Enterprise Working Group
CHARTER
The mission of the Enterprise WG is to bring clarity to feature and other gaps that limit enterprise (e.g. business or end user) adoption of FreeBSD as a general-purpose server platform and provide a supportive group to help developers close these gaps. For our purposes, we are defining general purpose enterprise server as servers used by businesses and other organizations to support business applications and end users. Typical applications include Active Directory, Samba, kerberos, ERP and other apps often written in Java, and increasingly AI workloads and cloud native apps.
The Scope of the WG is: For the remainder of 2023, the WG will focus on the set of features identified initially and refined during the WG’s first meetings. The WG will also concern itself with onboarding a semi-permanent group of developers and users to look after the ongoing utility of FreeBSD for general purpose enterprise server workloads.
Our success metrics are:
- Staffed development plans for high priority projects
- Steady to growing number of WG participants who perform a growing diversity of tasks
- Feature updates in priority projects
- Greater utility by current enterprise users
- Increased adoption of FreeBSD as a general purpose enterprise server platform
More support for FreeBSD by “critical” enterprise tech & resources, such as XDR vendors, CIS benchmarks
The deliverables are:
- Improved satisfaction among enterprise users
- Documentation of WG progress and deployment/use best practices
- WG community growth
- Growing support for FreeBSD by critical enterprise tech vendors
We operate according to the FreeBSD Code of Conduct
Contents
Status
By end of 2023, the working group has grown to 69 members. Following gaps were identified:
Feature |
Description |
OCI |
Important to have an OCI runtime |
bhyve manageability |
This is a pain in the enterprise. FreeBSD has exceptional jails & hypervisor with a lot of possibilities, but everything has to be done manually |
AD/DNS Integration |
This is needed. In a large environment it is impossible to email the DNS admin about every single change, therefore Active Directory makes heavy use of dynamic DNS updates authenticated via GSS-TSIG (requires Kerberos) |
NVIDIA GPU support |
HPC, AI workloads. Many in these industries like FreeBSD but need more native support in nvidia. security is key for these workloads |
Java / OpenJDK |
No upstream BSD port in OpenJDK |
Samba 4.x |
Since the inception of their new VFS layer, it has become harder for FreeBSD. Too many changes living now in downstream (port). FreeBSD core pillars of ZFS and network capability must be in sync with Samba's features to have great file hosting |
smbfs 2.0/3.0 |
The current smbfs driver is 1.0, totally unusable |
Kerberos |
Heimdal base is old. Splitting of MIT Kerberos port into client and server would be ideal |
eBPF |
Workstream status as of May 23 2024
Feature |
Status |
OCI |
OCI Working Group established and working |
bhyve manageability |
documentation improvements merged; live migration feature gap stalled due to stable, long term snapshot format definition missing |
AD/DNS Integration |
No update. Michael Dexter and Greg Wallace will talk to Daniel Bell at BSDCan |
AI support |
In early stages of Edge AI effort - let Greg know if you’d be interested in supporting |
NVIDIA GPU support |
Some progress with DPU side of NVIDIA. Greg still working on it |
Java / OpenJDK |
No luck finding a good candidate. Any ideas from the community? |
Samba 4.x |
With https://www.freshports.org/lang/dotnet/ .NET 8 finally having landed in ports, we have the foundation for starting improvements. Good engagement with .NET team. |
smbfs 2.0/3.0 |
Goal is to get fork from community contributed. Still working on it. |
Kerberos |
Shift to MIT in process. Developer is around halfway through the process of reverse engineering their Makefiles to build FreeBSD’s. As of May 24, working on plugins. |
eBPF |
no update |
CIS Benchmark |
Estimated completion in June or July |
Participation
This group is open to anyone who would like to contribute in support of its charter. We previously used Google Groups to communicate but as of 12/04/2023 we have switched to an official FreeBSD mailing list.
To join the mailing list, please go to the signup form to subscribe. Only registered subscribers can send to the mailing list.
We need all kinds of perspectives and expertise - developers, end users, project managers, testers. Questions please email greg at freebsdfoundation dot org
Our Next Workgroup Call
The next call has not been scheduled yet. Please sign up with the work group via the the mailing list signup form to receive the next meeting link.
