Nelf2013

What's New in FreeNAS 8.3

Dru LavigneDocumentation Lead, iXsystemsNELF, March 17, 2013

Outline

Introduction to FreeNAS 8.x

Features and ZFS Overview

What's New

Plugins Overview

ZFS Encryption Overview

Additional Resources

Introduction

Open source NAS (network attached storage) based on an embedded version of FreeBSD (nanoBSD) and released under 2-clause BSD license

Enterprise-grade appliance (TrueNAS) is also available in 2U/4U form factors with professional support

Introduction

8.x is a rewrite of the original monolithic design to a modular design (.7x EOL'd in 2011)

8.0 was released May, 2011 with a focus on NAS core functionality

8.2.0 introduced the Plugins architecture (released on July 20, 2012)

8.3.1 will be the current release (as of March 20, 2013)

Features

Create UFS or ZFS volumes (ZFS recommended)

Import existing UFS/ZFS RAID/z volumes

Import existing UFS, DOS, NTFS, EXT2/3 volumes

Create shares using Appletalk, NFS, and SMB protocols

Configure access through FTP/SFTP, SSH, and iSCSI

Features

Integration with OpenLDAP, Active Directory

Automated, secure replication via rsync/ssh

Automated ZFS snapshots and scrubs

Front-ends to cron, sysctls, loader.conf

Reporting graphs, scheduled S.M.A.R.T. tests, automated alerts, UPS

Features

Link aggregation, failover, and VLAN support

DDNS, SNMP, and TFTP support

Control panel to stop/start and view the status of services

Users Guide available in wiki, HTML, PDF, epub, and Kindle formats

Features

Supports OSX Time Machine and Windows Shadow Copies

OS is installed on USB stick/CF and is separate from data on storage disks

Upgrades keep a backup of the old OS, allowing for rollback

Administrative GUI accessed through a web browser; 8.2 adds a web shell for command line operations

ZFS

128-bit filesystem designed to be “self-healing” with checksums to provide data integrity

Snapshots (point in time) only store what has changed since the last snapshot (COW)

Scheduled scrubs verify integrity of disks and data

Deduplication saves space (removes duplicate data)

Datasets have properties (quotas, compression)

ZFS

RAIDZ* levels designed to overcome hardware RAID limitations

RAIDZ1: equivalent to RAID5

RAIDZ2: double-parity solution similar to RAID6

RAIDZ3: triple-parity solution

Caveats: resilvering takes time and can stress disks

What's New in 8.2.0 Plugins provide the administrator the flexibility to install additional software from the FreeNAS GUI to meet the requirements of the NAS

As each Plugin (PBI) is installed, an icon will be added to the FreeNAS menu (used to configure the application) and its service will be added to the Plugins tab of the Control Services menu so it can be started

Documented API so users can create and contribute their own PBIs

Installing Plugins

Configuring a Plugin

Installing Non-PBI Software

If a PBI is not available, you can still install FreeBSD packages or compile ports within the Plugins Jail

Software installed this way will not be integrated into the administrative interface but can be configured and started from the command line

Use FreshPorts.org to search for software that has been ported to FreeBSD

Available PBIs

FreeNAS PBIs are still new (only available since July 2012)

3 official PBIs: Firefly, MiniDLNA, Transmission

List of PBI requests:http://doc.freenas.org/index.php/PBI_Requests

List of user-created PBIs: http://forums.freenas.org/showthread.php?8470-INDEX-Available-Plugins

What's New in 8.3.x

8.3.0:

ZFSv28 adds deduplication, RAIDZ3, improved snapshot support, and a removable log device

autoexpand property allows pool expansion by replacing existing disks with larger ones

8.3.1:

Encryption

Encryption

GELI full disk encryption for new ZFS volumes (not ZFSv30 encryption which is closed source) Full disk encryption, not per-filesystem encryption Targeted at users who store sensitive data and want the ability to safely dispose of disks (independent of the encryption key) without wiping them first

Encryption key is per ZFS pool

Encryption

Encryption key is protected by both a passphrase and a recovery key

CPU that supports AES-NI is recommended, especially if more than one disk in pool

Data in the ARC cache and the contents of RAM are unencrypted

Swap is always encrypted, even on unencrypted volumes

Encryption

Encryption

Key management tools added to encrypted volume's screen in GUI

Used to change the passphrase, download a copy of the key, create a new key (which destroys the old key), create and download a copy of the recovery key, and change the recovery key

If the passphrase is forgotten, the recovery key can be used (needed when importing a pool)

Encryption

Resources

Website:

http://www.freenas.org

Forums:

http://forums.freenas.org

Bug tracker:

http://support.freenas.org

Resources

Links to Users Guide:

http://doc.freenas.org

IRC:

#freenas on Freenode

Links to mailing lists and instructional videos:

http://doc.freenas.org/index.php/FreeNAS_Support_Resources

Questions

Contact:

dru@freebsd.org

URL to Slides:

http://slideshare.net/dlavigne/nelf2013