What is the future of TrueNAS CORE?

[Ericloewe]

Ah, El Reg, timely as always.

 

[Stux]

So why should I use containers?

docker compose pull && docker compose up -d

That command downloads the latest version of all the containers in a multi container composition (gitlab omnibus, or for example web servers, base os etc)

Upgrades any components. Installs all security patches, and if necessary relaunches any services. With mimimized downtime, on the order of seconds, none if there are no changes.

It’s the equivalent of rebuilding the jail from scratch.

Once setup, that is the limit of maintenance required, and it could’ve been added to a cron, but I’m not prepared to do that ;)

That’s why you use containers. Containers due to a quirk in history, have standardized on Linux.

Ix have switched to Linux. They haven’t said that CORE is EOL. But I made a personal decision that I couldn’t wait any longer for fixes I needed in FreeBSD in CORE (Bhyve instability), and suspect will never come, so migrated to scale, which is a migration I’ve been planning since scale was announced.

And I believe (and I don’t represent iX) that Core won’t make it to FreeBSD 14.

You have a migration path. You should plan on taking it. Eventually.

Setup a BSD VM and push all your jails into that.

I just migrated another NAS yesterday. Went without a hitch.

1) disable dockers
2) switch trains, upgrade
3) adjust devices on pfsense vm, boot
4) add bridge network
5) add bridge to docker vm, boot
6) adjust docker vm networking. Reboot
7) enable dockers.

And that was it actually. Even my fan script ported with no changes (after I updated it previously) and came up after the upgrade with nil modifications.

 

[Patrick M. Hausen]

That command downloads the latest version of all the containers in a multi container composition (gitlab omnibus, or for example web servers, base os etc)

Upgrades any components. Installs all security patches, and if necessary relaunches any services. With mimimized downtime, on the order of seconds, none if there are no changes.

It’s the equivalent of rebuilding the jail from scratch.

Yes. But only because somebody else has already put in the work to create all those individual containers and the docker-compose file. And you trusting these persons 100% not knowing what you are running.

Not my idea of system administration. Once I have setup a configuration in Ansible, I could claim the same - just run the playbook.

Security updates? Only if the authors of the container image care to keep them current. And you cannot tweak anything that was not anticipated and enabled via environment variables by the creators of the images.

So if I was using this technology I would definitely create my own docker images. But then I can just create my own jails. There is no fundamental difference. Only you profit from the readily available work of others - of mixed quality in my experience - and the FreeBSD project missed creating a "jail ecosystem" more than 20 years ago.

 

[Stux]

Ah, El Reg, timely as always.

Liam is wrong about “no vm appliance” migration.

Jails and Plugins. No.

But Bhyve VMs migrate astonishingly well.

 

[Robert@f[m]]

Yes. But only because somebody else has already put in the work to create all those individual containers and the docker-compose file. And you trusting these persons 100% not knowing what you are running.

You are right. If you do not build up the container yourself, you are depending on the person, who did that.

I like the idea, doing it myself, because

• I know what is installed and in in which version
• The configuration is in my hand
• I am able to upgrade myself
• learn about the software I want to run.

For me this is so important, when i want to buid up a Service and for this the jails are so important.

 

[Stux]

Yes. But only because somebody else has already put in the work to create all those individual containers and the docker-compose file. And you trusting these persons 100% not knowing what you are running.

Not my idea of system administration. Once I have setup a configuration in Ansible, I could claim the same - just run the playbook.

Security updates? Only if the authors of the container image care to keep them current. And you cannot tweak anything that was not anticipated and enabled via environment variables by the creators of the images.

So if I was using this technology I would definitely create my own docker images. But then I can just create my own jails. There is no fundamental difference. Only you profit from the readily available work of others - of mixed quality in my experience - and the FreeBSD project missed creating a "jail ecosystem" more than 20 years ago.

I write all my own compose files.

So, I’m trusting the container author generally, which is normally the official distributor, or some of the big container groups (bitnami etc). Which is pretty much the same as trusting the source code.

And, when necessary I do create my own containers, just a matter of writing a Dockerfile, which is essentially a list of script steps to setup a “jail” based on an inherited container (say, Ubuntu)

But normally, I can just use an official container and configure it via some environment variables in the docker-compose.yml

Now, I’m a fan of compose for its simplicity and grokability. Kubernetes is inefficient and an atomic weapon when all you need is a hammer.

