Dag-Erling Smorgrav: Disks and equipment

Published on August 13, 2010 in FreeBSD, en and tech. Closed

Here is a quick overview of the disks used in my tests:

Brand Model Capacity Speed Interface Notes
Western Digital WD4000AAKS 400 GB 7,200 rpm SATA 3 Gbps  
Western Digital WD10EARS 1 TB > 5,400 rpm SATA 3 Gbps 1
Western Digital WD20EARS 2 TB > 5,400 rpm SATA 3 Gbps 2
Western Digital WD20EADS 2 TB > 5,400 rpm SATA 3 Gbps 3
Hitachi HDS722020ALA330 2 TB 7,200 rpm SATA 3 Gbps 3

The computer runs FreeBSD 9 on an Intel E6600 with an ICH9 chipset and 4 GB RAM. For convenience, the disks were tested in an Akasa Duo Dock connected by eSATA cable to one of the ICH9 SATA ports.

1 Kindly provided by Alastair Hogge

2 Kindly provided by GetOnline Ltd.

3 Kindly provided by Dansk Scanning AS

Dag-Erling Smorgrav: Benchmarking Advanced Format drives

Published on August 13, 2010 in FreeBSD, en and tech. Closed

In the previous post, I discussed Western Digital's “Advanced Format” drives and the problems caused by their misreporting their real, physical sector size.

I wrote a benchmark utility to demonstrate the performance penalty of unaligned accesses and uncover a drive's physical sector size. What it does is write blocks of zeroes varying size at regular intervals. For each block size, it writes a total of 128 MB at intervals of four times the block size, and at an offset that varies from 512 bytes up to half of the block size.

With the default settings, the first pass will write 131,072 1,024-byte blocks at n × 4,096, and the second pass will do the same at n × 4,096 + 512. The third, fourth and fifth passes will write 65,536 2,048-byte blocks each at n × 8,192, n × 8,192 + 512 and n × 8,192 + 1,024. It will make four more passes with 4,096-byte blocks and five with 8,192-byte blocks.

Here's the idea: most passes will be very slow (up to half an hour per pass), but when we hit the right block size and alignment, performance will skyrocket; so on—let's say—a WD20EARS with factory settings, passes 6 (4,096 bytes at offset 0), 10 (8,192 bytes at offset 0) and 14 (8192 bytes at offset 4,096) should stand out from the crowd. In fact, here are the results for passes 6 through 9:

   count    size  offset    step        msec     tps    kBps
   32768    4096       0   16384       19503     138    6720
   32768    4096     512   16384     1216537       2     107
   32768    4096    1024   16384     1213479       2     108
   32768    4096    2048   16384     1214623       2     107

Pass 6 takes 20 seconds, while passes 7, 8 and 9 take 20 minutes.

Let me rephrase that: properly aligned non-sequential writes are faster than misaligned ones by a factor of sixty.

Sixty. Six zero.

We really, really need to get that fixed somehow.

That's not the whole story, though. Let's see how it compares to a 7,200 rpm, 2 TB Hitachi Deskstar (HDS722020ALA330) with 512-byte physical sectors:

   count    size  offset    step        msec     tps    kBps
   32768    4096       0   16384        8803     307   14889
   32768    4096     512   16384        8701     310   15063
   32768    4096    1024   16384        8735     309   15004
   32768    4096    2048   16384        8705     310   15056

The Hitachi blows through the test so fast you don't even have time to make yourself a cup of coffee, let alone drink it.

This is a 7,200 rpm, 400 GB Caviar SE16 (WD4000AAKS)—more than three years old, so don't expect too much:

   count    size  offset    step        msec     tps    kBps
   32768    4096       0   16384       21348     126    6139
   32768    4096     512   16384       21674     124    6047
   32768    4096    1024   16384       20799     129    6301
   32768    4096    2048   16384       21031     128    6232

So, about the same as we get from the WD20EARS with aligned writes.

