[00:00.000 --> 00:13.680]  Hello, and welcome to my talk about a tool called Reggae.
[00:13.680 --> 00:20.400]  It has something to do with a beehive and jail, and I'm going to explain what it actually
[00:20.400 --> 00:29.720]  does, why it does it that way, what are the goals and what's the initiative behind it.
[00:29.720 --> 00:41.720]  So the relevant thing about me is I'm a co-founder of Hacker Space in my hometown.
[00:41.720 --> 00:53.400]  I was lucky enough to marry this girl and she supports me in all my crazy IT endeavors.
[00:53.400 --> 01:02.200]  So Hacker Space was founded by us, and it's a place where I do most of my development
[01:02.200 --> 01:04.680]  in the open source community.
[01:04.680 --> 01:21.200]  I'm a free-biz user since 2016, I used it briefly before 5.0 came out, and I'm somewhat
[01:21.200 --> 01:28.520]  involved in free BSD, but I'm not a developer yet.
[01:28.520 --> 01:37.640]  I'm a CBSD contributor, and for those of you that don't know what CBSD is, it's a jail
[01:37.640 --> 01:39.600]  and beehive manager.
[01:39.600 --> 01:49.600]  It can also manage Zen and VirtualBox, but Reggae doesn't support these two.
[01:49.600 --> 02:01.440]  I decided to have only free BSD-native technologies supported, and obviously I'm an author of
[02:01.440 --> 02:05.120]  the software I'm about to talk about.
[02:05.120 --> 02:13.360]  So you might have seen similar tools like Vagrant and Docker Compose if you come from
[02:13.360 --> 02:20.520]  the Linux world, like I do.
[02:20.520 --> 02:27.720]  In that regard, it's not revolutionary, it's actually pretty same thing, run your development
[02:27.720 --> 02:42.520]  in a virtual machine or the jail, and currently jail has a really good support, beehive is
[02:42.520 --> 02:50.600]  worked on because it has different distributions of Linux, different operating systems, versions
[02:50.600 --> 02:59.280]  and so on, and it's a little bit harder to support because of those differences.
[02:59.280 --> 03:08.760]  And Oleg, who is a lead developer of CBSD, decided to create a CBSD file which resembles
[03:08.760 --> 03:18.840]  somewhat Vagrant file in ideas and not the syntax, and I decided to take a different
[03:18.840 --> 03:19.840]  approach.
[03:19.840 --> 03:29.320]  So it's kind of a silly situation currently that there are two CBSD DevOps tools, but
[03:29.320 --> 03:35.880]  we were trying out things and whatever works best is going to stay.
[03:35.880 --> 03:44.200]  I'm rooting for the reggae, of course, but so the concept is that, well, before I start
[03:44.200 --> 03:53.680]  with this, you would say the name of the project is reggae, I have a dreadlocks and I'm a musician,
[03:53.680 --> 03:58.200]  but I don't play reggae.
[03:58.200 --> 04:01.720]  It comes from a totally different idea.
[04:01.720 --> 04:08.080]  I had quite a few projects before this one that are all open source and now that, that
[04:08.080 --> 04:17.160]  had somehow referenced some songs or ideas from the reggae movement and music, and I
[04:17.160 --> 04:26.320]  said, okay, how about I name this one reggae and stop the streak of resembling something
[04:26.320 --> 04:29.640]  I actually don't want to resemble.
[04:29.640 --> 04:32.480]  So that's where the name comes from.
[04:32.480 --> 04:41.320]  It's me trying to come up with a name to stop the reggae streak.
[04:41.320 --> 04:52.560]  So the basic concept behind reggae is that it uses CBSD for all heavy lifting.
[04:52.560 --> 04:56.720]  All jail and beehive management is done with it.
[04:56.720 --> 05:04.640]  Some of the networking is done with the CBSD, some with RC.com.
[05:04.640 --> 05:15.840]  I'm going to get to that a bit later and reggae has two entities.
[05:15.840 --> 05:18.880]  One is a service, one is a project.
[05:18.880 --> 05:25.880]  I intentionally called it a service because it can be a virtual machine or the jail and
[05:25.880 --> 05:36.120]  the project is you might want to have different jails for different stuff like let's say you're
[05:36.120 --> 05:45.440]  working with WordPress as a hoster and you know you need the PHP with WordPress engine
[05:45.440 --> 05:48.800]  X on one side and MySQL on the other.
[05:48.800 --> 05:56.280]  You probably don't want all of that to be inside the same container so you can split
[05:56.280 --> 05:58.080]  those up.
