FreeBSD 14 has been released as the newest major release of the open-source BSD operating system. After a few minor release delays, FreeBSD 14.0-RELEASE is now officially available. FreeBSD 14 is the last series for this OS project supporting 32-bit systems. FreeBSD 15 will drop support for 32-bit hardware platforms although FreeBSD 15 64-bit systems will retain support for running 32-bit binaries. That 32-bit binary compatibility is expected to be supported at least through FreeBSD 16.

FreeBSD 14 also adds a new “fwget” utility for fetching firmware packages. The fwget utility initially can get firmware for Intel and AMD GPUs. FreeBSD 14 goes on to replace sendmail with dma, OpenZFS 2.2 provides the latest ZFS file-system support, Kinst as a new DTrace provider, makefs adding ZFS support, boottrace is a new interface for capturing trace events during system boot and shutdown processes, the kernel TLS offloading handling receive-side offloading of TLS 1.3, initial WiFi 6 support in WPA, sh is now the default shell for the root user, and an updated LLVM toolchain.

FreeBSD 14 on ARM64 and AMD64 now supports up to 1024 CPU cores, up from the current limit of 256 cores. FreeBSD 14 should also reboot faster, ISA sound card support was removed, and there is a new Intel QAT driver with more features and support than the prior FreeBSD QAT driver for QuickAssist Technology. Netflix also sponsored the removal of many other old drivers from FreeBSD.

FreeBSD 14.0-RELEASE is a great step forward for getting this BSD operating system running on the latest hardware and making other improvements as we approach 2024.

More details and downloads for FreeBSD 14.0 can be found on FreeBSD.org.

Source: Phoronix.

Portainer has published an article titled “GitOps - The Path Forward” that explores the concept of GitOps and how it can be implemented using the Portainer platform. The article begins by discussing the importance of adhering to compliance standards like GDPR and the need for secure cloud environments. GitOps is presented as a recommended operational framework for implementing infrastructure and development methodologies that ensure compliance and effective infrastructure management.

The article goes on to explain the fundamental concepts of GitOps, including automation, version control, continuous integration/continuous delivery, auditing, compliance, version rollback, and collaboration. It highlights the requirements for implementing GitOps, such as Infrastructure as Code (IaC), pull request reviews, CI/CD pipelines, automation, version control, auditability, rollback and forward capabilities, and collaboration.

The article then focuses on how Portainer facilitates the implementation of GitOps. It mentions that Portainer offers a suite of tools designed specifically for GitOps, including RBAC, automation, and visibility. It highlights the role-based access control (RBAC) feature of Portainer, which provides precise access control to Kubernetes platforms and container runtime environments. Portainer also integrates with authentication providers like LDAP and Microsoft AD. The article further explains how Portainer enables GitOps automation by connecting with Git repositories and allowing for automated application deployment to Kubernetes clusters and container environments. It also mentions how Portainer provides updates and monitoring solutions for GitOps operations through container logs, authentication logs, and event lists.

In conclusion, the article emphasizes that GitOps is a contemporary methodology for managing infrastructure and applications, and leveraging GitOps strategies like auditing, rollback, and roll forward can enhance operational agility, reliability, and compliance. The article highlights the benefits of using the Portainer platform for implementing GitOps, including RBAC, automation, and monitoring capabilities.

MediaTek has introduced two new WiFi 7 chipsets, the Filogic 860 and Filogic 360, targeting mainstream routers and client devices. The Filogic 860 features a tri-core Arm Cortex-A73 SoC designed for up to BE7200 routers and gateways, while the Filogic 360 is a WiFi 7 and Bluetooth 5.4 chip designed for smartphones, PCs, laptops, set-top boxes, and OTT streaming boxes, offering up to 2.9 Gbps bandwidth.

The Filogic 860 and Filogic 360 chipsets provide more cost-effective alternatives to the previously introduced Filogic 880 SoC for up to BE36000 routers and Filogic 380 clients chip, which can achieve up to 6.5 Gbps PHY data rate.

MediaTek Filogic 860 Specifications:

• CPU – 3x Arm Cortex-A73 cores clocked at up to 1.8 GHz
• Network Processing Unit (NPU) – Hardware QoS acceleration and Tunneling Offload Engine for VLAN / PPTP / L2TP / GRE
• Networking Crypto engine (EIP-197) – For IPv4 NATP / IPv6 / DS-Lite / 6RD acceleration
• Memory I/F – DDR3, DDR4
• Storage I/F – SPI-NOR, SPI-NAND, eMMC, SD
• Networking
  • Wi-Fi 7 (802.11a/b/g/n/ac/ax/be)
    • Up to 7.2 Gbps (BE7200) PHY performance
    • Tri-band support – 2.4GHz, 5GHz, 6GHz
    • Key Features – BW40 (2.4Ghz), BW160 (5/6GHz), 4096-QAM, MLO, MRU, and AFC
    • Antenna – 4×4 (2.4GHz) + 5×5 (5/6GHz); Filogic Xtra range to boost receiving distance using an extra antenna
  • Ethernet
    • 1x 10GbE (USXGMII)
    • 1x 2.5GbE PHY
    • 4x 1GbE interfaces
• USB – 2x USB 3.2 up to 5 Gbps each
• PCIe – PCIe 3.0 up to 10 Gbps
• Other I/Os – UART, SPI, PWM, GPIO and OTP

The Filogic 860 is expected to be used in WiFi 7 enterprise access points, service provider Ethernet gateways, mesh nodes, retail routers, and IoT router applications. Although software support details are not provided, MediaTek is likely to offer support for Linux-based distributions such as OpenWrt and/or Debian.