Now, here's the kicker. The last drive in my test lineup is a WD20EADS—almost the same as the WD20EARS, but with 512-byte sectors and only 32 MB cache (although cache doesn't mean anything here—I made sure my test program writes enough data to blow through the cache on every pass).

   count    size  offset    step        msec     tps    kBps
   32768    4096       0   16384       22811     118    5745
   32768    4096     512   16384       19552     138    6703
   32768    4096    1024   16384       36945      73    3547
   32768    4096    2048   16384       50102      53    2616

Ouch. It's not just slow, it's also very inconsistent. I have no idea what to make of that.

Note 1: I did not mention rotational speed for the WD Green disks, because Western Digital themselves do not specify one; the spec sheet just says “IntelliPower”. Not sure what to make of that, either. Tom's Hardware contradict themselves, saying in one review that it means 5,400, and in another that it means it varies. Meanwhile, my supplier claim the WD20EARS rotates at 7,200 rpm. Go figure.

Note 2: I also have a 1 TB WD10EARS, but I haven't tested it yet. I expect it to perform pretty much as well (or as poorly, depending on your perspective) as the WD20EARS.

Update: the results for the WD10EARS are in. Strangely, it is much faster at unaligned writes than the WD20EARS, although it's a little slower at aligned writes.

   count    size  offset    step        msec     tps    kBps
   32768    4096       0   16384       23105     116    5672
   32768    4096     512   16384       79285      34    1653
   32768    4096    1024   16384       75814      35    1728
   32768    4096    2048   16384       79920      33    1640

A naïve sequential-write benchmark (diskinfo -t) suggests that it's about 20% slower overall. It is possible that both disks use a striped layout internally, so the WD20EARS gets better results because it has more platters. If that is the case, it should be possible to modify phybs to detect the stripe size.

Dag-Erling Smorgrav: Exploring WD Advanced Format drives

Published on August 13, 2010 in FreeBSD, en and tech. Closed

I've been playing with WD Green disks, trying to solve the 4,096-byte sector problem. To summarize, Western Digital have started to move from 512-byte sectors to 4,096-byte sectors in order to reduce overhead and thereby increase the amount of data that can be stored on the same amount of platters with the same density. These disks (specifically, the EARS and AARS series) emulate 512-byte sectors for compatibility with older BIOSes and operating systems, but the problem is that they report 512-byte logical and physical sectors instead of 512/4,096.

If the length of a write operation is not a multiple of 4,096, or it does not begin at an address divisible by 4,096, either the beginning or the end of the operation, or both, will cover only part of a sector. This requires the disk to do a read-modify-write operation, meaning that it has to read a complete 4,096-byte sector, update parts of it, and write it back. This is extremely inefficient, as I will demonstrate later.

The reason why this matters so much is subtle. For efficiency reasons, most modern filesystems use on-disk structures of 4,096 bytes or more, so it shouldn't matter, right? But on PCs, for legacy reasons, the first filesystem on a disk (or rather, the first partition) usually starts at sector 63, and 63 × 512 is not a multiple of 4,096. This means that every write operation will be misaligned.

In most cases, you can work around this by making sure, when you partition a new disk, that the first partition starts on a 4,096-byte boundary - say, sector 64 instead of 63. In addition to that, the WD EARS and AARS disks have a jumper setting that makes the disk offset every read or write operation by exactly one logical sector, so what the computer thinks is logical sector 0 is actually logical sector 1, and what the computer thinks is logical sector 63 is actually logical sector 64. Unfortunately, this means that systems that use the whole disk, starting at address 0, or that already take care to align their writes on 4096-byte boundaries, are screwed.

There is another problem: ZFS. ZFS operates on variable-sized blocks of any power of two between 512 bytes and 128 kilobytes. The only way to prevent ZFS from using block sizes smaller than 4,096 bytes is to build your vdevs from devices which advertise 4,096-byte sectors.

The ideal solution is to either a) force the disk to advertise its true physical sector size, or b) hack FreeBSD so it recognizes disks with 4,096-byte sectors.

Regarding the first option, it might be possible to lobby Western Digital to release a firmware upgrade like they did for the auto-idle issue.

