From nobody Wed May 18 13:21:38 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 12BC21AE443D for ; Wed, 18 May 2022 13:22:12 +0000 (UTC) (envelope-from raf@rafal.net) Received: from mailtransmit04.runbox.com (mailtransmit04.runbox.com [IPv6:2a0c:5a00:149::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4L3DDM239bz4bG0 for ; Wed, 18 May 2022 13:22:11 +0000 (UTC) (envelope-from raf@rafal.net) Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit04.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1nrJcn-00Bxua-OE for freebsd-cloud@freebsd.org; Wed, 18 May 2022 15:22:01 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rafal.net; s=selector2; h=To:Cc:Date:Message-Id:Subject:Mime-Version:Content-Type:From; bh=sQRupGhXxwJ2U1fgjM3zQxPork8GTQpT1T9qpRJxz+g=; b=j7o86m19Ltg6fy5voi6N3/GMW JH57JNl8gyrG/p7mzU8RQbuA0hfBxns+lwDf4cowFehXEWnndfC9txuzJD4EMaZIRNSsvusi/pZqO orxR1aL3z1E+u/7jX84im8GodGmgsZOrfwXN+obMaUSOtecHs4fFSWzPnQv4EVKMF2WSr8GefiUGH vmSuu5i1FEVdH/jBRsqz1AawZtrp3ybDHlQH1KMoIw4G0H5Wn9E7rN0Ll3Qz1hfVMTvjf0amLBjDT C0/qFyi+10Q8PctL40T3z5PlmpY4VaxZiR9w/M20O7CAEgorlRiPpDnApNKm0g/jYrJzNzbGFoLP2 Vbe8jWqLA==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1nrJcn-00078d-6h; Wed, 18 May 2022 15:22:01 +0200 Received: by submission02.runbox with esmtpsa [Authenticated ID (1087189)] (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) id 1nrJcR-0001IF-4r; Wed, 18 May 2022 15:21:39 +0200 From: Rafal Lukawiecki Content-Type: multipart/alternative; boundary="Apple-Mail=_BC5FE89C-2C15-4EB3-BE66-F4A34FA0B771" List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\)) Subject: AMI Builder 13.1? Message-Id: Date: Wed, 18 May 2022 14:21:38 +0100 Cc: Colin Percival To: freebsd-cloud@freebsd.org X-Mailer: Apple Mail (2.3696.80.82.1.1) X-Rspamd-Queue-Id: 4L3DDM239bz4bG0 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=rafal.net header.s=selector2 header.b=j7o86m19; dmarc=pass (policy=reject) header.from=rafal.net; spf=pass (mx1.freebsd.org: domain of raf@rafal.net designates 2a0c:5a00:149::25 as permitted sender) smtp.mailfrom=raf@rafal.net X-Spamd-Result: default: False [-2.60 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[rafal.net:s=selector2]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2a0c:5a00:149::25]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[rafal.net:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[rafal.net,reject]; NEURAL_HAM_SHORT(-1.00)[-0.999]; MLMMJ_DEST(0.00)[freebsd-cloud]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:50304, ipnet:2a0c:5a00::/29, country:NO]; RCVD_TLS_LAST(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[2a0c:5a00:149::25:from] X-ThisMailContainsUnwantedMimeParts: N --Apple-Mail=_BC5FE89C-2C15-4EB3-BE66-F4A34FA0B771 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hello Colin, I am working on our FreeBSD today and this week=E2=80=94after a long = break. Do you have new AMI Builders for the latest 13 release? I intend = to run the builder on c6g.8xlarge and to use the produced AMIs on = t4g.medium. Many thanks, Rafal -- Rafal Lukawiecki Data Scientist=20 Project Botticelli Ltd --Apple-Mail=_BC5FE89C-2C15-4EB3-BE66-F4A34FA0B771 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hello= Colin,

I am working = on our FreeBSD today and this week=E2=80=94after a long break. Do you = have new AMI Builders for the latest 13 release? I intend to run the = builder on c6g.8xlarge and to use the produced AMIs on = t4g.medium.

