Unifying jail and package management for PC-BSD, FreeNAS and FreeBSD.

Video in TIB AV-Portal: Unifying jail and package management for PC-BSD, FreeNAS and FreeBSD.

Formal Metadata

Unifying jail and package management for PC-BSD, FreeNAS and FreeBSD.
Browser-based package and jail management
Title of Series
CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
Historically the PC-BSD project has had easy-to-use, powerful GUI utilities for package and jail management. However, being X11/Qt applications, this made their usefulness limited only to workstations, or other systems running a graphical environment, not particularly well suited for FreeNAS or a traditional FreeBSD server. With the rise of web-browser driven system management, it was also time for PC-BSD to begin converting some of its more popular tools into web-manageable forms. Over the summer of 2014, a new project was started to re-create the AppCafe, a pkgng front-end, and the Warden, a jail manager, into web-accessible utilities for inclusion into both PC-BSD and FreeNAS. This front-end allows remote management of jails and packages on the upcoming FreeNAS 10, as well as system package management on FreeBSD and PC-BSD. This talk will provide a high-level overview of the functionality of the new AppCafe / Warden, along with technical details about the implementation for developers.
Moore's law System programming Set (mathematics) Software testing Rule of inference Identity management Identity management
Point (geometry) Gaussian elimination Building Run time (program lifecycle phase) Model theory System programming System programming Compiler Identity management Window Identity management
Trail Run time (program lifecycle phase) State of matter Multiplication sign Flash memory Proper map Number Radio-frequency identification Computer configuration Hacker (term) Repository (publishing) Bus (computing) System programming Vulnerability (computing) Moment (mathematics) Hecke operator Bit Cartesian coordinate system Process (computing) Repository (publishing) Universe (mathematics) System programming Right angle Freeware Identity management
Point (geometry) Shift operator Multiplication sign Debugger Feedback Bit Mereology Cartesian coordinate system Mereology Shift operator Metadata Type theory Performance appraisal Bit rate Different (Kate Ryan album) System programming System programming Identity management Capability Maturity Model
Service (economics) Projective plane Bit Food energy Twitter Connected space Type theory Different (Kate Ryan album) System programming Interface (computing) System programming Cuboid Identity management Multiplication Identity management
Mobile app Server (computing) Functional (mathematics) Computer file Variety (linguistics) Student's t-test Number Web service Hypermedia Single-precision floating-point format Touch typing System programming Medizinische Informatik Identity management User interface Shift operator File format Server (computing) Moment (mathematics) Data storage device Internet service provider Cartesian coordinate system Integrated development environment Function (mathematics) System programming Configuration space Right angle Identity management
Scripting language Web page Dataflow Slide rule Service (economics) Java applet Software developer Connected space Formal language Radio-frequency identification Repository (publishing) Different (Kate Ryan album) Thermal radiation System programming Website Gastropod shell Task (computing) Task (computing)
Dependent and independent variables Information State of matter Mathematical singularity Moment (mathematics) Database Bit Electronic mailing list Metadata Subset Cache (computing) Cache (computing) Hash function Read-only memory System programming System programming Social class Information Freeware Family Resultant Local ring Social class
Trail Mobile app Group action Service (economics) State of matter Logarithm Multiplication sign Set (mathematics) Parameter (computer programming) Login Mereology Revision control Mathematics Mechanism design Causality Computer configuration File system System programming Utility software Information Monster group Social class Task (computing) User interface Authentication Addition Email Information Interface (computing) Database Mereology Group action Cartesian coordinate system System call Oval Function (mathematics) System programming Revision control Configuration space Object (grammar) Task (computing) Local ring Resultant
Meta element Randomization Functional (mathematics) Computer file Multiplication sign Password Directory service Client (computing) Mereology Hash function System programming Cuboid Utility software Data structure Game theory Authentication Key (cryptography) Interface (computing) Computer file Moment (mathematics) Electronic mailing list Hash function Personal digital assistant Password System programming Gastropod shell Queue (abstract data type) Game theory Resultant
Point (geometry) Group action Multiplication sign Password Web browser Mereology Public key certificate Product (business) Web 2.0 Different (Kate Ryan album) Operator (mathematics) Moving average Gamma function World Wide Web Consortium User interface Metropolitan area network Default (computer science) Server (computing) Moment (mathematics) Front and back ends Software development kit Message passing Emulator System programming Configuration space Right angle File viewer
User interface Web page Service (economics) Group action Service (economics) Bit Port scanner Cartesian coordinate system Configuration management Web browser Metadata Element (mathematics) System programming Interface (computing) System programming Video game Medizinische Informatik Control theory Office suite Identity management World Wide Web Consortium
Web page User interface Metropolitan area network Service (economics) Computer file Operator (mathematics) Twitter Particle system Prototype Software Personal digital assistant Computer configuration Password System programming Set (mathematics) Authorization Configuration space Personal area network Gamma function Asynchronous Transfer Mode
Asynchronous Transfer Mode Scripting language Service (economics) Computer file Menu (computing) Drop (liquid) Mereology Metadata Element (mathematics) Prototype Flow separation Natural number Computer configuration System programming Cuboid Data structure Descriptive statistics Data type Scripting language Boolean algebra Default (computer science) Service (economics) Information Key (cryptography) Menu (computing) Port scanner Variable (mathematics) CAN bus Single-precision floating-point format Type theory Crash (computing) System programming Configuration space Remote Access Service
