My presentation for Texas LinuxFest 2013.

1. TrueOS and Warden: Easy
to Deploy FreeBSD Servers
Dru Lavigne
Director of Community Development, iXsystems
TxLF, June 1, 2013

2. Outline
Introduction
TrueOS Features
Automated Deployment
Warden Features
Additional Resources

3. Introduction
PC-BSD Project started as a graphical installer
and graphical utilities to make it easy to install and
use a FreeBSD desktop
Project did not simply port existing Linux utils due
to differences between Linux and BSD and to
provide one consistent look
Each graphical utility is a QT based front-end
based on a Bourne (sh) back-end, meaning that
the same functionality can be achieved on a
minimalist desktop or even a command-line only
system

4. Introduction
These utilities proved to also be useful for server
installation and administration
This presentation introduces the following utilities
which ease the deployment of servers:
TrueOS: a FreeBSD command line server plus
the CLI versions of PC-BSD utils and some extra
tools designed to ease the learning curve for
Linux sysadmins (e.g. bash, sudo, nano, rsync,
screen, smartmontools)

5. Introduction
pc-sysinstall: fully scriptable, CLI version of the
installer, specifically designed for customized
installations and automated deployments
thin client: script to easily create an installation
server for automated installs over PXE
Warden: utility for deploying and managing
FreeBSD and Linux jails (light-weight, virtualized
operating systems)

6. TrueOS Features
Easy to install, CLI-only FreeBSD server using
graphical installer or an automated script
Supports ZFS configuration during install: mirror,
RAIDZ, RAIDZ2, RAIDZ3, datasets, and
properties (e.g. compression, atime, exec,
canmount)
Installation sets the login user account, optionally
enables SSH, and sets root password (SSH root
logins are denied by default)

7. ZFS in GUI Installer

8. ZFS in GUI Installer

9. TrueOS Features
If install with ZFS, beadm(1) can be used to take
a snapshot of the boot environment before
performing an upgrade
If the upgrade fails, simply activate that snapshot
to boot into the previous boot environment

10. Upcoming Features
9.2 will include utilities to schedule automatic ZFS
scrubs, create and manage ZFS snapshots, and
create beadm snapshots--these can be performed
now using zfs(8) and beadm(1)
Once the necessary boot changes have been
made to FreeBSD, a utility will be created to make
it easy to select from beadm snapshots at system
boot

11. Automated Deployment
The backend to the graphical installer is a script
named pc-sysinstall. Its syntax is similar to
sysinstall(8), making it easy to convert existing
custom deployments
Adds directives to layout disks with ZFS
Examples can be found in
/usr/share/examples/pc-sysinstall/
The graphical installer saves its config to
/root/pc-sysinstall.cfg, making it easy to customize
a complex installation

12. Sample Config

13. Automated Deployment
To automatically rollout a custom configuration
over PXE, use the thinclient script to create an
installation server
This script installs and configures a DHCP server,
TFTP server, and NFS server
A sample installation script can be found in
/usr/home/thinclient/installscripts/pc-
sysinstall.example
Install clients automatically boot into a menu:

14. PXE Client Menu

15. Warden Features
Since 2000, FreeBSD has provided light-weight
OS virtualization using jail(8)
Ideally suited for deploying servers who host
network services as services are isolated from
both the host system and any other jails
Warden makes it easy to deploy and manage
jails, start/stop services within jails, and
install/upgrade software within jails

16. Warden Features
Warden supports 3 types of jails:
1.1. Ports Jail: used to safely install and use
ports/packages (software) without affecting
underlying OS and its software
2.
3.2. Traditional Jail: used to securely deploy
network services
4.
5.3. Linux Jail: used to securely deploy Linux
servers (currently Gentoo and Debian Squeeze)

17. Warden GUI

18. Warden Features
If the host's filesystem is ZFS, Warden can be
used to schedule and manage ZFS snapshots,
even for Linux jails
Snapshots can be deployed to another system
Jails can be exported (all of its software,
configuration, and files) and imported to another
jail or system

19. Managing Snapshots
in Warden

20. CLI Version of Warden

21. Upcoming Warden
Features
Ability to create named jails (not just IP)
IP addresses and aliases can be changed on the
fly
Templates allow you to select any version of
FreeBSD (from 4.1 to HEAD) to deploy
Vnet support provides each jail its own networking
stack, loopback address, IPsec, etc.

22. Additional Resources
Documentation: http://wiki.pcbsd.org
IRC: #pcbsd on Freenode
Automating the deployment of FreeBSD &
PC-BSD systems:
http://www.bsdcan.org/2013/schedule/attachment
s/248_bsdcan2013.pdf

23. Additional Resources
The Warden - FreeBSD and Linux Jail
Management:
http://www.youtube.com/watch?v=2WEX_W7nH3Y
Improvements to Jail Management via the
Warden:
http://bsdmag.org/magazine/1838-jails-firewall-
with-pf
(page 16-17)

24. Questions?
Contact:
dru@freebsd.org
URL to Slides:
http://slideshare.net/dlavigne/tlf2013