As for the second solution, there is an important question: should we do this unconditionally? If we do, then misaligned filesystems on existing disks will become inaccessible. However, one could argue that those filesystems are already essentially unusable due to atrocious performance.

Steven Kreuzer: East Coast FreeBSD Mirror

Published on August 12, 2010 in FreeBSD. Closed

Now that the press release is out, I am finally able to talk freely about a project I have working on for almost close to a year now.

Pretty much since the time that The NYC BSD Users Group was formed, The NY Internet Company have donated a full cabinet and a 10 Mb internet connection to NYCBUG. We used that space to host our website and mailing lists, hardware for developers and mirrors for all the major BSD projects.

In October of 2009, I received an email inviting me to a grand opening party at NYI’s new state of the art data center located in Bridgewater, NJ. I asked some folks on core@ if they thought it would be worthwhile to approach NYI to see if they would be willing to donate a few cabinets so we could build out a FreeBSD mirror on the east coast. gnn, jhb and I had a very informal meeting with Phil from NYI and after asking him if they would be willing to provide us with a few cabinets, some power and bandwidth, without thought or hesitation he said yes. The possibility of putting a mirror of FreeBSD.org on the east coast quickly became possible.

Fast forward to today, with very generous donations from NYI, iX systems, Juniper Networks and Exatrol we are pleased to announce the FreeBSD east coast mirror.

We now have a fully distributed infrastructure that allows us to remain online in the event of a disaster at the west coast facility, spread our traffic among two different locations, provides us to enough power and bandwidth to scale out our packing building cluster and also puts an official FreeBSD mirror much closer to people in Europe.

However, I feel that the most impressive and interesting feature of this datacenter is that it is composed entirely of products based on FreeBSD in some way shape or form.
The number of companies choosing to use FreeBSD in their products when they care about performance, reliability and scalability are growing. We are now at the point where you can deploy an entire datacenter without having to deal with non unix like operating systems. Not only does this east coast mirror add necessary and critical infrastructure to continue to development of FreeBSD, but it can also become a model for future data centers you deploy.

In the near future, I plan to write more about the build out of this mirror as well as some of the technology behind it. Stay tuned.

Murray Stokely: BSDCan on Google’s Open Source Blog

Published on August 11, 2010 in BSD, BSDCan, FreeBSD and Google. Closed
A coworker of mine, Kirk Russell, just posted an excellent summary of BSDCan through the years on the Google Open Source Blog.

I wasn't able to make it to BSDCan this year due to family commitments, but I did make it to another open source conference later this summer that I also wrote about on Google's open source blog.

Kirk and I haven't worked closely together but we both do our best at evangelizing BSD and open source inside our respective corners of the company. It's great to see his post about all the excellent work happening in the BSD community on a corporate blog.

Dru Lavigne: FreeBSD Foundation Turns to NYI for East Coast US Mirror

Published on August 10, 2010 in new mirror, nyi and press release. Closed
From this morning's joint press release (available for PDF download):

Deployment Adds Enterprise-Grade Redundancy for Improved Reliability, Reduced Latency, High-Speed Backups and Other Efficiencies

BOULDER, CO, August 10, 2010 — The FreeBSD Foundation, a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community, today announced that NYI, a New York City-based, mission-critical data services provider, will be mirroring key West coast infrastructure at NYI's 999 Frontier Road data center in Bridgewater, New Jersey, a recently opened 40,000 square foot facility.

In addition to providing enterprise-grade redundancy and reliability for the Project's infrastructure, the East coast mirror will reduce latency during heavy download times, distribute load between the two coasts, and allow for up-to-date backups of all Project data that can be synchronized via high-speed Internet connections.

"Having a well-connected, secondary site with NYI's amenities to host FreeBSD project infrastructure means that we can move services between sites when doing scheduled maintenance to improve reliability for FreeBSD developers and users," said Simon L. Nielsen, FreeBSD.org administrative team. He added, "The new site also enables us to expand significantly the available hardware for FreeBSD package building, allowing the FreeBSD ports team to perform QA test builds and quickly produce binary FreeBSD packages for end-users."

