SlideShare a Scribd company logo

Lavigne bsdmag apr13

Dru Lavigne
Dru Lavigne

Article for April issue of BSD Magazine.

Technology
1 of 4
Download to read offline
12 04/2013 S ince its initial release in May, 2011, the newly de- signed FreeNAS 8.x series has added many fea- tures that make this open source storage operat- ing system an attractive option for everyone from home users up to large enterprise users. The initial releases concentrated on improving the graphical administrative interface and the “core” NAS features. These core features include the ability to per- form the following within a graphical interface from a web browser: • import existing UFS or ZFS RAID configurations • import existing disks formatted with FAT, NTFS, or EXT2/3 • create volumes, datasets, and zvols • import existing users, groups, and permissions from Active Directory or LDAP • create Netatalk, NFS, and Samba shares and man- age permissions to those shares • share data over FTP/FTPS, SSH, and TFTP • create iSCSI targets • manage cron jobs, sysctls, and loader.conf values • manage link aggregations, VLANs, and static routes • schedule snapshots, replication, scrubs, and S.M.A. R.T. tests • backup the configuration and perform upgrades Subsequent releases added the following major features to augment the core NAS features: • 8.2.0, released in July, 2012, added the Plugins Jail to allow for the installation of additional software. • 8.3.0, released in October, 2012, added ZFSv28. • 8.3.1, released in March, 2013, added the ability to create ZFS pools on GELI encrypted disks. In addition to major features, each release incorporates bug fixes, new drivers, and minor features to improve the usability of FreeNAS. This article discusses some of these new features in more detail. Plugins Jail FreeNAS 8.2.0 introduced the Plugins Jail, which allows the FreeNAS administrator to extend core NAS function- ality by installing additional applications in order to meet the needs of their specific environment. This functionality is provided through the following components: FreeBSD Jail Provides light-weight, operating system-level virtualiza- tion. Essentially, it installs a separate FreeBSD system onto the FreeNAS host. The jail has its own hostname, IP address, user accounts, processes, and configura- What’s New in FreeNAS 8.x This article highlights some of the new features which have been added to FreeNAS 8.x since July, 2012. These include the Plugins Jail, ZFSv28, and GELI encryption.
www.bsdmag.org What's New in FreeNAS 8.x tion. The FreeNAS implementation includes vimage, which gives the jail its own networking stack and IP broadcasting, as these are required by some file sharing applications. PBI The Push Button Installer format was created by the PC-BSD Project to provide a graphical front-end to the FreeBSD Ports Collection. Applications can be installed and uninstalled from a GUI interface which also pro- vides information about which applications and versions are installed. PBIs are self-contained in that they include all the runtime and library dependencies required by the application. Plugins A FreeNAS plugin extends the PBI format by incorporat- ing the installed software, as well as its configuration op- tions, into the FreeNAS GUI. This allows the plugin to be installed, configured, started/stopped, and uninstalled, all from the FreeNAS GUI. Figure 1 shows how the FreeNAS Control Services screen indicates that three plugins have been installed. Figure 2 shows the configuration screen for the Firefly plugin. In order to install plugins, the Plugins Jail must first be downloaded and installed. If a plugin is not available for the needed software, FreeBSD ports or packages can still be installed within the plugins jail. The only difference is that the installation, configuration, and starting/stopping of the application’s service is performed from the command line of the jail, rather than from the FreeNAS GUI. The Plugins chapter of the FreeNAS Users Guide de- scribes in detail how to install and manage the plugins jail, install and manage plugins, install and manage FreeBSD packages and ports, and how to make custom plugins. This chapter is available at http://doc.freenas.org/index. php/Plugins. ZFSv28 FreeNAS 8.3.0 added support for ZFSv28. This adds the following ZFS features: RAIDZ3 This triple-parity version of ZFS RAID allows up to three disks to fail, with no restrictions on which drives fail, with- out losing data. Replaceable ZIL The ZFS Intent Log is effectively a filesystem journal that manages writes. You can increase performance by dedi- cating a device (typically an SSD or a dedicated disk) to hold the ZIL. If the ZIL is installed on a device and that device fails, it can be replaced without losing the pool. The only data that is lost is the last few seconds of writes which had not yet been committed to the pool. zpool split This command allows you to split a disk from a mirrored pool. Essentially, the pool is cloned to the disk which can then be removed and used to recreate that pool on an- other system. autoexpand This ZFS property allows the administrator to replace smaller disks with larger disks in order to increase the size of the pool. While this is not the recommended way to in- crease pool size, it is the only option when the hardware does not support adding more disks or controllers. ZLE Zero Length Encoding is a fast and simple compression algorithm which only compresses blocks that are filled Figure 2. Configuration Screen for Firefly Plugin Figure 1. Managing Plugins from Control Services Screen
