Bug 222089

Summary: Official Google Cloud image configuration errors
Product: Base System Reporter: Vick Khera <vivek>
Component: confAssignee: freebsd-bugs (Nobody) <bugs>
Status: New ---    
Severity: Affects Many People CC: helen.koike
Priority: ---    
Version: 11.1-RELEASE   
Hardware: Any   
OS: Any   
Description Flags
patch to address several of the issues reported. none

Description Vick Khera 2017-09-05 21:04:25 UTC
I installed a GCE image from the image as per the 11.1 release notes:

gcloud compute instances create fbsd-test1 --image freebsd-11-1-release-amd64 --image-project=freebsd-org-cloud-dev --zone "us-central1-c" --subnet default --maintenance-policy MIGRATE --boot-disk-size 22

The resulting VM had some significant issues:

1. /etc/hosts does not have localhost. default resolv.conf setting does not let the system resolve "localhost" either. It appears that the file is overwritten rather than appended to.

2. /boot/loader.conf requests kern.timecounter.hardware=ACPI-safe, but choices are ACPI-fast(900) TSC-low(1000). The system then chooses TSC-low timer, which is running the clock fast about 2 minutes every 30 minutes. Using ACPI-fast the clock remains very accurate with ntpd.

2.5. loader.conf is the wrong place to set timecounter. The setting there is ignored. It appears that the right place is sysctl.conf.

3. /etc/ttys enables all the virtual consoles; these are inaccessible so should just be off other than the serial console so that there are not a bunch of getty processes running doing nothing.

4. google_accounts_manager takes a *long* time to exit, which holds up reboots by over a minute. It also issues a warning about mismatched interpreter name.

Minor issues:

1. The last line of /etc/syslog.conf is a duplicate of a line further up. This line seems appended specifically in the GCE image and is totally redundant.

2. The console setting in rc.conf does nothing. It is only valid to put this in loader.conf.

Also, it would be great if the image did not require a 22GB disk. I think it would fit very easily into 10GB as a minimum size. All of the above issues can be fixed by editing the config files, but this minimum size requirement cannot be.
Comment 1 Vick Khera 2017-09-05 21:35:04 UTC
"minor issue 2" is an error in my bug report. that was confused with another image configuration i tried. it does not seem to affect the official image.
Comment 2 Vick Khera 2017-09-05 21:39:06 UTC
Another issue with the ntpd.conf file. ntpd complains about the "kod" configuration.

Sep  5 14:07:53 fbsd-test1 ntpd[2191]: restrict default: KOD does nothing without LIMITED.
Sep  5 14:07:53 fbsd-test1 ntpd[2191]: restrict ::: KOD does nothing without LIM

It can and should be simplified to this:

restrict default ignore
restrict -6 default ignore
Comment 3 Vick Khera 2017-09-05 21:41:19 UTC
grr. accidentally submitted without final line to revised ntp.conf file:

restrict metadata.google.internal
Comment 4 Vick Khera 2017-09-05 21:56:24 UTC
Created attachment 186099 [details]
patch to address several of the issues reported.
Comment 5 Vick Khera 2017-09-06 14:23:00 UTC
One more enhancement:

According to GCE's disk performance page https://cloud.google.com/compute/docs/disks/performance they recommend enabling TRIM on the file system. I do not know how to make that happen with the release config file.

I personally also enable journaling.

These are accomplished post-install by booting to single user and running these commands, so this can also be retroactively corrected:

tunefs -A -t enable /
tunefs -A -j enable /