"We are long-time open-source advocates," said Phillip Koblence, VP Operations, NYI. "The FreeBSD Foundation in particular represents everything that got us into technology in the first place. With this deployment, we take our commitment to a new level in the hope that what we are doing lays the foundation for next-generation data centers built around FreeBSD. As many people in the community know, NYI's 999 Frontier Road facility features many of the Project's efforts, as everything from PDUs to the servers run FreeBSD."

The East coast mirror at 999 Frontier is also notable because it replaces aging and inadequate hardware; provides dual-configuration so that experimental vs. production runs can be separated out, allowing changes to the ports system to be evaluated continuously rather the interrupting production flow; deploys to multiple sites, providing resiliency in the event of a failure; provides build capacity required to support the ports ABI changes required to improve the foundations for binary package support while maintaining ports-stable regression testing.

The FreeBSD Foundation is pleased to have been able to fund the purchase of the hardware. Brad Davis, Mark Linimon, and Simon Nielsen from the FreeBSD Project worked on the configuration, along with key members of the NYI team.

About The FreeBSD Foundation
The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community. The Foundation gratefully accepts donations from individuals and businesses, using them to fund and manage projects, sponsor FreeBSD events, Developer Summits and provide travel grants to FreeBSD developers. In addition, the Foundation represents the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity. The FreeBSD Foundation is entirely supported by donations. More information about The FreeBSD Foundation is available on the web.

About NYI
Established in 1996, NYI is headquartered in the heart of the Wall Street area and owns and maintains its own data centers, including 999 Frontier, a newly opened 40,000 square foot facility in Bridgewater, New Jersey. The company's core services include colocation, dedicated servers, web and email hosting, and managed services, as well as turnkey disaster recovery and business continuity solutions from its Bridgewater location. With high-bandwidth connectivity partners AboveNet, Verizon Business, Optimum Lightpath, and AT&T, NYI specializes in mission-critical data services for the financial services industry, in addition to customers from a broad range of industries, including media, law, fashion, architecture, life sciences and real estate. NYI is SAS 70 Type II-compliant, in additon to being both PCI and HIPAA compliant. For more information, visit.

A Year in the Life of a BSD Guru: FreeBSD Foundation Turns to NYI for East Coast US Mirror

Published on August 10, 2010 in BSD, FreeBSD, FreeBSD Foundation, infrastructure and nyi. Closed
From this morning's joint press release: Deployment Adds Enterprise-Grade Redundancy for Improved Reliability, Reduced Latency, High-Speed Backups and Other Efficiencies BOULDER, CO, August 10, 2010 — The FreeBSD Foundation, a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community, today announced that NYI, a New York City-based, mission-critical data services provider, will be mirroring key West coast infrastructure at NYI's 999 Frontier Road data center in Bridgewater, New Jersey, a recently opened 4

Oleksandr Tymoshenko: Flyswatter JTAG and AVR32

Published on August 9, 2010 in Flyswatter, FreeBSD, JTAG and avr32. Closed
Today I soldered AVR32 adapter for Flyswatter JTAG. Actually it's very simple task - just connect respective pins and make common ground wire. No capacitors, resistors or MOSFETs. Idea was to make it nice and neat but having bought wrong breadboard and soldered first headers in a wrong place I just let it flow and here it is:

 


From aesthetics point of view suck, but it also works and it's everything I need:

Info : JTAG tap: avr32.cpu tap/device found: 0x21e8203f (mfg: 0x01f, part: 0x1e82, ver: 0x2)

Warn : JTAG tap: avr32.cpu UNEXPECTED: 0x21e8203f (mfg: 0x01f, part: 0x1e82, ver: 0x2)

Dru Lavigne: Accepting Travel Grant Applications for EuroBSDCon 2010�

Published on August 8, 2010 in eurobsdcon and travel grants. Closed
The FreeBSD Foundation will be providing a limited number of travel grants to individuals requesting assistance. Please download, complete, and submit the Travel Grant Request Application by September 3, 2010 to apply for this grant.