Many= thanks,
Rafal
--
Rafal Lukawiecki
Data Scientist 
Project Botticelli = Ltd

= --Apple-Mail=_BC5FE89C-2C15-4EB3-BE66-F4A34FA0B771-- From nobody Wed May 18 18:49:52 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4DB861B3F6F4 for ; Wed, 18 May 2022 18:50:18 +0000 (UTC) (envelope-from raf@rafal.net) Received: from mailtransmit05.runbox.com (mailtransmit05.runbox.com [IPv6:2a0c:5a00:149::26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4L3MVx1bmQz3jng for ; Wed, 18 May 2022 18:50:17 +0000 (UTC) (envelope-from raf@rafal.net) Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit05.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1nrOkJ-00CdoV-Vm for freebsd-cloud@freebsd.org; Wed, 18 May 2022 20:50:08 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rafal.net; s=selector2; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date: In-Reply-To:From:Subject:Mime-Version:Content-Type; bh=rubAmpzLg/5zY/67hhsy8QoqBgauYNYRX8CsVugt6zo=; b=Kle5nrNoEWaWIixl6VcfQxz0oX 2k5vLXu55gHNXbFSZDi5HUBMCEJ/Hj9RkDhgeKKLwLJKBs8IuRUP8coAtJ8jVrk67Yy36bF3gTSTo uTwqKlsmoJo5lS9bdjr/dlDEIAwT0eQsTm2jnpc+31fIwYSiSL1ZK+1XUj+nk0SAphMVaf7PYTlSj NzEAun6HP3wody9GPr4zm8sLTvYNH0rrv7PnUjSUcxinB/l+KrvoYrp4ILB1ln3Ekuq1OipbI7W6s f84QFzZE8LcSUY4lYsZWMHMgXoDxhXO7XbXN7aKE3rIyV+8//sqgucNJkBpSD9g5CVtYqYnbjCpFE fA6es2Ng==; Received: from [10.9.9.74] (helo=submission03.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1nrOkJ-0003Th-Cf; Wed, 18 May 2022 20:50:07 +0200 Received: by submission03.runbox with esmtpsa [Authenticated ID (1087189)] (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) id 1nrOk5-0006lk-B3; Wed, 18 May 2022 20:49:53 +0200 Content-Type: text/plain; charset=utf-8 List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\)) Subject: Re: AMI Builder 13.1? From: Rafal Lukawiecki In-Reply-To: <01000180d86594b7-d1deb1c3-0663-48ba-a9e2-a115f7a08fd9-000000@email.amazonses.com> Date: Wed, 18 May 2022 19:49:52 +0100 Cc: freebsd-cloud@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <19999F85-BE49-4B58-AECC-73873E8A5AAD@rafal.net> References: <01000180d86594b7-d1deb1c3-0663-48ba-a9e2-a115f7a08fd9-000000@email.amazonses.com> To: Colin Percival X-Mailer: Apple Mail (2.3696.100.31) X-Rspamd-Queue-Id: 4L3MVx1bmQz3jng X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=rafal.net header.s=selector2 header.b=Kle5nrNo; dmarc=pass (policy=reject) header.from=rafal.net; spf=pass (mx1.freebsd.org: domain of raf@rafal.net designates 2a0c:5a00:149::26 as permitted sender) smtp.mailfrom=raf@rafal.net X-Spamd-Result: default: False [-2.60 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[rafal.net:s=selector2]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2a0c:5a00:149::26]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[rafal.net:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[rafal.net,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MLMMJ_DEST(0.00)[freebsd-cloud]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:50304, ipnet:2a0c:5a00::/29, country:NO]; RCVD_TLS_LAST(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[2a0c:5a00:149::26:from] X-ThisMailContainsUnwantedMimeParts: N > On 18 May 2022, at 19:19, Colin Percival wrote: >=20 > On 5/18/22 06:21, Rafal Lukawiecki wrote: >> I am working on our FreeBSD today and this week=E2=80=94after a long = break. Do you have new AMI Builders for the latest 13 release? I intend = to run the builder on c6g.8xlarge and to use the produced AMIs on = t4g.medium. >=20 > Not yet but it will happen. I only have a few "paid" hours for = FreeBSD/EC2 > work (cf. https://patreon.com/cperciva ) and my top priority right now = is to > prepare for BSDCan (where I'll be talking about speeding up the boot = process). No worries, Colin. I have used the 13.0 and built 13.1 from a git clone = of the repo. Testing under way=E2=80=A6 -- Rafal Lukawiecki Data Scientist=20 Project Botticelli Ltd From nobody Mon May 30 16:11:14 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 921091B58140 for ; Mon, 30 May 2022 16:11:17 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from mail.tarsnap.com (mail.tarsnap.com [54.86.246.204]) by mx1.freebsd.org (Postfix) with SMTP id 4LBgPv4q94z4f31 for ; Mon, 30 May 2022 16:11:15 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: (qmail 58117 invoked from network); 30 May 2022 16:11:15 -0000 Received: from unknown (HELO dell7390.daemonology.net) (127.0.0.1) by mail.tarsnap.com with SMTP; 30 May 2022 16:11:15 -0000 Received: (qmail 95611 invoked from network); 30 May 2022 16:11:14 -0000 Received: from unknown (HELO ?127.0.0.1?) (127.0.0.1) by localhost with SMTP; 30 May 2022 16:11:14 -0000 Message-ID: <79cce2d6-52b8-9451-3210-57e5439b5000@freebsd.org> Date: Mon, 30 May 2022 09:11:14 -0700 List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 From: Colin Percival Subject: Re: AMI Builder 13.1? To: freebsd-cloud@freebsd.org, Rafal Lukawiecki References: <2e967b48-0521-a5bd-2230-a1caecf665b1@freebsd.org> Content-Language: en-US In-Reply-To: <2e967b48-0521-a5bd-2230-a1caecf665b1@freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4LBgPv4q94z4f31 X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=softfail (mx1.freebsd.org: 54.86.246.204 is neither permitted nor denied by domain of cperciva@freebsd.org) smtp.mailfrom=cperciva@freebsd.org X-Spamd-Result: default: False [2.45 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEFALL_USER(0.00)[cperciva]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; GREYLIST(0.00)[pass,meta]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-0.52)[-0.515]; R_SPF_SOFTFAIL(0.00)[~all:c]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; VIOLATED_DIRECT_SPF(3.50)[]; NEURAL_HAM_SHORT(-0.53)[-0.534]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[54.86.246.204:from]; MLMMJ_DEST(0.00)[freebsd-cloud]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14618, ipnet:54.86.0.0/16, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N [Re-sending since my first email didn't get through to the list...] On 5/18/22 11:21, Colin Percival wrote: > On 5/18/22 06:21, Rafal Lukawiecki wrote: >> I am working on our FreeBSD today and this week—after a long break. Do you >> have new AMI Builders for the latest 13 release? I intend to run the builder >> on c6g.8xlarge and to use the produced AMIs on t4g.medium. > > Not yet but it will happen.  I only have a few "paid" hours for FreeBSD/EC2 > work (cf. https://patreon.com/cperciva ) and my top priority right now is to > prepare for BSDCan (where I'll be talking about speeding up the boot process). AMI Builder AMIs are now available: https://www.patreon.com/posts/67054688 -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From nobody Wed Jun 8 00:20:02 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AB8D183F5C7 for ; Wed, 8 Jun 2022 00:20:12 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LHntM1XGgz4lkT for ; Wed, 8 Jun 2022 00:20:08 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id EA7073200BD6; Tue, 7 Jun 2022 20:20:04 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Tue, 07 Jun 2022 20:20:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=patmaddox.com; h=cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm1; t=1654647604; x=1654734004; bh=UfcqAs1Nsy b3LAJPGQY40c5jLn6j/menkt1BgpGaNks=; b=WrhmFDvOqeTB/ErjCimHJZ0CiA ndlbaeM+yHSAUAcqowEmigUqi2AW+4y+zi3Ix6MJSDXd2mjk5LGTiw54o7V88RSm gLz8VZBZhYiHCaCiB/sWutiL2vjrorjMNcAX4hGPe46hivzYhzSzcrDi4HUcdXb4 2zuJl1GaRFOQqxu0ubluXs6OvQq7eHgTWTDPoDuLue0eixy129cukWhUp+wSe1qa 3cIN6g1narixlpXn1QuGlVQYNr8LeP7zufllXMZ8PFj1cIO1bYCZRHlBGA7QmQuJ dj9Oqi9eRiDFP2+BeMeu/kRzD5pHixG5Ub9XS9B7s8o1CE3cxKLn8VWlTaAQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1654647604; x=1654734004; bh=UfcqAs1Nsyb3LAJPGQY40c5jLn6j /menkt1BgpGaNks=; b=Sz9NdPCndYdIXKToKlw0tvePorZ1LqQgc/j0YwuDSRrU Py+/2k0x3jPUyFQEsOU4FPUmhxbDSLwLfltKX2fDYpRJa/f9s7khFiHyVOny0NrM sWnC9YhLHwRy977RceVhvG+qZO8HV1g1OeUaulr21beITUH5vR1BJBJUOMrTxM32 YgUbyo5NOJDctzWIiRLOwnYCxdCNIY+dHsawdX5bnzg+AnrP2MYAKt4sYHMgS+hm df5CF+fp2yRfH6LWKEC8zfrQVg93oZdj0RGByD5KgiPcXk1VhuwHD/WPCCSMG0oR N94KE3CFjzHxbT9euGi/fQ+N6sKM/ul1yYyM/Llnzg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedruddtiedgfedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffokfggtgfgsehtkehmtd ertdejnecuhfhrohhmpedfrfgrthcuofgrugguohigfdcuoehprghtsehprghtmhgruggu ohigrdgtohhmqeenucggtffrrghtthgvrhhnpedvkeehffekvdfgjefggedtgfdugeejte evkeehudeuveetgeehgeeukedttddvgfenucffohhmrghinheplhhotggrlhhsthgrtghk rdgtlhhouhgunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepphgrthesphgrthhmrgguughogidrtghomh X-ME-Proxy: Feedback-ID: i8b6c40f9:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Tue, 7 Jun 2022 20:20:03 -0400 (EDT) From: "Pat Maddox" To: freebsd-cloud@FreeBSD.org Subject: anything like localstack on FreeBSD? Date: Tue, 07 Jun 2022 17:20:02 -0700 X-Mailer: MailMate (1.13.2r5673) Message-ID: List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed; markup=markdown Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4LHntM1XGgz4lkT X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=patmaddox.com header.s=fm1 header.b=WrhmFDvO; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=Sz9NdPCn; dmarc=none; spf=pass (mx1.freebsd.org: domain of pat@patmaddox.com designates 64.147.123.19 as permitted sender) smtp.mailfrom=pat@patmaddox.com X-Spamd-Result: default: False [-3.58 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.19]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[patmaddox.com:+,messagingengine.com:+]; NEURAL_HAM_SHORT(-0.98)[-0.976]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US]; RCVD_TLS_LAST(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.19:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[patmaddox.com:s=fm1,messagingengine.com:s=fm2]; FREEFALL_USER(0.00)[pat]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; DMARC_NA(0.00)[patmaddox.com]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; MLMMJ_DEST(0.00)[freebsd-cloud] X-ThisMailContainsUnwantedMimeParts: N This feels like quite a long shot, but here we go... We are developing applications that run in AWS. So this question isn’t quite about running FreeBSD on AWS, but rather about developing applications that run on FreeBSD on AWS. We use localstack [1] to mock AWS services we care about locally. It uses docker. Is there anything like localstack on FreeBSD, that simulates AWS services (S3, SQS, secrets manager)? Pat [1] https://localstack.cloud/ From nobody Wed Jun 29 10:15:48 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 205EC878DCF for ; Wed, 29 Jun 2022 10:15:52 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LXy5z2HYmz3jng for ; Wed, 29 Jun 2022 10:15:51 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: by mail-ej1-f54.google.com with SMTP id cw10so31600160ejb.3 for ; Wed, 29 Jun 2022 03:15:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=pyqtG7ePPCP97uJrlnk1sySIBRG+XBz3/aPQwdEjHOQ=; b=Rk5CwfLECWvggz4/9Ew57+5RzSHr1j8uzvTNTX7BExYXFMvr4eoVljt9LraqwVFcYu at+dBI6rUI6aupsbXf9mh5EHmlWhygyqjJsSez3/QFtOBsX3cnMjN0BRzIFdrD/QO5xs qG5ZRxlVFPTdg6Mh++T1z2/hrONkbTN8JTYMyIrEXDubu3iRZi3fEfogX/3rnPOOwDLJ M7QPTrlkdl8kJEJtR2w4X68Eex0qmmtVR+vBsNBsFo/49j6+wEalQSaKzW1s/3qaGW2A BSawQN1EzblpZUNoCtpqwlHijiO/3Ee5vQIoYkH0a3DJhNaTs4eRMyz6piTJnT8+UV8m 7w7Q== X-Gm-Message-State: AJIora8VNcP9z7zEx+v1dtFJargiyrUd9vpdXr+C+jEowu6AanaTBH+l JVXdGqAZZqCdYtSVCEpRdclI0KWNqTpFKg== X-Google-Smtp-Source: AGRyM1tObxsHa6JvrXAGQFrhFDYQEfSwCvU37k4e6qo/WzEfLu6D0LnwhqUF09xHCB39EPonE81bxg== X-Received: by 2002:a17:906:c151:b0:726:95c0:85dc with SMTP id dp17-20020a170906c15100b0072695c085dcmr2522800ejc.118.1656497750404; Wed, 29 Jun 2022 03:15:50 -0700 (PDT) Received: from ?IPV6:2a02:8109:8680:1304:5e5f:67ff:fef4:ffd8? ([2a02:8109:8680:1304:5e5f:67ff:fef4:ffd8]) by smtp.gmail.com with ESMTPSA id q22-20020a170906941600b0072660d8d83fsm5524782ejx.188.2022.06.29.03.15.49 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 29 Jun 2022 03:15:49 -0700 (PDT) Message-ID: <2fd47497-6be4-df0d-6482-5cda5e1c2d98@FreeBSD.org> Date: Wed, 29 Jun 2022 12:15:48 +0200 List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: anything like localstack on FreeBSD? Content-Language: en-US To: Pat Maddox , freebsd-cloud@FreeBSD.org References: From: Mateusz Piotrowski <0mp@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4LXy5z2HYmz3jng X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mpp302@gmail.com designates 209.85.218.54 as permitted sender) smtp.mailfrom=mpp302@gmail.com X-Spamd-Result: default: False [-0.07 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; RWL_MAILSPIKE_GOOD(0.00)[209.85.218.54:from]; RCVD_COUNT_THREE(0.00)[3]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[0mp@FreeBSD.org,mpp302@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[0mp@FreeBSD.org,mpp302@gmail.