Point (geometry) User interface Asynchronous Transfer Mode Range (statistics) Electronic mailing list Number Single-precision floating-point format Type theory Flow separation Different (Kate Ryan album) Computer configuration Personal digital assistant Crash (computing) System programming Configuration space Cuboid Remote Access Service Reading (process) Descriptive statistics Chi-squared distribution
Scripting language Suite (music) Default (computer science) Scripting language System call Computer file Real number Moment (mathematics) Set (mathematics) Directory service Directory service Port scanner Cartesian coordinate system Variable (mathematics) Element (mathematics) Web 2.0 Computer configuration System programming System programming Freeware World Wide Web Consortium
Functional (mathematics) Service (economics) Password Set (mathematics) Web browser Login IP address Wave packet Web 2.0 Casting (performing arts) Set (mathematics) System programming Utility software Authentication Theory of relativity Matching (graph theory) Key (cryptography) Interface (computing) Moment (mathematics) Software Password System programming Interface (computing) Right angle Remote procedure call Local ring
Point (geometry) Satellite Logical constant Asynchronous Transfer Mode Server (computing) Functional (mathematics) Multiplication sign 1 (number) Set (mathematics) Parameter (computer programming) Client (computing) Discrete element method Usability Web 2.0 Revision control Computer configuration Different (Kate Ryan album) Natural number Operator (mathematics) Set (mathematics) Bus (computing) System programming Cuboid Cloning Booting Boolean satisfiability problem Identity management Default (computer science) Standard deviation Inheritance (object-oriented programming) Server (computing) Interface (computing) Forcing (mathematics) Bit Knot System call Cache (computing) Uniform resource locator Integrated development environment Query language System programming Volumenvisualisierung Right angle Remote procedure call Freeware Local ring Asynchronous Transfer Mode Cloning
Webcam Point (geometry) Building Functional (mathematics) Server (computing) Multiplication sign Set (mathematics) Drop (liquid) Mereology Login Computer programming Revision control Web 2.0 Medical imaging Frequency Fluid statics Mathematics Cuboid System programming Flag Integrated development environment Mobile Web Cellular automaton Interface (computing) Binary code Electronic mailing list Planning Bit Directory service Value-added network Word Arithmetic mean Kernel (computing) Integrated development environment Network topology System programming Speech synthesis Right angle Moving average Local ring Reading (process)
Demon Point (geometry) Server (computing) Functional (mathematics) Computer file Multiplication sign Disintegration Computer-generated imagery Interactive television Water vapor Login Product (business) Medical imaging Mathematics Causality Blog Computer configuration Authorization Utility software Software developer Computer file Moment (mathematics) Interactive television Bit Front and back ends Mathematics Type theory Proof theory Category of being Process (computing) Web-Designer Software repository Order (biology) System programming Interface (computing) Website Point cloud MiniDisc Window
Ocean current Slide rule Online help Function (mathematics) Open set Black box Theory Computer configuration Flag Data structure Task (computing) Logical constant Mapping Moment (mathematics) Electronic mailing list Shared memory Sound effect Bit Database Type theory Universe (mathematics) Order (biology) Chain System programming Configuration space Right angle
cool festival will go ahead and get started then so our 1st couple quick introductions bynames crests and the founder PCB-ST and you may have seen the on such shows as testing out so you guys watch that think you have not you should be watching the selected for the cool thing about the show little give me a set of rules apply here is a lot of the people were interviewed these people in this room and so you see a lot of colleagues and familiar faces on and if you don't know what people in this room it's a great way to put a name the face so definitely check it out if anything just for the interviews maybe you're beyond the tutorials but the interviews are definitely get but today we're going to be here to talk about a package management what lowered currently acting on with the PCBs the screen as in 4 previously as well and I speak pretty quickly but if you guys have questions feel free to interrupt I don't mind at all just get old me get my attention and will stop and take a detour work so as we get
started 1st want to take a look back at 10 what brought us to this point so the history of package management on PCBs specifically so
i'm started back in 2005 10 years now so 10 years ago is when I started working on the PPI system and given other talks about this in previous years it was originally designed as a self-contained system and pretty much user-friendly for desktops we're going from or Mac Windows model trying eliminate dependencies show everything in the directory and have it do its thing and this was accomplished by using some tax the court system and building things with custom prefixes and then some runtime hacks to make it all about so over the years the
system worked pretty well I mean it was me and you succeeded at what I wanted to time you have to remember this is all prepackaged and so at the moment there was a lot of other options that would work for us but they are as time went on issues with it became apparent number 1 was applications kept getting bigger and have this annoying habit of let's bring this dependency 0 we grew this new feature and feature creep it's everything and got general packaging Firefox is really simple and and bring in and try to you know it and as a port sky like this is it's just universal right packages and applications are growing and and windy up everything went to hell right OK now we get the bus involved here too so yes applications kept getting bigger and that was annoying and application started becoming much more interdependent on other applications to function the worst being a prime example of that like so now I need to communicate with this and that and the whole containers and wasn't working as well and this made the runtime a heck of a lot more difficult as you can imagine because if I have Firefox in the container will what about at of flashes of job upon in Hristea whatever it is you're Silverlight had all whatever the flavor was that they needed to run become more difficult to do that while several