This program is open to FreeBSD developers of all sorts (kernel hackers, documentation authors, bugbusters, system administrators, etc). In some cases we are also able to fund non-developers, such as active community members and FreeBSD advocates.

You request funding based on a realistic and economical estimate of travel costs, accommodations, and registration or tutorial fees. If there are other sponsors willing to cover costs, such as your employer or the conference, we prefer you talk to them first, as our budget is limited. We are happy to split costs with you or another sponsor, such as just covering airfare or board. If you are a speaker at the conference, we expect the conference to cover your travel costs, and will most likely not approve your direct request to us.

Once received, we review your application and, if approved, authorize you to seek reimbursement up to a limit. We consider several factors, including our overall and per-event budgets, and the benefit to the community by funding your travel. If approved, we require you to submit a report on your trip, which we may show to current or potential sponsors, and may include here and in our semi-annual newsletter.

There's some flexibility in the mechanism, so talk to us if something about the model doesn't quite work for you or if you have any questions. The travel grant program is one of the most effective ways we can spend money to help support the FreeBSD Project, as it helps developers get together in the same place at the same time, and helps advertise and advocate FreeBSD in the larger community.

Ivan Voras: Have an WD EARS drive or other 4k sector drive? Try this.

Published on August 8, 2010 in 4k, FreeBSD, GEOM and sector. Closed

The industry is moving toward 4k-sectored hard disk drives - a bit late though but better late then newer. However, in the interim period where compatibility for 4k sector drives is not widespread, drives such as WD's EARS series are using internal translation to present themselves as 512-byte sector drives, leading to unexpectedly horrible write performance. As a band-aid I'm proposing an almost trivial patch to glabel which allows it to have a "forced sector size" specified and as a result can present 4k sectors to the file system even if the physical drive doesn't. See also: glabel.

Read more...

Ivan Voras: Have an WD EARS drive or other 4k sector drive? Try this.

Published on August 8, 2010 in 4k, FreeBSD, GEOM and sector. Closed

The industry is moving toward 4k-sectored hard disk drives - a bit late though but better late then newer. However, in the interim period where compatibility for 4k sector drives is not widespread, drives such as WD's EARS series are using internal translation to present themselves as 512-byte sector drives, leading to unexpectedly horrible write performance. As a band-aid I'm proposing an almost trivial patch to glabel which allows it to have a "forced sector size" specified and as a result can present 4k sectors to the file system even if the physical drive doesn't. See also: glabel.

Read more...

A Year in the Life of a BSD Guru: Busy Conference Season

Published on August 8, 2010 in BSD and conferences. Closed
The fall conference season is starting to gear up. I'll be presenting at the following conferences as well as proctoring BSDA exams and assisting at the *BSD booth. If you're attending any of these and would like to help out at the booth, let me know.

A Year in the Life of a BSD Guru: Accepting Travel Grant Applications for EuroBSDCon 2010

Published on August 8, 2010 in BSD, FreeBSD Foundation, conference, eurobsdcon and travel grants. Closed
The FreeBSD Foundation is now accepting travel grants for EuroBSDCon to be held in Karlsruhe, Germany from October 8-10. From the announcement:

A Year in the Life of a BSD Guru: Registration Open for MeetBSD California

Published on August 8, 2010 in BSD, conference and meetbsd california. Closed
Registration has opened for MeetBSD California, to be held in Mountain View on November 5-6. From the announcement:

Pawel Jakub Dawidek: From sysinstall to ZFS-only configuration.

Published on August 6, 2010 in FreeBSD. Closed

I’d like to share how we set up new servers at my company.

As you know, sysinstall currently doesn’t support ZFS or GEOM configuration, but I’ll show you how to convert system installed with sysinstall to ZFS-only server. Even if you don’t want to follow all the steps, please take a look at ZFS datasets layout, which after several modifications I consider quite optimal for FreeBSD.

After doing all the steps below your system will use GPT partitions, encrypted+mirrored swap and mirrored ZFS system pool.

I’m assuming your server contains two identical disks (ada0 and ada1).