14 04/2013 What’s New with zeroes. This saves space when a thin-provisioned zvol has only used a portion of the size allocated to it. Deduplication Is the process of eliminating duplicate copies of data in order to save space. Once deduplicaton occurs, it can im- prove ZFS performance as less data is written and stored. These features, including how to enable them and any caveats to doing so, are described in more detail in the Volumes chapter of the FreeNAS Users Guide: http://doc. freenas.org/index.php/Volumes. Any ZFS volume created in FreeNAS 8.3.0 or later will automatically be formatted with ZFSv28. Existing FreeN- AS ZFS pools running ZFSv15 can be easily upgraded using the instructions at http://doc.freenas.org/index.php/ Upgrading_FreeNAS#Upgrading_a_ZFS_Pool. Upgrad- ing a pool only takes a few seconds and does not disrupt the use of the FreeNAS system. Encryption FreeNAS 8.3.1, released on March 20, 2013, adds FreeBSD GELI disk encryption, allowing a ZFS pool to be created on top of the AES-256 encrypted disks. This type of encryption is primarily targeted at users who store sensitive data and want to retain the ability to re- move disks from the pool without having to first wipe the disk’s contents. The design is as follows: • This is not the encryption method used by Ora- cle ZFSv30. That version of ZFS has not been open sourced and is the property of Oracle. • This is full disk encryption and not per-filesystem encryption. The underlying drives are first encrypt- ed, then the pool is created on top of the encrypted devices. • This design is suitable for safe disposal of disks inde- pendent of the encryption key. As long as the key and the disks are intact, the system is vulnerable to be- ing decrypted. The encryption key should be protect- ed by a strong passphrase and any backups of the key should be securely stored. • As a backup recovery method (should the pass- phrase be forgotten), a recovery key can be used with the encryption key to decrypt the disks. • The encryption key is per ZFS volume (pool). If you create multiple pools, each pool has its own encryp- tion key. • If the system has a lot of disks, there will be a perfor- mance hit if the CPU does not support AES-NI. If the processor does support the AES-NI instruction set, there should be very little, if any, degradation in per- formance when using encryption. • Data in the ZFS ARC cache and the contents of RAM are unencrypted. • Swap is always encrypted, even on unencrypted vol- umes. • There is no way to convert an existing, unencrypted volume. Instead, the data must be backed up, the ex- isting pool must be destroyed, a new encrypted vol- ume must be created, and the backup restored to the new volume. • Hybrid pools are not supported. In other words, new- ly created vdevs must match the existing encryption scheme. When extending a volume, FreeNAS will au- tomatically encrypt the new vdev being added to the existing encrypted pool. When creating an encrypted ZFS volume, an option is available to initialize the disks with random data. This is recommended as it writes the disks with random data before enabling encryption, which can increase its cryp- tographic strength. However, it will take longer for the volume to be created. Once an encrypted ZFS volume is created, the user should immediately set a passphrase on the encryption key, make a backup of the encryption key, and create a recovery key. Without these, it will be impossible to re- import or replace the disks at a later time. Figure 3 shows the options for managing the encryption and recovery keys which are added to the FreeNAS GUI for managing the volume. Details on how to use these options can be found at http://doc.freenas.org/index.php/Volumes#Key_ Management_for_Encrypted_Volumes. Miscellaneous Features Some of the other features introduced since 8.2.0 include: • a web shell built into the FreeNAS GUI. Clicking this opens a root shell to allow for command line manage- ment of the FreeNAS system from a web browser.Figure 3. Key Management Options for Encrypted Volume
www.bsdmag.org • support for multipath devices on systems containing dual expander SAS backplanes, SAS drives, or du- al expander JBODs with SAS drives. Such hardware will be automatically configured for multipath. • an autotuning script can be used to set various load- er values and sysctls based on system resources and installed hardware components. • a replication window can be set, allowing snapshots taken during the day to be replicated during the eve- ning. • improved reporting graphs make it easier to scroll through time intervals to monitor performance trends. • ZFS ARC stats have been added to top(1). Additional Resources Many resources are available to FreeNAS 8.x users. They include: • the Sourceforge download page: http://sourceforge. net/projects/freenas/files/FreeNAS-8.3.1/ • the per-release documentation, in various download- able formats: http://doc.freenas.org/index.php/Main_ Page • the support page for viewing/creating support tickets and feature requests: http://support.freenas.org • the user forums: http://forums.freenas.org • the Freenode IRC channel: #freenas Dru Lavigne Dru Lavigne is author of BSD Hacks, The Best of FreeBSD Basics, and The Definitive Guide to PC-BSD. As Director of Communi- ty Development for the PC-BSD Project, she leads the documen- tation team, assists new users, helps to find and fix bugs, and reaches out to the community to discover their needs. She is the former Managing Editor of the Open Source Business Resource, a free monthly publication covering open source and the com- mercialization of open source assets. She is founder and cur- rent Chair of the BSD Certification Group Inc., a non-profit orga- nization with a mission to create the standard for certifying BSD system administrators, and serves on the Board of the FreeBSD Foundation.

