I wish FreeBSD was more popular. I run it on my personal servers for more than a decade non-stop. I do have currently one FreeBSD at home which works as my NAS/backup server/whatever I need it to do plus two remote machines (mail/www/db/ns running in jails). About a year ago I migrated one FreeBSD to OpenBSD because it's just an advanced router.
I took conservative approach and I always run -RELEASE version, not even -STABLE. I'm glad Klara is evaluating -CURRENT branch, good read.
Btw, once - several years ago I bought an new system and network card was not supported in the -RELEASE branch, so I took the driver from -CURRENT, compiled and loaded as kernel module. Worked flawlessly :)
While I have used FreeBSD before on my desktops (starting with version 8.1) and love the design of the system along with the UNIX feel, I do not really see how it can become popular with the WiFi stack in shambles (my current Intel Wireless device gets half of the speed it does on other OS) and other quirks. I feel that a lot more of the donations should go to working on FreeBSD device support if we ever to dream of it going popular.
Despite their proclaimed support of open source, Intel wifi can be a mess on Linux too. Most distributions work well, but Gentoo for one loads the incorrect firmware blob and I am forced to try to create a custom installer image in a VM after emerging the linux-firmware package.
The iwlwifi driver just landed in FreeBSD 13.1-RELEASE, and I have yet to have any luck with it there, either. Neither Gentoo nor FreeBSD seems to want to load the correct cc-a0-66.ucode blob for my AX200 chip. I think the downstream developers can only bear so much blame; Intel could surely do a better job helping to clear up edge cases like this.
Question: If you use the FreeBSD Ports collection for the services you run, how do you deal with Ports' quarterly releases? One reason I haven't used FreeBSD much is because of the fear of doing bulk updates every 90 days, and having to fix random things that might break due to software upgrades.
For a home server I have no problem with this, but if it's something I want to leave in production and have security updates for, I'm more at-ease using Debian or Ubuntu with their 3- and 5-years' worth of support.
Is there something I'm missing about using FreeBSD in production, or is anything outside of the base system just supposed to be more hands-on?
I'm aware of the Latest branch, but its shorter release cycle would be even less-suited for production usage (for people who are into Very Serious Business™).
I was talking about Quarterly since it seems to the most stable way to get packages not in the base system.
Ports are rolling release. Simply run 'portsnap fetch update' and you'll have the latest available in /usr/ports just one 'portmaster -a' (upgrade) away.
Same goes for packages (pkg), they are rolling release.
No idea where you're getting this 90 days release stuff from :) (Perhaps there's a LTS 'release' for ports? I don't think many people use it if there is. Trust me, you're safe enough with rolling ports).
That said, I don't have any problems with rolling-release. I've ran stuff like openSUSE Tumbleweed for years, and back in my dabbling days, plenty of Gentoo and Arch.
My issue is that for non-personal and longer-term deployments, FreeBSD has never been a contender for me because of having to keep on top of Ports upgrades. For example for a project at work, I wouldn't want to return to a FreeBSD deployment months later to add a feature, and then have to update all my packages on that system.
I understand chances are the upgrades would likely be hitch-free, or would only require a little bit of fixing around, but I still really don't want to hold my breath every 3 months.
As a young SWE interested in IT (which is how I got interested in programming in the first place, was doing sysadmin things as a teenager like running an IRC leaf), older IT wizards told me to never mix ports and packages. And furthermore, not to use ports as they lead to fundamental breakages.
Under the current support model, each major version’s stable branch
is explicitly supported for 5 years, while each individual point release
is only supported for three months after the next point release.
You've got plenty of time for support. These days I only use FreeBSD for homelab stuff but… yeah you can go two ways really. Portsnap + rebuilding your packages to track updates or track an official package server that gets regular updates. Because I don't have to scale this shit out the setup I ended up with was to point pkg(8) at a varnish instance that queries a "latest" repo, and then the jails hit the varnish instance.
Unlike some debian-ish distros I don't think there's any security-update-only repo for ports/packages to track. Meanwhile freebsd-update(8) handles security updates for the base system.
Yeah, I love FreeBSD's base system's release model. It feels like a complete system, and each release is supported for a long time.
Same with systems like Ports, and in particular, NetBSD's pkgsrc. I've personally been using pkgsrc on my MacBook (and sometimes on Linux too) for years, and have really enjoyed using it as a cross-platform system to add my own little packages that'll work across macOS/Linux/NetBSD (I use NetBSD on my Pi). And I have no problems doing upgrades every 3 months, since I want my shiny new software.
So I definitely see and appreciate Ports/pkgsrc's benefits - but I still feel uneasy using stuff like FreeBSD+Ports on non-personal projects, like for projects at work.
Until pkg(8) came around ports were one of my least favorite parts of FreeBSD. I like(d) pkgsrc even less.
Part of it was the simplistic support for binary packages that felt entirely like an unwanted afterthought. Compile everything from source just doesn't scale especially if you want to use complex, slow-to-compile projects like gcc or firefox.
The other part is that make(1) is SLOW and simply does not scale to the size of something like the ports tree. It's also a bit tedious to use out of your ports tree and the documentation was kinda meh. There were a number of hacks layered on top that sort of eased the pain (I want to say portupgrade?, I never got into portmaster) but always felt really brittle and things were always getting out of sync. Even pkg(8) is a bit funky (and I don't particularly like the reliance on srv records no matter how elegant a solution it may seem).
> I still feel uneasy using stuff like FreeBSD+Ports on non-personal projects, like for projects at work.
I would never use ports in a production environment without some detailed justification. The binary packages are the way to go. Building your own ports (as in your own software not building your own copy of an existing port) is also a bit of a trial by fire thing involving a lot of hair pulling. Dunno what the update quarterly stuff is about tho, I run pkg update weekly to keep on top of things – but I track the latest repo not the quarterly one.