years later package and he showed up and we can all the Baptist for that and it's been you know my mind very successful and the need for pdis became less and less important for us right package and G was maturing at a really rapid state and I didn't feel like we had the need to continue doing our own thing previously had taken a different path and it was time for us to unify so we're able to switch over start using things like repositories handling proper dependency tracking and more again there's some weaknesses with that which we're going to talk about a little bit what we're trying to do to solve that but the main thing was we wanted diversity much for from Free BSD have always been proud of the PCBs decided that were not a fork were not out there just to their own thing and hacking at the basin giving you some Frank BST we want to be a previous US stuff so we did not want to diverge too much this was very important to me
so in the winter of 2014 so last year we finally decided was to scrap the old system and it's time to go for 1 full-blown package and G at that point in mature enough to the point where I felt comfortable doing that to users and I felt like for a desktop it was ready to roll so what ended up happening was the new system became pretty much just a front the package and G. so other users will still see PBI reference occasionally but at this point it's really just there to drive the QT based front end and what we call the AP cafe but under the hood it's all package and black magic that's happening so so nothing too surprising there so today the DVI system isn't actually any packages is just metadata so that things were sucking in this stuff to build pretty you use in Newark screenshots and you might wanna try this application because it's some more AppStore type material is what our PBI system is it just metadata so part of the
shift in this thinking was also we needed to re-evaluate a little bit from our old qt 4 based at and I have a picture here what it looked like and you know for the time I worked pretty well you can see we have a different metadata for things like user stars you can choose a to rate things and when will we will then highlight them in recommendations based on community feedback as but I
we noticed there is a trend towards always-on connectivity and we were seeing a lot of systems that we're doing a lot of different things all in the same box for example desktop jails running services that was not uncommon it turned out a lot of people running PC-DOS steer usually fairly technical actor type folks know it yes but I'm running my plaques in a jail here I'm running this over here when I had something the base system here's an engine that's right so that can change our thinking a little bit on how a energy package management and it also made it meant to us that having something remotely accessible to the chemical new not having that physically connected monitor the system bring it up and they always manage packages that way would be any so last year
2014 we started a new project to convert the cafe for us to HTML 5 driven from the keep package and G. so
during the early days account is set down just sketched out singles what are we trying to accomplish with the shift so we want 1st of all to create something which could be very useful for a variety of situations not just as stops but things may be such as freebies year true so for those who don't know true us is just our PCB-ST branded server it's previously but with our install environments and all that but we wanted something that manage packages on that remotely a course we still want to support the desktop but guess what there's appliances out there like free now as as I'm sure you guys over freedom right surprisingly lots of people like to run applications on their free knows what to the matter of fact I don't know what the numbers are but a lot more people running apps it seems now than even storing files around once they put a file on there but then they run some actors they wanna serve that so I need plex media server I need whatever the flavor of the day is of people running ownCloud for example and running web services and jails and so on appliances so it's like OK how do we help people manage that as well because obviously appliance doing storage storages more students storage not necessarily how you stand up on so we also
need something which would function pretty much in a synchronous manner so we'll touch on that here and moment we wanted to allow you to get all the major package functionality without ever dropping you a shall props so in my mind if you have to the shall we failed you should build your everything was clicked the clicked and done through you know a computer a web interface or a phone as well and we also wanted to support of creating and managing the lifecycle of your jails and packages installed which also and then that 1 of the things that came up in some of the things we had X was how about configuration so if you guys done packages for a while and manage systems you know it seems like everyone has their own configurations and will my come files are here in the in this format 0 but no you needed hours here or maybe we have a Web interface that lets you configure everything's just kind of this mismatch and if you don't know where the magic it's already no end of Google and trying to figure out how to adjust to support this lessons on how to have user do whatever you can figure I need to do so we wanted something that
was also very responsive and quick because package in G when you're building up repositories and looking through everything we needed to be fast like on my mobile I wanted the click and have answers immediately In the course we need a queuing so I wanted to be able to again on my phone maybe I'm in the car on the way so I wanna build set up in jail Q task and say install some packages and you all those connection 5 miles down the road and wiggles yes this the people that I want you to have by the the end of the world yet summaries going out of that so that it was like those only sure I'm a dozen back the show you can what it does look like and what it does in a few slides so Yamabe flow answer questions but as I was saying queuing it tasks was important I needed to be able to support somebody use again on a phone or a mobile or may not want to sit and wait Virgilia provision because you make your jail now it's going to download 100 bags to build the jail until download another 500 bags and low Java upper whatever run your services and those jails that takes time and if you're coming on a mobile device you wanna sit there watching for years 1 you that sucker up while ago