[05:58.080 --> 06:07.560]  You can influence the order of creation and booting and everything.
[06:07.560 --> 06:15.360]  We still don't have dependencies between jails but we might have in the future because
[06:15.360 --> 06:26.560]  it's a really nice feature and you probably are not going to type all the commands to
[06:26.560 --> 06:33.000]  create the jail and then all the services inside of it.
[06:33.000 --> 06:43.800]  You're going to use some of the provisioners and I'm going to talk about that in a while.
[06:43.800 --> 06:46.760]  Where I come from that's basically Serbia.
[06:46.760 --> 06:58.360]  We don't have IPv6 and forgive me if I didn't implement IPv6 properly because I have a really
[06:58.360 --> 07:02.600]  limited resources in testing that.
[07:02.600 --> 07:10.920]  There is of course tunnels that I use and I try to combine stuff but yeah I'm basically
[07:10.920 --> 07:14.080]  with one hand behind the back.
[07:14.080 --> 07:16.640]  So I really try to support it.
[07:16.640 --> 07:21.480]  I just don't know if I've done it properly.
[07:21.480 --> 07:25.320]  Technologies, well it's a mouthful.
[07:25.320 --> 07:35.120]  With VNet Jails you can use DHCP and I almost insist on using VNet because for me as a system
[07:35.120 --> 07:38.680]  administrator it's easier than Jails.
[07:38.680 --> 07:50.440]  I just fire up the DHCP server, the DNS server, they are interconnected and to be specific
[07:50.440 --> 08:08.160]  DHCP is ICS, the DNS server is NSD and there's one more DNS caching which is unbound.
[08:08.160 --> 08:18.680]  There are, well all these technologies, you probably know what they are, the RTA DVD is
[08:18.680 --> 08:33.480]  for IPv6 as I mentioned and PF, you know what, I would love to add IPFW.
[08:33.480 --> 08:41.000]  This is the future so I don't cut off like I don't know what percentage of FreeBSD people
[08:41.000 --> 08:49.000]  but yeah we want to support everyone and everything ideally.
[08:49.000 --> 09:00.520]  And these to make and POSIXL are the only languages used to implement RTA.
[09:00.520 --> 09:09.200]  I could get away with it because the CBSD is doing the whole stuff and I just need to
[09:09.200 --> 09:17.000]  script a few things, right.
[09:17.000 --> 09:22.800]  As I said provisioners are supported, you don't have to use them, you can still just
[09:22.800 --> 09:28.880]  create a Jail and do your, maybe it's a lab and you're playing with it, experimenting
[09:28.880 --> 09:38.800]  and what not, but if you want you can run quite a few automation scripts and you can
[09:38.800 --> 09:46.560]  even have multiple provisioners for a single Jail.
[09:46.560 --> 09:55.160]  That sounds crazy but if you think about it, sorry wrong operating system, FreeBSD doesn't
[09:55.160 --> 10:02.960]  come with a pre-installed Python and if you want to use Ansible you are going to install
[10:02.960 --> 10:12.360]  Python first then the Ansible later and for situations like that it's really really nice
[10:12.360 --> 10:20.000]  to have shell provisioner doing like a first stage of the rocket launch and then Ansible
[10:20.000 --> 10:23.080]  does all the rest.
[10:23.080 --> 10:33.040]  I use shell and Ansible extensively and the rest of the provisioners I really try to support
[10:33.040 --> 10:41.560]  them, I used all of them or am using them at work or somewhere else but I'm not using
[10:41.560 --> 10:49.160]  them as extensively as the first two so if you find a bug please report it, I will be
[10:49.160 --> 10:53.200]  nice and fix it if I know how to.
[10:53.200 --> 11:04.320]  So Riot brings some things to the table that FreeBSD alone doesn't, I mean that's the reason
[11:04.320 --> 11:13.440]  it's created because it builds on top of something I personally consider a good software and
[11:13.440 --> 11:25.600]  what it brings is in order to run let's say re-enter Jails it will probably need a bridge
[11:25.600 --> 11:35.520]  and then some ePairs and so on but bridge interface has to be created or at least allowed
[11:35.520 --> 11:45.120]  different administrators to have their own configuration of a bridge and not actually
[11:45.120 --> 11:55.000]  enforce what a CBSD comes with by default and it's initializing network in such a way
[11:55.000 --> 12:07.320]  that PF is already configured, bridge is configured, IPv4 and 6 demons are stored at
[12:07.320 --> 12:11.080]  unbound and what not.