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.94)[-0.937]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.87)[0.868]; NEURAL_HAM_LONG(-1.00)[-0.998]; MIME_GOOD(-0.10)[text/plain]; R_DKIM_NA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; DMARC_NA(0.00)[FreeBSD.org]; SUBJECT_ENDS_QUESTION(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[209.85.218.54:from]; MLMMJ_DEST(0.00)[freebsd-cloud]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N 'Hey Pat, On 08/06/2022 02:20, Pat Maddox wrote: > Is there anything like localstack on FreeBSD, that simulates AWS services (S3, SQS, secrets manager)? > > [1] https://localstack.cloud/ > Hmm, I'm not aware of anything like that for FreeBSD. People had some successes with running the docker-machine the same way you can do it on macOS. Other than that, I've heard there is some movement in the containerd world related to FreeBSD. Best, Mateusz Piotrowski From nobody Sat Jul 23 05:06:50 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LqZ6Q15D3z4WcH4 for ; Sat, 23 Jul 2022 05:06:54 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LqZ6P1T0Gz3Ln4; Sat, 23 Jul 2022 05:06:53 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 1F8145C00CA; Sat, 23 Jul 2022 01:06:52 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Sat, 23 Jul 2022 01:06:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=patmaddox.com; h=cc:cc:content-transfer-encoding:content-type:date:date:from :from:in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1658552812; x= 1658639212; bh=sBgJkCzn2IHBTCAdM+FXsA9nF+/fWuGQXBwowut+paA=; b=F HZzzNseuVkCJLMV8NHUGnuku0iUkKLP3FL8C93owfeyjvMMx+TXBzke2BnXrgF0x u5+ZpmWzvxSXB4x+REUlazt3SHN+fv24sip5NXaAC1ocnlqcanyrmQqjAto+93hg O8cywkjweSVU/JHP9ylMCZBMSzlBR12+aY08ndLCTWpd9UmWe8PrM2ydo9NGT7EU CWw8PVaC4Uc5VXxUR8cJ5mrsDGBQXmlU2Ws42O57DArRT0rNKUbLtlKzB0nNMzd4 zTMv9KcPcw+w/9cAOK0gUwZp9suI2USGs2Y/AFabEncDjaX7GMEAt1Z94qM4dapi rLKgauuhMnAgVJcxSYwJw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1658552812; x= 1658639212; bh=sBgJkCzn2IHBTCAdM+FXsA9nF+/fWuGQXBwowut+paA=; b=c nMHy6iNBwlMLfQl+4/mgZaPR3BERGXjn1rENkM7Ezgm9FFMLhYQnwTM5eW2wad4z CfzH54SnTjNeef/FDxdHGF2oyZ6b5pbfK8ykuOMcFGT3TZ8HK0HwXkf/ihlW9kN5 gh/pFYfLhFrecN6vQYkaPwO8aTDYWaez6IHkZe4L1ta4zh/enJhnMb6w7EgkMa79 kMefp8jg22iktYZHKDigGHyAcFPseDHCtGmeZ57PeqLCzbWN6jR1ptrj65eD7mkU +hBg5FRD+wUpWGdZE5XU62hq2LdsZU0hyz/HWx2eRw9X/m5erstkjDFLWKP7tPJX YswQv5Sn3tHc3iTRi4GfA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvddtfedgleegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffoffkjghfgggtgfesth ekmhdtredtjeenucfhrhhomhepfdfrrghtucforgguughogidfuceophgrthesphgrthhm rgguughogidrtghomheqnecuggftrfgrthhtvghrnhepvdegleefgffgteduleelledvie eihfeuudehueefudegkedvgfegieekudekleegnecuffhomhgrihhnpehlohgtrghlshht rggtkhdrtghlohhuugenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpehprghtsehprghtmhgrugguohigrdgtohhm X-ME-Proxy: Feedback-ID: i8b6c40f9:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 23 Jul 2022 01:06:51 -0400 (EDT) From: "Pat Maddox" To: "Mateusz Piotrowski" <0mp@FreeBSD.org> Cc: freebsd-cloud@FreeBSD.org Subject: Re: anything like localstack on FreeBSD? Date: Fri, 22 Jul 2022 22:06:50 -0700 X-Mailer: MailMate (1.13.2r5673) Message-ID: <08687776-B3E8-4DC7-8C37-3603ECE76364@patmaddox.com> In-Reply-To: <2fd47497-6be4-df0d-6482-5cda5e1c2d98@FreeBSD.org> References: <2fd47497-6be4-df0d-6482-5cda5e1c2d98@FreeBSD.org> List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed; markup=markdown Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4LqZ6P1T0Gz3Ln4 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=patmaddox.com header.s=fm2 header.b="F HZzzNs"; dkim=pass header.d=messagingengine.com header.s=fm3 header.b="c nMHy6i"; dmarc=none; spf=pass (mx1.freebsd.org: domain of pat@patmaddox.com designates 66.111.4.26 as permitted sender) smtp.mailfrom=pat@patmaddox.com X-Spamd-Result: default: False [-3.70 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[patmaddox.com:s=fm2,messagingengine.com:s=fm3]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.26]; RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.26:from]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.26:from]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; FREEFALL_USER(0.00)[pat]; DMARC_NA(0.00)[patmaddox.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; ARC_NA(0.00)[]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[patmaddox.com:+,messagingengine.com:+]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; MLMMJ_DEST(0.00)[freebsd-cloud@FreeBSD.org] X-ThisMailContainsUnwantedMimeParts: N On 29 Jun 2022, at 3:15, Mateusz Piotrowski wrote: > 'Hey Pat, > > On 08/06/2022 02:20, Pat Maddox wrote: >> Is there anything like localstack on FreeBSD, that simulates AWS >> services (S3, SQS, secrets manager)? >> >> [1] https://localstack.cloud/ >> > Hmm, I'm not aware of anything like that for FreeBSD. People had some > successes with running the docker-machine the same way you can do it > on macOS. > > Other than that, I've heard there is some movement in the containerd > world related to FreeBSD. Yes I’ll be curious to see how containerd works on FreeBSD and if it supports localstack. In the mean time, we’ll be running a dedicated docker server for localstack... a remote localstack. Pat From nobody Sat Jul 23 08:33:03 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LqfhL43msz4X4FN; Sat, 23 Jul 2022 08:33:06 +0000 (UTC) (envelope-from bogdan-lists@neant.ro) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LqfhK69Lfz3Zfp; Sat, 23 Jul 2022 08:33:05 +0000 (UTC) (envelope-from bogdan-lists@neant.ro) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 67CD35C00BC; Sat, 23 Jul 2022 04:33:05 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sat, 23 Jul 2022 04:33:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neant.ro; h=cc :content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm3; t=1658565185; x=1658651585; bh=UXBBzg3cvI owHKiAVE84bpcjil0hhP+WhPNmicmAEaQ=; b=nvdlyQnAsWzSZC5sTC399+rKTS puENflWsweOm2dncfrjBl1kS6THU1G3NzNQsZ77azlu5e+k0Fpdl1DuK6OqiRGOS Ym/HQqbRVg6KvmlNBAdt4LURlcaxRECsupQccFVRza2DngvmS4UhHyuMgb8vkf1H /RfF6tdMaCmToo4qahBMLmP9vVMVrgUTec/Lyfeflv7Iv8vG1QHgTEZF3SgAyKEB mXX6BxHKnFmthtwd9u24jwEc/Kg/lViQkFmD05eRapZAOB3ErPATH1HhS1XJfg4l KxAmymNYNVJRsM/kichZywPrwrLvTZQ8JwhjqPWC/sYwli5B1pFdm+MF0HQQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1658565185; x=1658651585; bh=UXBBzg3cvIowHKiAVE84bpcjil0h hP+WhPNmicmAEaQ=; b=PPKCtEdRrPcy+nL9c9oWJKHlbO3Npm6KcrMCJQO6V7e9 G8NXck2QsW5X/ykoaeVIweNk6rreBE30cKiaUjQ3J8FXUFc39iyGWVWsT2jwXHl/ 13FuSRyIPPYtmi6A0nA/sXp4PegJ63SIct0U+tV9rQOHBdN0nP9heozzxng+dngL 0BN21mPDx0i8f/W64JDqacvDmhAlTDn+QpJUlYA0MwRtWs0RXxJgGhbEDoZYhcAn WRCHUdYCvItAR7PHv1hLD9qjVPXTU2SAacBFNzbCY9Nsb64ZUa3+uhyo+UErae9j 3I5wN10K9ut6VxfYxWNQz0BKMyWZ5/lGI5D5Bu5CqA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvddtgedgtdejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhtgfgggfukfffvffosehtqhhmtd hhtdejnecuhfhrohhmpegsohhguggrnhdqlhhishhtshesnhgvrghnthdrrhhonecuggft rfgrthhtvghrnhepkeevvdekheehleefteefheetteefueehkeffgeeitdefueegteeuje dvueevueejnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhho mhepsghoghgurghnqdhlihhsthhssehnvggrnhhtrdhroh X-ME-Proxy: Feedback-ID: i61d94637:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 23 Jul 2022 04:33:04 -0400 (EDT) From: bogdan-lists@neant.ro Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\)) Subject: AWS - UFS corrupted when restoring from AWS Backup service Message-Id: <11F07F6C-E93B-42E3-BD27-3FEC4E342B1A@neant.ro> Date: Sat, 23 Jul 2022 11:33:03 +0300 To: freebsd-fs@freebsd.org, freebsd-cloud@freebsd.org X-Mailer: Apple Mail (2.3696.100.31) X-Rspamd-Queue-Id: 4LqfhK69Lfz3Zfp X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neant.ro header.s=fm3 header.b=nvdlyQnA; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=PPKCtEdR; dmarc=none; spf=pass (mx1.freebsd.org: domain of bogdan-lists@neant.ro designates 66.111.4.29 as permitted sender) smtp.mailfrom=bogdan-lists@neant.ro X-Spamd-Result: default: False [-4.10 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_SHORT(-1.00)[-0.999]; NEURAL_HAM_MEDIUM(-1.00)[-0.998]; MV_CASE(0.50)[]; R_DKIM_ALLOW(-0.20)[neant.ro:s=fm3,messagingengine.com:s=fm3]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.29:from]; MIME_GOOD(-0.10)[text/plain]; MLMMJ_DEST(0.00)[freebsd-cloud@freebsd.org,freebsd-fs@freebsd.org]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US]; FROM_NO_DN(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[neant.ro:+,messagingengine.com:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; ARC_NA(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_DN_NONE(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DMARC_NA(0.00)[neant.ro]; RCVD_VIA_SMTP_AUTH(0.00)[] X-ThisMailContainsUnwantedMimeParts: N Hello, TL;DR: We have a bunch of EC2 machines in AWS running FreeBSD. AMI from = Market, file system is UFS. We have AWS Backup service taking hourly = snapshots of these machines (AMI + EBS snapshots I believe). After a few = months of snapshots we had to restore one of them and found out that the = file system is corrupted and fsck was not able to recover it. We are = going to enable sync in fstab, see if that helps, but it=E2=80=99s hard = to know because it is hard to reproduce the problem, and details about = how everything works are fuzzy to me. Longer version: We use FreeBSD on web servers in AWS. Until January we were doing weekly = AMI snapshots by running a script that would shut down the machine, = create the AMI, then start the machine back up. Which worked for a long = time, but is less than ideal and shutting down production more often = than weekly is rude. At the start of this year we switched to running AWS Backup hourly. It = takes snapshots of a running machine without stopping it. I believe = it=E2=80=99s the same as creating an AMI and checking the =E2=80=9CNo = reboot=E2=80=9D checkbox. It should use the same API call, but I = wouldn=E2=80=99t know. We ran a few recovery tests, we read the docs, we = confirmed with support, everything looked like it should work with no = issues. A couple of weeks ago the EBS disk on one of the machines failed and we = needed to restore it. When we did, it ran fsck on boot (which it = didn=E2=80=99t on our previous tests) and failed to recover it, so the = machine was effectively dead. I know we can mount the disk on a = different machine and recover (some) data, that=E2=80=99s not the point. = We tried a few backups going back two weeks, same issue. We tried a few = more instances, about 5, all of them ran fsck on boot. A couple were = recovered, but it doesn=E2=80=99t matter, it still means it=E2=80=99s = not working as we thought. So now we=E2=80=99re effectively running = without backups on EC2 instances. I=E2=80=99m not sure why it happens. Information is sparse and I=E2=80=99m= making a lot of assumptions. Basically I believe that the snapshot = process is equivalent to cutting off power to the machine and that = happens every hour for months. The docs on UFS soft updates say that = there=E2=80=99s a small chance of data loss, but since that = power-cutting snapshot happens every hour over a time of months, that = chance isn=E2=80=99t that small any more. Still, apparently Linux = doesn=E2=80=99t have this problem, and everywhere I read it says that = data might be lost, but the file system should not be corrupted. And yet = fsck isn=E2=80=99t always able to recover it. As far as I understand, with soft updates and =E2=80=9Cnoasync=E2=80=9D = in fstab (default), data is flushed to disk about every 30 seconds = (according to syncer man page), asynchronously, while metadata is = written synchronously. I=E2=80=99m thinking that maybe that=E2=80=99s an = issue and turning on sync in fstab might help. On the other hand, the = man page for syncer says =E2=80=9CIt is possible on some systems that a = sync(2) occurring simultaneously with a crash may cause file system = damage.