Lessons from 15 years of NBD Wouter Verhelst <wouter@debian.org> http://grep.be/ Debconf 2016 2016-07-04 May have oversold this a bit; not much comparison between little NBD and Debian. Still would be interesting, I think

Little history 2001-02: wouter@debian.org 2001-03 (or -04): got an m68k mac with 68LC040 with broken mask revision 2001-04: bought an m68k mac with 80MB of diskspace https://lists.debian.org/debian- 68k/2001/04/msg00162.html: first time playing with NBD for builds over 10Mbit network Timestamp on initial changelog entry of NBD: Sat, 2 Jun 2001 12:44:24 +0200

Lesson Beware of the m68k macs you buy, you might end up maintaining NBD in fifteen years Be careful what you play with, you might end up maintaining a network storage system for fifteen years Playing with stuff is a good way to figure out new things to maintain in Debian – even if the said stuff isn’t very useful at first sight

Documentation Originally: no docs, at all 2005-10-25: doxygen comments 2005-11-22: blog post describing protocol with request for ethereal dissector 2011-04-08: informal protocol description added to code repository 2011-05-17: first significant external contribution 2014-10-21: STARTTLS spec 2014 – 2016: more protocol-related commits than functionality commits

Lesson Writing documentation is too hard, so don’t do it Writing documentation takes time, so postpone it Writing documentation takes time away from actual work, so don’t do it Writing documentation makes people send you patches, so don’t do it Writing documentation allows other people to understand and help out, so do it!

Naming things Original protocol had no way for proper negotiation 2010 (during debconf): wrote (and implemented) a different negotiation During discussion, informally referred to negotiations as “old” and “new” style Later that year: found a minor imperfection with “new” style Needed a “fix”, informally referred to that as “fixed new style” 2016: Official names are now “oldstyle”, “newstyle”, and “fixed newstyle”

Lesson Be careful what you name things, because you’re going to be stuck with the name for quite a while Choosing a good name is usually a good thing

Deprecating Oldstyle protocol was broken, so newstyle was created (in 2010) Intend was always to drop oldstyle when that would be reasonable January 2016: issue with mixed negotiation implementation → dropped oldstyle Lots of compatibility issues with third-party implementations (mostly fixed now)

Lesson If you’re going to deprecate something, make (and publish) a plan If you’re going to deprecate something, don’t wait six years If you’re going to deprecate something, make it clear in the documentation, in the code, in the comments In your .sig Try not to deprecate at all?

Security issues CVE-2005-3534 CVE-2011-0530 CVE-2013-6410 CVE-2011-0530: reintroduction of CVE-2005-3534

Lessons Writing a server? Prepare for security fixes Security bugs are nothing to be ashamed about, we’re all humans Even so, try to prepare with proper design (fork-per- child, state machines, …) Fix bugs on all branches

Debian-specific NBD features Debconf config for nbd-client/nbd-server Init script Installer support Systemd nbd unit