Rubenerd

When I first started building and maintaining the FreeBSD templates on the OrionVM cloud, I included a full ports tree extracted with portsnap, and I installed pkg. I figured this would give people a ready to use system more quickly out of the box, and would make initialising a system with tools like Ansible easier.

But it came with a couple of problems:

1. Clients may only want a subset of the ports tree, or may want to use Subversion, or only use binary packages. In which case, my installing it at best wasted space.

2. Binary packages may want to be sourced from quarterly or latest, depending on the target server and requirements.

This presented me with a poser. Our context system that live-injects SSH keys, IP addresses, and other user variables relied upon bash, because it was bootstrapped off our Linux templates. I spent part of my AsiaBSDCon 2019 WIP talk discussing how I’d rewritten all of this to use Bourne shell scripts, so no more needing to install bash from ports.

Which lead to the second point: did I still want to provide Subversion in the base image so people can use it to pull ports and sources in new VMs? The official FreeBSD Handbook lists installing Subversion as a discrete step before you can pull ports, but to do so I either needed a ports tree, or pkg. What to do?

I was checking the output from freebsd-update fetch, like a gentleman, and was reminded of something as an update line scrolled by:

/usr/bin/svnlite

That’s right, FreeBSD comes with a Subversion client. Somehow in this whole calculus I completely forgot about this. It’s also perfect for bootstrapping.

So now, without pkg, or a ports tree, one can download the latter:

# svn checkout https://svn.FreeBSD.org/ports/head /usr/ports
==> -sh: svn: not found

Haha whoops, wrong one:

# svnlite checkout https://svn.FreeBSD.org/ports/head /usr/ports
==> [...]
==> Checked out revision 498652

And because all the OrionVM FreeBSD templates use RootOnZFS with all the default options, there’s already a ZFS dataset for /usr/ports :).

The other option I’ve been considering is whether to ZFS snapshot any changes to stock FreeBSD, such that users could rollback or commit any changes I’ve done to the template after, such as including our context system. Then it wouldn’t matter what I added; you could always blow it away with a zfs destroy. I’ve give this some thought.

I realised a big part of why Clara and I feel so much better on holidays is because we’re exercising more. We use public transport and walk everywhere, so we always end up with huge step counts when we’re exploring a new place and rushing between attractions and food.

So I’ve been blogging Clara’s and my efforts to improve our fitness at home, in the hopes that it would encorage us to perform said fitness and get some of those good feelings here. We’re signing up to a gym in Chatswood on advise of a colleague and friend, hiking more, and taking advantage of the cute little pool in our building.

Little did we know we could have been weeby at the latter as well. Introducing the Arena Manga One Piece!

Wait, that’s the manga for One Piece. Sometimes I worry I’m too funny, before remembering I’m not.

Let’s try that again: Arena has a range of manga themed outfits, complete with darumas, seigaiha patterns, maneki cats, and a Great Wave off Kanagawa, among other Japanese motifs.

I don’t know why it’s an unwritten rule that shorts for gents always have to be boring by comparison, but at least Arena-kun still makes an appearance.

Unfortunately, both are either discountinued or out of stock everywhere.

I tweeted last month that the NetBSD team are considering removing PF in favour of NPF for firewalling. Maxime Villard posted on Friday the 29th of March:

There have been internal discussions about removing PF from NetBSD. Currently, NetBSD’s PF is 11 years old, has received no maintenance, and has accumulated bugs and vulnerabilities that were fixed upstream but not in NetBSD.

Those justifications seem reasonable. I did like that I could carry my PF rules across from other BSDs, which lowered the barrier to entry for the few NetBSD VMs I run. But I should learn NPF.

Importing recent versions of PF in scalable/performant kernels is a huge work because of PF’s legacy design, and there have been reports that FreeBSD is also considering dropping PF.

This is news to me, though perhaps it shouldn’t be. I used to use PF everywhere on FreeBSD until AsiaBSDCon 2018 when I overheard a conversation from some FreeBSD veterans discussing how much more traffic could be pushed through IPFW. I prefer PF’s syntax, and haven’t ever hit any bottlenecks using it, but perhaps I should revisit IPFW.

The biggest barrier to entry for me is jails. Most documentation online discusses how to configure networking into jails using PF, and I’ve done it this way for so long it’s basically rote. IPFW by comparison almost needs something like Firehol, though its syntax is still far better than nasty Linux IPtables.

Back in October I played Nero Fest 2018 in everyone’s favourite mobile game, Fate/Grand Order. I got three more copies of my beloved Umu, but as I lamented in the post: “I didn’t get Nero Bride.”

This was not through lack of trying; Clara and I must have attempted to summon here at least a quadrillion times, give or take. My public face was one of delight and joy to have been able to NP ascend Umu, but I was dejected that my favourite Saber’s alternative version didn’t appear.

So fast forward to this evening. I have bronchitis, am feeling lethargic from medicine, and am tired from waking up coughing all night. I saw the Fate CCC Pre-Release Campaign had started, with a limited chance to summon her again. Why not, I thought with the energy of a wilted piece of lettuce.

So I hit the 10× Summon button, and returned to watching those oddly comforting tailed logs on another screen.

The pseudo-random number generators on those remote servers had entropy fed from most favourable sources this evening. Look at me trying to mask my excitement; I can’t believe I got her!

Today Wikipedia taught me that while Latvia and Lithuania didn’t maintain ones, Estonia had a government-in-exile during the Cold War:

[…] existing from 1944 until the reestablishment of Estonian sovereignty over Estonian territory in 1991–92. It traced its legitimacy through constitutional succession to the last Estonian government in power prior to the Soviet invasion of 1940. During its existence, it was the internationally recognized government of Estonia.

I did a quick search, and found this paper by Lauri Mälksoo published in the Nordic Journal of International Law back in 2000:

International legal practice in the 20th century is rich in challenging cases of state continuity and extinction, One of those cases is the preservation of the continuity of the Baltic states throughout 51 years of foreign occupation and annexation. After decades of non- recognition of Soviet annexation by leading Western powers, the present-day Baltic republics have not been seen as successor states of the Soviet Union, but as identical with the independent Baltic states of 1918-1940. How could the continuity of the Baltic states be preserved, especially as the Soviet Union had effectively and seemingly “forever” established its control over the Baltic republics?

He concluded:

This article focuses on the Estonian situation, laying out the events of 1944 which led to the proclamation of the new constitutional government, and after the country was for the second time occupied by the Soviet army, to the creation of an Estonian government in exile. One of the main questions asked in this article is whether and how the Estonian government in exile contributed to the preservation of the continuity of the Republic of Estonia. Both legal and political aspects played a role in the preservation of the continuity of the Republic of Estonia, and for various reasons, the role of the Estonian government in exile was not exactly that of “the” preserver of state continulty.

A warning message from AAPT when provisioning new circuits:

The National Broadband Network (NBN) is progressively rolling out its network across Australia and as such, the copper access network is being shut down. To this end, during the Contract Term, you or your customer are likely to be notified that certain Services to one or more Sites will be disconnected (Affected Service). We will provide a minimum of 60 days’ notice to Customer prior to disconnection. During the notice period, you or your customer may migrate to another Service offered or cancel and move to another provider. The alternative service may be more expensive than or have different characteristics to, the Affected Service. You and/or your customer have the responsibility to arrange for new services to be deployed (whether by ordering a replacement service or connecting to another provider) before the disconnection date.

Also note the progressive phasing out of ISDN, and moving faxes to IP. Yes, the world still runs on faxes.

Today’s spam! Emphasis, much like the seasoning in the food I cooked last night, is added:

If you are interested but slightly sceptical that this is just more junk, let me assure you that it’s not. With your permission, I would like to do a video audit on your website for you at no cost and no obligation. This will allow me to show you what we can do and the value that we can provide you in driving your business growth.

And yet I’m still slightly sceptical. Fortunately, here’s someone else:

My team and I are doing some research on data, and are looking for reputable sites with whom we can collaborate. We noticed that your site and $SPAMCOMPANY could share some synergy and thus expand both of our audiences.

I love me some shared synergy, but what if I wanted to be a disruptive synergised paradigm?

A function of having a weblog around for a sufficient time period is one can comment on posts from times past, and reflect on how much or little has changed. I feel as though I should have been adjusting my monocle and wiggling a highly waxed moustache while writing that sentence.

A decade ago I wrote four ways web businesses surprised me. Let’s see if I’ve learned anything in the intervening years! Here’s the first:

I’m still surprised how short the half life of web companies are. The turnover rate is stunningly quick, what other industries have businesses like this?

My feeling is this hasn’t changed; if anything the trend is accelerating. Back when I wrote that post, GeoCities and del.icio.us were still around. Today, even package manages for large projects aren’t impervious to mismanagement and short attention-spans.

Economists and venture capitalists would likely cite this as a feature, not a bug. Spraying the wall with services then rapidly terminating the ones that immediately don’t become viable is certainly one way to end up with successful businesses. Sucks that people lose money, and the plight of users on failed services aren’t considered.

Wait, that was a screenshot for twenty years ago, not a decade ago.

I’m also surprised at the assumption that if a company isn’t worth $X it just naturally has to be bought out and consolidated. I suppose people expect if a small company isn’t bought, a huge company will clone its features and let it die instead.

In other words, companies always need to be growing. Frank discussed this on an Overnightscape episode a few months ago; why does need to be a truism? In any case, this also hasn’t changed.

I’m also surprised internet venture capital firms still get so excited over investing in hundreds of new firms when only perhaps one or two will succeed enough to recoup their funds and turn a profit. I suppose that kind of ratio is still enough if so many VC firms still do it.

I mostly covered this in point one already, but it must work for that small circle of them if they’re still around.

I’m finally still surprised that nobody has launched a grilled cheese sandwich delivery website with complimentary oven mitts and/or a subscription model.

It was a joke back then, but food delivery off the backs of people paid below minimum wage is now a huge business. Damn, I could have made money off that.

The ATP gents recently compared their buying philosophies when it came to new computer hardware. Casey and John discussed the idea of going all out upgrading the specs on a consumer device, or whether at that stage and cost it’s worth just buying the workstation-class model.

(They were referring to the iMac versus the iMac Pro, then it morphed into Hondas versus BMWs, because everyone loves a good car analogy. But I think the same logic could apply elsewhere).

Which approach is better?

Each approach has its pros and cons. Even a better spec’d consumer machine may still lack the workstation features you need, such as ECC memory. The workstation may have better cooling, whereas a consumer machine may struggle to use its higher-end components effectively. Workstations may also be easier to upgrade, and theoretically last longer.

That said, a consumer device would still work out cheaper, even perhaps with better specs than a workstation. It may even perform better in the workloads you need, such as having fewer but faster CPU cores, or a consumer GPU for gaming.

Marco concluded that it ultimately depended on what the machine was to be used for, which makes sense.

How I buy machines

These all used to be considerations that kept me up at night, in a good way. I loved pouring over price sheets and specification charts, angling to see what the best possible machine I could build was. My first PC I built from winnings in a school writing contest came down to the Pentium with MMX or the Pentium Pro, and whether more RAM or a better GPU were worth it.

Fast forward to last year, and I bought a 27-inch Retina iMac. I didn’t want the bigger screen, but it had the best only decent GPU Apple offered. It was the best machine I could build, and I subsequently barely used it. I knew things were a bit off when it failed to supplant my MacBook and FreeBSD tower, both of which were laughably old and far lower spec’d.

What the hell changed? Everyone has their own requirements, but for me computing became less of a sports car, and more an instrument. That was a terrible analogy, but hear me out: I used to need the best, fastest, shiniest. Now I revel in finding gems, and holding onto machines for longer amounts of time. The machine I’m typing on is a tiny, underpowered, second-hand Panasonic I bought in Akihabara during AsiaBSDCon 2019. It runs FreeBSD, and its the most fun I’ve had with a computer in years.

Because truth be told, the way I use computers has barely changed since my dad’s first DOS machine. I may edit photos sometimes, and I may have offloaded much of the stuff behind the scenes to home servers and cloud instances, but most of my life is still spent in a text editor or shell. About all I refuse to sacrifice is display quality; you can’t go back after seeing crisp fonts and photos on Retina/HiDPI.

So to address the earlier conundrum: I lived most of my life thinking I needed that fancy workstation. But my calculus is now what I need it to do, not whether I can spec a machine to the max. Which, ironically, is how Apple used to advertise their computers in the first place.

This was one of the most respectful and beautiful documentaries of the Hermit Kingdom’s people I’ve seen; specifically those shuffling money around the world to fund the Kim regime, and their lives after leaving.

Kudos Deutsche Welle, I’ll be checking out more of your stuff.