[12:11.080 --> 12:23.120]  So it initializes quite a lot and you might not like it and if you don't you have quite
[12:23.200 --> 12:35.240]  a few variables to disable stuff, for example you can disable IPv6 or have your projects
[12:35.240 --> 12:41.400]  resigned in a different directory not the default one and so on.
[12:41.400 --> 12:49.960]  So there's quite of initialization that it does because if you currently read how to
[12:49.960 --> 13:01.320]  start vNet Jail in FreeBSD it's not really easy, if you read it in different Jail managers
[13:01.320 --> 13:09.680]  it might be better, I didn't check other documentation so I don't know but currently FreeBSD documentation
[13:09.680 --> 13:21.560]  around Jail is kind of scarcely, not really depicting at all and one of the things that
[13:21.560 --> 13:25.880]  it helps you with is how do you even start with it.
[13:25.880 --> 13:33.960]  Because I come from a Linux world in 2016 I was like how am I doing stuff, what do I
[13:33.960 --> 13:41.160]  do, how do I configure it and that was actually the reason I chose CBSD.
[13:41.160 --> 13:55.480]  At the time it made most logical, it was the most intuitive tool for me to run my Jails.
[13:55.480 --> 14:02.320]  Since then I discovered it's good for other things not just intuition right but yeah I
[14:02.320 --> 14:06.000]  just love the software.
[14:06.000 --> 14:17.040]  The same is with CBSD initialization because CBSD can do quite a lot, it can track resources,
[14:17.040 --> 14:26.680]  it can give you the usage of network per Jail, it can do stuff and in order to do that it
[14:26.680 --> 14:29.320]  has to ask you things.
[14:29.320 --> 14:38.720]  For example, are you using IPFW or PF and things like that, are you using ZFS or UFS,
[14:38.720 --> 14:46.160]  what should I do, create clones or directories and so on.
[14:46.160 --> 14:57.160]  Ragga chose a different path or I chose it for it, you can say use ZFS, yes or no and
[14:57.160 --> 15:03.480]  if it's no luckily we only have two file systems so either you use ZFS or the other
[15:03.480 --> 15:07.400]  one UFS.
[15:07.400 --> 15:18.080]  So the initial configuration is quite easier with Ragga than CBSD and maybe if you're
[15:18.080 --> 15:30.680]  starting with a stack it's going to help you on your way from infancy to pro how to
[15:30.680 --> 15:35.200]  even start with CBSD and Ragga.
[15:35.200 --> 15:42.160]  There is one decision to, okay let me take a step back.
[15:42.160 --> 15:51.920]  I try to create everything as the code but some things are just not meant to be, like
[15:51.920 --> 16:04.840]  how do you assign addresses, CBSD has two, let's say two DHCP implementations.
[16:04.840 --> 16:15.320]  One is called DHCP and what it does is run through all the IP addresses and finds the
[16:15.320 --> 16:22.840]  first free one and assign it to Jail, only on creation so it's not going to scan every
[16:22.840 --> 16:29.640]  time just when the Jail is created it's going to scan them.
[16:29.640 --> 16:37.200]  So existing IP addresses and the configured IP addresses of Jails that are not stored
[16:37.200 --> 16:39.360]  it.
[16:39.360 --> 16:49.360]  So there is a second implementation of DHCP, it's called real DHCP.
[16:49.360 --> 16:58.280]  The idea is to have one master Jail that has DHCP and DNS in it, authoritative DNS in
[16:58.280 --> 17:09.040]  it and there is local unbound outside of Jail that says okay if you want a zone that your
[17:09.040 --> 17:19.240]  Jails are belonging to then look at here and it's from the Ragga and CBSD perspective.
[17:19.240 --> 17:26.000]  It's not so much about caching, actually it's not at all about caching although unbound
[17:26.000 --> 17:30.240]  is known for it and created for that purpose.
[17:30.240 --> 17:39.680]  It's more like how to call it a cop at the junction, you go there, you go over here and
[17:39.680 --> 17:46.360]  it's redirecting the queries.
[17:46.360 --> 17:53.760]  So the idea is that probably while developing with Ragga you're going to have a private
[17:53.760 --> 18:05.280]  IP address range and you want to still ask the DNS hey where is stuff because one thing
[18:05.280 --> 18:13.840]  that actually two things are annoying to me about Docker at least when I used it.
[18:13.840 --> 18:19.800]  Docker containers know by name where other Docker containers are but you don't.
[18:19.800 --> 18:28.520]  You have to use IP addresses or Etsy hosts, hackery or something and the second thing
[18:28.520 --> 18:37.200]  that really annoyed me is that I cannot have a user on this laptop with I don't know UID
[18:37.200 --> 18:46.160]  of thousand and one and have the same user in a Docker container and do development inside
[18:46.160 --> 18:48.720]  of Docker container.