so the way we're doing that in the new at cafes were using a bunch different languages and technologies some of this may be changing the next year were considering this kind of our experimental 1st to see what we can do in this arena so course were still using C + + began to TI about desktop so like equals plus I do a lot with shallow so most of the back and show everyone Groans HiSeq-hg has prior 1 of the things that will go in the future but new page piece so we started with that and the course of radiation CSS in java script to do something in developments on the website so the 1st piece of
technology we had to come up with to start doing this was some way of keeping information about the state of the system in the state of your jails so it can have a response so not every clicked results a please wait I'm looking jealousy what's available or the updates that I mean that can take minutes depending on how much data it has to pull down to do the check against the local database so we came up with something called SIS cash which my brother can actually wrote here but it's internet and qt it provides a persistent read-only cache information that we can query extremely quickly via you the command line a PHP or we can connect it with the Qt as well so it's written using Qt 5 correlated so it doesn't suck in x 11 and all those dependencies it's actually much smaller subset and uses the q hash class which is fast for doing with up to it pretty
much monitors the state of all these on the system it's going monitor 1st of all system updates at the moment were acquiring Free BSD update because that's the method we use to keep our system curl up to date and a course that monitors 2 kg previously appeared maybe going away soon the packaging base lands were very excited for that but it a cost monitors all your package Reaper metadata so that means the local copy of what's installed in the system what your state at the moment and what's available what's out there in the wild that could potentially download and we're going to use that to build the UI and then we look the extra metadata for the PPI system that be at Cafe all the pretty pictures and what not the package guys for some reason I care about that doesn't get put in the forestry which I understand that's not the place for it but we need to have some of those bits looks nice and then a cost jails like we got a monitor your jails what's enabled what's inside the jails over the upgrades available that jails a couple reasons behind so we need to provide a quick way to monitor that as well it uses that
for those who know Q uses the Q file-system watcher class which will monitor changes to jails in local system and then query updates to those specific that so if you will log into the system and you PKG command by hand will see that the database has been change something that removed we can then require you to make sure we have a consistent the state of your data so this was initially designed to be used for this new app cafeteria talk about but we found such a chemical we have what other utilities and PCBs using as as well now so we're not having the consul hit the desk and see what's here what's the what's the Saskatchewan so it's be quickly becoming this monster which keep track of everything on our system for us so I using it's pretty simple system of since cast sinkable mainly service system information sake usually never call actors it started by our sit at the Scripps and then we can have some commands also here there's a lot more things like has updates are the updates of a system return true false do we need to reboot have we done in there are we waiting review for some other reason and then we have things like update logs like OK this system updated but I wanna see the plaintext what happened from previously data package and your whatever it happens to be doing so the
following syntaxes how we retrieve information show the command line usage but we have a system where we can pass and a whole bunch of arguments and say give me this I wanna know what PKG thinks of the system and the local mail wanna see the Thunderbird version that's locally installed what's available remotely and we can see in all these together to do 1 really fast call so give me the option you're giving the status of the remote mail not to man but Haitian me the options it was compiled with at the same time so we can quickly change things together and get answers back in the very quick amount of time for the web interface so of the dispatches another piece of technology we replace was written and show this is part of the asynchronous portion of the user interface it handles the following 1st of all those all year jail actions so that's going to be the dominant sets and says OK it's time to start a journal it's time to stop general who we're to do an upgrade this is 1 which could take a while so it's gonna monitor a kick that often keep going give us a result when it's done it's also going to handle 1st package installation removal from either under the base system more jails and then it'll handle the application configuration as well which I'll show the URI for so in addition to that this dispatch will handle some other local system tasks and package and remove causal local system the configured and then system updating the previous two-year PKG the systems we have some configuration objects can turn this off so appliance like 3 as for example you don't want to expose that to the end user because they may not be using previously updated PKG so the interface with asylum high all that stuff so you can use the updating mechanisms but for jails we on expose that and course logs everything that was cute and give you results and that handles user authentication make sure you have permission to change stuff on the