MediaTek Filogic 360 Specifications:

• Wi-Fi
  • Wi-Fi 7 (802.11a/b/g/n/ac/ax/be)
  • Tri-band – 2.4GHz, 5GHz, 6GHz
  • Antenna – 2×2 triple-band
  • Max Throughput – Up to 2.9Gbps
  • Wi-Fi 7 Features – Up to 160MHz BW, 4096-QAM, Hybrid MLO (eMLSR), MRU
• Bluetooth Dual 5.4, LE Audio
• MediaTek Bluetooth and Wi-Fi coexistence technology
• Single chip with RF, Baseband, MAC, iFEM
• Host interface – PCI Express 2.1 or USB 3.0

The MediaTek Filogic 860 and Filogic 360 WiFi 7 chipsets are currently available for sampling to customers, with mass production scheduled for mid-2024. Therefore, routers, gateways, and client devices utilizing these new chips are expected to hit the market in the second half of 2024. More information can be found on the respective product pages and in the press release.

Source: CNX Software – Embedded Systems News.

Distrobox 1.6 has been released, offering an open-source solution for launching Linux distributions within your terminal. This project, which builds upon Podman and Docker, allows users to create containers of their preferred Linux distribution and seamlessly integrate them with the host environment.

Distrobox has continuously added new features with each release, and version 1.6 is no exception. One notable addition is the support for Lilipod, a simple container manager developed by Luca Di Maio, the lead developer of Distrobox. Lilipod enables users to easily download, unpack, and use OCI images from various container repositories.

In addition to this, Distrobox 1.6 also includes improvements in NVIDIA GPU/driver integration, specifically focusing on CUDA support. The update also brings various enhancements to the init process, refining the experience for initful containers. Now, initful containers support OpenRC where available, offer proper systemd user session support, and come with export fixes. The release also includes numerous bug fixes and other refinements.

Source: Phoronix.

Netmaker, a tool that creates networks using WireGuard, has released version v0.21.2. This tool automates the creation of fast, secure, and distributed virtual networks. Netmaker leverages Kernel WireGuard, which provides maximum speed, performance, and security for the virtual networks it creates.

The latest release, v0.21.2, brings several improvements and fixes to Netmaker. Some of the new features include auto relay via enrollment key and improvements in local routing.

In terms of fixes, the release addresses an inconsistency in DNS entries for networks, ensures validation of unique network CIDR, fixes caching discrepancies in extclient, resolves issues with deleted node peer updates when disconnected from the network, and adds a force deletion option for daemon nodes stuck in the removing state.

However, there are a few known issues with this release. The Windows installer does not install WireGuard, and the netclient-gui may continuously display an error dialog if the Netmaker server is offline. Additionally, there are IPv6 address and route issues on Mac, and the network tab in netclient-gui may appear blank after disconnecting.

Overall, Netmaker’s latest release offers improved functionality and fixes for a smoother experience in creating virtual networks with WireGuard.

In this week’s issue of README Highlight (#46, 2023), we are taking a look at the following project: lldap.

The project is a lightweight authentication server that provides a simplified LDAP interface for authentication. It is designed to integrate with various backends, including KeyCloak, Authelia, Nextcloud, and more. The server comes with a user-friendly web interface that makes user management easy. Users can edit their own details and reset their password by email.

It is important to note that lldap is not a full LDAP server. It is a user management system that is simple to set up and manage, with low resource requirements. It is specifically designed for self-hosting servers and integrates well with open-source components like Nextcloud and Airsonic that only support LDAP as a source of external authentication.

The project uses SQLite as the default backend for data storage, but it can be easily swapped with MySQL/MariaDB or PostgreSQL. Installation options include Docker, Kubernetes, and installation from a package repository. The project also provides detailed instructions for cross-compilation.

For client configuration, lldap is compatible with most services that can use LDAP as an authentication provider. The server uses a specific user DN for authentication and stores users in the ou=people directory by default. The project provides sample client configurations for various services, including Airsonic, Apache Guacamole, Authelia, Bookstack, and many more.

Migrating from SQLite to MySQL/MariaDB or PostgreSQL is also supported, and the project provides detailed instructions for this process.

Comparisons with other services are provided as well. lldap is compared to OpenLDAP, FreeIPA, and Kanidm, highlighting the differences in features, complexity, and resource requirements.

In case of any issues or difficulties logging in, the project provides troubleshooting steps and encourages users to join their Discord server for support.

Contributions to the project are welcome, and the project maintains an open and respectful community.