I know the answer is "just use FreeBSD", but out of interest does anyone run OpenBSD with a LAMP stack in any sort of production environment with a medium-level(whatever this may mean to you) of traffic ?
Core of the network is still Cisco and Nokia boxes, but all the support/servery stuff runs on OpenBSD - ELK stack, nextcloud servers, db servers, smokeping, nagios, syslog, tacacs, rpki validators, mail relay.s - you name it.
Only exception is backups servers, where we use TrueNAS with ZFS (FreeBSD-based).
I was testing 10gig SFP+ NICs (intel, broadcom) in linux, freebsd and openbsd with iperf3. I was seeing line rate in linux and freebsd and somewhere around 3gbps in OpenBSD. So while linux and freebsd has top performance, OpenBSD's performance with security mitigations enabled by default is good enough(tm) in most cases.
YMMV
For no other reasons than:
1) I can (i'm the boss, and only employee :/)
2) OpenBSD, will always have a special place in my heart going back 20 years, trying to "share" our dialup modem on my 386 !
3) I also like going on vacation and not worry
4) That artwork :P
5) Just love the pure simplicity of it, everything "fits in your working mind"
6) I feel the older I get, the more I move to a graybeard-unix-mindset. Although I'm no way near as clever or component as the 'myth'.
I like to think the (ok my) "ultimate final destination" is me sitting on a mountain top with a netbook coding in a LISP in Emacs on OpenBSB.
Of course I might need some eye-candy so I will allow lolcat-bash-prompts for that color-req in my life. *The final zen-state*
Now if I can only find a "DECENT" VPS host that offers any bsd default install options looking at you scaleway !
This is the only reason I don't still run OpenBSD firewalls - because the little appliance I use doesn't have the CPU to keep a gigabit NIC saturated and I have gigabit internet. Now that topton refreshed their offerings with 10th and 11th gen 2.5gbe firewalls [1] I plan to try again. Having said that, I tried drag racing PFsense, Fedora and OpenBSD in virtual machines on a DL360 G9 under vmware and OpenBSD wasn't able to keep up there either.
[1] https://www.servethehome.com/inexpensive-4x-2-5gbe-fanless-r...
I believe that jcs runs pushover on OpenBSD.
I think many people who run other Unix-like OSes don't always realize how much of the code they use regularly comes from the OpenBSD project, even if we don't often run OpenBSD directly.
Thanks, OpenBSD!
OpenBSD is a huge contributor to the Unix ecosystem. Also, don't forget the top-notch documentation. Even when I'm using Linux at work, I'll still often pull up the OpenBSD man pages because they're so much better.
Examples:
> As an example of the effect OpenBSD has, the popular OpenSSH software comes from OpenBSD.
But I think they could reformulate it to illustrate that even more good stuff has been done there and it is used by many
https://home.nuug.no/~peter/openbsd_and_you/
EDIT:grammar
https://marc.info/?l=openbsd-cvs&m=163331097625151&w=2
For firmware that cannot be distributed on the install media, it is instead packaged separately and made installable through fw_update(8), if you have a working Internet connection will be fetched automatically from the installer or on first boot.
You can also add firmware to install media yourself, if you have an existing OpenBSD install:
Unfortunately powers that be at OpenBSD are pretty hardcore about "Open means open".
Of course people are free to run their volunteer projects however they like, but I’m also free to decide that I’m not going to have my firewall rules randomly break if I want to keep my router updated. Over the last 15 years or so I’ve been burned by OpenBSD multiple times on this issue.
There's also a pretty clear instruction at the top: "For critical or physically remote machines, test it on an identical, local system first."
I mean, I know it's annoying to hear that, but they are pretty upfront about basically everything with this OS, and you just have to be diligent about actually reading the documentation for the system upgrade. You were not "burned" by the OS or its developers.
Sadly I can't say much about the release because I have no real use case for OpenBSD.
It's a fun time playing around with OpenBSD on laptop. I've used it a couple times on old thinkpad's, it's always an interesting reminder that there is *nix that is not Linux, and that there's more than one way to do things.
Maybe when I finally get around to building a router it'll be OpenBSD, that would be fun.
Would recommend it, very nice to work with.
Last time I tired it I had big problems with it in base install. Both editors and mandoc were falling short in that regard.
that and zfs (no partition, can use whole disk).
i'm considering using freebsd on both server and laptop from now on.
will i miss anything?
Both OpenBSD and FreeBSD are boringtech(tm). It just work, without all the drama, changing init systems and or system tools every couple years. It really depends on your workload, but with FreeBSD, you can run linux/windows/whatever in BHYVE or virtualbox if you need something specific ...
I've ran FreeBSD servers with ZFS and jails (bastille) before, but I usually fall back to OpenBSD (if storage <100G) or SmartOS (storage >100G -> ZFS). Really depends on the workload. Give it a shot or mention what you need.
Headline improvement for this version: it's fully supported on Apple Silicon. Not sure there is a huge market for that, but still pretty cool!
Technically you it was always available, you can always follow -current or whatever they call it.
Most sensible people don't, however, because it entails going back to the old-school way of keeping OpenBSD up to date, i.e. you don't get to benefit from syspatch, fwupdate and sysupgrade. All three utils being (relatively) recent inventions that help keep your average sysadmin sane !
CVS still works just fine for the devs ...
The limitations of those syscalls are inherent to the interface and won't be "fixed" this way.
So it's no doubt convenient for the OpenBSD devs to unify the implementation, but this is not a user visible change or even something user mode programmers should care about.
ssh myopenbsdbox # log-in to your machine
doas sysupgrade # will log you out, go drink some coffee
ssh myopenbsdbox # log-in to the upgraded machine
doas sysmerge # if any, solve merge conflicts of your cfg files
doas pkg_add -u # if any, upgrade local packages
doas sysclean # print obsolete files that you may want to remove
:)
From what I read online, OpenBSD does lack compared to FreeBSD in hardware support
Announcement mail: https://marc.info/?l=openbsd-announce&m=165054715122282&w=2