[18:48.720 --> 18:59.640]  Just matching the ID's war was really terrible, I at least hope it was, it's not, it's not
[18:59.640 --> 19:10.680]  pertained but the idea behind that kind of frustration led to okay how about I have a
[19:10.680 --> 19:17.440]  DNS server, I mean it's what it's for to tell you where the IP address of this name
[19:17.440 --> 19:19.920]  is and so on.
[19:19.920 --> 19:29.880]  So yeah I couldn't create just the code, I still need one jail to do some maintenance
[19:29.880 --> 19:34.960]  stuff and some networking stuff.
[19:34.960 --> 19:44.160]  The nice thing about IPFW is that you can insert a rule whenever you want, if you're
[19:44.160 --> 19:52.480]  coming from Linux world that means it behaves like IP tables but PF doesn't and PF has a
[19:52.480 --> 20:01.800]  pretty static set of rules unless you're using anchors, anchors are a way to say okay this
[20:01.800 --> 20:11.600]  is a sub rule of the main rule and anchors can be changed and they are per jail called
[20:11.600 --> 20:24.760]  cbsd slash your jail name so it's easier to see which rules or for which jails and I don't
[20:24.760 --> 20:34.840]  want to trash Docker too much but if you've ever seen IP tables rules after the Docker
[20:34.840 --> 20:46.760]  mangles them it's a mess, it's a huge mess so I try to be nicer as much as technologists
[20:46.760 --> 20:58.160]  and freebies they allow, just don't be, sorry, don't be so negative towards developers and
[20:58.160 --> 21:05.440]  administrators they're going to hate you and so yeah when I say late these anchors are
[21:05.440 --> 21:16.480]  created after the jail is torrid so it already has an IP address and can use the port redirection
[21:17.200 --> 21:27.120]  whatever you need and yeah because until the jail is torrid it's already registered itself,
[21:28.960 --> 21:41.040]  got a lease and DHCP registered it in NSD zone so these anchors can use host names
[21:41.960 --> 21:49.120]  instead of IP addresses and if you're using DHCP you probably have no idea what's the IP
[21:49.120 --> 21:59.360]  address so the nice thing is that you can use names to really sort your networking and fire
[21:59.360 --> 22:08.560]  walling I would say in a proper way in a more readable way and there is a concept of
[22:08.560 --> 22:18.040]  in something called DevOps that I still don't know what it means they say the DevOps is
[22:19.040 --> 22:27.960]  IP accounting they know what not to click on AWS otherwise it's going to cost you
[22:27.960 --> 22:42.480]  so it's like it's like a administrator plus plus accounting right but yeah in a DevOps world
[22:43.040 --> 22:53.000]  you want your production to resemble development or maybe the other way around but yeah the fewer
[22:53.000 --> 23:00.880]  the differences between your development and your production the bigger the chances that you're
[23:00.880 --> 23:08.360]  gonna catch bugs in development not in production although users are the best monitoring system
[23:08.360 --> 23:22.880]  in the world okay so because of the vnet just the vnet implies that you're going to have to
[23:22.880 --> 23:36.880]  use some custom DFS rules because you want access to BPF you want access to PF so it can have its
[23:36.880 --> 23:49.240]  own its own firewall and naturally the FS rules are supported in reggae unfortunately by number
[23:49.240 --> 24:01.560]  not by name but hopefully that will change boot order is integer or should I say unsigned integer
[24:02.560 --> 24:12.840]  it works like nice the bigger the number the later you're going to boot so it's not a perfect
[24:12.840 --> 24:21.280]  solution but it's a solution to start your WordPress after the minus kill for example
[24:22.280 --> 24:31.520]  and it even works if you remove the reggae you create everything with reggae remove it it
[24:31.520 --> 24:40.960]  still works the boot order works so that I really try it to make booting really really work even if
[24:40.960 --> 24:54.840]  I did something naughty to my code and it breaks so I kind of have a failsafe I didn't know where
[24:54.840 --> 25:08.360]  majority of you are from but for some reason in Serbia package repository is extremely slow if I
[25:08.400 --> 25:16.760]  get two ambits that's like wow that's a light speed I don't know why it works like that maybe
[25:16.760 --> 25:25.320]  it's our providers because I talk to different people and they don't have that problem so I came
[25:25.320 --> 25:36.320]  up with solution work around what if all my jails just use proxy and first one is gonna download
[25:36.360 --> 25:42.960]  everything and it's gonna be painfully slow but the next one all the next ones were just gonna use
[25:42.960 --> 25:59.240]  the cached cached files and there is even a reggae recipe for proxy so you don't have to type in
