Build and Run Your Own FreeBSD-native Containers with Buildah, Containerfiles and Podman # This is an updated version of an earlier blog post. There is now an official FreeBSD container image and the approach of a base image with clones is no longer supported| Honeyguide
Micropod-sampler: A minimal viable FreeBSD-based container virtual data center # The Micropod-sampler ansible playbook is a minimal viable OCI container-based virtual data center.| Honeyguide
Build and run your own FreeBSD-native containers with Buildah, Containerfiles and Podman # This is a deprecated version of the blog post. There is now an official FreeBSD container image and the approach of a base image with clones is no longer supported| Honeyguide
Introduction # Have you heard of Mastodon? Mastodon is a self-hosted social networking service, where independently run servers federate content to each other using ActivityPub.| Honeyguide
Introduction # Lets walk through the steps of installing FreeBSD 14.0 on a dedicated server from Xneelo. Xneelo is a South African hosting provider with dedicated servers and a rescue system, similar to Hetzner.| Honeyguide
Introduction # Lets say you want to test a fresh batch of pot images on a local cluster of virtualbox hosts, because FreeBSD 13.2 is out and you just upgraded.| Honeyguide
Introduction # Back in 2020, a three-part blog series was published on building your own Virtual Datacenter (vDC).| Honeyguide
Introduction # This is a post about running your own Matrix-Synapse instance using Pot jails. You will see that once the initial (and also not very complicated) configuration is complete, it takes only 6 commands to e.g. run a complete openldap server if you are using the Potluck container images.| Honeyguide
Introduction # Let’s build a two-server minio storage system, complete with alerting and monitoring. Then to illustrate application, we’ll include a nextcloud pot image using minio S3 as file storage.| Honeyguide
This post is a continuation of the small PoC that describes how to manually run a Potluck image directly with runj and describes how Potluck images can be run via containerd.| Honeyguide
A quite new project called runj has been created which offers an interface between FreeBSD Jails and containerd. runj is already in the Ports tree or it can be found at https://github.com/samuelkarp/runj.| Honeyguide
Nginx Example Service (via Traefik) # Overview # As written earlier, you can place the nginx job via the nomad dashboard.| Honeyguide
Step 3 - Nomad, Consul & Traefik Servers # Note 1: If you do not want to use the prebuilt images as shown below for whatever reason, you can easily recreate the jails from the flavour configuration files yourself by following the instructions on the page of each of the images at Potluck.| Honeyguide
Introduction # Yes, FreeBSD Lacks Kubernetes - But It Does Not Really Matter… # One of the main complaints about FreeBSD is the lack of Docker and Kubernetes, which in turn is seen as inability to use FreeBSD as a platform for bleeding edge concepts like micro services and scale-out container orchestration.| Honeyguide
For FreeBSD, there are not many 64bit assembler (amd64) examples available on the web and virtually none that are a little bit more complex. To change this, I ported a DOS Tetris game to 64bit FreeBSD, using SVGALIB to max VGA out with 320x200 and 256 colours - it is 2020 after all!| Honeyguide
Introduction # minio is a well-known S3 compatible object storage platform that supports high availability and scalability features and is very easy to configure.| Honeyguide
Introduction # minio is a well-known S3 compatible object storage platform that supports high availability features. For FreeBSD a port is available that has already been described in 2018 on the vermaden blog.| Honeyguide
Overview # pot is a great and relatively new jail management tool. It offers DevOps style provisioning and can even be used to provide Docker-like, scalable cloud services together with nomad and consul (more about this in Orchestrating jails with nomad and pot).| Honeyguide
Impressum & Datenschutz (GDPR) - Germany/Deutschland Angaben gemäß § 5 TMG Honeyguide GmbH Maulberger Weg 14 84137 Vilsbiburg Vertreten durch: Stephan Lichtenauer Kontakt: E-Mail: i@honeyguide.eu Registereintrag: Eintragung im Registergericht: Landshut Registernummer: HRB 10 642| Honeyguide
The FreeBSD Linux compatibility layer linux_base-c7 comes from CentOS 7. When trying to run a Linux application, you might run into the following error: $ ./linuxexecutable loolwsd: /lib64/libstdc++.so.6: version `GLIBCXX_3.4.20' not found (required by loolwsd) loolwsd: /lib64/libstdc++.so.6: version `CXXABI_1.3.9' not found (required by loolwsd) loolwsd: /lib64/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by loolwsd) There is an easy way to find out the API versions available...| Honeyguide
Overview # We are an impact enterprise and digital advisory that has been operating in Europe and Southern Africa since 2004.| Honeyguide