Recommended

Olf2013
Olf2013Olf2013
Olf2013Dru Lavigne
 
Lavigne aug11 bsdmag
Lavigne aug11 bsdmagLavigne aug11 bsdmag
Lavigne aug11 bsdmagDru Lavigne
 
Bsd ss
Bsd ssBsd ss
Bsd ssDru Lavigne
 
Olf2012
Olf2012Olf2012
Olf2012Dru Lavigne
 
Asiabsdcon14
Asiabsdcon14Asiabsdcon14
Asiabsdcon14Dru Lavigne
 
Scale9x sun
Scale9x sunScale9x sun
Scale9x sunDru Lavigne
 
Dru lavigne servers-tutorial
Dru lavigne servers-tutorialDru lavigne servers-tutorial
Dru lavigne servers-tutorialDru Lavigne
 
Lavigne bsdmag-jan2012
Lavigne bsdmag-jan2012Lavigne bsdmag-jan2012
Lavigne bsdmag-jan2012Dru Lavigne
 

Recommended

Olf2013
Olf2013Olf2013
Olf2013Dru Lavigne
 
Lavigne aug11 bsdmag
Lavigne aug11 bsdmagLavigne aug11 bsdmag
Lavigne aug11 bsdmagDru Lavigne
 
Bsd ss
Bsd ssBsd ss
Bsd ssDru Lavigne
 
Olf2012
Olf2012Olf2012
Olf2012Dru Lavigne
 
Asiabsdcon14
Asiabsdcon14Asiabsdcon14
Asiabsdcon14Dru Lavigne
 
Scale9x sun
Scale9x sunScale9x sun
Scale9x sunDru Lavigne
 
Dru lavigne servers-tutorial
Dru lavigne servers-tutorialDru lavigne servers-tutorial
Dru lavigne servers-tutorialDru Lavigne
 
Lavigne bsdmag-jan2012
Lavigne bsdmag-jan2012Lavigne bsdmag-jan2012
Lavigne bsdmag-jan2012Dru Lavigne
 
Fsoss2011
Fsoss2011Fsoss2011
Fsoss2011Dru Lavigne
 
Posscon2013
Posscon2013Posscon2013
Posscon2013Dru Lavigne
 
Nycbsdcon14
Nycbsdcon14Nycbsdcon14
Nycbsdcon14Dru Lavigne
 
Asiabsdcon15
Asiabsdcon15Asiabsdcon15
Asiabsdcon15Dru Lavigne
 
Asiabsdcon14 lavigne
Asiabsdcon14 lavigneAsiabsdcon14 lavigne
Asiabsdcon14 lavigneDru Lavigne
 
