like the initial BSDBoxy project, where people started to spam).
The initial idea of BoxyBSD is to provide a value especially to newcomers and people who can't afford things like this but should have a possibility to learn. Out of the Fediverse, e.g. on X (where I have my biggest follower base), many people are interested in such things but can't afford it. They're often from India or Africa. I don't want to generalize it here in any way, but bringing this up because of verification methods. While I could solve phone, sms or even postcard verification for more or less for free in Europe, everything out of Europe would take much time, more efforts and some money.
My next idea was a dummy payment by PayPal. PayPal accounts are well verified (unless they're overtaken and compromised). A dummy payment of 0,10 USD could do it. But I'm not quite sure if I want to deal with such data, even when not storing them and using them only for one-time verification. From a technical perspective this could be easily done with PayPal's API, but dealing with real names, addresses and financial data requires a different data policy and some other things. Honestly, I'm not even sure if this could be done on as "donation" base or if I have to deal with the tax office in that case.
TL;DR I need some time to get more details about that but currently I don't want to deal with any of these things and highly try to avoid getting sued for any mistakes I could potentially do when dealing with such things. And that's the sad point where things get complicated...
1. Write SSH server implementation without any usage (just accepting user auth on pw and pub-key)
2. Add API communication
3. Wrap some cli tools
My first implementation was done in around 30 minutes in Python but then I decided it would be cool to write it in Rust for more practice. That took me honestly hours...
If it's done I will provide the sources on GitHub. But we can also talk about the details in matrix, just ping me...
And the best #manpageblog is opensource, everyone can use it!
A: Using my 4x #RV64 #VisionFive2 boards - each board has 8GB. This could lead into a temporary and time limited, dedicated usage of 7-30d.
B: It could be shared across with 7 users by #jails on #FreeBSD. Requires better support in FreeBSD.
C: QEMU emulated instances running on amd64
I’d really like to see rv64 being pushed and it was excactly the reason to get those boards to get more experience on that platform. However, just sharing some ideas - it does not mean that they will be available in the near future (but would be cool if so).
You can now find some #smokeping graph on #BoxyBSD's status page: https://boxybsd.com/status/
Do you miss any destination? Let us know!
Any desired destinations missing? Let me know!
If you've lost it, have a look at this great project by @gyptazy :
BoxyBSD - Free FreeBSD Jail/VM Hosting
BoxyBSD just started!
#BoxyBSD is a non-profit VM & service provider for the open-source community with a focus on BSD based Systems like #FreeBSD, #OpenBSD and #NetBSD. BoxyBSD also provides additional services like webhosting, git, email and DNS solutions for #opensource projects to give valuable things back to the community.
You can find out more on https://boxybsd.com or in Matrix #BoxyBSD:bsd.cafe
oh no, oh no, oh no no no no no!