At the end of the day, k8s is a system for driving a cluster towards a textual description. Just like my compose files describe an application made up of 1-n containers, 0-n networks, 0-n volumes/mounts etc.

K8s takes that to the next level, and has apps running on clusters which self manage.

And then you have “helm charts” which essentially configure k8s much like compose configures docker containers.

But I just needed the containers to simplify my administration burden. And k8s was more than I needed, so didn’t want the 20% idle usage.

So, I’m glad that Dragonfish has Sandboxes, which you can think of as Linux jails.

Sandboxes (Jail-like Containers)

Provides advanced users information on deploying custom FreeBSD jail-like containers in SCALE.

www.truenas.com

 

[Davvo]

@Robert@f[m] most, if not all, of your questions have been already answered in this thread... as well as arguments against and for docker usage @Stux. Extensively so I would say.

Let's try not dilute important information any more please.

 

[Patrick M. Hausen]

Now, I’m a fan of compose for its simplicity and grokability. Kubernetes is inefficient and an atomic weapon when all you need is a hammer.

Same same. When I am forced to use docker images, I also prefer docker compose.

My claim is that setting up a jail is not in any way more complicated than writing a docker file.

 

[Stux]

Same same. When I am forced to use docker images, I also prefer docker compose.

My claim is that setting up a jail is not in any way more complicated than writing a docker file.

I agree. And fundamentally, docker is a jail-like system. But you generally do not need to write docker files.

I would say maintaining the jail is more complicated or time consuming. Constantly re-porting the software to BSD if someone else is not maintaining the ports…

The difference is that docker’s core functionality has taken over the world and been standardized (containerd) and is probably a trillion dollar ecosystem now.

Jails have not.

 

[Patrick M. Hausen]

Constantly re-porting the software to BSD if someone else is not maintaining the ports…

I rely on the FreeBSD ports/package system. If my developer colleagues need anything for which a port does not exist and the software in question is portable, I create a port and submit it to upstream.

The difference is that docker’s core functionality has taken over the world and been standardized (containerd) and is probably a trillion dollar ecosystem now.

Jails have not.

No objections, your honor.

 

[sremick]

This is all so soul-crushing.

In short:

• I get lambasted a while back for being concerned and predicting that exactly this might happen. And now it happens.
• Big Company neglects Product A and pours almost all development, improvements, bug fixes and new features into Product B, then touts the market "preferring" Product B over Product A as a reason to abandon Product A. What'd you expect?
• Big Company says that a reason for focusing on Product B is because the "market moves fast" yet neglects to upgrade the core of Product A for 2 major release cycles even though they're available.
• Big Company says that "because everyone else is abandoning X for Y, so should we" which is in-line with that thing your mom told you about everybody else jumping off a cliff. A ridiculous, self-fulfilling prophesy that doesn't allow Product X to flourish based upon its objective merits and advantages.
• Big Company says Product A doesn't benefit them financially, but never provided a dropbox for nonprofit users to vote with their wallet to ensure the viability of Product A's future.

My router runs on FreeBSD. My servers run on FreeBSD. My NAS has always run on FreeBSD (FreeNAS). My Plex server runs on FreeBSD (by virtue of my NAS). My primary workstation runs on FreeBSD. The few times I'm forced to run Linux, I run Devuan because systemd can go "pound sand". Docker can go follow systemd and all the other lemmings jumping off the cliff as yet another example of a bad idea that simply gained inertia because it had inertia, not because of its intrinsic benefits, with its users then stumbling over themselves to try and retroactively justify their choice. I have no interest in a NAS that runs on Linux/systemd. FreeBSD is rock-solid, an amazing server that has a development and design philosophy far more aligned with "servers" than Linux with its messed-up internal politics and fast-and-loose development style. FreeBSD is empirically a much more stable and reliable server operating system than Linux, regardless of the popularity contest driven mostly by momentum. And jails are just downright amazing and slick as s--t.

I'll be first in line for the FreeBSD-based FreeNAS fork. Just point me where to go.

 

[nasbdh9]

I only care if truenas scale can provide consistent or better performance as truenas core, openzfs in linux currently does not support transparent memory, and can anyone explain the current performance situation of large arc (128gb to 1tb) in truenas scale ?