=E2=80=9D, which means it might make it worse? I don=E2=80=99t = know. We were not able to reproduce the problem reliably so that we can test. = I=E2=80=99m not sure if or how anyone can help. I just wanted to send = this message so that at least some other people are aware that AWS = Backup doesn=E2=80=99t play nice with FreeBSD.= From nobody Sat Jul 30 22:07:23 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LwJQm08WDz4Xs35 for ; Sat, 30 Jul 2022 22:07:28 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LwJQl00WDz471G for ; Sat, 30 Jul 2022 22:07:26 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id C32B05C0052; Sat, 30 Jul 2022 18:07:25 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Sat, 30 Jul 2022 18:07:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=patmaddox.com; h=cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm2; t=1659218845; x=1659305245; bh=Bp2qAXuFww bBcLuJ/iXqYFAab1D+UDoekZzrczvJRog=; b=As0XoKfwpWcFwcVwt1SergwmeN 2nWJYjwu2UgnAOMIZ++mzLFEFX0hLRc17oAu3QaDtIJMDOjMLEmAm9SS+6rgxVQR SAlQLMAGZ1DpJmMSOMMpheb8TqojCFnffI3CPeqiJLaP1Z0d2kPn7KjqjgKoGHy3 QNnmsTWD8hV6xPyFgMj/G1fyvxedPz8CcHKitL9l0BMd9eMI00c5ojroXk1wmZNs ++1yJeeOig9uvg1muttsvT6KVo8opqQd3pxSO/g9pxoF7KJjk6JXykfynC7GfF4B bhNMg1LJExOEGRRH5b7WPi15nm0XtSk2ZsIlIxefLPA8Ne+S+WvEBUOdLtnA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1659218845; x=1659305245; bh=Bp2qAXuFwwbBcLuJ/iXqYFAab1D+ UDoekZzrczvJRog=; b=QK+j8brqr9uoFwNPgdxVQuuCT59UyWIbM3ALZkHOWP8G I55ZPXQeNaU83VfJrL7uHCbotdVf4W41zs2l/bAIGvXUiQOPhA8UDKXC2/weLBzh AWph7lP452x0LKL6//qTh4DvTP3JAWSXJT3yPmDpHs6jvgS9TPwB3tbeeLpkWjFZ n2REQJ7OlzpfWBuGiQQTDQtc+ZtMy/BTe3oOdhAtiFz94OXvLJ4nrbjy++/f9SG4 mVWlKnLKKXR+OgVt3qf6e4HzRS9Dfw50SK4aNWwktGQryxxGzLR82MrQmpjboyyx CixY6KY6fBvGSr9KYirDyOet6y8PcwXCkkpbdmfB5A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvddvtddgtdeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffokfggtgfgsehtkehmtd ertdejnecuhfhrohhmpedfrfgrthcuofgrugguohigfdcuoehprghtsehprghtmhgruggu ohigrdgtohhmqeenucggtffrrghtthgvrhhnpeegheeugfekffejudelueegteevueefve dvfeejtedvkefhtdeujedtueeifeekieenucffohhmrghinhepghhithhhuhgsrdgtohhm necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgrth esphgrthhmrgguughogidrtghomh X-ME-Proxy: Feedback-ID: i8b6c40f9:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 30 Jul 2022 18:07:25 -0400 (EDT) From: "Pat Maddox" To: freebsd-cloud@FreeBSD.org Subject: GCP ZFS-on-Root (working, and some questions) Date: Sat, 30 Jul 2022 15:07:23 -0700 X-Mailer: MailMate (1.13.2r5673) Message-ID: <360A7428-8A37-428D-BACE-6335A7AA6554@patmaddox.com> List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4LwJQl00WDz471G X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=patmaddox.com header.s=fm2 header.b=As0XoKfw; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=QK+j8brq; dmarc=none; spf=pass (mx1.freebsd.org: domain of pat@patmaddox.com designates 66.111.4.26 as permitted sender) smtp.mailfrom=pat@patmaddox.com X-Spamd-Result: default: False [-4.70 / 15.00]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[patmaddox.com:s=fm2,messagingengine.com:s=fm3]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.26]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.26:from]; RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.26:from]; FREEFALL_USER(0.00)[pat]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[patmaddox.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[patmaddox.com:+,messagingengine.com:+]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US]; MLMMJ_DEST(0.00)[freebsd-cloud@FreeBSD.org] X-ThisMailContainsUnwantedMimeParts: N Hey there, I have taken some of the concepts and scripts that Colin used to make the AWS AMI Builder (thank you!!), and used them to configure a ZFS-on-Root image for GCP. Here’s the script: https://gist.github.com/patmaddox/1a0be973ecfce4f056c517abb7746286 I did it slightly differently from the AMI builder. Instead of working in a mem disk, I just fetch base.txz and expand it to a dir, edit the files, etc. One other difference is that because base.txz doesn’t include a kernel, I `cp -Rp /boot/kernel/ /mnt/boot/kernel/`. It boots, I can SSH and do all the usual things, so far I am very happy. My questions: 1. Is there anything I might be missing with the approach of extracting base.txz, and copying over the current instance’s kernel? 2. If I change the GCP disk size and reboot, the partition table is corrupt. I need to `geom part recover da0 && geom part resize -i 2 da0` to resize it. How can I have that happen automatically during the boot process, the way that the AMI does? Pat From nobody Sat Jul 30 22:50:15 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LwKN95sXgz4XyT6 for ; Sat, 30 Jul 2022 22:50:17 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LwKN90wQlz3CL0 for ; Sat, 30 Jul 2022 22:50:17 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 0B46D5C0097; Sat, 30 Jul 2022 18:50:17 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Sat, 30 Jul 2022 18:50:17 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=patmaddox.com; h=cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1659221417; x= 1659307817; bh=WfyYtrrALxivqeLDfP1Xde4VkJ/c6BfJQsrjc8RZdWQ=; b=r 3mkjPaYpkrSfOXusZtUp9YBdOeMlnCQXbrP2qU69P4UBK9kMdOuwtanr3fZ8jb2A ddgCyvrVzDdAsR43sM1nitY024F+hWhgaKIE6MfERs5XktSUiHok8aMXk0lo84KF cHxLzEMprdLU3xaku3T1ilRhB6O9VsD/DAxpzJXuzPaVrksKv61m1jHUwQMXs7VJ rPo3aIbvsFfyCkaDmMzWsP182RQ1tzFvorCncKX6LQau4NVpKRX6WLMlIhWpt3Jl Xqfn5BlRkkausVP//HlVY46PSUrWMdA7YzF9jU3Sum/6rZshsghhWlKOw+Iy+Cke DoDbc1OM7vp5VTLU2hLiA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1659221417; x=1659307817; bh=W fyYtrrALxivqeLDfP1Xde4VkJ/c6BfJQsrjc8RZdWQ=; b=AxssVMPc9hfNHKli3 TdIHV9RJhm3CNoZcQNxfi1PVc50brNZJEFyymH3Rh0qEXYe/0LEwp9ryglcnpAnb AcnzfeouqjiCa4wO+u8PLbP5sqGwkHRKO8hmtWgstQxH1hLBUWO2X/ixii26yjEy zfKyf5oLTc8oGa542ex3wqLzLUYDmyKpD5De/iA4RWxf6GbEPdPfmpcHgJp74U7H g4je7HliijvZPV2EMmGPU7NOHY/pTwuy4jp6XSGRd+kope3UhEXcjU3fQNgmnRN5 pWelR6nhenqSETmWGnli3MWWa3MqmEW0rVavrZ5B0PgBtZtNKLR9Hqkbr2BwvZiL ql38Q== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvddvtddgudehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffokfgjfhggtgfgsehtke hmtdertdejnecuhfhrohhmpedfrfgrthcuofgrugguohigfdcuoehprghtsehprghtmhgr ugguohigrdgtohhmqeenucggtffrrghtthgvrhhnpeeifeehkeeggeefheehffeijeffte efgfduteelieevteevvefhhfdukeeltdethfenucevlhhushhtvghrufhiiigvpedtnecu rfgrrhgrmhepmhgrihhlfhhrohhmpehprghtsehprghtmhgrugguohigrdgtohhm X-ME-Proxy: Feedback-ID: i8b6c40f9:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 30 Jul 2022 18:50:16 -0400 (EDT) From: "Pat Maddox" To: freebsd-cloud@FreeBSD.org Subject: Re: GCP ZFS-on-Root (working, and some questions) Date: Sat, 30 Jul 2022 15:50:15 -0700 X-Mailer: MailMate (1.13.2r5673) Message-ID: <94280CD0-37C5-44E3-88CC-6DA580E41229@patmaddox.com> In-Reply-To: <360A7428-8A37-428D-BACE-6335A7AA6554@patmaddox.com> References: <360A7428-8A37-428D-BACE-6335A7AA6554@patmaddox.com> List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4LwKN90wQlz3CL0 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=patmaddox.com header.s=fm2 header.b="r 3mkjPa"; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=AxssVMPc; dmarc=none; spf=pass (mx1.freebsd.org: domain of pat@patmaddox.com designates 66.111.4.26 as permitted sender) smtp.mailfrom=pat@patmaddox.com X-Spamd-Result: default: False [-4.70 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[patmaddox.com:s=fm2,messagingengine.com:s=fm3]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.26:c]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.26:from]; RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.26:from]; FREEFALL_USER(0.00)[pat]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[patmaddox.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[patmaddox.com:+,messagingengine.com:+]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US]; MLMMJ_DEST(0.00)[freebsd-cloud@FreeBSD.org] X-ThisMailContainsUnwantedMimeParts: N On 30 Jul 2022, at 15:07, Pat Maddox wrote: > 1. Is there anything I might be missing with the approach of > extracting base.txz, and copying over the current instance’s kernel? Silly - I can download and extract kernel.txz instead of copying the current kernel. Pretty sure base.txz and kernel.txz are all I need. Pat From nobody Wed Aug 10 19:38:40 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M30c56pdmz4XxdG; Wed, 10 Aug 2022 19:38:45 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4M30c45KHjz3jr5; Wed, 10 Aug 2022 19:38:44 +0000 (UTC) (envelope-from pat@patmaddox.com) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 4C7F53200488; Wed, 10 Aug 2022 15:38:43 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 10 Aug 2022 15:38:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=patmaddox.com; h=cc:content-type:date:date:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t= 1660160322; x=1660246722; bh=HkXG15+if3L2qyHkddcrE4hM1WtFOwgujgM onASsiK0=; b=fuAWNhg3ry9rzUQ68t1krY0iVgxwZE4/0Di0795lf/GFjtmGRBI IGmUYz6t6hj8Punvi4hc5gHaVagWKq2+wS/VKUH9lQqM27Go1jO3fcGxhIyFnLU5 ZCj71T6Ulk49PTtKV9O/mHgS8hBA3JfCQBRLV3YZ6HkWLaP3/VxVk0yLoY7ZwMmW /yhbqLFzOW0BlyCZ8afPInjUKwdU3Bly52fHf7XDfrZLzTQux/RndjBiK7aQ8MDJ iQ48I3xQWkx5L0ghouK63GVHZ39g9evvfw6uyt+9wgbVPcrp5N0BFnIdWQWA82Lp CLo3brEnLTKvOqxps9nzGjHt4CCOjn05PxA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1660160322; x= 1660246722; bh=HkXG15+if3L2qyHkddcrE4hM1WtFOwgujgMonASsiK0=; b=r n1c4lJ4T9dhQ6twOtl12/5aigwh9XUpUoIts2PfstEVbMSYYVdzTMBaf35cY/8Xd qARHY57t1olCVUnn6/dIg4SF2KSDEgiIFLVhecg3l6qhX2V6M6g/E4ARfV/hlTxH f5bYLIbBMOiqugdJj2Bja+nlSwBwMKpDqGEpFaBJZy+oPc546ZXNzeOceqKwEsXx fLaj7APSrGox/0xY2XPCJgNJ+niOUnYAippTUdSQTEScA437RU6uew+EB+PSTpp3 EVLNC0grweXAxncVrfR4+og194A7gNp+DwewtARBFgt7zMMPZFKbCT8DJcgfTgvs Mh9fkgNzkys/AHt36WN1A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdegvddgudefkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffufffokfggtgesthdtmhdtredttdenucfhrhhomhepfdfrrghtucfo rgguughogidfuceophgrthesphgrthhmrgguughogidrtghomheqnecuggftrfgrthhtvg