Oclug 2010
Oclug 2010Oclug 2010
Oclug 2010Dru Lavigne
 
Flourish11
Flourish11Flourish11
Flourish11Dru Lavigne
 
Ilf2013
Ilf2013Ilf2013
Ilf2013Dru Lavigne
 
Tlf2014
Tlf2014Tlf2014
Tlf2014Dru Lavigne
 
Flourish16
Flourish16Flourish16
Flourish16Dru Lavigne
 
Ilf2012
Ilf2012Ilf2012
Ilf2012Dru Lavigne
 
Lavigne bsdmag sept12
Lavigne bsdmag sept12Lavigne bsdmag sept12
Lavigne bsdmag sept12Dru Lavigne
 
Scale 2010: BSD for Linux Users
Scale 2010: BSD for Linux UsersScale 2010: BSD for Linux Users
Scale 2010: BSD for Linux UsersDru Lavigne
 
Lavigne bsdmag-jan13
Lavigne bsdmag-jan13Lavigne bsdmag-jan13
Lavigne bsdmag-jan13Dru Lavigne
 
Ilf2011
Ilf2011Ilf2011
Ilf2011Dru Lavigne
 
Article may11 bsdmag
Article may11 bsdmagArticle may11 bsdmag
Article may11 bsdmagDru Lavigne
 
SELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux UsersSELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux UsersDru Lavigne
 
Lavigne sept11 bsdmag
Lavigne sept11 bsdmagLavigne sept11 bsdmag
Lavigne sept11 bsdmagDru Lavigne
 
Lavigne bsdmag july
Lavigne bsdmag julyLavigne bsdmag july
Lavigne bsdmag julyDru Lavigne
 
Lavigne bsdmag march12
Lavigne bsdmag march12Lavigne bsdmag march12
Lavigne bsdmag march12Dru Lavigne
 
Fsoss12
Fsoss12Fsoss12
Fsoss12Dru Lavigne
 
Lavigne bsdmag june11
Lavigne bsdmag june11Lavigne bsdmag june11
Lavigne bsdmag june11Dru Lavigne
 

More Related Content

What's hot

Asiabsdcon14 lavigne
Asiabsdcon14 lavigneAsiabsdcon14 lavigne
Asiabsdcon14 lavigneDru Lavigne
 
Lavigne bsdmag sept12
Lavigne bsdmag sept12Lavigne bsdmag sept12
Lavigne bsdmag sept12Dru Lavigne
 
Scale 2010: BSD for Linux Users
Scale 2010: BSD for Linux UsersScale 2010: BSD for Linux Users
Scale 2010: BSD for Linux UsersDru Lavigne
 
Lavigne bsdmag-jan13
Lavigne bsdmag-jan13Lavigne bsdmag-jan13
Lavigne bsdmag-jan13Dru Lavigne
 
Article may11 bsdmag
Article may11 bsdmagArticle may11 bsdmag
Article may11 bsdmagDru Lavigne
 
SELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux UsersSELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux UsersDru Lavigne
 
Lavigne sept11 bsdmag
Lavigne sept11 bsdmagLavigne sept11 bsdmag
Lavigne sept11 bsdmagDru Lavigne
 
Lavigne bsdmag july
Lavigne bsdmag julyLavigne bsdmag july
Lavigne bsdmag julyDru Lavigne
 
Lavigne bsdmag march12
Lavigne bsdmag march12Lavigne bsdmag march12
Lavigne bsdmag march12Dru Lavigne
 

What's hot (20)

Fsoss2011
Fsoss2011Fsoss2011
Fsoss2011
 
Posscon2013
Posscon2013Posscon2013
Posscon2013
 
Nycbsdcon14
Nycbsdcon14Nycbsdcon14
Nycbsdcon14
 
Asiabsdcon15
Asiabsdcon15Asiabsdcon15
Asiabsdcon15
 
Asiabsdcon14 lavigne
Asiabsdcon14 lavigneAsiabsdcon14 lavigne
Asiabsdcon14 lavigne
 