Start from installing FreeBSD on the first disk using regular installation CD/DVD. Choose exactly one slice and exactly one partition. Reboot.

Your system is now up and running, booted from single UFS file system.
Add the following lines to /boot/loader.conf:

geom_eli_load=”YES”
geom_label_load=”YES”
geom_mirror_load=”YES”
geom_part_gpt_load=”YES”
zfs_load=”YES”
vm.kmem_size=”6G” # This should be 150% of your RAM.

Partition the second disk:

# gpart create -s GPT ada1
# gpart add -b 34 -s 128 -t freebsd-boot ada1
# gpart add -s 2g -t freebsd-swap -l swap1 ada1
# gpart add -t freebsd-zfs -l system1 ada1
# gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada1

Create swap on the second partition and ZFS system pool on the third partition:

# gmirror label -F -h -b round-robin swap /dev/gpt/swap1
# zpool create -O mountpoint=/mnt -O atime=off -O setuid=off -O canmount=off system /dev/gpt/system1

Create root file system and update /etc/fstab:

# cat > /etc/fstab
system/root / zfs rw,noatime 0 0
/dev/mirror/swap.eli none swap sw 0 0
^D
# zfs create -o mountpoint=legacy -o setuid=on system/root
# zpool set bootfs=system/root system
# mount -t zfs system/root /mnt

Create the rest of the file systems (everything should be mounted below /mnt/):

# zfs create -o compress=lzjb system/tmp
# chmod 1777 /mnt/tmp
# zfs create -o canmount=off system/usr
# zfs create -o setuid=on system/usr/local
# zfs create -o compress=gzip system/usr/src
# zfs create -o compress=lzjb system/usr/obj
# zfs create -o compress=gzip system/usr/ports
# zfs create -o compress=off system/usr/ports/distfiles
# zfs create -o canmount=off system/var
# zfs create -o compress=gzip system/var/log
# zfs create -o compress=lzjb system/var/audit
# zfs create -o compress=lzjb system/var/tmp
# chmod 1777 /mnt/var/tmp
# zfs create -o canmount=off system/usr/home
# zfs create system/usr/home/pjd
(create file systems for all your users)

Enable ZFS in /etc/rc.conf:

# echo ‘zfs_enable=”YES”‘ >> /etc/rc.conf

I recommend setting ports work directory to /usr/obj:

# echo WRKDIRPREFIX=/usr/obj >> /etc/make.conf

Copy entire system to the second disk:

# cd /
# tar -c –one-file-system -f – . | tar xpf – -C /mnt/

Unmount ZFS file system and change pool mountpoint to /. It will be inherited by all file systems:

# zfs umount -a
# umount /mnt
# zfs set mountpoint=/ system

Reboot. If your machine booted fine (it should, but…) you will see the following:

# mount
system/root on / (zfs, local, noatime)
devfs on /dev (devfs, local)
system/tmp on /tmp (zfs, local, noatime, nosuid)
system/usr/home/pjd on /usr/home/pjd (zfs, local, noatime, nosuid)
system/usr/obj on /usr/obj (zfs, local, noatime, nosuid)
system/usr/ports on /usr/ports (zfs, local, noatime, nosuid)
system/usr/ports/distfiles on /usr/ports/distfiles (zfs, local, noatime, nosuid)
system/usr/src on /usr/src (zfs, local, noatime, nosuid)
system/var/audit on /var/audit (zfs, local, noatime, nosuid)
system/var/log on /var/log (zfs, local, noatime, nosuid)
system/var/tmp on /var/tmp (zfs, local, noatime, nosuid)

# swapctl -l
Device: 1024-blocks Used:
/dev/mirror/swap.eli 4194300 4888

Now we need to attach the first disk (ada0):

# dd if=/dev/zero of=/dev/ada0 count=79
# gpart create -s GPT ada0
# gpart add -b 34 -s 128 -t freebsd-boot ada0
# gpart add -s 2g -t freebsd-swap -l swap0 ada0
# gpart add -t freebsd-zfs -l system0 ada0
# gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0

