Date: Wed, 23 Jan 2019 11:26:13 -0700 From: John Nielsen <lists@jnielsen.net> To: freebsd-virtualization@freebsd.org Subject: Re: The status of docker Message-ID: <03689819-B542-4F83-9E36-0E64739E019B@jnielsen.net> In-Reply-To: <CADYCxoMFjr%2BbdP0ZwD%2BqJcjttEQirDfZj%2BKMUT%2BDEyVpmhRzzw@mail.gmail.com> References: <089e330d-2761-2440-3b7f-dd22e9088af5@gjunka.com> <9A01020A-7CC6-4893-A425-11A7BF736F4E@ultra-secure.de> <42f59b63-fdc7-306f-d836-83533741a86c@FreeBSD.org> <CADYCxoMFjr%2BbdP0ZwD%2BqJcjttEQirDfZj%2BKMUT%2BDEyVpmhRzzw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Jan 22, 2019, at 11:54 PM, Sergey Zakharchenko = <doublef.mobile@gmail.com> wrote: >=20 > Hello there guys, >=20 >> Not quite. I took over the docker freebsd port. Currently I am trying = to >> change him to moby project on GH. >=20 > Jochen, I wish you the best of luck. As a couple of cents, and on > behalf of Digital Loggers, Inc., I've uploaded some old patches that > we use to run an ancient version of Docker on FreeBSD: > https://github.com/digitalloggers/docker-zfs-patches . They speed up > building of large containers by not iterating over all container files > at every single stage, using ZFS diffs instead. No warranty, express > or implied, is provided on those patches; I'm sure you'll find some > edge cases where they'll break your container builds; you have been > warned. Also, forgive my Go: that was the first and hopefully the last > time I wrote something in it. >=20 > That's not much; the real problems are with volume (e.g. single-file > "volumes" which are hard links) and networking support; they were > solved (kind of) by us by dynamically generating Dockerfiles and > adding container startup wrappers, to the point that most would say > it's too mutilated to be named Docker, so I'm afraid we aren't sharing > those for the time being. >=20 > My answers to why on earth one would run Docker under FreeBSD instead > of using plain (or wrapped in yet another wrapper unknown to > non-FreeBSD) jails would be uniformity, simplicity, skill reuse, etc. > of quite a broad range of operations. However, Docker/Moby is really > too tied to Linux; there seem to be random attempts at overcoming that > but they don't receive enough mind share. Jetpack > (https://github.com/3ofcoins/jetpack/) could probably also benefit > from the patches (with appropriate adjustments). Interested people > willing to invest time in this should gather and decide how to move > on. Responding to a random message to share a random-ish thought: has anyone = looked at Firecracker? https://firecracker-microvm.github.io/ = https://aws.amazon.com/blogs/aws/firecracker-lightweight-virtualization-fo= r-serverless-computing/ It's the now-open-source basis of AWS's Fargate service. The idea is to = be more secure and flexible than Docker for Kubernetes-like workloads. = Linux-only at the moment I'm sure but I don't see any reason that = FreeBSD couldn't run inside a Firecracker microVM (using a stripped-down = kernel with virtio_blk, if_vtnet, uart and either atkbdc or a custom = driver for the 1-button keyboard. It's also feasible that FreeBSD could = be a Firecracker host (and able to unmodified pre-packaged Linux or = other microVMs) if someone with the right Go skills wanted to port the = KVM bits to use VMM/bhyve. JN
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?03689819-B542-4F83-9E36-0E64739E019B>