From owner-freebsd-virtualization@freebsd.org Wed Jun 1 15:54:44 2016 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF1AAB61EE8 for ; Wed, 1 Jun 2016 15:54:44 +0000 (UTC) (envelope-from lidl@pix.net) Received: from hydra.pix.net (hydra.pix.net [IPv6:2001:470:e254::4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.pix.net", Issuer "Pix.Com Technologies, LLC CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5DF131BCC for ; Wed, 1 Jun 2016 15:54:44 +0000 (UTC) (envelope-from lidl@pix.net) Received: from torb.pix.net (torb.pix.net [192.168.16.32]) (authenticated bits=0) by hydra.pix.net (8.15.2/8.15.2) with ESMTPA id u51Fsg49011012; Wed, 1 Jun 2016 11:54:42 -0400 (EDT) (envelope-from lidl@pix.net) To: freebsd-virtualization@freebsd.org References: Subject: Re: Running FreeBSD docker images on non-FreeBSD hosts From: Kurt Lidl Message-ID: Date: Wed, 1 Jun 2016 11:54:42 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2016 15:54:44 -0000 > I'm acquainted with docker, but I don't know enough to understand > why an image would run in a container on one OS but not in a > container on another OS. I thought the whole point of docker was > that, assuming the image worked at all, it worked regardless of which > host you used. So that's an incidental question I have: what's going > on here? Is it something particular to FreeBSD's implementation of > docker? Docker provides a "container" for running a particular application. It's similar to a FreeBSD jail, in that the running process(es) in the container cannot interact with the rest of the system, except at the system call level, and where the host running docker has mapped any files into the docker filesystem namespace. What isn't really explained in so many words -- the container uses the system calls from the hosting computer to evaluate anything that it needs the "kernel" to do. So your "FreeBSD docker" image, when run on a Linux machine, is attempting to make FreeBSD system calls into the Linux kernel. > But my main question is, what can I do to run a FreeBSD image on a > non-FreeBSD host? I'm willing to [figure out how to] build my own > image if necessary. I just don't want to go to the trouble if it's > a non-starter for some reason I don't understand. You'd have to use some other solution to provide a "FreeBSD system call interface" to your FreeBSD docker image. The recent import of Linux 64bit emulation in FreeBSD allows for running stock "docker" images on FreeBSD, because there's now a shim that translates Linux system calls to FreeBSD ones. On the Mac, they have shims that provide filesystem access to the Mac's filesystems, and a virtualized machine using the xhyve stuff, providing the Linux system call interface. Make no mistake about, docker is Linux inside. If you want to run FreeBSD inside a virtual machine, try the xhyve stuff on the Mac, or under KVM on Linux. -Kurt