# gmirror insert -h -p 1 swap /dev/gpt/swap0
(wait for gmirror to synchronize swap)
# gmirror status
Name Status Components
mirror/swap COMPLETE gpt/swap1
gpt/swap0

# zpool attach system /dev/gpt/system1 /dev/gpt/system0
(wait for pool to resilver)
# zpool status
pool: system
state: ONLINE
scrub: resilver completed after 0h2m with 0 errors on Mon Aug 2 11:28:45 2010
config:

NAME STATE READ WRITE CKSUM
system ONLINE 0 0 0
mirror ONLINE 0 0 0
gpt/system1 ONLINE 0 0 0 55,5M resilvered
gpt/system0 ONLINE 0 0 0 1,67G resilvered

errors: No known data errors

That’s all folks.

BTW. Because your /var/log/ is compressed by ZFS, you can turn off compressing the logs while you rotate them in /etc/newsyslog.conf.

Below you can find few reasons why I use the proposed datasets layout:

  • There is no manipulation of mountpoint property of any dataset except for dataset system, which starts the tree. When you manage ZFS it might be confusing when dataset place in ZFS hierarchy doesn’t match mount point. The mountpoint property is always inherited, so if you change it for some reason, you know that all datasets below will inherit it properly and no other changes are needed.
  • Note that system/usr and system/var are not mounted. The /usr/bin, /usr/sbin, /var/named, etc. directories all belong to system/root dataset. When you upgrade your system, it should be enough to snapshot system/root dataset alone and rollback only it when something goes wrong.
  • In proposed layout you can set setuid to off for all datasets except for system/root and system/usr/local.
  • You have /usr/src, /usr/obj, /tmp, /var/tmp, /var/log and /var/audit compressed.
  • Having entire OS in one dataset make it easy to create jails from it. What I do when I create new jail is to clone system/root to system/jails/<name> and create the following additional datasets for jail:
    • system/jails/<name>/etc
    • system/jails/<name>/tmp
    • system/jails/<name>/var
    • system/jails/<name>/usr (set canmount to off)
    • system/jails/<name>/usr/local
    • system/jails/<name>/usr/work (I build ports here)
    • system/jails/<name>/root (jailed root home directory)

    This way you can make system/jails/<name> dataset read-only and when
    you update your main system you perform the followin steps to update a jail:

    • stop the jail
    • rename destroy system/jails/<name> to system/jails/<name>_old
    • clone system/jails/<name> again from system/root
    • rename all datasets which are now below system/jails/<name>_old to newly cloned system/jails/<name>
    • update system/jails/<name>/etc
    • update system/jails/<name>/var

The FreeBSD Diary: ZFS: Resizing your zpool

Published on August 4, 2010 in Uncategorized. Closed
Got space? Need more?

Ivan Voras: Encrypted notepad

Published on August 3, 2010 in Android, FreeBSD, enotes and java. Closed

A small personal project I've occasionally been working on is "Encrypted notepad" - a simple (really simple!) Notepad-like text editor whose only distinguishing attribute is that it saves and loads strongly encrypted files. Now, I have an Android version too :)

Read more...

Ivan Voras: Encrypted notepad

Published on August 3, 2010 in Android, FreeBSD, enotes and java. Closed

A small personal project I've occasionally been working on is "Encrypted notepad" - a simple (really simple!) Notepad-like text editor whose only distinguishing attribute is that it saves and loads strongly encrypted files. Now, I have an Android version too :)

Read more...

A Year in the Life of a BSD Guru: Russian Version of BSD Mag

Published on August 3, 2010 in BSD, bsd magazine and russian. Closed
BSD Mag will be launching a Russian version in September. They are looking for authors, betatesters and proofreaders with Russian as a native language. If you're interested in helping out, contact the BSD Mag Editor.

A Year in the Life of a BSD Guru: August BSD Mag

Published on August 3, 2010 in BSD, FreeBSD, OpenBSD, bsd magazine and midnightbsd. Closed
The August issue of BSD Mag is available for free download. From the table of contents: