From nobody Mon Aug 30 18:03:19 2021 X-Original-To: freebsd-cloud@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 68DA917A2289 for ; Mon, 30 Aug 2021 18:03:38 +0000 (UTC) (envelope-from jedberg@gmail.com) Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GyyqY4tMCz4WbW; Mon, 30 Aug 2021 18:03:37 +0000 (UTC) (envelope-from jedberg@gmail.com) Received: by mail-pj1-x1033.google.com with SMTP id u13-20020a17090abb0db0290177e1d9b3f7so41865pjr.1; Mon, 30 Aug 2021 11:03:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=O4+sKsqVbEMiqDhd6ZfeBDO7s1q5+KAepy1Rs2FGaVQ=; b=L5DCivyOzlfl0wZcPqTN01dxvMCOXccdgYKQOtB1IVhc4Js9xbnImfExdCdIYoLPlm msWes0V7yEswFFJPtxTI4y7bTHsFmYLYGkU2W5wS+fzsypJuv36IIpYkPbS+sPora2SG fbcjAcTD4oYQWR1LAlVlk7RwOyMaIRf0U4mbIxhULy51Q4hSRGsgqgiLmyhiIIjFHpn1 YzMecM6eYTmJ1f5CKwQxSk9hEpQixTIW/6NN7+rCVLlk9lYIZpQCjYNAb2vgqRjOGeey ZuI/TAaP2KfBseq41xkNlo7MOpAc0wju1+rEkkBK1Gl5p5Yn7XqknTQ79JJrRi+/ws7q UJcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=O4+sKsqVbEMiqDhd6ZfeBDO7s1q5+KAepy1Rs2FGaVQ=; b=h9CMr8Rj/zvR3zuegKHJezhRncnB7jNiXU+ixTVfDD/mxSkbtqD7EnOa+OTOhuHagh l44GdQpdwI9M1mLkLu7siiLOoSdTnT49APdh1ZmuG3RHHXrr38iCmti8RPLEnC5LXJNv lIObhet1Bx4ZYMJRBWGO1O8EECIsRT4WVYDB17q3pGNopaarRZ0UWBxwRvGPyrhtLdQl Sh8Iqwqw4XS0//icYDUSM0xzGNHNq1xnE4hJkf5dWS7HqkaBqJgXJUuDkcC3ym3La9g9 gcn9cKvVF0K9QcaAOqMIxccEgK6Vh2kpartmfY5O2uJxi8rq1dFFj9IAep26MdpRKajV XDrQ== X-Gm-Message-State: AOAM532EKWPa8u3I8DPvh61IvRxmHmjeD95zSBcadzwYpCv9StfM0HiJ ItGx9w6kclGn3fTqoScFxlFKJ+HLWzxg9mo/rxGqBCDHTdY= X-Google-Smtp-Source: ABdhPJzXpNIyNitmQiiBhFHbPqSdyx6PY7lASgKkpvht7jORSfFi9nbP+4JXShRVDVepxoQPvTeVMWMtKwBqbcCFOWg= X-Received: by 2002:a17:90a:fe8e:: with SMTP id co14mr354279pjb.200.1630346611046; Mon, 30 Aug 2021 11:03:31 -0700 (PDT) List-Id: FreeBSD on cloud platforms (EC2, GCE, Azure, etc.) List-Archive: https://lists.freebsd.org/archives/freebsd-cloud List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-cloud@freebsd.org MIME-Version: 1.0 References: <79c48cc2-5341-2cea-7d6e-4372f7c93245@freebsd.org> In-Reply-To: <79c48cc2-5341-2cea-7d6e-4372f7c93245@freebsd.org> From: Jeremy Edberg Date: Mon, 30 Aug 2021 11:03:19 -0700 Message-ID: Subject: Re: RFC: Switching FreeBSD/EC2 images to UEFI boot To: Colin Percival Cc: "freebsd-cloud@freebsd.org" Content-Type: multipart/alternative; boundary="0000000000009cbd7205cacaa639" X-Rspamd-Queue-Id: 4GyyqY4tMCz4WbW X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=L5DCivyO; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of jedberg@gmail.com designates 2607:f8b0:4864:20::1033 as permitted sender) smtp.mailfrom=jedberg@gmail.com X-Spamd-Result: default: False [-2.19 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_SPAM_SHORT(0.81)[0.807]; MID_RHS_MATCH_FROMTLD(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1033:from]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] X-Spam: Yes X-ThisMailContainsUnwantedMimeParts: Y --0000000000009cbd7205cacaa639 Content-Type: text/plain; charset="UTF-8" I'm always a fan of optimal defaults. If UFEI boot is faster, it should probably be the default, especially if you're still able to generate BIOS boot instances. Unless there is a large group of people who for legal/compliance reasons *must* use the official AMIs and also can't switch to the newer instance types. j On Sat, Aug 28, 2021 at 9:05 PM Colin Percival wrote: > Hi Cloudy people, > > We have a decision to make and I'm looking for input from the community: > Should FreeBSD's x86 EC2 AMIs be marked as booting using UEFI instead of > the current (default) BIOS boot mode? > > The argument in favour of sticking with BIOS booting is that the older EC2 > instance types -- up to M4/C4/R4/T2 -- don't support UEFI. There's a full > list of which instance types support UEFI at > > https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html > > but roughly speaking it's a case of "Nitro instances support UEFI while Xen > based instances require BIOS". (Note that whatever decision we make, it > will > still be possible to build AMIs which support BIOS booting -- the question > is > just which mode the official project-published images are marked to use.) > > The argument in favour of switching to UEFI booting is that it's faster -- > around 4.7 seconds faster in my testing. While this may not seem like a > big > difference, it's the difference between being on par with most Linuxes or > lagging far behind; and there's a definite quality-of-life benefit to being > able to spin up an EC2 instance and SSH in to start using it quickly. > (Also > benefits for people using autoscaling, since they can respond to increased > load faster.) > > One obvious question to ask here is "how many people are using the older > instance types which only support BIOS", and I have some data from the AWS > Marketplace about that: > * Instances originally launched on FreeBSD 9.x and 10.x are all using older > instance types. > * About 60% of instances originally launched on FreeBSD 11.x are using > older > instance types. > * About 40% of instances originally launched on FreeBSD 12.x and 13.0 are > using older instance types. > > Almost all of the "older instance type" usage on FreeBSD 12.x and 13.0 is > T2 > family instances, which I suspect is for two reasons: > 1. For a long time I had t2.micro listed as the default instance type on > the AWS Marketplace listings, and > 2. FreeBSD 13.0 has problems on T3 instances due to the TSC timecounter not > working reliably. This problem has now been corrected in HEAD and I'm > hoping > the fix will be MFCed in time for FreeBSD 13.1. > > I don't have any data on instances launched outside of the AWS Marketplace. > > So, as I started this email saying: We have a decision to make and I'm > looking for input from the community. Faster booting, or support for older > EC2 instance types in our published AMIs? > > -- > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid > > --0000000000009cbd7205cacaa639--