From owner-freebsd-virtualization@freebsd.org Wed Jan 23 03:23:02 2019 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 44AF014B9092 for ; Wed, 23 Jan 2019 03:23:02 +0000 (UTC) (envelope-from ssgriffonuser@gmail.com) Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ED44687A3F for ; Wed, 23 Jan 2019 03:23:00 +0000 (UTC) (envelope-from ssgriffonuser@gmail.com) Received: by mail-wr1-x42e.google.com with SMTP id s12so692292wrt.4 for ; Tue, 22 Jan 2019 19:23:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3MGqoDnPzlVrvKGGOCm6q6RxEDGWHjzdUovx9cEW/cA=; b=VY6+Zf7CHIrG8C/zF9LrRiYOH5tKQyUyRuDS4NxkFgOS/utB1FEX+zO3VaUrmjXGUz Q18WVe0I6WrMU/R/+LFJCHzzuPujkL8SCOPvt8GKfagOV9+esKaN+kGP7K9FaKbSJ1Qq JxqzQMMproqblV2KVpo+5kV35tkbQAzfJEF44IzpZ1F48Z+7eNYulfUYbKv6IZ0uKUeJ 9yWqP2R50me//D69Od4Nn20NlxE5FnEthRijOQaxSnNVl4Hs+3Acssnj0uLxrvi83pRZ 7n36EB0VCBN2QAFz1dPS/Sd6fTvEQkMvc/CQcquZ2AAV/FL+pQSEizWZGkC5yaV7knni MdmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3MGqoDnPzlVrvKGGOCm6q6RxEDGWHjzdUovx9cEW/cA=; b=dOxcveM/X7tipxFY62fy3zxv2Jtb2sluCEtFQEF0K/HWa9cAYOR824028J/Eid7xJr c8BKAdoIjyD2n/mLKXoiTmYmEK6jQ5i9W6xHf4E1NXBkxVpKEfkX0ZKNEifFS6M9Phpq m9pkIaS7zpeDKGpnewZbFlcfYn9NMbh/QnYpqG3SGlmYFNfAaWFoGyCVBgx423gC8HUo dJS335ET9/IeXPPmRy+Km7asNbTmy7zrml+XXNljH0kiJFwswe6NNL0t0VZ5FK6GBBwQ yz+7HBdVdY5kb84i94MEmEKfDGLNQinLHXCX6+zAUhuebNtZsZsfIdLdIsgYSmnD2eDZ 8Fzg== X-Gm-Message-State: AJcUukePNjB+QZOXqgDihRlw0vkDHeKNz38f814qOC69kJGd97u4vmnm d8Ak+Ndp59dbFsy6jSJLsbDDgbyBk5Cydl6xXqctz+NS X-Google-Smtp-Source: ALg8bN6aeqo4Lycn+wBOjD8TQA4WQ/GYkPqjWfbyHx5OAeIf2f+HuBEyQy2BolHUPKlcGZFzACCiWRRBFZe3P+65ErY= X-Received: by 2002:adf:f052:: with SMTP id t18mr548692wro.112.1548213779644; Tue, 22 Jan 2019 19:22:59 -0800 (PST) MIME-Version: 1.0 References: <089e330d-2761-2440-3b7f-dd22e9088af5@gjunka.com> <9A01020A-7CC6-4893-A425-11A7BF736F4E@ultra-secure.de> <42f59b63-fdc7-306f-d836-83533741a86c@FreeBSD.org> <5c926314-adce-dba1-f5ce-2fda35e1aeba@gjunka.com> <1548c51e-49ba-4113-5ade-5515b77a3a44@gjunka.com> <4643A871-4AD6-4C25-AEA7-7BA85B873A19@punkt.de> In-Reply-To: <4643A871-4AD6-4C25-AEA7-7BA85B873A19@punkt.de> From: ss griffon Date: Tue, 22 Jan 2019 21:21:17 -0600 Message-ID: Subject: Re: The status of docker To: "Patrick M. Hausen" Cc: Grzegorz Junka , freebsd-virtualization@freebsd.org X-Rspamd-Queue-Id: ED44687A3F X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=VY6+Zf7C; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ssgriffonuser@gmail.com designates 2a00:1450:4864:20::42e as permitted sender) smtp.mailfrom=ssgriffonuser@gmail.com X-Spamd-Result: default: False [-5.53 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[9]; DKIM_TRACE(0.00)[gmail.com:+]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.85)[-0.854,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[e.2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-2.66)[ip: (-9.15), ipnet: 2a00:1450::/32(-2.19), asn: 15169(-1.89), country: US(-0.08)]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2019 03:23:02 -0000 I'm a bit late to the game, but I wanted to add my 2 cents. I don't see the benefit of implementing "docker" in FreeBSD. If you are just implementing the linux system calls i.e. using the linuxulator, then you lose any benefits of running on FreeBSD. It seems like implementing the docker interfaces, like a Dockerfile, registry support and networking switches using FreeBSD specific implementations would be extremely helpful. Especially for the CI/CD workflow. For example: #Dockerfile #Pull a image from registry and create a new dataset with snapshot. #Registry could be http, ftp or any other transfer protocol. FROM FreeBSD:RELEASE-11.2 #Copy app directory into the jailed directory. Perhaps setting system immutable flag. COPY ./app /app #Use pf to route to port 80 from the host. Or use vnet EXPOSE 80 #Run a command in the jail to prepare the new image. RUN env ASSUME_ALWAYS_YES=3Dyes pkg install bash nginx uwsgi py36-flask #Mark the startup command CMD /bin/sh /etc/rc The above would be very familiar to docker users and can be used to generate a standards compliant image (I believe there was a project jetpack that did something like this). Creating a OCI compliant image would probably be the first step to using kubernetes, but I haven't really spent any time looking at kubernetes. We could also add extensions for using resource limits, capsicum, devd, security levels etc. The other cool thing is this could all be run inside a jail using heirarchical jails. Shane On Tue, Jan 22, 2019 at 2:32 PM Patrick M. Hausen wrote: > Hi! > > > Am 22.01.2019 um 21:09 schrieb Grzegorz Junka : > > BTW is Joyent is any way related to Oracle? Why would they want to > support zones? Is the support they implemented open sourced? > > Sorry, I don=E2=80=99t know many details. Their cloud is built on Open So= laris, > hence the connection. IIRC the company was founded by some > bright people who left Sun after the acquisition by Oracle. > > Bryan Cantrill is sort of a net.personality. Sean Chittenden presented > at EuroBSDCon 2018: > https://2018.eurobsdcon.org/talks-speakers/#SeanChittenden < > https://2018.eurobsdcon.org/talks-speakers/#SeanChittenden> > > Kind regards, > Patrick > -- > punkt.de GmbH Internet - Dienstleistungen - Beratung > Kaiserallee 13a Tel.: 0721 9109-0 Fax: -100 > 76133 Karlsruhe info@punkt.de http://punkt.de > AG Mannheim 108285 Gf: Juergen Egeling > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to " > freebsd-virtualization-unsubscribe@freebsd.org" >