[25:59.480 --> 26:09.040]  bunch of commands you just go to the repo download it type make and you're gonna have a proxy you're
[26:09.040 --> 26:15.960]  gonna have to change the configuration to tell it to use it but yeah it's as simple as it gets
[26:16.560 --> 26:30.240]  in my open source career I mostly work with audio and that's mostly graphical so I needed
[26:30.240 --> 26:37.320]  something like don't pollute my host and let me use jail for development but on the other hand
[26:37.360 --> 26:48.680]  let me click on the buttons because I need to so reggae has a really easy way of forwarding I think
[26:48.680 --> 26:57.160]  it's called forwarding in X open the port and all the X applications are connected to that port so
[26:57.320 --> 27:06.720]  X is on the X org is on host and your ex client is in inside the jail so you can interact with it
[27:06.720 --> 27:17.760]  and yeah it supports both but I'm gonna have to work real hard on this one as the newest addition to
[27:17.760 --> 27:29.680]  the source code so it it received the least amount of love and currently it only supports free
[27:29.680 --> 27:41.320]  bsd virtual machines what's beneath it is cbsd is using cloud in it to do your bootstrapping of a
[27:41.320 --> 27:51.760]  virtual machine to have the initial configuration and then your provisioner or provision nurse can
[27:51.760 --> 28:02.160]  kick in and do whatever you like whatever you told them to so what does development means well
[28:02.480 --> 28:14.360]  there is a devil mode because it's exposing so many things and doing it rather insecurely for the
[28:14.360 --> 28:25.080]  sake of a developer being able to do stuff I kind of think the devil mode is pretty good it's so
[28:25.080 --> 28:42.080]  close to the devil right so it has this development mode where you for example share your directory
[28:42.080 --> 28:51.400]  where the services with the with the jail I borrowed this idea from vagrant having a slash
[28:51.560 --> 29:00.920]  vagrant being a mount point of your project and you can interact with it either through the host or
[29:00.920 --> 29:12.360]  through the container so and yeah it's mountain and slash user slash source it kind of made sense
[29:12.600 --> 29:23.320]  because I kind of expect people not to do free bsd kernel or user space development inside a jail
[29:23.320 --> 29:37.000]  and you might find that an obstacle but you can still mount your own stuff on top of whatever
[29:37.160 --> 29:45.320]  right and see bsd do so you can add your mount points and stuff so it's not limiting if you're
[29:45.320 --> 29:52.840]  doing free bsd development which I expect some of you do it's not gonna be in the way
[29:53.160 --> 30:09.400]  this user is in is in the jail and it has the same user ID and group ID as the user host
[30:10.120 --> 30:21.240]  that execute it make inside of reggae service so that slash user slash source
[30:22.680 --> 30:33.000]  is all owner is the devil user and you can interact with it it's read write so
[30:33.960 --> 30:41.000]  the only difference is that the username and group name is gonna probably gonna be different
[30:41.640 --> 30:46.200]  why I say probably because I expect you not to name your user devil
[30:49.320 --> 30:59.720]  and there are well I was working in this I was pretty active for quite a few years as a web developer
[31:00.680 --> 31:07.240]  uh which is kind of strange for a free bsd guy free bsd
[31:08.760 --> 31:19.240]  contributor and what I realized is how about I have one line saying okay I'm gonna in these
[31:19.240 --> 31:30.680]  jails I'm gonna use like Django or something as as my framework that I'm gonna use so it does
[31:31.640 --> 31:41.960]  few alterations of how it does things so it lets you run your run your frameworks more easily
[31:42.600 --> 31:48.760]  and I shouldn't actually use plural because the only framework that's currently supported is called
[31:48.760 --> 32:00.760]  print it and guess who the author is but the idea is that you have a directory in your service
[32:00.760 --> 32:08.360]  called bin and inside of it you have a devil dot sh and reggae doesn't know what's inside of it
[32:08.360 --> 32:14.040]  it's just gonna run it inside the jail and usually for the web development I like to have a
[32:15.000 --> 32:24.360]  a tmax with a split pane back end front end and it knows how to tell front end where the
[32:24.360 --> 32:34.920]  back end API is if you need to integrate and you do so but basically you can create your own
[32:34.920 --> 32:44.440]  devil script and it's the reggae will be happy about it so it can do much more than just one
[32:45.000 --> 32:51.160]  framework but in the future I'm gonna add quite a few to make
[32:54.120 --> 33:01.160]  people know so much involved with jails easier to start using it