system so this utilities written entirely in shelf it performs all the user password authentication with PHP which will show you a moment passages stored using PHP these past 4 has functionality and then there a course generates random session keys which are passed back to the client so you can continue working session and the time our Lord out it stores most of its internal files again in Part temper at Cafe that's cleared out after each restart so people place anything important there and some of the files we store in the course is going to be the dispatcher idea that's going to be the session key of the users were logged in and then we have a results file of things that have cute it's a summary which should give you a quick status of this is what happened in the box we're working q these are the things the queued up and waiting to be run and then we'll have a lot of structure which will have a lot of everything it's done I believe in capturing every bit about possible so box on some I wanna know why and have to go around the commanding and I can look at it in the interface so inside the
the summary file will have 0 just a list of success and then a unique hash and this is what was happening we were doing a PPI installed games are actually do in this case on the system and they'll just be all bunch entries like that and then the hash 0 correspond to something in the log structure where you can look up the gory details if you're interested in or for you I want to look it up so what does this
look like at the moment all this is wherever that right now with the PCB is 10 1 to which released last month we do Coralie updates we actually this the default so this is in running in production right now what's going on here is we have a QT front and that that's actually web and it's all a web interface at this point so you can read the same thing Firefox and so the
front and it's made up of a couple different opponents we have a course the WebKit viewer because people still want to have something to browse and we don't require you install Firefox or some other browser can suddenly lightweight reasoning engine next to serve that in the 1st ph she's handling the heavy lifting it's served operation GPS and we create a self-signed certificate the 1st time you started you can provide a full assignment if you'd like there's configuration out for that and the 1st time we start from the desktop it's gonna prompt you for the single pass through your local uses the same as the old Cafe wanna make sure you're you and you have permission to access this on PCB-ST that means you're part of the operators group you take somebody out of that group they have no access to packages almost as so for so well
with all the persistence stuff happening in this is cast dispatcher now all the UI elements are actually rendered the when you click it's querying and building up you a user interface for each page is requested this is allowing us to kill the actions and then closing your disconnecting the AP carefully will action still continue can come back later announced see what happens watch and there was a issue of 5 we've also included a mobile-friendly thing so again on my my soul galaxy note here I can connect to it have a mobile the can just click click click and after I have jails set up done here you know and they're all installed packages in there 2 to to be at a computer in the office
so using that all the metadata have it's able to provide a little bit more advanced control over the installed applications but of course we have the facilities to do services so you can start stop enable or disable services both on the life system on the jails and then were talk about application configuration management a little further some
scanner can use an example here so bitterly whose users before the 1 with the says it is so it's the usage of that so it's Iousy so you have basically C but it's it's very connected the other networks a jabber whatever their Twitter yeah whatever it is it's particle so there's some ideas like I'll I'll make a service for the tropics so in this case you can see when you bring up the bitterly pages installed looks like it's running so they can stop a restarted but all
there's a configuration tab so we're able to expose this in the user interface so that'll be was the 1st 1 I picked because it had relatively few options you understand it was really fast and easy to prototype but uh basically were able to provide some of the bill the options and expose here so cost ports passwords in authorization mode how it's supposed to run and then you can save those and that ends up getting stuff and whatever but will be configured file is so how do we do
that so to manage services where the PBI metadata comes in because we didn't have all this information the porch structure so we added to the PPI system so will have a service start file which will just give us some variables what the name is with the RC script is and then we have a type which will call primary or secondary and primary something we exposed to the UE and will get natural buttons and knobs a secondary is something that needs to be on but we don't necessarily want to expose the URI so sometimes arriving dependencies of of something where all the have that running but the primary will show up and you are so to do the configuration you i which is the fun part we have a 2nd configured file and the meta data with the PHP entries for the menu items which
I apologize it's kind of clutter here but we basically just created an array again this is a prototype at the moment but that we've created an array and list that the UI elements here so combo box if anybody's then webform gene-order combo boxes a drop down and they were going to give it a description we're going to give it a long descriptions so if they hover the mouse over 1 of the more details they can find out more about what this option does we then set a key we set the default of what should be the what it was when we shipped it and then we start providing options and those will all be propagated into the user face yes yeah I was
quick and dirty that's exactly what some honestly you add in having UCL purser I'm I'm not a big see so at some point when we go back and start rewriting that's list that's probably what can end up happening some museology type but from again in his PhD in new that really quick and they will protect the very rapidly of there
so another example would be maybe a number of box so the bilby what Porter we're running on so we only want numbers in this case and we're gonna go ahead and say I I want a description here long description what's the range reports maybe we can run for each type will have some different configure options that are documented in the reading that you could provide the user interface so with all these
