The BSD-licensed, ultra-portable Zelta Backup has spent six years in production managing tens of millions of snapshots across thousands of systems. Version 1.2 takes those battle-tested orchestration patterns and extends them to infrastructure iteration workflows with the best new ZFS features—workflows that were dangerous and operationally impractical yesterday are secure and nearly effortless today.
What We've Proven at Scale
Six years of lessons learned about safe orchestration. Why centralized won over distributed agents. Why non-destructive operations matter for compliance and operational safety.
The FreeBSD Advantage – Advanced OpenZFS features land here first and work correctly: block cloning in production, security features like receive:append and send:raw, newer OpenZFS versions shipping in ports while Linux distributions lag behind. Delegated mounting is an incredible feature you can't get elsewhere. And Jails compose beautifully with these patterns.
Policy-Driven Automation - Six years, millions of snapshots, zero package dependencies, agentless orchestration from hardened OpenBSD bastions. Hierarchical configuration, concurrent operations that fail safely, complete audit trails, and zero footprint on endpoints. The kind of boring reliability that compliance officers love and operators trust.
Non-Destructive Operations - Three years of "zelta rotate" in production across QA and staging environments. When source and target diverge, we preserve both versions instead of forcing overwrites. Divergence becomes a feature, not a failure mode. Every operation leaves an audit trail that survives credential rotation and system changes.
Context-Aware Property Handling - Safe mountpoint management, permission synchronization for failovers, and the kind of correctness that's obvious in hindsight but error-prone to script manually.
Pushing OpenZFS Workflows to the Max
Demos showing these patterns in action:
Zelta Bastion - No dependencies, no agents, no ZFS required on the orchestrator. We'll show you how we securely manage thousands of automations from a hardened OpenBSD system that never sees unencrypted data.
zelta rebase - Update base images across fleets while preserving instance customizations. Take advantage of block cloning features to maintain unique jails with common base images: Edge, dev, and staging environments with no wasted bytes.
Paranoid Mode – Enforce ZFS's best new security features like advanced permissions and mature encryption workflow to make production data invisible and indestructible to backup operators and endpoints.
The Path Forward, Conclusion, and Q&A
We'll explore emerging BSD and OpenZFS technology relevant to the above. In particular, block-clone-aware replication doesn't exist yet. We'll discuss what's needed: replication that understands shared blocks, sync hint properties for bandwidth optimization, and enhanced permission models. What Zelta does today versus what requires OpenZFS changes.
We'll also discuss user space OpenZFS and other important items to create the "perfect backup" and even more powerful workflows.