 

[garm]

Way back when FreeNAS was rebranding and had a slight derailment with the project that-shall-not-be-named I did stick with TrueNAS for one reason, the config database. For me TrueNAS is a nice package of FreeBSD and when Core is finally abandoned I wont be migrating to Scale, but probably roll my own FreeBSD with Ansible.

This community is awesome and iX is doing a great job maintaining an open source NAS project, and what ever the business justification for iX, I'm not gonna run my NAS on Debian as long as FreeBSD is alive and maintained. Everything mission critical in my life is built on BSD and I don't see why that would change.

I'm not a developer, I don't contribute to ports. I'm just a hobby photographer and admin who don't want to lose photos to bitrot. That is why I started using ZFS back in 2009. In 2017 I replaced my homegrown FreeBSD server running on an old first gen Mac Pro with FreeNAS. The config database was a big part of that decision as I was spending way too much time maintaining my pools over various systems when ever hardware would fail.

Being able to just throw the drives in a new system, build a boot drive and upload the config dump was awesome.

I can do that with ansible too, I just didn't bother as I'm lazy.

I hope TrueNAS Core has a future, but my loyalty lies with FreeBSD and its them I will follow.

 

[danb35]

I did stick with TrueNAS for one reason, the config database.

I don't really have skin in the game, but you know you can upload a CORE config database to SCALE, right?

 

[Kris Moore]

I only care if truenas scale can provide consistent or better performance as truenas core, openzfs in linux currently does not support transparent memory, and can anyone explain the current performance situation of large arc (128gb to 1tb) in truenas scale ?

In terms of raw ZFS performance, they are pretty much at parity (Even faster with NVMe and some configurations on SCALE, its what our highest end Enterprise products run now). In 24.04-BETA.1 and later, ARC usage is identical between the two across small/large memory situations.

 

[Kris Moore]

Just my 2C on some of the comments lamenting FreeBSD. I totally understand the sentimental feelings about the OS. Just a few short years ago a lot of people were saying all the exact same things, except substituting FreeBSD -> Solaris and Jails -> Zones. I get it. We get attached to our particular brands and technologically comfortable with a particular tool very easily. But that doesn't mean the world stops moving. Products still have to innovate and grow. I felt the same way some of you do for about 3 weeks when I did my own cut-over. But once I got over the hurdle of learning a few new tricks and syntax, its been smooth sailing ever since :)

Stagnation in tech is a killer. In the software & hardware industry, you have to move forward, adapting and innovating while you go, otherwise you get left behind. At some point down the road, something will replace Linux, and lots of people will feel the same way about that transition. But despite the temporary discomfort it causes some of us who have to learn new things, overall it is a net-positive. Progress marches forward.

 

[Kris Moore]

I don't really have skin in the game, but you know you can upload a CORE config database to SCALE, right?

Just to re-affirm, yes you can "migrate" or "side-grade" or whatever you want to call it. Apart from Jails, the NAS services and VM's just transparently migrate over fully without much fuss.

 

[awasb]

Just my 2C on some of the comments lamenting FreeBSD. I totally understand the sentimental feelings about the OS. [...] Products still have to innovate and grow. [...] Stagnation in tech is a killer. [...] you have to move forward, adapting and innovating while you go, otherwise you get left behind. [...] Progress marches forward.

 

[garm]

you know you can upload a CORE config database to SCALE, right?

Sure, I meant to compare running native FreeBSD and TrueNAS.

once I got over the hurdle of learning a few new tricks and syntax, its been smooth sailing ever since :)

This isn't the case for me though, I've been using Linux sins the late 90s. I was vaguely aware of Unix during that time and never even considered FreeBSD until stumbling on ZFS back in 2008 while researching storage servers after loosing photos to bitrot. During collage in the mid 00s I desperately tried to convert my gaming rig to Linux and my laptop for school work was Slackware. I wrote my Master thesis on OpenOffice despite my mentors complaints.

I choose FreeBSD after a lot of experience with Windows, Linux and OSX/MacOS.

 

[Ericloewe]

I wrote my Master thesis on OpenOffice despite my mentors complaints.

You're insane. I used Word and was labeled a weirdo, I'm surprised they didn't find a technicality to keep you from getting your degree. I can't imagine using Open/Libre Office for such a thing.