options provided at Cafe can basically create elements and then called PPI scripts directory to set get variables so we'll have a couple scripts where we say I wanna get it configured is the key give me the value of this this the file I want a set of values here so this is the key years the value and then we have a dungeon Fig which we can call afterwards so for example some applications we may wanna set 5 options and then do some master command to reset or apply those and some fancy way again applications every 10 different ways that you can configs so we try to provide functionality for
all of them so enabling systems actually pretty easy the course if you grab PCBs your true West it's turned on by default so it's very easy to use all the true also prompt you if you want on not suit for free via CVX you have in the package system alright so you can just grab sissy tools we call PCB-ST the AP web and that's really go on previous steel 10 and what not at the moment whatever built on the cluster and starting it's real
simple you circuses casting and which is sucked and automatically is a dependency and you just start the cafe and of course the related service commands surface so setting a pasta river command we ship called AP cafe surpassed service provided a username and password and that sets appear remote access so you can connect on your your your remote phone web browsers so
accessing the interface and it has support in there so it might be 85 or whatever access that erasure GPS or your IP addresses and then it brings up the you in your web browser and a cost accessing the interface locally on the desktop if you want are WebKit Europe we have that also that's the PCBs utils qt 5 package and you would run the train at Cafe PC software they would start to qt container and show your face this so for authentication what we're gonna do is with pseudo on the local system although it works differently so on a local system pseudo and verify the password matching and return a key OK you're all your locally alternative yes no no no of pseudo we have a QT pseudo utility shipped as well which will then pop up and prompted the password there is a random key which is assigned back to the user which is stored in the web session lost the moment you close the web and that would be the same with remote so the remote will actually bring up a login username and password and I'm assuming you have the right 1 it will then assigned random key back which is stored using some PHP function the other local
a tricky trying to figure out how a new acts like the remote was easy PHP is always functionality that really well we want to work with you and I have to go to the web but we did manage to do that does work on so settings are actually located in at Cafe outcomes in the usual locations usable klutzy and now we have the option we you can turn on or off remote because obviously if you are local bus stop you don't wanna expose the portantly that running if you don't care about remote interface so you would set that the true if you enable that so then you course you can change the ports you can turn off this assault you want and reason on a server over that and we
also have the mode so you can specify how do we want that Cafe do appearances change our renders so desktop mode for example is can provide you full access to everything local system packages and on the system we have a server mode which will provide you full access to all packages and jails but actually filters out all the excellent stuff so you will start getting all these acts or adapt showing up in cafe which is kind a convenient because my hands at and I want those and then apply its mode is even more restricted which will only allow you to do operations on jails it won't even show that the system shown in the packages there it just says you have these 5 jails what would you like to do today with these and of course we ship with that set the desktop on PCBs the server untrue as free as which was something turned on clients so 1 what are some of the differences I know what you guys have probably use PKG at this point so most of the commands using a typical is no scary black magic you're doing things like adds deletes queries or queries updates upgrades etc. However we do some a little special with the upgrade command which I wanna just touch on briefly here so we have a lot of problems with that how many of you guys done package upgrades 1st all have reviews at that and many of you've had SAT solvers OK just about everyone this him the 1st time that not some 5 that is good it's got the only thing 1 1 5 6 1 3 OK so picture this year running a desktop and we ship a desktop for example we provide access to will say 20 to 24 thousand packages right however many its desktop users tended to weird things they install certain things they tend to upgrade only certain things they're not upgrade certain things and reverse the SAT solver knots and we were seeing constant failures and PCBs when people go to upgrade from 1 version to another or just update to more recent package that depending on what bits they had changed what packages were installed and things could fail it happens you know it's not this is the nature of the the special uses certain locking things in 1 on it gets pretty hairy so anyway we needed something a little more automated because again were desktop my parents from this I don't want to run over the house and fix a SAT solver but because it tried to install something that have that they're there identical couple times of prompted this so the updated PCB-ST operates a little bit differently now so 1st of all it's going to take a look at what's installed on your system and prefetch all the required packages it's going to create a new boot environment or a jail clone operating on a jail it's going to mount the new environment it's assured into it and clean up all the old packages just wiped it completely out of it's then going to reinstall from the prefetch packages but the installation targets are only the packages on upon which nothing else dependent i.e. the top packages that you install not the dependencies of and by doing that what we found is we've not had any contact forces that's over issues because those just suck in the required dependencies those all prefetched and we're not trying to go back and upgrade some dependency on PHP which is weird and