hrnhepueduleeuvedvkeehuedtjeegieehheeltdefjeegtdekheegtdeiheefhedvueeh necuffhomhgrihhnpegrmhgriihonhdrtghomhdpghhoohhglhgvrdgtohhmnecuvehluh hsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgrthesphgrthhm rgguughogidrtghomh X-ME-Proxy: Feedback-ID: i8b6c40f9:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 10 Aug 2022 15:38:42 -0400 (EDT) From: "Pat Maddox" To: "Freebsd Questions" , freebsd-cloud@FreeBSD.org Subject: How are the official cloud images created? (are there scripts available?) Date: Wed, 10 Aug 2022 12:38:40 -0700 X-Mailer: MailMate (1.13.2r5673) Message-ID: <02105388-B73F-4075-B4BD-F0A6734E2C79@patmaddox.com> List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; format=flowed; markup=markdown X-Rspamd-Queue-Id: 4M30c45KHjz3jr5 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=patmaddox.com header.s=fm3 header.b=fuAWNhg3; dkim=pass header.d=messagingengine.com header.s=fm1 header.b="r n1c4lJ"; dmarc=none; spf=pass (mx1.freebsd.org: domain of pat@patmaddox.com designates 64.147.123.24 as permitted sender) smtp.mailfrom=pat@patmaddox.com X-Spamd-Result: default: False [-4.59 / 15.00]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-0.99)[-0.992]; R_DKIM_ALLOW(-0.20)[patmaddox.com:s=fm3,messagingengine.com:s=fm1]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.24]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.24:from]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US]; MLMMJ_DEST(0.00)[freebsd-cloud@FreeBSD.org,freebsd-questions@freebsd.org]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RCVD_COUNT_THREE(0.00)[4]; SUBJECT_HAS_QUESTION(0.00)[]; FREEFALL_USER(0.00)[pat]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[patmaddox.com:+,messagingengine.com:+]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_SOME(0.00)[]; DMARC_NA(0.00)[patmaddox.com]; RCVD_VIA_SMTP_AUTH(0.00)[] X-ThisMailContainsUnwantedMimeParts: N AWS has an official FreeBSD AMI [1], as does GCP [2]. How are those images created? I assume someone runs scripts to configure the machine / disk and then makes an image. Are those scripts available in git? Who is responsible for making those images, that I could contact for more info? Pat [1] https://aws.amazon.com/marketplace/pp/prodview-ukzmy5dzc6nbq [2] https://cloud.google.com/compute/docs/images#freebsd From nobody Wed Aug 10 19:49:31 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M30rg1wxQz4Y1cj; Wed, 10 Aug 2022 19:49:39 +0000 (UTC) (envelope-from gjb@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M30rg1RDgz3lnS; Wed, 10 Aug 2022 19:49:39 +0000 (UTC) (envelope-from gjb@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660160979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2gvYH2Y0zVX9ri1JwYOME8jKKBoLCzaG8iBDpmzjHeI=; b=yb7NHVxDJBkopKEc3/TqBMtsyKCcyQyZtFOa+g8IC+stcrJRQPc+oHGYOQsGdib7+14Q+n SbxmcmwJ+moy8clFyXbg5g5K4i//LZH01YZ5T2zvWC4PAMSnicjvI4BAQMQ9h5cK4BeInP uFO/Er+T27fHpxH1x77rmHbEAyIZDfwWoq+hMe8HZ9sgPdvQ0vDexsOtE4xSY46+eyF1yz /3fFw9CA4164SNkxbiO8x6u6iwWzvnA4leYqugNSPsN+ezxptnxHx8zCHn1yRh7WfpfFro dkA2IpVzW8F5O5AdcD/iSqP+wX19+TCq9Y3qDj8PX7h2PzbeGUiCal13iJ+BhQ== Received: from FreeBSD.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by freefall.freebsd.org (Postfix) with ESMTPS id A8A2B19D52; Wed, 10 Aug 2022 19:49:38 +0000 (UTC) (envelope-from gjb@freebsd.org) Date: Wed, 10 Aug 2022 19:49:31 +0000 From: Glen Barber To: Pat Maddox Cc: Freebsd Questions , freebsd-cloud@freebsd.org Subject: Re: How are the official cloud images created? (are there scripts available?) Message-ID: <20220810194931.GI30607@FreeBSD.org> References: <02105388-B73F-4075-B4BD-F0A6734E2C79@patmaddox.com> List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="OmxNZ+k2SuGb8jfc" Content-Disposition: inline In-Reply-To: <02105388-B73F-4075-B4BD-F0A6734E2C79@patmaddox.com> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660160979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2gvYH2Y0zVX9ri1JwYOME8jKKBoLCzaG8iBDpmzjHeI=; b=bnG64KxLTf89ojmeZvb9Afme13zZTlbFslMUVS+FOBkceZtrlOBNuodmOy5ZRF5T8cpKXb FK7VuQAPxlZQ4xN8dxE9yJw9hc3d38vDdMTTzH5wMtb4cVL6xF/7Ez3qsV3tFAQv+JBdQk Li7aN7usXh4mC6MoQwz8I66iAgUXsCBR+wR0OzSqD+bQlKM/JBRYhBUbpTxU3IAuoR0zDd dQMSWmuzPs+yP8O/m1+FZqd7uRvub3ZCLAJMTUHjaHH73khfFwri3WSSQ9S6IZHmEvJCgf +Hp9WNfgEEvajtTlof2jmna5Jb7cIv4/c4rT27yQNIMq4+taHvFGcVxlFR/mGA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660160979; a=rsa-sha256; cv=none; b=nFNMqu9GGZRIWisVMbV8S4aSaYq6ziIOmmElK52xH/ROsgCrbtKz91ZT+8zqZJAYUN8HFT nCjum9eXX1E68X3VHbXKja8cxsb6LLSKFEB0opSCc+NozZJ9DINvPiqf6oYTOSpONs/S60 kHRQqI3TY7gLAVhphhwq1xcIfPkno3QvrELZDHIDGEmm/5qe9ABmF7W7dBfMjXXs6BV7/6 qbIRqV8/BIjHJaVZMrAjv2RlaOSDQymvdLTqvHJ7SKFlZxF/INurBSM3nZThGSFy0/4WAC qN/hDW1nLYHXZ5OMUlmvDALXzAen38+W6t6G5hR25J3gdkwojcZ537nJc913FQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N --OmxNZ+k2SuGb8jfc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 10, 2022 at 12:38:40PM -0700, Pat Maddox wrote: > AWS has an official FreeBSD AMI [1], as does GCP [2]. >=20 > How are those images created? I assume someone runs scripts to configure = the > machine / disk and then makes an image. >=20 > Are those scripts available in git? >=20 > Who is responsible for making those images, that I could contact for more > info? >=20 > Pat >=20 > [1] https://aws.amazon.com/marketplace/pp/prodview-ukzmy5dzc6nbq > [2] https://cloud.google.com/compute/docs/images#freebsd >=20 They are in git. src/release/Makefile.vm. The 'make list-cloudware' target will give information on the valid CLOUDWARE values. 'make vm-cloudware' is the main target. A short example of the usage is: # make WITH_CLOUDWARE=3D1 CLOUDWARE=3DEC2 vm-cloudware Note, you will need to provide the API keys and other variables yourself, such as AWSKEYFILE, AWSREGION, etc. See src/release/Makefile.ec2 for details on this particular platform. Glen --OmxNZ+k2SuGb8jfc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjRJAPC5sqwhs9k2jAxRYpUeP4pMFAmL0C8YACgkQAxRYpUeP 4pOzFRAAoCevt5+aqOnpgLy7bm1JheC4y78GgZrPatI0YEs5hk26t+UCzLrHkBAh 3I9lnAmc/bRyBzkQ+kiUTkQeIKWSIzrm2VhMt+VbgmlSDAQJwwPCWUk7Fk0c2utl AnQXfAABlFExFHhz8qRcqqqyMo9svdShdSyXzuYfHO8xHa5trwy1KpPrOFquNSdg WNR8GsQFRKZk3hNozMoKYCTUWkXziQ+CnWjDi3rcxIcOlfdzs+Sl5kEwTtm6mm2O kiHHmQJvUVYCqjNm9Z4ALzTMQoUGdPtNlMhei7PpOEVRqdTQbNxnsUCXKslwrR9V 0GHppCqSpyBSsir/mwj3H21zSrpHSxzvx++8GN7Ipk3yULBnatbC5TS7W8lchEcg s/91PHBiKOUxcsQHagLoYvmOEjdLPS+1lYxTBs/Kh0K3+zl5p21ARx+4oZ9D8Fl1 hV9vezopfCCdsQHjyRhRa5G8nHFn4++FUr/jW9L5kL4VXzfjUeFI0IZgSdIbTSHc hgWLtIKUXb2zKUKQrrSPdfxt3Iv2mHXeDDqQGu6Wv0+Pj/fWfdTVPKvVb333KY+l GX+FK3/nPovzmqRITBihUVawECDIZW+RRf43dl++BiOcpDLhmtxun3qRuqVPl1xX l/1EUAuFlBk/gCRL/Vezuk19MqUQGeXZk09isKdplXZdpO6xKKk= =mMFk -----END PGP SIGNATURE----- --OmxNZ+k2SuGb8jfc-- From nobody Wed Aug 17 11:49:35 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M75sc2Q7Fz4ZFFc for ; Wed, 17 Aug 2022 11:49:40 +0000 (UTC) (envelope-from bogdan-lists@neant.ro) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4M75sb47LFz44X8 for ; Wed, 17 Aug 2022 11:49:39 +0000 (UTC) (envelope-from bogdan-lists@neant.ro) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id B2A965C00E4 for ; Wed, 17 Aug 2022 07:49:38 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Wed, 17 Aug 2022 07:49:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neant.ro; h=cc :content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm1; t=1660736978; x=1660823378; bh=QoWTOzEf+V tWntwfSkzsVQrH8LH6xp0381M3fiQBXO4=; b=fY28ALBqQ295OEZ1qFFDqIj3aA /W5ZVgiT+8MaRXexc6s8tXjhd/u37vYXkhkNii3ojpDq+1XxuX2dz3mqZOPWMnAU R3GAz/VyrHRkxxKBKoea5uV6JheKWrvaAQWuZsw0dOSwmzSURx3e2f07pxSk+IK2 zVxxP2Wy+IJsd2aIRLbkRz53NjekXntx8yMSN91Q2WuX0LhUaCsm3LYLtwpvuglG r1kmT05NjPv0mIzP+UKiZjqZ5ptrNbrwIe5p8nJQToxm3C9JTHZvLrgj7YfJImFi PvA4FJuVIraFBr43lMsjVePaBbzZD+aPR+7xa7aRkLB6x4/XPB5/v2qjOI2A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1660736978; x=1660823378; bh=QoWTOzEf+VtWntwfSkzsVQrH8LH6 xp0381M3fiQBXO4=; b=fEV9WOuImT2sAfERSYw1V0oIGFfOIO5btkUN8KCZi18w VBNPs6KmVBe83tQAOIv7yV1pUCsQDCCYJaoPfKPai5QRvz/35lAbniyX2z0ITPgY BdBphmZ9ETk23WpS9U0xTmG+duXHLuUYlfc8xfGslkkRurWi8SsYvVbogl9NMfUU 6sCDzg2r1HVFE89UqvliPWaak40Y3oU7mmPL04AHxVh+M9oXq+mrm3y4ndrg715w XWisvPFQoq1NLf5L7FkoUo/66DG1AabNOHQ9sWnE3wdbFUrcS72tOO+EGJQAn8AO nmdNuDIfCjXBBnVK8k9Zp7v498whjynvV+TsRci0KQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdehiedggeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhtgfgggfukfffvffosehtqhhmtd hhtdejnecuhfhrohhmpegsohhguggrnhdqlhhishhtshesnhgvrghnthdrrhhonecuggft rfgrthhtvghrnhepvdfhjeetheeuvddugfeugffgudetkefgveeuffffieegtdeludefhe ffkeeihfdunecuffhomhgrihhnpehfrhgvvggsshgurdhorhhgnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepsghoghgurghnqdhlihhsthhsse hnvggrnhhtrdhroh X-ME-Proxy: Feedback-ID: i61d94637:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Wed, 17 Aug 2022 07:49:37 -0400 (EDT) From: bogdan-lists@neant.ro Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\)) Subject: FBSD 13.1 ACPI shutdown on AWS Graviton (ARM) Message-Id: <272F7648-C7F9-40EE-BD25-E014DC009A94@neant.ro> Date: Wed, 17 Aug 2022 14:49:35 +0300 To: freebsd-cloud@freebsd.org X-Mailer: Apple Mail (2.3696.120.41.1.1) X-Rspamd-Queue-Id: 4M75sb47LFz44X8 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neant.ro header.s=fm1 header.b=fY28ALBq; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=fEV9WOuI; dmarc=none; spf=pass (mx1.freebsd.org: domain of bogdan-lists@neant.ro designates 66.111.4.26 as permitted sender) smtp.mailfrom=bogdan-lists@neant.ro X-Spamd-Result: default: False [-4.20 / 15.00]; DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MV_CASE(0.50)[]; R_DKIM_ALLOW(-0.20)[neant.ro:s=fm1,messagingengine.com:s=fm1]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.26]; RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.26:from]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.26:from]; RCPT_COUNT_ONE(0.00)[1]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[neant.ro]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_NO_DN(0.00)[]; DKIM_TRACE(0.00)[neant.ro:+,messagingengine.com:+]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US]; MLMMJ_DEST(0.00)[freebsd-cloud@freebsd.org] X-ThisMailContainsUnwantedMimeParts: N Hi, FreeBSD 13.1 running on ARM in AWS doesn=E2=80=99t shut down when = receiving a signal through EC2 API. It can be an issue for instances in = autoscaling groups because the longer shutdown time might mess with the = scaling policies. And it=E2=80=99s an issue for =E2=80=9Cpermanent=E2=80=9D= instances because it can result in corrupted data on disk. I found https://reviews.freebsd.org/D24065, which seems to be included = in 13.1, although I can=E2=80=99t find it in any release notes. What am = I missing? Should shutdown through AWS Console work?