[33:01.640 --> 33:12.280]  so production does totally different thing I mean the opposite is gonna say okay this jail is
[33:12.280 --> 33:20.280]  gonna start with the boot of the machine it's also gonna try its best to remove everything
[33:20.280 --> 33:34.040]  discreet it like the user source mount the some of the some of the scripts they're installed for
[33:34.040 --> 33:44.440]  devil to work easily and so on so what's the idea here is that if you want to create like a build
[33:44.520 --> 33:53.480]  server or maybe on your machine you're using devil mode and you created it like that and then
[33:53.480 --> 34:03.000]  afterwards you say devil mode equals no make down make up and make up is gonna clean everything that
[34:03.000 --> 34:12.200]  devil created and then you can make export and create an image move it to some other server
[34:12.200 --> 34:22.760]  imported to there and it just means so that you can have like either your development container
[34:24.200 --> 34:31.480]  productionized not a good idea don't do it if you if you can avoid it but sometimes you can't
[34:31.480 --> 34:41.880]  and it works on my machine so ship it but the the more serious use case for it is to
[34:42.600 --> 34:47.880]  have your build server build the image of a jail and then you deploy it somewhere
[34:48.840 --> 35:03.160]  so this is an example of so up to here first recommends or creating the project
[35:04.680 --> 35:12.920]  and the project name is going to be as the directory you created so
[35:12.920 --> 35:21.080]  so the project containing multiple services well in this instance just want to make it
[35:22.040 --> 35:32.200]  compact so up to here is creating the project and then a project expects services directory to
[35:32.200 --> 35:40.680]  contain your jail or beehive definitions and the definitions are created with this you can
[35:40.680 --> 35:49.160]  omit this part and it's not going to create any provisioner for you or you can say here ansible
[35:49.160 --> 35:57.960]  shell puppet and that's the order of provisioners that are going to be run it has a few more
[35:58.920 --> 36:05.240]  expectations where things are going to be for a certain provisioner but it's going to create a
[36:05.240 --> 36:13.160]  skeleton for you so you don't have to create them by yourself and it's a well read the code
[36:14.920 --> 36:21.960]  if you have the skeleton it's going to be more intuitive what you should do next with your own
[36:21.960 --> 36:33.320]  code with your own development and it's pretty slick it can be done differently I just think
[36:34.280 --> 36:40.920]  to me this was most intuitive and I'm trying not to go against intuition
[36:43.480 --> 36:53.000]  so there is let's say all of us need something I don't know like MySQL
[36:53.800 --> 37:04.600]  we all here in this room are hosting WordPress and we all need MySQL WordPress and Nginx
[37:05.160 --> 37:14.840]  but you don't have to create it on your own there are pre-made recipes for that there are not images
[37:14.840 --> 37:25.720]  they are still in this instance they are all ansible but you can combine jails and beehives
[37:25.720 --> 37:35.880]  provision with different provisioners and in this case it's going to download these three jails
[37:35.880 --> 37:44.120]  configure them and interconnect them because Nginx has to know where the WordPress is and
[37:45.800 --> 37:51.720]  WordPress needs to know where the database is but it's not going to create a database for you
[37:51.720 --> 38:02.600]  it's still like okay I don't know what you want is it a single instance or you're hosting multiple
[38:03.160 --> 38:10.120]  WordPress instances and you need multiple databases and so on so that's left up to you
[38:11.000 --> 38:21.880]  but if you go to the MySQL everything is if you want to look at code of this
[38:23.400 --> 38:33.000]  just add jail dash MySQL and you're going to have the repository and there's a readme which tells
[38:33.000 --> 38:39.640]  you okay this is how you create a database in this jail so you can do it differently of course
[38:39.720 --> 38:49.640]  but if you're coming from a different environment I try to hold your hand as much as I can
[38:50.360 --> 38:56.840]  but you can't ignore it the same is for the WordPress and Nginx has a directory with
[38:57.560 --> 39:07.240]  quite a few examples how you create your own hosts inside the Nginx configuration
[39:08.200 --> 39:13.480]  but it's not going to configure it for you it's a recommendation and not
[39:14.200 --> 39:24.760]  not much okay you have to do it this way and this URL is probably the most complex project
[39:25.560 --> 39:35.800]  I did with Rage most complex in a sense that it has the biggest number of jails
[39:37.000 --> 39:47.000]  and services inside of it that need to talk to each other and well if you try to manage
