Date: Thu, 24 Jan 2019 14:41:52 +0100 From: Kamil Kieliszczyk <kamil@kieliszczyk.net> To: ss griffon <ssgriffonuser@gmail.com>, Grzegorz Junka <list1@gjunka.com>, "Patrick M. Hausen" <hausen@punkt.de> Cc: freebsd-virtualization@freebsd.org Subject: Re: The status of docker Message-ID: <etPan.5c49c0a0.67e5e261.17a@kieliszczyk.net> In-Reply-To: <5e0f5b46-3508-c29c-2e05-d3e97154512f@gjunka.com> References: <089e330d-2761-2440-3b7f-dd22e9088af5@gjunka.com> <9A01020A-7CC6-4893-A425-11A7BF736F4E@ultra-secure.de> <42f59b63-fdc7-306f-d836-83533741a86c@FreeBSD.org> <CAG=rPVfTZnYc6%2BDjtk0SjkqijJQh6uA1G9VWEBsYy4aDYvYEgQ@mail.gmail.com> <CC0F6FB5-7939-4586-86DD-B5548E0043C3@punkt.de> <5c926314-adce-dba1-f5ce-2fda35e1aeba@gjunka.com> <FDDC8A58-8AD3-4D07-B0B3-0BDFA214ABA0@punkt.de> <1548c51e-49ba-4113-5ade-5515b77a3a44@gjunka.com> <4643A871-4AD6-4C25-AEA7-7BA85B873A19@punkt.de> <CAFYJ9eixff0NWKHhJWj=WBQ7TgQ26GODXtBDWxBXvuR62tPcuQ@mail.gmail.com> <5e0f5b46-3508-c29c-2e05-d3e97154512f@gjunka.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--33FF383B-ACB0-4EF6-8B4E-6A3EFD04C181 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline My 2c on running Docker on =46reeBSD: 1) I=E2=80=99m using Docker and Kubernetes quite extensively during my wo= rk days so I tried to run Docker on =46reeBSD in my free time because.. w= hy not=3F =46irst I tried to run boot2docker project in VirtualBox as I remember th= at it was the way to run Docker on OSX a long time ago. Unfortunately, I = had too much problems with it so I switched to running boot2docker inside= bhyve. It was running alright, no major issues, no crashes so I went dow= n that path. I improved a little bit my setup and wrote down a small tuto= rial for myself. You can find it here:=C2=A0 https://github.com/kiela/kiela.github.io/blob/master/Docker%20on%20=46ree= BSD%20-%20%5Bpart%204%5D%20Using%20vm-bhyve.md I=E2=80=99ve been using this as a Docker Swarm cluster running Nextcloud,= PostgreSQL and a bunch of other containers inside it. Upgrading =46reeBS= D (host) or boot2docker (guest) or containers worked like a charm. And I=E2= =80=99ve been using this for last 6+ months. Maybe this will help someone= to start playing with Docker on =46reeBSD and save some time figuring ou= t how to do it. 2) Docker is not just running single image, managing volumes and networks= - it=E2=80=99s much more. =46or example Docker Swarm which allows cluste= ring and running whole application stack (multiple apps, DB, cache, logs = etc) in a cluster which hosts are running on =46reeBSD. I=E2=80=99m not t= rying to=C2=A0discourage anyone from porting Docker to =46reeBSD. I would= love to have Docker natively supported in =46reeBSD. I just think that i= f one wants to just get up and running Docker on =46reeBSD for developmen= t/tests/personal use, boot2docker+bhyve should be enough. Maybe wrapping = it in a nice tool like vm-bhyve did with bhyve. If one wants to use Docke= r in production, one should strongly consider running Kubernetes cluster = and use Docker images there. -- Kamil Kieliszczyk On 23 January 2019 at 22:09:32, Grzegorz Junka (list1=40gjunka.com) wrote= : On 23/01/2019 03:21, ss griffon wrote: > I'm a bit late to the game, but I wanted to add my 2 cents.=C2=A0 I don= 't =20 > see the benefit of implementing =22docker=22 in =46reeBSD.