EuroBSDCon 2024

Chris Moerz
.ical

Born and raised in Austria, Chris studied Computer Science at the University of Technology in Vienna, Austria. He's been in IT since the late 90s and started working with FreeBSD around release 5. For the past 14 years he's worked in the construction industry in various IT management roles.

In 2021 he first became more active in the community by becoming a port maintainer and when Greg Wallace at the FreeBSD Foundation founded the Enterprise Working Group in 2023, he joined as volunteer. Since then, he's been an active contributor around bhyve and documentation, working on making FreeBSD even more useful and usable for enterprise use.

You can find Chris on LinkedIn as well as the regular weekly bhyve calls organized by Michael Dexter (see callfortesting.org for more details)

The speaker’s profile picture

Sessions

09-19
11:00
180min
Getting started with the bhyve hypervisor (T1)
Chris Moerz

This tutorial digs into using FreeBSD's bhyve hypervisor and using virtualization for running FreeBSD or other operating systems on top of a FreeBSD host system.

During this tutorial we
- set up a FreeBSD guest VM
- connecting to your vm via serial console and VNC
- connect this VM to the network: routed or bridged?
- use ZFS for snapshotting and restoring VM states
- check out different vm management tools for simplifying bhyve use
- review necessary steps and caveats for virtualizing Windows or Linux

Prerequisites

This tutorial is tailored for an audience that is reasonably well-versed with using FreeBSD or Unix-like operating systems. You need to feel comfortable navigating a command line console and should be aware of networking basics.

You don't need to be familiar with bhyve or any other hypervisor, though it may help. Depending on the audience, we'll take a quick peek at the basics first if necessary.

This course is best enjoyed as a hands-on experience. Hence, there are a handful of requirements that need to be fulfilled so you can participate and follow along - aside from the aforementioned knowledge level, you will need

  • console access to a FreeBSD system, with root level privileges
  • it should be a current 14.0 RELEASE FreeBSD system, with up-to-date patches installed because we will rely on a couple of features that were only introduced recently
  • preferably, said system should be a bare metal system because performance may be impacted otherwise or in the worst case, bhyve will not work
  • you don't necessarily need direct hands-on access to said system, an ssh session will suffice
  • your system should have Internet access to be able to download relevant FreeBSD related files; if you have a current FreeBSD ISO preloaded, it may be just enough to make it without connectivity.

You will need to execute commands on your system and understand the consequences of mistakes. You may lock yourself out of your system if you don't watch out, so be prepared and have a backup.

Tutorials
Foyer A
09-19
15:00
180min
bhyve virtual machines - from standalone to jail (T2)
Chris Moerz

Want to run virtual machines on your FreeBSD system? bhyve will help you with that, but there's so many ways to do it. We'll start with a few simple setup steps to get your first guest running and then move on to improve performance and security.

Who is this for?

This tutorial is tailored for an audience that is reasonably well-versed with using FreeBSD or Unix-like operating systems. You need to feel comfortable navigating a command line console and should be aware of networking basics.

You should already be familiar with bhyve to the degree of having used it before, or at the least you should have participated in the "Getting started with the bhyve hypervisor" tutorial.

What You'll Learn

This tutorial outlines the steps and various ways on
- how to set up the networking for a bridged or a routed virtual machine
- how to put bhyve in a jail and further improve the security of your host
- how to improve or break your CPU and I/O performance of your host and guest

Technical Prerequisites

This tutorial is best enjoyed as a hands-on experience. Hence, there are a handful of requirements that need to be fulfilled so you can participate and follow along - aside from the aforementioned knowledge level, you will need

  • console access to a FreeBSD system, with root level privileges
  • it should be a current 14.0 RELEASE (or newer) FreeBSD system, with up-to-date patches installed because we will rely on a couple of features that were only introduced recently
  • preferably, said system should be a bare metal system because performance may be impacted otherwise or in the worst case, bhyve will not work
  • you don't necessarily need direct hands-on access to said system, an ssh session will suffice
  • your system should have Internet access to be able to download relevant FreeBSD related files; if you have a current FreeBSD ISO preloaded, it may be just enough to make it without connectivity.

You will need to execute commands on your system and understand the consequences of mistakes. You may lock yourself out of your system if you don't watch out, so be prepared and have a backup.

Tutorials
Foyer A
09-20
11:00
360min
From 0 to your own FreeBSD mail server (T10)
Chris Moerz

Even in today's day and age of various free email options and commoditization of email services, there's still many good reasons for running your own mail server - privacy and security just being two of them.
In this tutorial, we'll set up a FreeBSD host with
- certbot for acquiring LetsEncrypt certificates
- postfix smtp server with support for virtual users and multiple domains
- spam assassin spam filter
- amavis virus scanner
- cyrus imap server
- nextcloud webmail with 2-factor auth
- setting up dkim and dmarc
- improved security with pf, fail2ban, sshguard and vnet jails
- caveats and pitfalls

Tutorials
Foyer A