= From nobody Sat Oct 15 06:14:11 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MqCdN73hpz4gHWQ for ; Sat, 15 Oct 2022 06:14:16 +0000 (UTC) (envelope-from gspurki@gmail.com) Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MqCdN1srxz46vv for ; Sat, 15 Oct 2022 06:14:16 +0000 (UTC) (envelope-from gspurki@gmail.com) Received: by mail-ej1-x635.google.com with SMTP id ot12so14642111ejb.1 for ; Fri, 14 Oct 2022 23:14:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:subject:from:content-language:to :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=hLcKVF+BxQ3itxoR2a3BPtIkYjZPD6Z9IqO22mswfA4=; b=PE0JcHYaSK8kjInM5wYONK7JXlVbcBf47hbrKzSPLg0DkzxlXS4soh3/NxcFgyT9aE DgateqYJ8NmNaCuVEeK1DKFeRSthNMLz4IupgonAc5bz6xLRX7Dzp3I4B0uCYPii2F2K KSeF4RoA/UKfFju+biGFVxpcUwtFqHzbXh31aPRuwhFN6v1s4EKIJNZHL4nSl6B9vXlt 4OWI+TtVn1RDmQaNjwtCXHfHNrvBCHK5nwT4LojILurOG4ymL6aiZ9d7lyJu2mReF4Mq BtYKeK3z61a0HjsYtHVcCNEjAFF5E88E+ZALcAm2GrpBXTxFrNFcnaPCFUYvOmMLMt4m TlSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:subject:from:content-language:to :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=hLcKVF+BxQ3itxoR2a3BPtIkYjZPD6Z9IqO22mswfA4=; b=y+kXR2CZ+KBg89R92/o3MkB0d+LwushDqcsmrHSkZh2IA6BJzgbKQm8tS4CcazHmOG tvk0yMdTH+QQPQNvjI67tJZP05UUUXY2RhSsZBeVqQsxcB8HZuCw2wZ9iD62GqOQZCDY UusJE6nON4IwJQJgpX8wvEHwJh2W+49kYvukP/A68IKB1SjXQASjRoVfP0EGYlOagcBI 41zjBb7CObm0wu5MiWdOPmsUcyaazV+/WCrkKPIdckb9zA2+gCDAMVduAQyvFeeahZMi 6MXXmAADU4l7A7jLnFfYjeUElzVLkBcF+cdrvsc+kh2m/JM7OyPtXAEh6Ba0IfdEAQvZ BQ+g== X-Gm-Message-State: ACrzQf3TcvoWmbPP1jDrirvBND+GVEfoBTI4Y5SVXLPWR8dPsVF5h/jy deoOIDxd0tjx5qAme9VEczX0A6pPGlo= X-Google-Smtp-Source: AMsMyM5gkP9MH2cGSRIG/6swpNa+RQ0ldmgOrUZkdHQLe5ANcq52tlxCLEgOphNHFofcULprH6e2Cw== X-Received: by 2002:a17:906:2f87:b0:78a:c0d5:d019 with SMTP id w7-20020a1709062f8700b0078ac0d5d019mr1037332eji.158.1665814453246; Fri, 14 Oct 2022 23:14:13 -0700 (PDT) Received: from ?IPV6:2a02:1210:2e31:8000:3491:fc9d:e58f:c591? ([2a02:1210:2e31:8000:3491:fc9d:e58f:c591]) by smtp.gmail.com with ESMTPSA id m3-20020a170906160300b0078194737761sm2590561ejd.124.2022.10.14.23.14.12 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 14 Oct 2022 23:14:12 -0700 (PDT) Message-ID: Date: Sat, 15 Oct 2022 08:14:11 +0200 List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.3.2 To: freebsd-cloud@FreeBSD.org Content-Language: en-US From: Gian-Simon Purkert Subject: Oracle Cloud FreeBSD image, some stuff no Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4MqCdN1srxz46vv X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=PE0JcHYa; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of gspurki@gmail.com designates 2a00:1450:4864:20::635 as permitted sender) smtp.mailfrom=gspurki@gmail.com X-Spamd-Result: default: False [-3.86 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; NEURAL_HAM_MEDIUM(-0.86)[-0.860]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; MIME_GOOD(-0.10)[text/plain]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_TLS_LAST(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::635:from]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_NONE(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MLMMJ_DEST(0.00)[freebsd-cloud@freebsd.org] X-ThisMailContainsUnwantedMimeParts: N Hy, First of all, thank you very much for providing that image, However i found some points that could use a cleanup/fix to and act more like the images from: https://download.freebsd.org/releases/VM-IMAGES/13.1-RELEASE/aarch64/Latest/ * ZFS Module gets loaded from loader.conf and rc.conf, but why? there is not zfs and top shows a empty arc, the std images don't do that. * The installed pkg like panicmail, is that why the image is called *_test? * When running "freebsd-update IDS" there is probably not a single checksum that matches the release, why is that? * The 1G Swap partition...why? The std images don't have that, if one needs a swap then a swapfile would be preferred. * DHCP gives me 1000's of errors like "dhclient[40246]: 5 bad udp checksums in 5 packets" * User root AND freebsd gets the ssh-key. Both can login, no "PermitRootLogin no" or "AllowUsers freebsd" Have a great Day and again Thanks, Gian-Simon From nobody Wed Nov 16 00:22:48 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NBkKL5P8zz4fks2 for ; Wed, 16 Nov 2022 00:23:02 +0000 (UTC) (envelope-from me@igalic.co) Received: from mail-4022.proton.ch (mail-4022.proton.ch [185.70.40.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NBkKJ34pXz3kT6 for ; Wed, 16 Nov 2022 00:23:00 +0000 (UTC) (envelope-from me@igalic.co) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=igalic.co header.s=protonmail3 header.b=itWqa0wA; spf=pass (mx1.freebsd.org: domain of me@igalic.co designates 185.70.40.22 as permitted sender) smtp.mailfrom=me@igalic.co; dmarc=none Date: Wed, 16 Nov 2022 00:22:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=igalic.co; s=protonmail3; t=1668558178; x=1668817378; bh=GoczDEhHvSGnvGKNsX3JwM6W7y+jPayiTCBSC/al1kI=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=itWqa0wAU37x/30INSXmot1Y6coRRjHg5Lu3Pq6feUmIget21Pv6PXZEvN/aMv3vc QfqQoEoyaE9LVLdVQG5Ox8MPDHyRcpMOC1mrwL1eHVkOWcKF3F4dCagtg6Za2P0hbP DbGiNVvV350KUSuoVz8xZifXGFh90BXvhppTRAFtS1EUTBfH8RJIUTG/phXW6bFf6G ocUY4KCvmgzCX7So1/6zWmFk7cfO4HPhHLuyKSLSTG0kpXSUimFvWcLOMXdiaALQ86 hQ8T0mCc+zHhS/jHv/AKd3QP+2QonEQaRiGPS2qSbHO5V/9lFBAZvdcKl031de18ZJ nFlR5gvIF/g3w== To: "freebsd-cloud@FreeBSD.org" From: =?utf-8?Q?Mina_Gali=C4=87?= Subject: cloud-init development Message-ID: Feedback-ID: 13937434:user:proton List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Result: default: False [-1.48 / 15.00]; R_MIXED_CHARSET(1.00)[subject]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.98)[-0.978]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; R_DKIM_ALLOW(-0.20)[igalic.co:s=protonmail3]; MIME_GOOD(-0.10)[text/plain]; MLMMJ_DEST(0.00)[freebsd-cloud@FreeBSD.org]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_DN_EQ_ADDR_ALL(0.00)[]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; FREEFALL_USER(0.00)[me]; DKIM_TRACE(0.00)[igalic.co:+]; FROM_HAS_DN(0.00)[]; DMARC_NA(0.00)[igalic.co]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Queue-Id: 4NBkKJ34pXz3kT6 X-Spamd-Bar: - X-ThisMailContainsUnwantedMimeParts: N Hi folks, as you may have read in the FreeBSD Quarterly Update[1], I have started working (again) on bringing better BSD support to cloud-init. There's a now net/cloud-init-devel port, that is regularly updated with the new changes. The latest update (22.3-112-g7b049855)[2] will include the ifconfig(8)[3] parser that I've been working on for the past month. If you're working on creating VM images for different clouds providers, I would hugely appreciate if you could help test cloud-init-devel, before it's released, and give feedback - praise and/or bug reports! Thank you very much in advance. Kind regards, Mina Gali=C4=87 ---- 1: https://www.freebsd.org/status/report-2022-07-2022-09/#_freebsd_as_a_tie= r_1_cloud_init_platform 2: https://bugs.freebsd.org/267785 3: https://github.com/canonical/cloud-init/pull/1779 Web: https://igalic.co/ PkgBase Repo: https://alpha.pkgbase.live/ From nobody Thu Dec 15 22:03:32 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NY5pn069jz4dLyd for ; Thu, 15 Dec 2022 22:03:45 +0000 (UTC) (envelope-from robballantyne3@gmail.com) Received: from mail-vs1-xe31.google.com (mail-vs1-xe31.google.com [IPv6:2607:f8b0:4864:20::e31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NY5pm0cfHz4P71 for ; Thu, 15 Dec 2022 22:03:44 +0000 (UTC) (envelope-from robballantyne3@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=KOw8o25e; spf=pass (mx1.freebsd.org: domain of robballantyne3@gmail.com designates 2607:f8b0:4864:20::e31 as permitted sender) smtp.mailfrom=robballantyne3@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-vs1-xe31.google.com with SMTP id h26so613077vsr.5 for ; Thu, 15 Dec 2022 14:03:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=8sP0x8eaP1jPeehchKh8X+So3ro+p361K7i7/fA4wy0=; b=KOw8o25elrX09JWDLQrEMfr6/CKDpnX/0KEf8PKIsy+675ssBoaU7U7+qHuV2EjZe8 fhG/fpmyc4RNaarYMdNM8YUgWv3UHHF0vZAPdWENDA2vaThvKdSN+dPoLGy09aUNXMYU HKFwbatv7CwnFw7HbyH392WUWS4+N9O9RT21FjCku6wpRbEzWJtsKGVvaynG+umuPAuH AgXJ7eg8T5rHMP2qjM2Pg16Hwkqa5x9o0P2PyiY/RJteEwbgQGIoakRqJmZZeI+nq4kk V7D3w3BJbQSQHZGvP58vJYWatvslxX6uWXmEnwZRkXHpqy7rzxOgeFPn8/iGCXQTQ3bu 6gcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=8sP0x8eaP1jPeehchKh8X+So3ro+p361K7i7/fA4wy0=; b=KuZliLRD8k2ikWvxzbG8uw6s3PyU70+pRgN+7wZhxbwxFYueVX95zrE5yVneIZqh+d 5f1DndR90dxheEoH6R35vLgpLl1Wsg3e/FhEpJ1jhBADTUmK0mN8gEKgdUjlBhLsFxf4 53Ow3b47Cm/sHGQ6IqaZWfKgRTUhRvHK+FfxGKaS5dXQRAGi32c50fQtY5epJyrsA5Qk 4awGe9w7kcLqHZN2SDp62nfjgfv+7CmRffK7m6sxKNmNRdF32M5VX5Tzz3y+uEIcYQtD RXVbo0AcW2XzCuyr6aPBbEnfBqqulRKeO+5snnRr3HO5x5fedfiBIT6BOIc3SUqc0zz4 ozbA== X-Gm-Message-State: ANoB5pnC5icxyzlUAEvzR3uXBbRUSqlsiqcp9nG8LNGu5hVyfnu0CF+f 32ngAPwmiFn3mS1G4wgJYPJcw5UmUBsMOy5RkwGDz7u78IY= X-Google-Smtp-Source: AA0mqf4xKqbsUaoUCshmKIQDAOyejdsnYTmoNXpTvC56Q3sZPahuh+m5P2VWKm87QNB6QleOCFfflHp4h20Awow/ejc= X-Received: by 2002:a67:1744:0:b0:3b0:8e7c:5f72 with SMTP id 65-20020a671744000000b003b08e7c5f72mr35654231vsx.27.1671141823423; Thu, 15 Dec 2022 14:03:43 -0800 (PST) List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 From: Rob Ballantyne Date: Thu, 15 Dec 2022 14:03:32 -0800 Message-ID: Subject: What is a VPC (google's specifically but it could be more general) really? To: freebsd-cloud@freebsd.org Content-Type: multipart/alternative; boundary="000000000000c128d905efe506ec" X-Spamd-Result: default: False [-1.97 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; HTTP_TO_IP(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.97)[-0.974]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; PREVIOUSLY_DELIVERED(0.00)[freebsd-cloud@freebsd.org]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e31:from]; FREEMAIL_FROM(0.00)[gmail.com]; ARC_NA(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-cloud@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Queue-Id: 4NY5pm0cfHz4P71 X-Spamd-Bar: - X-ThisMailContainsUnwantedMimeParts: N --000000000000c128d905efe506ec Content-Type: text/plain; charset="UTF-8" Hello, I have a question about what the internal structure and forwarding is within Google's VPCs. I started into a project using OpenVPN to bind my home network to an isolated VPC in Google's Cloud when I discovered the routing didn't work quite the way I thought. I had assumed that VPCs would look like a private VLAN (Layer2) into which Google's infrastructure would inject L3 router interfaces and/or ip/ethernet filters. I set up a private VPC and two test FreeBSD boxes to test and see exactly how VPC configures routing. First, I just used a standard install of 13.1 and the routing table after everything is up and configured looks like: ---- Internet: Destination Gateway Flags Netif Expire default 10.1.1.1 UGS vtnet0 10.1.1.1 link#1 UHS vtnet0 10.1.1.20 link#1 UH lo0 127.0.0.1 link#2 UH lo0 ---- This looked a little unusual to me so (there was no link local route for all the addresses in the VPC), I commented out the rc.conf entry 'google_network_daemon_enable=YES' and setup the vtnet0 interface up manually with: 'ifconfig_vtnet0="inet 10.1.1.20 netmask 255.255.255.0"' The resulting routing table: ---- Internet: Destination Gateway Flags Netif Expire 10.1.1.0/24 link#1 U vtnet0 10.1.1.20 link#1 UHS lo0 127.0.0.1 link#2 UH lo0 ---- This configuration wasn't able to communicate. The latter routing table looks more usual though, with a 10.1.1.0/24 route to the local link. So, it appears to me that VPCs are really configured to be a point-to-point (star really) network where the Google router interface (10.1.1.1 in this case) has to handle all forwarding between nodes of a network. I've searched around the web to try and confirm this but there is scant detail on how exactly forwarding works within a single VPC. My VPN project involved using a bastion VPN host that would have terminated the VPN/SSL tunnel and routed traffic between my home network and the isolated network behind the bastion. Before I make final decisions on configuration, I wanted to know if my understanding is correct and whether there is any documentation on this that I've somehow missed. FreeBSD is, of course, the host of choice for this operation! If anyone does know any details, any info would be greatly appreciated. Many Thanks, Rob Ballantyne --000000000000c128d905efe506ec Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello,