=C2=A0 If you= are just =20 > implementing the linux system calls i.e. using the linuxulator, then =20 > you lose any benefits of running on =46reeBSD.=C2=A0 It seems like =20 > implementing the docker interfaces, like a Dockerfile, registry =20 > support and networking switches using =46reeBSD specific implementation= s =20 > would be extremely helpful.=C2=A0 Especially for the CI/CD workflow. > > =46or example: > =23Dockerfile > > =23Pull a image from registry and create a new dataset with snapshot. > =23Registry could be http, ftp or any other transfer protocol. > =46ROM =46reeBSD:RELEASE-11.2 > > =23Copy app directory into the jailed directory.=C2=A0 Perhaps setting = system =20 > immutable flag. > COPY ./app /app > > =23Use pf to route to port 80 from the host.=C2=A0 Or use vnet > EXPOSE 80 > > =23Run a command in the jail to prepare the new image. > RUN env ASSUME=5FALWAYS=5FYES=3Dyes pkg install bash nginx uwsgi py36-f= lask > > =23Mark the startup command > CMD /bin/sh /etc/rc > > > The above would be very familiar to docker users and can be used to =20 > generate a standards compliant image (I believe there was a project =20 > jetpack that did something like this). Creating a OCI compliant image =20 > would probably be the first step to using kubernetes, but I haven't =20 > really spent any time looking at kubernetes. > > We could also add extensions for using resource limits, capsicum, =20 > devd, security levels etc.=C2=A0 The other cool thing is this could all= be =20 > run inside a jail using heirarchical jails. > Isn't implementing =22docker=22 on =46reeBSD the same as implementing OCI= =20 specification, i.e. runtime-spec=3F Seeing that OCI was founded by Docker= =20 I would have thought they align the docker implementation with the spec=3F= Then to extend that question, wouldn't adding support for docker to =20 =46reeBSD mean to add OCI compliance layer to jails=3F I don't think the = =20 plan is to add support for Linux containers, or =22containerization=22, t= o =20 =46reeBSD kernel=3F GrzegorzJ =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F freebsd-virtualization=40freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to =22freebsd-virtualization-unsubscribe=40= freebsd.org=22 --33FF383B-ACB0-4EF6-8B4E-6A3EFD04C181 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using AMPGpg -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEf/xj3KgRohcB9E87n+xu6AaoRjwFAlxJwKEACgkQn+xu6Aao RjyYLhAAz17lOuhaM1BlQptC11t8QMabqp6173G1PVRMHycrI69NznYLkR6ZMzUT 412+z+PF81E+RR9F9ko5XaEuQ11zrfGWcxHwZmRK3PX59yFTOn+EijuGbo9Q294Y 1uodfEFh62w1DRCxGzvjx3A4jb/SSDeF/2/x44Z8mb9dmzyR5yLLj19YQNlLBUkv D3tFrDKWujIwcsXY3sxqPthkYf0O4bpQeFr2jkHnIbdvcwwaNy7ZH9GLe/fh0jqp TOyonA9trcBQodDjc2AB8uhP4LpXYFvw0uAVPYIT3dxa0/W9Kauzlz8NFhEZYKqD N3VFz+o0KWDCNqU+GHl+lSNKxxjGjIgkAr0K2hpM8Kj/rM+30R9a62Er/peLC0YO 8tJl6H/6GKN8J/DWNvTjhJRbrXRz3l5H+G09VXTthsw6pWZa38NghlEKQ6ljadU2 WSjMgtxyZQey4pHGpnEOWWVOEpe2q/Le+BDP+sIktPE0YD6VHZCnlbsCXFKdKn8/ /nMjCmyAUzY6ocq3elzivbsgo+/UToFFCDzVrt6DAPP1ZXAfuyf+Zl0FEfoAMXL7 USiXC+qml4P0s5rr3KklwWAZOPkOHwWNRpvxMSOpVpMDHB8X0UkTxERsd8qqx6ve TmECpJjh9zUYkHzkJyy6DiSZ3Rgul6XqDgwT5TyFUd4O/vnXyXE= =/w15 -----END PGP SIGNATURE----- --33FF383B-ACB0-4EF6-8B4E-6A3EFD04C181--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?etPan.5c49c0a0.67e5e261.17a>