[39:47.800 --> 39:55.800]  a driver and mail and do it responsibly you know that you need all the help you can get
[39:58.120 --> 40:04.920]  so I try to create this service that creates the mail and driver
[40:07.000 --> 40:13.720]  communication server it gives you the documentation on how you should configure your DNS
[40:13.800 --> 40:22.040]  what's what's inside of it the links towards specific services and their own configurations
[40:22.040 --> 40:29.560]  and examples and so on so it's my way of avoiding writing documentation
[40:31.720 --> 40:39.800]  I mean we all do that we have better things to do or better things to do so if you have an example
[40:39.880 --> 40:52.760]  it's a documentation on its own and yeah the future what can be better than documentation right
[40:52.760 --> 41:03.640]  but what I want to say is that Oleg who is a CBSD lead developer is Russian and I'm going to quote
[41:03.640 --> 41:12.440]  him my Russian is oh my English is terrible so our documentation currently is not good I'm not
[41:12.440 --> 41:21.240]  going to say terrible but but it's not good as it can be and that's literally our next assignment
[41:21.240 --> 41:28.040]  we already talked a few months before about it and the documentation is really killing us
[41:28.840 --> 41:38.520]  or the lack of good documentation and way of searching it and browsing it and and finding
[41:38.520 --> 41:51.640]  what you need there is quite a few documents there to describe how specific scenarios should be
[41:51.640 --> 41:58.440]  executed or specific commands what options do they have it just still needs to be
[41:59.400 --> 42:11.080]  worded better and more coherent and connected better so that you can say okay if I read this this
[42:11.080 --> 42:18.840]  and this I know where I'm where I'm going to be and then I know how to manage WordPress for example
[42:19.560 --> 42:28.120]  so documentation is a really big thing that maybe it's going to be only thing that we are going to
[42:28.120 --> 42:38.840]  work on besides the bugs so yeah sorry about not being very good with documents but we promise we
[42:39.480 --> 42:48.920]  will improve now these two I hope they are not mutually exclusive
[42:51.480 --> 43:01.080]  JillConf is a much much simpler way it's in the base it really works wonderful and it can even
[43:01.080 --> 43:10.360]  manage your beehive because today I don't know with which version it started but you can have a
[43:10.360 --> 43:17.480]  beehive inside your jail and if you have that you can only manage jail and that's kind of wonderful
[43:19.320 --> 43:29.320]  what we really need or at least I would like to have is a JailConf D working really great
[43:30.280 --> 43:38.600]  currently it doesn't one of the obstacles well two of the obstacles for you can in
[43:38.600 --> 43:46.840]  JailConf you can define dependencies between jails and that's how it's going to boot it's going to
[43:46.840 --> 43:57.400]  create a tree and then go from the leaves to the root but you can do that with JailConf D and there
[43:57.400 --> 44:09.880]  is a patch coming from a developer I know from Jerevan called Entranning and he promised he's
[44:09.880 --> 44:21.480]  going to upstream that patch this weekend so we are watching you but yeah it's almost it's almost
[44:21.480 --> 44:32.120]  there the second obstacle with JailConf D is that you cannot have common configuration like you can
[44:32.120 --> 44:41.400]  in a JailConf because JailConf is one file with multiple jails JailConf D is multiple jails oh sorry
[44:42.120 --> 44:49.800]  multiple files one jail per file you can probably have multiple jails per file but
[44:49.800 --> 45:05.720]  that kind of kills the idea so the idea is to have better service jail start or stop or whatever
[45:06.440 --> 45:17.160]  and then probably most of us jail managers developers are going to unite in it and say okay
[45:17.160 --> 45:23.000]  this is how we use it now you can criticize us and why didn't you do that in the first place
[45:23.640 --> 45:32.280]  right but I guess we need it to experiment and learn and see what what works and what not
[45:32.840 --> 45:41.400]  so that we know once we upstream it to JailConf it's going to be what we expect it to be
[45:41.640 --> 45:43.640]  and Kubernetes
[45:49.240 --> 45:54.040]  all jokes aside I don't know if you're following but there is more and more
[45:54.040 --> 46:01.400]  Kubernetes support in Potspree and there is I hope I'm going to pronounce the name
[46:01.960 --> 46:13.640]  properly Doug Robson is working on Kubernetes support Podman is already there and Doug has
[46:17.320 --> 46:25.640]  pretty initial version of Kubernetes working on FreeBSD with VNet and Jails
[46:26.600 --> 46:38.760]  why I'm hoping for this to happen is so that we can have easier transition from Linux to FreeBSD