Email: i@honeyguide.eu DeltaChat: Honeyguide Profile Mastodon: @honeyguide@mastodon.africa Honeyguide GmbH # Maulberger Weg 14 84137 Vilsbiburg Germany Honeyguide Group (Pty) Ltd # 1 8th Avenue Intercare Building, First Floor Summerstrand Gqeberha (Port Elizabeth) 6001 South Africa| Honeyguide
Introduction # To complement our Jitsi installation, we add a grafana dashboard to it so we can control usage, system load, traffic spikes etc.| Honeyguide
Introduction # Due to the situation with COVID-19 that also lead to people being confined to their homes in South Africa as well, we decided to provide a (freely usable of course) Jitsi Meet instance to the community being hosted in South Africa on our FreeBSD environment.| Honeyguide
The experience of the Honeyguide® team regarding design, implementation and management of digital workplaces in mid and large cap companies goes back even before the founding of Honeyguide GmbH in 2004. This covers program scoping and management, design and development of digital processes, applications and user experience improvements across global companies (e.g. via Persona surveys) but also ITIL and DevOps based end-to-end IT operations streamlining and agilisation. While we have provide...| Honeyguide
Introduction The Micropod-sampler ansible playbook is a minimal viable OCI container-based virtual data center. The host is FreeBSD. The containers are FreeBSD, too. The tooling is buildah and podman which provides a Docker-like container experience on FreeBSD. The following playbook will configure everything needed to run a small virtual data center with: minio for S3 consul for service orchestration nomad for job management traefik-consul for routing (not in use) nginx-s3 nomad job to load ...| Posts on Honeyguide
Introduction Have you heard of Mastodon? Mastodon is a self-hosted social networking service, where independently run servers federate content to each other using ActivityPub. Each Mastodon server has its own set of users, own code of conduct, own terms and moderation policies. Users post short messages (called “toots”) to the world, or to select people. They can also subscribe to other users’ feeds on any server. ActivityPub is a standard for the Internet in the Social Web Networking G...| Posts on Honeyguide
Introduction Lets walk through the steps of installing FreeBSD 14.0 on a dedicated server from Xneelo. Xneelo is a South African hosting provider with dedicated servers and a rescue system, similar to Hetzner. FreeBSD is not available as an operating system to install, however, it can installed from the rescue console using the depenguin.me installer. Prepare ssh Public Key Setup your ssh public key in a web-accessible location, such as a text file in a webserver root.| Posts on Honeyguide
Introduction Lets say you want to test a fresh batch of pot images on a local cluster of virtualbox hosts, because FreeBSD 13.2 is out and you just upgraded. Only it turns out that virtualbox is no longer working after the upgrade to 13.2. Running dmesg shows the output: KLD vboxdrv.ko: depends on kernel - not available or version mismatch linker_load_file: /boot/modules/vboxdrv.ko - unsupported file type Previously this could be solved by removing the packages and re-installing them, but thi...| Posts on Honeyguide
Introduction Back in 2020, a three-part blog series was published on building your own Virtual Datacenter (vDC). While the detailed configuration instructions are outdated meanwhile (the images offer a lot more options today than back then), you can read part 1, part 2 and part 3 as a refresher. This guide introduces an ansible script to automate the provisioning of a vDC for your applications. In addition to building a vDC with consul and nomad, it offers enhancements over the original blog ...| Posts on Honeyguide
Introduction This is a post about running your own Matrix-Synapse instance using Pot jails. You will see that once the initial (and also not very complicated) configuration is complete, it takes only 6 commands to e.g. run a complete openldap server if you are using the Potluck container images. It’s a detailed HOWTO run Consul, OpenLDAP and Matrix-Synapse together using Pot jails. Hint: If you do not want to go through the complete step by step guide, you can also skip directly to the end ...| Posts on Honeyguide
Introduction Let’s build a two-server minio storage system, complete with alerting and monitoring. Then to illustrate application, we’ll include a nextcloud pot image using minio S3 as file storage. Hint: If you do not want to go through the complete step by step guide, you can also skip directly to the end of this article and download the Minio-Sampler. Requirements You need two servers connected via high speed network, minimum 1GB/s.| Posts on Honeyguide
This post is a continuation of the small PoC that describes how to manually run a Potluck image directly with runj and describes how Potluck images can be run via containerd. The Potluck container image library wants to provide complex services out of the box, like e.g. a complete postfix secondary mailserver which also is used in this example. Installing containerd We reuse the VM from the runj PoC, so let’s start it and directly connect to the console:| Posts on Honeyguide