something is broken so again this is all done alive running system in a shrewd and when we're done assuming everything is gone successfully nothing has failed we will just not you know more than you would environment as the default and then of course if you're on the desktop you get a nice little popup saying hey believe me at some point in your updates about like that when were finished or it'll say you need to restart the jails so you're on version of the jail but which how this works really stinking well it's actually really can be in the morning to see that and updates running going on but I have virtual box running and stuff's happening and compiling rebooting these updates what I wanna run that whatever I can is let it run it'll prompt me to reboot also that's fine go away for a couple hours all later and it's it's great never touched a single thing on my running session so we've had great success with that so much so that we turned on by default and PCB-ST so for auto updating systems now and the last major update we did even going from a 10 0 2 10 1 of my folks system like I went over the house like I had accepted there is no big deal right there on the new version you Katie knew everything right now like this is finally we've reached the point where I'd I did not get a call to 1 of its right so this is the 1st thing I thought I feel your pain ironic previously destructive so these are the things we're trying to solve but that's the only real black magic were doing that's different from your standard PKG usage so that's what's happening in the hood it depends entirely on what you have installed so obviously if you have 2 gigs a package is installed it's going to need to more additional gains to build that and by default we set hours to keep 3 boot environment so they start discarding the old ones so always have 3 available on the system and what we found no as we keep a cache of the packages as well so were not really downloading the whole 2 gigs at every time it may only be 10 packages that change in the new set so we're only fetching those 10 packages there in the cash and we can rebuild the environment from there debt and because the environment disclose it just it just works really well in might even determined you at some point this week you sure it's been we have something the schools with and all shore not the start of in the course of this year at all these in the problem so that was the best possible yeah definitely so 1 of the things we want to expose the your soon we turned off Waterloo because we had some issues with the early on in the early days but it's got to the point our think parameter never got this solution is is and
using the the meaning of the user with 160 says OK so when he says it's safe to do that we will turn that on brighter fall when I was hoping to do actually is exposed to the URI so when you delete a package it'll say here's the list of what we could order removed speaking which that could do that is the future when you when you say I want delete Firefox give me some flag that says you could also delete these with other removed at the same time and I can show that new I'd say you could remove Firefox you also want clean up does it provide a list ahead of time where you have to run after usually in Firefox after there that that's what I want to get to the point is words like I've seen here so that the jury or that's the goal right like it to be as light I've installed plexin you in jail but I want to remove it now OK what do you want a clean up these at the same time and it just as all once we this is the plan to give a questions are can do you you all are there any of them you see here is in here we can ask what the kids in the but but but but right always of admittedly eye sockets CSS so it doesn't look as awesome was like it to work but hopefully someday CSS catamaran making well on this is in sharp drop the fact that you we all know that the although web stuff is not and was using the webcam you're doing this alter your phone so it has a nice mobile interface and increase pleasantly surprised what is OK endogenously on previously you use this but so the 1 thing that allows us to do a lot of this with all their presence of his all CFs so we want to see if there's only a couple years back right 64 bit always EFS only and this is just some of the cool new things were starting to come up with because we have all the functionality and the that 1 the thing I want you to know is that is that the net saying that yeah for sure that society you at the back of the neck knife the server and then eventually you might not be just to you sure sure you eventually end up with the fact that they will see that we have was often a day when the so 1 trick 1 trick we did you know that a lot so we use it for you backwards compatibility this so 1 trick we're doing is we're actually use the package static binary when we cleaning and the food environment we remove picky PKG as well but we preserve of we grabbed the package static at the new package it's going to be installed user to bootstrap us so that's how we go from say 10 1 to 11 current which by the way we are running monthly current images out these existing system but the but all users up data we've had people running of last for 5 months and just going from May to June integers upgrades you get all the packages and it does all this magically and guess what you can relax sudden wrong so that is pretty cool but it does do some package static stuff to avoid potential conflicts there but of course you know why do we do this and I already mentioned other cells and both of these but we wanted background updating I didn't want deferred doing updates because I was working in other words when virtual boxes running to compile because I'm building something the last thing I wanted to start new twirling around packages and potentially remove something and mess up my day so we want to build background of course we wanted to avoid potential conflicts with running package upgrade and that we never wanted to touch your working environment in other words when I do an upgrade I wanna be certain that when I'm running on right now has not been touched in anyway so if I do need a roll back no you not rolling back to some hacked up part way you know this was kind attached during the period now it's pristine and never been messed with the right to do so yeah that's a little if the right so we're not saying a whole lot of programs that right to use a local so we're not running