[46:40.360 --> 46:47.800]  and honestly there's a friend of mine who promised me that we are going to
[46:48.760 --> 46:56.120]  try mixed Kubernetes data centers is a Linux freak I'm a FreeBSD freak
[46:56.680 --> 47:04.440]  so let's try to create one domain that is going to be mixed operating systems in Kubernetes
[47:05.000 --> 47:15.000]  who knows where it leads us maybe we just lose our hair but if we do succeed it's a really easy
[47:15.080 --> 47:23.320]  way to switch to migrate from one operating system to the other because realistically maybe you want
[47:23.320 --> 47:31.720]  to switch from FreeBSD to Linux please don't but yeah who knows what's your what's your use case
[47:31.720 --> 47:41.400]  and maybe your workplace is such that it simply has to be like that so yeah well I'm hoping this
[47:41.400 --> 47:53.080]  will not live because it leaves more space for this and so I'm kind of like a split brain person
[47:53.080 --> 48:01.160]  I really don't know what I want with Kubernetes it's it's probably here to stay so we need to
[48:01.160 --> 48:10.600]  support it in order to be kinder towards other developers and system administrators maybe DevOps
[48:11.960 --> 48:23.880]  so I would like to thank a few communities and persons till the center for supporting my crazy
[48:23.880 --> 48:34.920]  ideas and testing everything I do at least few of the people are testing my crazy ideas and reporting
[48:34.920 --> 48:44.440]  back and sometimes even doing slight development and I'm really grateful to be physically in an
[48:44.440 --> 48:55.560]  environment that is supporting me in such a way because usually I don't know about you but I suspect
[48:55.560 --> 49:03.240]  we are the crazy ones why don't you use why don't you use drugs like all normal kits or the docker
[49:03.240 --> 49:13.720]  or whatever right so yeah it's really nice to be supported the FreeBSD community I don't know how to
[49:14.760 --> 49:24.520]  say this enough they've been supportive and helpful and I didn't encounter a question
[49:24.520 --> 49:36.440]  that somebody didn't answer if I was persistent enough and CBSD community all again particular
[49:39.000 --> 49:46.280]  he created CBSD by himself and it's enormous task it even have
[49:47.240 --> 49:53.720]  and curses commands to make it easier for you so it's enormous task that
[49:55.240 --> 50:05.800]  well started 10 years ago 2013 and so it's our big anniversary this year I think it's
[50:05.800 --> 50:14.760]  somewhere during the summer but I will have to have to check that recently we announced that on
[50:14.840 --> 50:25.240]  CBSD site and I'm afraid I didn't remember it yeah it was few days before the FOSDM and I was doing
[50:26.200 --> 50:35.240]  bunch of things to to basically prepare so these are if you want to ask something contribute
[50:35.240 --> 50:44.680]  whatever is on your mind around regular CBSD or whatever music maybe these are my contacts
[50:44.680 --> 50:47.400]  and now is the right time to ask questions
[50:56.840 --> 51:03.320]  thank you oh he's gonna die he's gonna die
[51:14.680 --> 51:23.720]  you would for example my secular before workplace or there is also a mechanism that allows you
[51:25.160 --> 51:29.160]  like a reading a scroll to check if the database is ready to serve
[51:32.120 --> 51:41.880]  okay so the question was if I understood correctly if boot order can also check if the database
[51:41.960 --> 51:50.040]  started a bit before it stores the WordPress did I get it right no it cannot do that but it
[51:50.040 --> 51:59.400]  will at some point because the jail comf can have dependencies and at some point I'm really hoping
[51:59.400 --> 52:09.400]  to switch to dependencies instead of boot order because who likes boot order I mean if you have
[52:09.480 --> 52:15.560]  like 200 jails who knows what stores when but with dependencies it's much easier
[52:20.600 --> 52:21.480]  any more questions
[52:21.480 --> 52:43.400]  yes mostly for CBSD but you can find one for the reggae that depicts mostly how to initialize it
[52:43.400 --> 52:49.160]  and start the really dumb project that almost has nothing in it
[52:50.040 --> 52:52.840]  yeah sorry the question was
[52:59.320 --> 53:00.840]  I didn't catch that second one
[53:06.200 --> 53:13.640]  yes so the question was order any demos and they're on youtube some of them are on
[53:14.360 --> 53:19.800]  Russian and some of them are on how it's called askinema
[53:21.960 --> 53:30.120]  yeah so you can even from the demo you can copy paste the the text and do it yourself or commands
[53:30.120 --> 53:34.600]  or whatever okay anyone else
[53:40.520 --> 53:46.760]  okay then I'm gonna have to say goodbye with the famous words no docker no cry
[53:48.840 --> 53:50.440]  thank you