Oclug 2010
Oclug 2010Oclug 2010
Oclug 2010
 
Flourish11
Flourish11Flourish11
Flourish11
 
Ilf2013
Ilf2013Ilf2013
Ilf2013
 
Tlf2014
Tlf2014Tlf2014
Tlf2014
 
Flourish16
Flourish16Flourish16
Flourish16
 
Ilf2012
Ilf2012Ilf2012
Ilf2012
 
Lavigne bsdmag sept12
Lavigne bsdmag sept12Lavigne bsdmag sept12
Lavigne bsdmag sept12
 
Scale 2010: BSD for Linux Users
Scale 2010: BSD for Linux UsersScale 2010: BSD for Linux Users
Scale 2010: BSD for Linux Users
 
Lavigne bsdmag-jan13
Lavigne bsdmag-jan13Lavigne bsdmag-jan13
Lavigne bsdmag-jan13
 
Ilf2011
Ilf2011Ilf2011
Ilf2011
 
Article may11 bsdmag
Article may11 bsdmagArticle may11 bsdmag
Article may11 bsdmag
 
SELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux UsersSELF 2010: BSD For Linux Users
SELF 2010: BSD For Linux Users
 
Lavigne sept11 bsdmag
Lavigne sept11 bsdmagLavigne sept11 bsdmag
Lavigne sept11 bsdmag
 
Lavigne bsdmag july
Lavigne bsdmag julyLavigne bsdmag july
Lavigne bsdmag july
 
Lavigne bsdmag march12
Lavigne bsdmag march12Lavigne bsdmag march12
Lavigne bsdmag march12
 

Similar to Lavigne bsdmag apr13

Lavigne bsdmag june11
Lavigne bsdmag june11Lavigne bsdmag june11
Lavigne bsdmag june11Dru Lavigne
 
Zettabyte File Storage System
Zettabyte File Storage SystemZettabyte File Storage System
Zettabyte File Storage SystemAmdocs
 
Zettabyte File Storage System
Zettabyte File Storage SystemZettabyte File Storage System
Zettabyte File Storage SystemAmdocs
 
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)David Sweigert
 
Xen server storage Overview
Xen server storage OverviewXen server storage Overview
Xen server storage OverviewNuno Alves
 
Study notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerStudy notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerDavid Sweigert
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guidejasembo
 
Gpfs introandsetup
Gpfs introandsetupGpfs introandsetup
Gpfs introandsetupasihan
 
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]Krisman Tarigan
 
The PrimeArray solution for massive data storage
The PrimeArray solution for massive data storageThe PrimeArray solution for massive data storage
The PrimeArray solution for massive data storagePrime Array
 

Similar to Lavigne bsdmag apr13 (20)

Fsoss12
Fsoss12Fsoss12
Fsoss12
 
Lavigne bsdmag june11
Lavigne bsdmag june11Lavigne bsdmag june11
Lavigne bsdmag june11
 
Nelf2013
Nelf2013Nelf2013
Nelf2013
 
Self2013
Self2013Self2013
Self2013
 
Nelf2012
Nelf2012Nelf2012
Nelf2012
 
Zettabyte File Storage System
Zettabyte File Storage SystemZettabyte File Storage System
Zettabyte File Storage System
 
Zettabyte File Storage System
Zettabyte File Storage SystemZettabyte File Storage System
Zettabyte File Storage System
 
Scale2014
Scale2014Scale2014
Scale2014
 
Tlf2012
Tlf2012Tlf2012
Tlf2012
 
Fossetcon14
Fossetcon14Fossetcon14
Fossetcon14
 
Fosscon2013
Fosscon2013Fosscon2013
Fosscon2013
 
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
 
Sweden11
Sweden11Sweden11
Sweden11
 
Xen server storage Overview
Xen server storage OverviewXen server storage Overview
Xen server storage Overview
 
Study notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerStudy notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security Practitioner
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
 