and issues with that what we preserve its based on your data sets that you set up during install so on PCB-ST user locals part of the environment and the things that are kept outside a good environment would be slash through the course all the home directories and stuff and attempts to you have logs and what not that persist and there can be an issue if you go and making changes in user local that will persist in the you would environment obviously so we've had of nodes and there like a if you're going to make changes do it up after you've done between the buyer the reader really after Christian yes so you you you you you create the meaning so far we use this year we then here in that I the read you will work yeah that would probably view that almost to use local VA instead of 4 and do that and we Maori create an article that our dataset list to see what exactly it is still but I know use local van and related suspect's are all part of the dataset where the but environment so and obviously we did this because I just want something that works and I'm tired of touching systems just updating applicable plants so availability so as I mentioned this is all about now is increasing interest and 1 to which cannot make so you go running this right here you can grab on our courses in the current images as well so kernel majors as we consider that bleeding edge just like previously that's the bleeding edge so you'll have all that in the June snapshot became applicable days ago and as I mentioned it's in the porch tree
and looking ahead so obvious I said this was kind of a proof of concept can we do this is the technology the point we can make all these bits happen so now that we've kind of done and we're using production where we wanna go from here so as I mentioned we wanted do some cool stuff with order removed saying a in remove this you want clean up after yourself I suck at CSS so some the thing would be nice some more Ajax type interaction in the I became cool but I'm not a web developer medium to or something I I don't know that like the kids these days all kinds of crazy stuff with Ajax I'd like to have some more interaction was running processes so you can view the logs as it's happening in a blow up in an age at the time window and interactive and all that would be cool and then being able interact to interrupt some of the unknown asynchronous commands would be nice so 1 thing we're looking at is getting a PHP and since we already have the demon in qt doing something Q 2 years to actually service qt with has webserver stuff in it now a conserve HTML and all that so were experimenting in looking at that at the moment to see if we can drop and annex engaged in that those bits anymore another thing that's interesting
this is a recent development we've had the water utility in PCB-ST for a while but we've decided to drop it in favor I OK so for those has anybody here firstly used OK cage sites Peter who won the authors of that but 1 you really should try and it's quite quite awesome it's like somebody you know Peter it's it's all z faster does everything is the EFS properties it's like what I would want to be if I had started now if this is really cool so I was very happy to switch to that and we're going to have support for iron cage of base jails which if you come from an easy background you're already familiar with how that works but that all all of us trickery it's CFS commands instead were also experimenting with new docket like functionality for downloading in deploying images so you have the option of not using packaging materials you can instead have prevailed images you can commit to push to some repo somewhere and then deployed on a server in the cloud somewhere wherever it happens to live so some of the changes we made Iike age have been relatively minor so far just mostly relating to some non-interactive stuff and I've committed those upstream and just some improvements so we can fetch stuff from like the PCBs the repo cause we have obviously current images now which have their own disk files that may be our up on the previous T mirrors and that's
actually a that's where we're going so heavily to the slides here but before I close are there any questions or we ask them all during which is fine yes some of the current open research problems that might result of this data with the use of the structure the different types of quite simple data bases that makes this I know this is a problem that I have heard about the stuff in movies that you have this year and based on that you use of the meaning of that you might want to hear and it doesn't help that this true to do things that have been used to fulfill the home by a short journey articles on your way to the so we're kind of doing some of that was not necessarily with the configure laments although I probably could expose more that with all the package commands we are so for example mapcar fed and show it here but if you do a task and then go click on the log you get a listing of this is what I ran to propagate this chain all this is what commands what flags everything up fast and so you can you evaluate that hopefully learn a little bit maybe become a PKG got something right is the planner or I O K ij whatever the command happen to be it was running you'll see exactly where did so that's not a black box and there's no Mr. the configs stuff it's in PHP at the moment in which may be going away so that's why why have to concern with that because I know that's possibly just be stuff that we're in toss and replace some elegant but that's something I will definitely but on the road map I agree it should be called a kind what the users through the use of the things we want to adjust to convince you world that would be cool they can ask you to do you UCL person knows a justice on the effect the idea is to mother of from theory so there's a lot that he called right back in order to vary from here that I would call yeah and then hopefully versus casting linkages output all those options and you still what not you could get that even from the command prompt if you knew the you see also an overview of the you you you you you you you will like just higher share that is the fully were put them on the roadmap for 2 hours of right now so the the of but they can make their work the universe evolves so anyway they you guys so much for coming and I'll be around so if you knew the questions come on down the


  215 ms - page object


AV-Portal 3.21.3 (19e43a18c8aa08bcbdf3e35b975c18acb737c630)