Project Bardiche (SmartOS) live in action

Joyent released their latest SmartOS platform image joyent_20140321T062644Z yesterday which contains the new bits containing project Bardiche! Wanting to see the new extensions in action I decided to give this latest image a spin.

# uname -a SunOS 00-1b-21-98-51-c1 5.11 joyent_20140321T062644Z i86pc i386 i86pc

The data links for each VM (OS or KVM) can now be seen under /dev/net/zone (the following is for my mail zone):

# ls -l /dev/net/zone/557aff4e-eea7-4498-815c-bf43cff49b48/net0 crw-rw-rw- 1 root sys 66, 1010 Mar 22 10:16 /dev/net/zone/557aff4e-eea7-4498-815c-bf43cff49b48/net0

Here's me connecting to the mail zone (running Postfix as MTA) from an external system:

% nc mx1.lordsith.net smtp 220 mx1.lordsith.net ESMTP Postfix (2.10.2) IPv6 ready, NO UCE!

And here is the snoop(1M) capture from the global zone (the hyper-visor) of the TCP packets flowing through the zone's vnic (net0):

# snoop -z 557aff4e-eea7-4498-815c-bf43cff49b48 -d net0 tcp port 25 (snoop takes the new -z argument now for the zone's UUID)

Using device net0 (promiscuous mode) xs8.xs4all.nl -> mx1.fritz.box SMTP C port=60449 mx1.fritz.box -> xs8.xs4all.nl SMTP R port=60449
xs8.xs4all.nl -> mx1.fritz.box SMTP C port=60449
mx1.fritz.box -> xs8.xs4all.nl SMTP R port=60449 220 mx1.lordsith.net
xs8.xs4all.nl -> mx1.fritz.box SMTP C port=60449

Being able to snoop packets for VMs from the global zone is a really handy feature to have.

SmartOS has been a great and very powerful OS since I switched to it about a year ago and is continuously being improved upon by the Joyent engineering staff with feedback/input from the illumos community.