Gpfs introandsetup
Gpfs introandsetupGpfs introandsetup
Gpfs introandsetup
 
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]
18587936 squid-proxy-configuration-guide - [the-xp.blogspot.com]
 
ZFS
ZFSZFS
ZFS
 
The PrimeArray solution for massive data storage
The PrimeArray solution for massive data storageThe PrimeArray solution for massive data storage
The PrimeArray solution for massive data storage
 

More from Dru Lavigne

FreeBSD System Administration Using SysAdm
FreeBSD System Administration Using SysAdmFreeBSD System Administration Using SysAdm
FreeBSD System Administration Using SysAdmDru Lavigne
 
Dru lavigne oss-sysadmin
Dru lavigne oss-sysadminDru lavigne oss-sysadmin
Dru lavigne oss-sysadminDru Lavigne
 
Dru lavigne oss-desktop_apps
Dru lavigne oss-desktop_appsDru lavigne oss-desktop_apps
Dru lavigne oss-desktop_appsDru Lavigne
 

More from Dru Lavigne (16)

Olf2018
Olf2018Olf2018
Olf2018
 
Olf2017
Olf2017Olf2017
Olf2017
 
FreeBSD System Administration Using SysAdm
FreeBSD System Administration Using SysAdmFreeBSD System Administration Using SysAdm
FreeBSD System Administration Using SysAdm
 
Asiabsdcon2017
Asiabsdcon2017Asiabsdcon2017
Asiabsdcon2017
 
Olf2016
Olf2016Olf2016
Olf2016
 
Tlf2016
Tlf2016Tlf2016
Tlf2016
 
Knoxbug2016
Knoxbug2016Knoxbug2016
Knoxbug2016
 
Lfnw2016
Lfnw2016Lfnw2016
Lfnw2016
 
Scale2016
Scale2016Scale2016
Scale2016
 
Fossetcon15
Fossetcon15Fossetcon15
Fossetcon15
 
Lfnw15
Lfnw15Lfnw15
Lfnw15
 
Scale2015
Scale2015Scale2015
Scale2015
 
Olf2014
Olf2014Olf2014
Olf2014
 
Ghc14
Ghc14Ghc14
Ghc14
 
Dru lavigne oss-sysadmin
Dru lavigne oss-sysadminDru lavigne oss-sysadmin
Dru lavigne oss-sysadmin
 
Dru lavigne oss-desktop_apps
Dru lavigne oss-desktop_appsDru lavigne oss-desktop_apps
Dru lavigne oss-desktop_apps
 