A quite new project called runj has been created which offers an interface between FreeBSD Jails and containerd. runj is already in the Ports tree or it can be found at https://github.com/samuelkarp/runj. The Potluck container image library wants to provide complex services out of the box, like e.g. a complete postfix secondary mailserver. Many of the images are prepared to be orchestrated via nomad and nomad-pot-driver (which also is in the Ports tree).| Posts on Honeyguide
Content This series is split in three parts: Part I - Overview and Basic Setup Part II - Setting Up Consul, Nomad & Traefik Part III - Testing the Environment with Nginx & Git Nginx Example Service (via Traefik) Overview As written earlier, you can place the nginx job via the nomad dashboard. When you start the job the first time, the image will according to the job description be automatically downloaded from Potluck to your compute host which - depending on your Internet connection - might ...| Posts on Honeyguide
Content This series is split in three parts: Part I - Overview and Basic Setup Part II - Setting Up Consul, Nomad & Traefik Part III - Testing the Environment with Nginx & Git Step 3 - Nomad, Consul & Traefik Servers Note 1: If you do not want to use the prebuilt images as shown below for whatever reason, you can easily recreate the jails from the flavour configuration files yourself by following the instructions on the page of each of the images at Potluck.| Posts on Honeyguide
Content This article is split in three parts: Part I - Overview and Basic Setup Part II - Setting Up Consul, Nomad & Traefik Part III - Testing the Environment with Nginx & Git Introduction Yes, FreeBSD Lacks Kubernetes - But It Does Not Really Matter… One of the main complaints about FreeBSD is the lack of Docker and Kubernetes, which in turn is seen as inability to use FreeBSD as a platform for bleeding edge concepts like micro services and scale-out container orchestration.| Posts on Honeyguide
For FreeBSD, there are not many 64bit assembler (amd64) examples available on the web and virtually none that are a little bit more complex. To change this, I ported a DOS Tetris game to 64bit FreeBSD, using SVGALIB to max VGA out with 320x200 and 256 colours - it is 2020 after all! Jokes aside, this example shows how to set up an assembler program that uses C runtime functions and also links in additional libraries available in ports/packages.| Posts on Honeyguide
Introduction minio is a well-known S3 compatible object storage platform that supports high availability and scalability features and is very easy to configure. There is a separate post already describing how to set up minio on FreeBSD. This post explains how you can use minio (or any other S3-compatible storage platform) to provide HA filesystems on FreeBSD. We describe two ways to mount S3 buckets into the file system on FreeBSD:| Posts on Honeyguide
Introduction minio is a well-known S3 compatible object storage platform that supports high availability features. For FreeBSD a port is available that has already been described in 2018 on the vermaden blog. Nonetheless, for a distributed setup along the lines of the minio documentation with TLS encryption, even the official minio documentation unfortunately lacks some detail. That means the certificate setup below might be interesting even if you plan to run minio on another platform and no...| Posts on Honeyguide
Overview pot is a great and relatively new jail management tool. It offers DevOps style provisioning and can even be used to provide Docker-like, scalable cloud services together with nomad and consul (more about this in Orchestrating jails with nomad and pot). When using FreeBSD on your desktop, you can also use it simply to easily create “throw away” browser jails. That way, the browser environment is reliably and completely erased and reset each time you re-create it with one single, s...| Posts on Honeyguide
The FreeBSD Linux compatibility layer linux_base-c7 comes from CentOS 7. When trying to run a Linux application, you might run into the following error: $ ./linuxexecutable loolwsd: /lib64/libstdc++.so.6: version `GLIBCXX_3.4.20' not found (required by loolwsd) loolwsd: /lib64/libstdc++.so.6: version `CXXABI_1.3.9' not found (required by loolwsd) loolwsd: /lib64/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by loolwsd) There is an easy way to find out the API versions available...| Posts on Honeyguide
Introduction Would you like to run a full Docker-style setup under FreeBSD? Did you hear it’s not possible? Not production-ready? Or a bit iffy? Would you like to try anyway? Building a Container With buildah from Containerfiles On your host, or newly-created virtual machine: pkg update pkg install podman-suite Create /etc/pf.conf with the following contents. If the network interface is not vtnet0, adjust to the correct interface name: # Change these to the interface(s) with the default rou...| Honeyguide
