EuroBSDCon 2024

Dave Cottlehuber
.ical

Dave has spent the last 2 decades trying to stay at least 1 step ahead of The Bad Actors on the internet, starting off with OpenBSD 2.8, and the last 9 years with FreeBSD since 9.3, where he has a ports commit bit, and a prediliction for obscure functional programming languages that align with his enjoyment of distributed systems, & power tools with very sharp edges.

  • Professional Yak Herder, shaving BSD-coloured yaks since ~ 2000
  • FreeBSD ports@ committer
  • Ansible DevOops & Elixir developer
  • enjoys telemark skiing, and playing celtic folk music on a variety of instruments
The speaker’s profile picture

Sessions

09-19
11:00
360min
DIY Jails Tutorial - Old Skool & Open Container (OCI) (T9)
Dave Cottlehuber

One of FreeBSD's unique features is the close alignment of containers,
filesystems, and networking, within the base Operating System. There
are many jail manager tools, but they all use the same functionality
under the hood.

This 2024 version will cover an updated version of the core material
as in 2022 & 2023 in the morning, and in the afternoon, dig into using the
new OCI standard jails, using the podman
tools ported to FreeBSD by Doug Rabson.

Join the Elite. Attain Jail Enlightenment.

Along the way, you'll learn how jails are actually built in practice,
from scratch, and deepen your understanding of the relevant bits of
FreeBSD that allow you to do so.

This tutorial is suitable for beginners & intermediates, and will
go at an appropriate pace depending on attendees.

What You'll Learn

  • learn the underlying truth about all jail tools
  • wield & jail ZFS datasets like a ninja
  • how to share data between hosts and jails
  • time & interest permitting, delve into jail networking
    • VNET jails and wireguard
    • route packets with abandon
    • learn about overlay networking to make multiple jail hosts appear as one
  • acquaint yourself with jail security
  • summon customised jails like an arcane sorcerer

Pre-requisites

  • basic knowledge of FreeBSD & sh(1)
  • a vague understanding of ZFS
  • a UNIX laptop capable of SSH and wifi
  • the desire to ascend to a higher realm of reality

What You'll Accomplish

Why yes, you too can write your own Jail Management tool from scratch.
Alternatively, you'll know how existing jail management tools actually
work, and be able to get the most out of them.

You should be generally comfortable with the terminal, and have used
some pf.conf, and zfs already. It doesn't matter if you're not ok with all
of these, but it will be much harder if you've not got some hands-on
experience at all to relate to.

Tutorials
Beech
09-22
17:15
45min
Building an open native FreeBSD CI system from scratch with lua, C, jails & zfs
Dave Cottlehuber

Setting up Continuous Integration & Delivery tools always seems to be very painful. And yet with the powerful tools like ZFS, lua in base, pf.conf and jails on FreeBSD, this could be a whole lot easier. Maybe, even, fun?

This talk covers the following areas, with specific implementation details on FreeBSD.

Interfaces both community and technical

  • what might an "open" CI look like?
  • how could we foster that?
  • the agent-server protocol
  • the per-job configuration
  • server workflow that allows distributing and processing multiple concurrent tasks to many agents

Implementation

  • using jails from C for great good
  • libUCL for validating incoming data
  • Lua and specifically the C-Lua interface, how to use it to build a user-facing plugin system, and how to add a pub-sub system

I hope that, eventually, these tools will be able to be used on more than just FreeBSD, so this should be of interest for all BSD-powered people and organisations.

My wounds from over a decade of Jenkins and many other CI tools have still not healed. They probably never will. Instead, let's talk about building a native CI from scratch, and paper over the scars with something beautiful, and new, and with different bugs and flaws.

FreeBSD
Foyer A