Recently uploaded

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

Lavigne bsdmag apr13

  • 1. 12 04/2013 S ince its initial release in May, 2011, the newly de- signed FreeNAS 8.x series has added many fea- tures that make this open source storage operat- ing system an attractive option for everyone from home users up to large enterprise users. The initial releases concentrated on improving the graphical administrative interface and the “core” NAS features. These core features include the ability to per- form the following within a graphical interface from a web browser: • import existing UFS or ZFS RAID configurations • import existing disks formatted with FAT, NTFS, or EXT2/3 • create volumes, datasets, and zvols • import existing users, groups, and permissions from Active Directory or LDAP • create Netatalk, NFS, and Samba shares and man- age permissions to those shares • share data over FTP/FTPS, SSH, and TFTP • create iSCSI targets • manage cron jobs, sysctls, and loader.conf values • manage link aggregations, VLANs, and static routes • schedule snapshots, replication, scrubs, and S.M.A. R.T. tests • backup the configuration and perform upgrades Subsequent releases added the following major features to augment the core NAS features: • 8.2.0, released in July, 2012, added the Plugins Jail to allow for the installation of additional software. • 8.3.0, released in October, 2012, added ZFSv28. • 8.3.1, released in March, 2013, added the ability to create ZFS pools on GELI encrypted disks. In addition to major features, each release incorporates bug fixes, new drivers, and minor features to improve the usability of FreeNAS. This article discusses some of these new features in more detail. Plugins Jail FreeNAS 8.2.0 introduced the Plugins Jail, which allows the FreeNAS administrator to extend core NAS function- ality by installing additional applications in order to meet the needs of their specific environment. This functionality is provided through the following components: FreeBSD Jail Provides light-weight, operating system-level virtualiza- tion. Essentially, it installs a separate FreeBSD system onto the FreeNAS host. The jail has its own hostname, IP address, user accounts, processes, and configura- What’s New in FreeNAS 8.x This article highlights some of the new features which have been added to FreeNAS 8.x since July, 2012. These include the Plugins Jail, ZFSv28, and GELI encryption.
  • 2. www.bsdmag.org What's New in FreeNAS 8.x tion. The FreeNAS implementation includes vimage, which gives the jail its own networking stack and IP broadcasting, as these are required by some file sharing applications. PBI The Push Button Installer format was created by the PC-BSD Project to provide a graphical front-end to the FreeBSD Ports Collection. Applications can be installed and uninstalled from a GUI interface which also pro- vides information about which applications and versions are installed. PBIs are self-contained in that they include all the runtime and library dependencies required by the application. Plugins A FreeNAS plugin extends the PBI format by incorporat- ing the installed software, as well as its configuration op- tions, into the FreeNAS GUI. This allows the plugin to be installed, configured, started/stopped, and uninstalled, all from the FreeNAS GUI. Figure 1 shows how the FreeNAS Control Services screen indicates that three plugins have been installed. Figure 2 shows the configuration screen for the Firefly plugin. In order to install plugins, the Plugins Jail must first be downloaded and installed. If a plugin is not available for the needed software, FreeBSD ports or packages can still be installed within the plugins jail. The only difference is that the installation, configuration, and starting/stopping of the application’s service is performed from the command line of the jail, rather than from the FreeNAS GUI. The Plugins chapter of the FreeNAS Users Guide de- scribes in detail how to install and manage the plugins jail, install and manage plugins, install and manage FreeBSD packages and ports, and how to make custom plugins. This chapter is available at http://doc.freenas.org/index. php/Plugins. ZFSv28 FreeNAS 8.3.0 added support for ZFSv28. This adds the following ZFS features: RAIDZ3 This triple-parity version of ZFS RAID allows up to three disks to fail, with no restrictions on which drives fail, with- out losing data. Replaceable ZIL The ZFS Intent Log is effectively a filesystem journal that manages writes. You can increase performance by dedi- cating a device (typically an SSD or a dedicated disk) to hold the ZIL. If the ZIL is installed on a device and that device fails, it can be replaced without losing the pool. The only data that is lost is the last few seconds of writes which had not yet been committed to the pool. zpool split This command allows you to split a disk from a mirrored pool. Essentially, the pool is cloned to the disk which can then be removed and used to recreate that pool on an- other system. autoexpand This ZFS property allows the administrator to replace smaller disks with larger disks in order to increase the size of the pool. While this is not the recommended way to in- crease pool size, it is the only option when the hardware does not support adding more disks or controllers. ZLE Zero Length Encoding is a fast and simple compression algorithm which only compresses blocks that are filled Figure 2. Configuration Screen for Firefly Plugin Figure 1. Managing Plugins from Control Services Screen