The agenda for the next call:
- bhyve / jails manageability from Chris M
- OCI runtime from Greg W
- OpenJDK contractor status from me or Joe M
- GPU and AI support from Greg W
Workstreams
OCI runtime
- The following people have volunteered to help:
- Johannes Kunde - end user, helping create the Product Requirements Document
- John Hixson - Developer willing to help
- Ian Evans - CTO of Metify - Developer and end user also weighing in on the PRD
- Kyle Wilcox - Chief Software Architect of Metify - Developer
- Doug Rabson - Developer
Here is the link to the DRAFT PRD: OCI PRD
Doug Rabson opened a PR on November 10 to propose an OCI Working Group to develop a FreeBSD runtime: Github and dfr's proposal for a working group
bhyve manageability
- The following people have volunteered to help:
Chris Moerz - PM
- Michael Dexter - user and bhyve community manager
Here is the link to the DRAFT PRD: bhyve management PRD
Here is the link to the spreadsheet on desired features: Desired bhyve features
Activities (see also Bhyve (and jails) management workstream)
- Updating the FreeBSD handbook around bhyve virtualization
- Updating the bhyve man page - landed, planning new additional improvements
- building course work for EuroBSDCon in Sep 2024, may turn into useful materials for helping newcomers get started with bhyve
- working on UCL parsing functionality that would allow a "jails.conf" like definition for a bhyve vm - either through jailer, vmstated or similar tooling
- Minimum Viable Product scoping - in a recent call on 2024/02/08, the following items were identified as viable topics to follow up
- Junior Admin Tasks
- Start/stop VMs
- Create a VM
- Resource analytics
- Snapshot the backing storage
- Move VMs between hosts
- Attach to a console, even read-only. Is there a panic on screen?
Beyond the SAC> on Windows Server… what OSs do NOT support a console?
- With Capture!
- This has become more complex on GNU/Linux, settings are easily nuked by updates
- Tooling to help new users to get started and interact with bhyve
- Port the Proxmox GUI? TrueNAS?
- Anyone using Webmin?
- Salt Stack? Chris has a module for managed Jails that could be opened
- Ansible? (module by module or first stage/playbooks or pull mode or web interfaces)
- Chef! CF Engine! Puppet!
- Junior Admin Tasks
Attending weekly bhyve call as best as I can - if you are interested in talking or joining the calls, please get in touch; my contact details are on my page.
as of 01/2024, we have an initial reference implementation for "vmstated" (see GitHub), a user space daemon for managing and monitoring bhyve virtual machines.
- It is meant as "brain teaser" to further the conversation about process supervision
It can be compiled from source or installed via ports (sysutils/vmstated)
- It certainly has a lot of room for improvement coding and capabilities wise - you are welcome to give feedback either via email, Github or joining the weekly calls
AD/DNS
- The following people have volunteered to help:
- Michael Osipov - end user
- Greg Wallace - PM
- Next step is to hold a kick-off call.
NVIDIA GPU support
- The following people have volunteered to help:
- Vedran Miletic - end user
- Zoran Vujovic - tester with Supermicro
- Jason Morris - tester Azure
- Greg Wallace - PM
- Ian Evans - CTO of Metify - Developer and end user also weighing in on the PRD
- Kyle Wilcox - Chief Software Architect of Metify - Developer
- Next step is to get a volunteer to drive the completion of the first draft of the PRD, collect feedback, update and finalize.
Java / OpenJDK
The FreeBSD Foundation opened a position to bring on a contractor to do this work OpenJDK Contract
Samba 4.x
- The following people have volunteered to help:
- Michael Osipov - end user
- Greg Wallace - PM
- John Hixson - developer
- Next step is to assess the patch situation and come up with a plan to approach upstream
The FreeBSD Foundation is discussing how to get FreeBSD added to .NET CI so that GitHub Actions can support it
Update January 2024: lang/dotnet - Microsoft .NET programming framework successfully ported to FreeBSD
smbfs 2.0/3.0
- The FreeBSD Foundation is working on getting a donation of this code (code contribution, re-licensing under BSD license)
Completed and archived tasks
- Assess interest in an Enterprise WG - The Google Group now has 69 members
- Charter the WG
- Compiling list of gaps
- Prioritize feature list
- Assign/volunteer - IN PROGRESS. See Workstreams above
Feature priorities
The following prioritization was established in 2023:
Feature |
Mean rank (lower is more important) |
Mean difficulty (higher is harder) |
OCI |
2.9 |
4.1 |
bhyve manageability |
3.3 |
2.3 |
AD/DNS Integration |
3.7 |
3.3 |
NVIDIA GPU support |
4.0 |
3.9 |
Java / OpenJDK |
4.6 |
3.4 |
Samba 4.x |
4.8 |
3.4 |
smbfs 2.0/3.0 |
5.0 |
4.0 |
Kerberos |
5.1 |
3.5 |
eBPF |
5.8 |
4.6 |
Resources
- 1st meeting
- 2nd meeting
- 3rd meeting
- 4th meeting
- 5th meeting
- 6th meeting
- 7th meeting