CFT: FreeBSD Package Base

Joe Maloney jmaloney at ixsystems.com
Tue Apr 30 03:25:34 UTC 2019 

What you describe is the sysup tool for managing updates with boot environments which is not part of the CFT ISO.  The pkg upgrade command is used to update the base packages.  Sysup is not necessary unless you want a wrapper to create boot environments.  

Having said that I cannot describe the problems I’ve had for several years with FreeBSD’s pkg base without muddying the waters with this CFT.  So I sort of agree it should be called “planned pkg-base”, or “actually has a chance at being integratabtle pkg-base”.  Try the ISO I think you will like it.

Joe Maloney
Quality Engineering Manager / iXsystems
Enterprise Storage & Servers Driven By Open Source

> On Apr 29, 2019, at 10:41 PM, Rodney W. Grimes <freebsd-rwg at gndrsh.dnsmgr.net> wrote:
> 
>> On April 29, 2019 1:50:00 PM PDT, Garrett Wollman <wollman at csail.mit.edu> wrote:
>>> <<On Mon, 29 Apr 2019 12:31:07 -0700, Cy Schubertt 
>>> <Cy.Schubert at cschubert.com> said:
>>> 
>>>> The discussion about granularity begs the question, why pkgbase in
>>> the 
>>>> first place? My impression was that it allowed people to select which
>>> 
>>>> components they wanted to either create a lean installation or mix
>>> and 
>>>> match base packages and ports (possibly with flavours to install in 
>>>> /usr rather than $LOCALBASE) such that maybe person A wanted a stock 
>>>> install while person B wanted to replace, picking a random example,
>>> BSD 
>>>> tar with GNU tar. Isn't that the real advantage of pkgbase?
>>> 
>>> No.  The "real" advantage of pkgbase is that it allows the distributor
>>> of a customized version of the operating system to support binary-only
>>> updates, without all the (non-trivial) infrastructure of running a
>>> custom FreeBSD-update builder and distribution server.
>>> 
>>> Consider my position: I have about 30 servers (and another ~10 jails)
>>> that all run the same local build of FreeBSD.  Right now, the only
>>> reliable way to update them is to NFS-mount /usr/src and /usr/obj from
>>> my build server, and run a (slow) "make installworld".  It would
>>> literally save me hours out of every upgrade (or base-system security
>>> fix) to be able to install compressed binary packages downloaded over
>>> http, and I'd have better security because binary packages are
>>> signed.
>>> 
>>> For my use case, I don't much care what the granularity is, so long as
>>> I can safely upgrade (or update) the kernel independently of the
>>> userland and independently of third-party packages -- just two
>>> packages (kernel and userland) would suffice, although I'd probably
>>> prefer the runtime libraries to be in a separate package just for
>>> safety.
>>> 
>>> I'm not distributing packages to third parties, I just want to be able
>>> to install and upgrade my packages on my fleet of servers and jails
>>> quickly and safely.  This is not the entirety of the use cases the
>>> project as a whole needs to support, but it's a major *end-user* use
>>> case.  (And I've said as much in various surveys.)
>>> 
>>> -GAWollman
>> 
>> An anaconda-like installer for freebsd could do that. Also a perfect job for cfengine or ansible. Deploy and use a playbook to enforce policy.
> 
> https://anaconda-installer.readthedocs.io/en/latest/ <https://anaconda-installer.readthedocs.io/en/latest/>
> 
>> You don't need to break up base into packages (not arguing against packaging) to gain the benefits of configuration management.
>> 
>> As for updating, freebsd-update is mostly there to accomplish your requirement without pkgbase. Which begs the question,  if we're simply replacing freebsd-update and it does most of what we want why the extra effort? Unless we want to solve more than just this problem? Which BTW I think we do.
>> 
>> I've seen pkgbase as a building block to build an anaconda-like installer complete with scripting language. The ability to pick and choose packages as many Linux distros do is one part of it.
> 
> What seems to be confusing here is that TrueOS/FreeNAS's
> "package base" and the work that has been on going IN
> the FreeBSD base system for 2+ (3?) years are 2 
> different things with different goal sets and this
> CFT has very much muddied that water as to what is
> what.
> 
> Is there an advocation by iXsystems and TrueOS to replace
> what is in the base system now with this new Go implementation
> in ports?
> 
> Are they orthagonal?  If so can we please rename one?
> 
> 
> -- 
> Rod Grimes                                                 rgrimes at freebsd.org <mailto:rgrimes at freebsd.org>
> _______________________________________________
> freebsd-pkgbase at freebsd.org <mailto:freebsd-pkgbase at freebsd.org> mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase <https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase>
> To unsubscribe, send any mail to "freebsd-pkgbase-unsubscribe at freebsd.org <mailto:freebsd-pkgbase-unsubscribe at freebsd.org>"

More information about the freebsd-pkgbase mailing list