Honestly one of the few things I miss about Linux is the Debian package ecosystem. But as I learned with fink on OSX it's not just the infrastructure that matters.
pkg-ng is indeed a godsend, and I think I just got PTSD thinking about what Ports management was like before it. Currently getting flashbacks to the salad of utilities I used to use from ports-mgmt/.
>make
Yes, the Makefile infrastructure for both Ports/pkgsrc is clunky and slow, and the documentation is also terrible too. Took quite a bit of suffering to learn the dark art of properly authoring packages in pkgsrc.
For what it's worth, there's also the Gentoo Prefix project, but I haven't ever been able to use it because the bootstrap for it has failed every time I tried it on macOS or Linux.
At least for pkgsrc using it is as simple as:
$ git clone https://github.com/netbsd/pkgsrc --depth 1
$ cd ~/pkgsrc/bootstrap && ./bootstrap --unprivileged
$ cd ~/pkgsrc/misc/tmux && ~/pkg/bin/bmake install
$ ~/pkg/bin/tmux
As flawed and janky as pkgsrc is, it has at least worked consistently for me on macOS/Linux for years.
>compiling from source
Yeah, I agree. Compiling everything from source and using it in production is for insane people. Should have clarified that when I said "Ports/pkgsrc", I meant using official binary pacakges, and not necessarily building from source.
>latest and quarterly
The point of quarterly releases is to serve as a base for stable package versions, backported security fixes, and as a chance to fix package runtime/compilation issues before being generally available - something harder to do if you track bleeding-edge packages, where things can shift under people's feet.
It's also useful when building from source, like I do with pkgsrc for macOS, because lots of random things will break if there's too large of a rift between what's installed and what's in bleeding-edge pkgsrc. In these cases, you'd usually have to do mass rebuilds, and/or deal with dependency hell (eg, pkg X you have installed needs need <=libsomething-1336, but pkg Y in pkgsrc needs >=libsomething-1337).
I use the packages installed via pkgsrc pretty much daily on my MacBook, and it'd be really annoying having things possibly breaking after an update just a week apart, especially if I'm in a rush and need to get something done for work. So using a quarterly branch is useful, since it's a cadence I can stomach, and there's a higher likelihood that the devs had more time to polish the packages in that release.
>Fink
Never heard of this before. I'll give it a gander sometime soon.
Were it my responsibility I wouldn't worry too much about using FreeBSD binary packages in production. The way ports are set up, typically you'd have to go out of your way to install a bleeding edge version of something. If you're relying on something (e.g. ruby, python) with a bunch of commonly used versions you can alias the default to your preferred version. This may make audit compliance more difficult but not by much (especially considering how laborious compliance is anyhow).
At this point my biggest qualms about FreeBSD in production aren't really around the ports themselves but more around how much stuff has become Linux only (e.g. dockerify everything).
At megacorp we had to use an old version of CentOS (ugh) and the whole "keep updating ancient versions of third party software" thing came with plenty of caveats and frustrations. Regardless of the operating system it's not an approach I'd recommend.
I cannot say much with any confidence because I started revisiting FreeBSD after a long (like 15 years! :) ) absence. However, from what I see there are ways to mitigate issues that might occur. For example, doing a ZFS snapshot before doing a package update can be one thing to do. I think if you have a cluster of machines, doing a canary update with the option to rollback sounds like something that would ease the mind. I think also the tooling will allow you to control any bulk updating. This is in fact what I was starting to play with today - new port updates are available, how do I do selective updates? It's possible, but some reading of the handbook and/or man pages will get to that answer probably.
> I wish FreeBSD was more popular. I run it on my personal servers for more than a decade non-stop. ... About a year ago I migrated one FreeBSD to OpenBSD...
This is exactly how I feel about OpenBSD. While part of me is happy that it's a niche OS, another part of me wishes that it had more support by being a more mainstream OS.
For me the main showstopper was a system requirements doc. Last time i tried instalation failed in a VM with max number of inodes reached. I do not want to try ZFS. I want to do a quick try to see if it plays well. Can anyone recommend the minimum disk size to install the port collection and to compile for example an LXDE or KDE ?
Yes, I agree with that. Recently I've switched my FreeBSD router to OpenBSD, getting it running is trivial and for backups - just few files needs to be rsyncd to my backup machine and that's it.
I'd say it's mostly a matter of energy and time you wish to put into becoming a successful entrepreneur. My experience tells me that first two-three years is a grind, then you can loosen that regime a bit, depending on what you want to achieve. If you're ok with making more (like x1.5 - 2.0 times more) than when employed you can relax and settle on 8-10h a day, if not - real benefits come later, but I think you'll need to hire somebody anyways.
AOL, except more than "several". Much more than "several".
The milk has to be stored in clean containers. If you're going to pasteurise the milk anyway, then milking into a tank will do, and you can clean the tank every few days. But if the milk is to be used raw, then you have to milk into a clean container each time.
Yeah, it's weird this command doesn't have anything that references Wikipedia in the name too. eg wikifetch or even just wpfetch. It's such a generic name for a specialized too.
I use jails for years, the only thing which is painful are upgrades from ports for all the jails. It's time consuming. Poudriere helps but the whole thing is far from ideal :(
I can't recall the software, but few years ago there was a famous typo in the update script, namely a space after '/usr' in the rm -fr command which effectively removed whole /usr. Does anybody remember what that was?
I took conservative approach and I always run -RELEASE version, not even -STABLE. I'm glad Klara is evaluating -CURRENT branch, good read.
Btw, once - several years ago I bought an new system and network card was not supported in the -RELEASE branch, so I took the driver from -CURRENT, compiled and loaded as kernel module. Worked flawlessly :)