=C2=A0 I have a question about what the internal= structure and forwarding is within Google's VPCs.

=C2=A0 I star= ted into a project using OpenVPN to bind my home network to an isolated VPC= in Google's Cloud when I discovered the routing didn't work quite = the way I thought.=C2=A0 I had assumed that VPCs would look like a private = VLAN (Layer2) into which Google's infrastructure would inject L3 router= interfaces and/or ip/ethernet filters.

=C2=A0 I set up a private VP= C and two test FreeBSD boxes to test and see exactly how VPC configures rou= ting.=C2=A0=C2=A0

=C2=A0 First, I just used a standard install of 13= .1 and the routing table after everything is up and configured looks like:<= /div>

----
Internet:
Destination =C2=A0 =C2=A0 =C2=A0 =C2=A0Gateway = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Flags =C2=A0 =C2=A0 Netif Expiredefault =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A010.1.1.1 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 UGS =C2=A0 =C2=A0 =C2=A0vtnet0
10.1.1.1 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 U= HS =C2=A0 =C2=A0 =C2=A0vtnet0
10.1.1.20 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0lo0
127.0.0.1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#2 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0lo0
----

=C2=A0 This looked a little unusual to me so (there= was no link local route for all the addresses in the VPC), I commented out= the rc.conf entry 'google_network_daemon_enable=3DYES' and setup t= he vtnet0 interface up manually with: 'ifconfig_vtnet0=3D"inet 10.= 1.1.20 netmask 255.255.255.0"'=C2=A0 The resulting routing table:<= /div>

----
Internet:
Destination =C2=A0 =C2=A0 =C2=A0 =C2=A0Gateway = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Flags =C2=A0 =C2=A0 Netif Expire10.1.1.0/24 =C2=A0 =C2=A0 =C2=A0 =C2= =A0link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 U =C2=A0 =C2=A0 =C2=A0 = =C2=A0vtnet0
10.1.1.20 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#1 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UHS =C2=A0 =C2=A0 =C2=A0 =C2=A0 lo0
1= 27.0.0.1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#2 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0lo0
----
<= div class=3D"gmail_default" style=3D"font-family:monospace,monospace">
<= /div>
=C2=A0 This configuration wasn't able to communicate. The latter routi= ng table looks more usual though, with a 10.= 1.1.0/24 route to the local link.

=C2=A0 So, it appears to me th= at VPCs=C2=A0are really configured to be a point-to-point (star really) net= work where the Google router interface (10.1.1.1 in this case) has to handl= e all forwarding between nodes of a network.

=C2=A0 I've searche= d around the web to try and confirm this but there is scant detail on how e= xactly forwarding works within a single VPC.

=C2=A0 My VPN project i= nvolved using a bastion VPN host that would have terminated the VPN/SSL tun= nel and routed traffic between my home network and the isolated network beh= ind the bastion.

=C2=A0 Before I make final decisions on configurati= on, I wanted=C2=A0to know if my understanding is correct and whether there = is any documentation on this that I've somehow missed.

=C2=A0 F= reeBSD is, of course, the host of choice for this operation!