  • 3. 14 04/2013 What’s New with zeroes. This saves space when a thin-provisioned zvol has only used a portion of the size allocated to it. Deduplication Is the process of eliminating duplicate copies of data in order to save space. Once deduplicaton occurs, it can im- prove ZFS performance as less data is written and stored. These features, including how to enable them and any caveats to doing so, are described in more detail in the Volumes chapter of the FreeNAS Users Guide: http://doc. freenas.org/index.php/Volumes. Any ZFS volume created in FreeNAS 8.3.0 or later will automatically be formatted with ZFSv28. Existing FreeN- AS ZFS pools running ZFSv15 can be easily upgraded using the instructions at http://doc.freenas.org/index.php/ Upgrading_FreeNAS#Upgrading_a_ZFS_Pool. Upgrad- ing a pool only takes a few seconds and does not disrupt the use of the FreeNAS system. Encryption FreeNAS 8.3.1, released on March 20, 2013, adds FreeBSD GELI disk encryption, allowing a ZFS pool to be created on top of the AES-256 encrypted disks. This type of encryption is primarily targeted at users who store sensitive data and want to retain the ability to re- move disks from the pool without having to first wipe the disk’s contents. The design is as follows: • This is not the encryption method used by Ora- cle ZFSv30. That version of ZFS has not been open sourced and is the property of Oracle. • This is full disk encryption and not per-filesystem encryption. The underlying drives are first encrypt- ed, then the pool is created on top of the encrypted devices. • This design is suitable for safe disposal of disks inde- pendent of the encryption key. As long as the key and the disks are intact, the system is vulnerable to be- ing decrypted. The encryption key should be protect- ed by a strong passphrase and any backups of the key should be securely stored. • As a backup recovery method (should the pass- phrase be forgotten), a recovery key can be used with the encryption key to decrypt the disks. • The encryption key is per ZFS volume (pool). If you create multiple pools, each pool has its own encryp- tion key. • If the system has a lot of disks, there will be a perfor- mance hit if the CPU does not support AES-NI. If the processor does support the AES-NI instruction set, there should be very little, if any, degradation in per- formance when using encryption. • Data in the ZFS ARC cache and the contents of RAM are unencrypted. • Swap is always encrypted, even on unencrypted vol- umes. • There is no way to convert an existing, unencrypted volume. Instead, the data must be backed up, the ex- isting pool must be destroyed, a new encrypted vol- ume must be created, and the backup restored to the new volume. • Hybrid pools are not supported. In other words, new- ly created vdevs must match the existing encryption scheme. When extending a volume, FreeNAS will au- tomatically encrypt the new vdev being added to the existing encrypted pool. When creating an encrypted ZFS volume, an option is available to initialize the disks with random data. This is recommended as it writes the disks with random data before enabling encryption, which can increase its cryp- tographic strength. However, it will take longer for the volume to be created. Once an encrypted ZFS volume is created, the user should immediately set a passphrase on the encryption key, make a backup of the encryption key, and create a recovery key. Without these, it will be impossible to re- import or replace the disks at a later time. Figure 3 shows the options for managing the encryption and recovery keys which are added to the FreeNAS GUI for managing the volume. Details on how to use these options can be found at http://doc.freenas.org/index.php/Volumes#Key_ Management_for_Encrypted_Volumes. Miscellaneous Features Some of the other features introduced since 8.2.0 include: • a web shell built into the FreeNAS GUI. Clicking this opens a root shell to allow for command line manage- ment of the FreeNAS system from a web browser.Figure 3. Key Management Options for Encrypted Volume
  • 4. www.bsdmag.org • support for multipath devices on systems containing dual expander SAS backplanes, SAS drives, or du- al expander JBODs with SAS drives. Such hardware will be automatically configured for multipath. • an autotuning script can be used to set various load- er values and sysctls based on system resources and installed hardware components. • a replication window can be set, allowing snapshots taken during the day to be replicated during the eve- ning. • improved reporting graphs make it easier to scroll through time intervals to monitor performance trends. • ZFS ARC stats have been added to top(1). Additional Resources Many resources are available to FreeNAS 8.x users. They include: • the Sourceforge download page: http://sourceforge. net/projects/freenas/files/FreeNAS-8.3.1/ • the per-release documentation, in various download- able formats: http://doc.freenas.org/index.php/Main_ Page • the support page for viewing/creating support tickets and feature requests: http://support.freenas.org • the user forums: http://forums.freenas.org • the Freenode IRC channel: #freenas Dru Lavigne Dru Lavigne is author of BSD Hacks, The Best of FreeBSD Basics, and The Definitive Guide to PC-BSD. As Director of Communi- ty Development for the PC-BSD Project, she leads the documen- tation team, assists new users, helps to find and fix bugs, and reaches out to the community to discover their needs. She is the former Managing Editor of the Open Source Business Resource, a free monthly publication covering open source and the com- mercialization of open source assets. She is founder and cur- rent Chair of the BSD Certification Group Inc., a non-profit orga- nization with a mission to create the standard for certifying BSD system administrators, and serves on the Board of the FreeBSD Foundation.