=C2=A0 = If anyone does know any details, any info would be greatly appreciated.
Many Thanks,
Rob Ballantyne
--000000000000c128d905efe506ec-- From nobody Thu Dec 15 22:27:06 2022 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NY6LT5C0hz4gd8h for ; Thu, 15 Dec 2022 22:27:45 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NY6LT3JPNz4Q0x for ; Thu, 15 Dec 2022 22:27:43 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x633.google.com with SMTP id vv4so2053122ejc.2 for ; Thu, 15 Dec 2022 14:27:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ofwilsoncreek-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lJo9wZe2pXKdwomLd1sLMj8x934VtEq+oZ7v2bmsUgk=; b=CaJ5v8EBVE6MmuoK349WEUz84eeIJPviyC79pngaKa10ppCF28KfyGUhG8XLVF74Ho 93svjpaVRulu/ohEBM+tVwDQqut+QHiXvb5BBbS6IJtzY2PJWeoNqBELNG3PNhrea527 BTa8Je1KWq5lyitQYOTJaKuc5+Nf9FWSRC4jQTUkU4z/Eoq2qKaimYmKfmp4EVcbcDA/ NqLtWyoLu7RRcs57PAuAWisxy/1theze88VLACs5Py8jp89Sdf0IlVtHjGy2l9yn2FEB ufRdk2lJD8Y97ME/cRv62jtajH7fpZzsxrk9VEtVClUDregMLYsiW5b0v7NPWiy1CBom qVpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lJo9wZe2pXKdwomLd1sLMj8x934VtEq+oZ7v2bmsUgk=; b=ZUAhB9pd62D1hGyWYeaxAw57Cz4Q+k1acdkIIICQUHxZFtC9goSZIuYt5YNYZoDhKq AOlOvRWBfqsihkt3Tdd8LjmS8hnhJ3RjCAfJVMVyPFmm/2hBehs7al8LfNXXpBmzoLnG XPivMnHdI17Bkz/u5q2WfFZtQViU5SjN/uuj+ySRfyULuoQy38sBw8xa/WacNNZAoSDY PfUYEQCUKflxNrLqn2xXyxdmyvYvWzY4Wzpw1aO9fgnQeR6r7jMaDtDAZkflNdl9fuN5 ILe9arbqDK8mO4vz0Js1ykZXfFqdUzY/0U+VRFFmDCU0K6yD8IO7LRC9lmkcTOQvVU18 ObXw== X-Gm-Message-State: ANoB5plak0O/Tnu7IOAv4vnGQnzcCCotnWaHNRDuVP1WUK4bmfMz4E9s hVrVK289caSUhYpYVqJ3LyIO4d5b9YHs2qTNlVFgnA== X-Google-Smtp-Source: AA0mqf4gOPI/3kMS3H8xasXVkndc75m0GBsbHXjP/4n9jhLiX+J3kCgo/Gj/c0rY1EjN4aaub0Y8lyQ1O/OCZD3uqz8= X-Received: by 2002:a17:906:2854:b0:7ae:3684:84b0 with SMTP id s20-20020a170906285400b007ae368484b0mr73066163ejc.622.1671143262705; Thu, 15 Dec 2022 14:27:42 -0800 (PST) List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Leif Pedersen Date: Thu, 15 Dec 2022 16:27:06 -0600 Message-ID: Subject: Re: What is a VPC (google's specifically but it could be more general) really? To: Rob Ballantyne Cc: freebsd-cloud@freebsd.org Content-Type: multipart/alternative; boundary="0000000000008aeee105efe55c4d" X-Rspamd-Queue-Id: 4NY6LT3JPNz4Q0x X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N --0000000000008aeee105efe55c4d Content-Type: text/plain; charset="UTF-8" Hi, I don't have a direct answer, but as a user I can confirm that OpenVPN in layer 3 mode works for me. I simply haven't tried it in layer 2 mode with GCE (because I've no need for layer 2 and it incurs the extra overhead of broadcast packets). Layer 2 mode probably won't work anyway because the MTU has to be reduced to 1460, unless you do that on all participating hosts. Point is, if that's an option for you it might be worth exploring. As a side note, I configure the tun devices with the same IP address at the vtnet device. That actually works perfectly, even though the two endpoints are on wildly different networks, and avoids maintaining DNS entries and routes for the point to point network. For example: vtnet0: flags=8943 metric 0 mtu 1460 inet 10.1.2.3 netmask 0xffffffff broadcast 10.1.2.3 inet 130.x.x.x netmask 0xffffffff broadcast 130.x.x.x tun5000: flags=8051 metric 0 mtu 1500 inet 10.1.2.3 --> 10.16.0.1 netmask 0xffffffff (The internal IP on my home router's ethernet interface is 10.16.0.1/16, overlapping with its tun interface.) -Leif On Thu, Dec 15, 2022 at 4:03 PM Rob Ballantyne wrote: > Hello, > > I have a question about what the internal structure and forwarding is > within Google's VPCs. > > I started into a project using OpenVPN to bind my home network to an > isolated VPC in Google's Cloud when I discovered the routing didn't work > quite the way I thought. I had assumed that VPCs would look like a private > VLAN (Layer2) into which Google's infrastructure would inject L3 router > interfaces and/or ip/ethernet filters. > > I set up a private VPC and two test FreeBSD boxes to test and see > exactly how VPC configures routing. > > First, I just used a standard install of 13.1 and the routing table > after everything is up and configured looks like: > > ---- > Internet: > Destination Gateway Flags Netif Expire > default 10.1.1.1 UGS vtnet0 > 10.1.1.1 link#1 UHS vtnet0 > 10.1.1.20 link#1 UH lo0 > 127.0.0.1 link#2 UH lo0 > ---- > > This looked a little unusual to me so (there was no link local route for > all the addresses in the VPC), I commented out the rc.conf entry > 'google_network_daemon_enable=YES' and setup the vtnet0 interface up > manually with: 'ifconfig_vtnet0="inet 10.1.1.20 netmask 255.255.255.0"' > The resulting routing table: > > ---- > Internet: > Destination Gateway Flags Netif Expire > 10.1.1.0/24 link#1 U vtnet0 > 10.1.1.20 link#1 UHS lo0 > 127.0.0.1 link#2 UH lo0 > ---- > > This configuration wasn't able to communicate. The latter routing table > looks more usual though, with a 10.1.1.0/24 route to the local link. > > So, it appears to me that VPCs are really configured to be a > point-to-point (star really) network where the Google router interface > (10.1.1.1 in this case) has to handle all forwarding between nodes of a > network. > > I've searched around the web to try and confirm this but there is scant > detail on how exactly forwarding works within a single VPC. > > My VPN project involved using a bastion VPN host that would have > terminated the VPN/SSL tunnel and routed traffic between my home network > and the isolated network behind the bastion. > > Before I make final decisions on configuration, I wanted to know if my > understanding is correct and whether there is any documentation on this > that I've somehow missed. > > FreeBSD is, of course, the host of choice for this operation! > > If anyone does know any details, any info would be greatly appreciated. > > Many Thanks, > Rob Ballantyne > --0000000000008aeee105efe55c4d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

I don't have a direct answer, b= ut as a user I can confirm that OpenVPN in layer 3 mode works for me. I sim= ply haven't tried it in layer 2 mode with GCE (because I've no need= for layer 2 and it incurs the extra overhead of broadcast packets). Layer = 2 mode probably won't work anyway because the MTU has to be reduced to = 1460, unless you do that on all participating hosts. Point is, if that'= s an option for you it might be worth exploring.

A= s a side note, I configure the tun devices with the same IP address at the = vtnet device. That actually works perfectly, even though the two endpoints = are on wildly different networks, and avoids maintaining DNS entries and ro= utes for the point to point network.

For example:<= /div>
vtnet0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULT= ICAST> metric 0 mtu 1460
=C2=A0 =C2=A0 inet 10.1.2.3 netma= sk 0xffffffff broadcast 10.1.2.3
=C2=A0 =C2=A0 inet 130.x.x.x netmask 0x= ffffffff broadcast 130.x.x.x
tun5000: flags=3D8051<UP,POINTOPOINT,RUN= NING,MULTICAST> metric 0 mtu 1500
=C2=A0 =C2=A0 inet 10.1.2.3 --> = 10.16.0.1 netmask 0xffffffff

(The internal IP = on my home router's ethernet interface is 10.16.0.1/16, overlapping with its tun interface.)

-Leif





On Thu, Dec 15, 2022 at 4:03 PM Rob Ballantyne <robballantyne3@gmail.com> = wrote:
Hello,

=C2=A0 I have a question about what the internal structu= re and forwarding is within Google's VPCs.

=C2=A0 I started into= a project using OpenVPN to bind my home network to an isolated VPC in Goog= le's Cloud when I discovered the routing didn't work quite the way = I thought.=C2=A0 I had assumed that VPCs would look like a private VLAN (La= yer2) into which Google's infrastructure would inject L3 router interfa= ces and/or ip/ethernet filters.

=C2=A0 I set up a private VPC and tw= o test FreeBSD boxes to test and see exactly how VPC configures routing.=C2= =A0=C2=A0

=C2=A0 First, I just used a standard install of 13.1 and t= he routing table after everything is up and configured looks like:

-= ---
Internet:
Destination =C2=A0 =C2=A0 =C2=A0 =C2=A0Gateway =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Flags =C2=A0 =C2=A0 Netif Expire
default = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A010.1.1.1 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 UGS =C2=A0 =C2=A0 =C2=A0vtnet0
10.1.1.1 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UHS =C2=A0 = =C2=A0 =C2=A0vtnet0
10.1.1.20 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#1 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0lo0
127.0.0.1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#2 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0lo0
----

=C2=A0 This looked a little= unusual to me so (there was no link local route for all the addresses in t= he VPC), I commented out the rc.conf entry 'google_network_daemon_enabl= e=3DYES' and setup the vtnet0 interface up manually with: 'ifconfig= _vtnet0=3D"inet 10.1.1.20 netmask 255.255.255.0"'=C2=A0 The r= esulting routing table:

----
Internet:
Destination =C2=A0 =C2=A0= =C2=A0 =C2=A0Gateway =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Flags =C2=A0= =C2=A0 Netif Expire
10= .1.1.0/24 =C2=A0 =C2=A0 =C2=A0 =C2=A0link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 U =C2=A0 =C2=A0 =C2=A0 =C2=A0vtnet0
10.1.1.20 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0link#1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH= S =C2=A0 =C2=A0 =C2=A0 =C2=A0 lo0
127.0.0.1 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0link#2 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UH =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0lo0
----

=C2=A0 This configuration wasn't = able to communicate. The latter routing table looks more usual though, with= a 10.1.1.0/24 route t= o the local link.

=C2=A0 So, it appears to me that VPCs=C2=A0are rea= lly configured to be a point-to-point (star really) network where the Googl= e router interface (10.1.1.1 in this case) has to handle all forwarding bet= ween nodes of a network.

=C2=A0 I've searched around the web to = try and confirm this but there is scant detail on how exactly forwarding wo= rks within a single VPC.

=C2=A0 My VPN project involved using a bast= ion VPN host that would have terminated the VPN/SSL tunnel and routed traff= ic between my home network and the isolated network behind the bastion.
=C2=A0 Before I make final decisions on configuration, I wanted=C2=A0to= know if my understanding is correct and whether there is any documentation= on this that I've somehow missed.

=C2=A0 FreeBSD is, of course,= the host of choice for this operation!

=C2=A0 If anyone does know a= ny details, any info would be greatly appreciated.

Many Thanks,
Rob= Ballantyne
--0000000000008aeee105efe55c4d--