From nobody Sun Apr 16 03:36:13 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PzbSp6DK7z45hG8 for ; Sun, 16 Apr 2023 03:36:26 +0000 (UTC) (envelope-from paulbeard@gmail.com) Received: from mail-yw1-x1130.google.com (mail-yw1-x1130.google.com [IPv6:2607:f8b0:4864:20::1130]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PzbSp1yKyz3pww for ; Sun, 16 Apr 2023 03:36:26 +0000 (UTC) (envelope-from paulbeard@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20221208 header.b=lN9DQz8z; spf=pass (mx1.freebsd.org: domain of paulbeard@gmail.com designates 2607:f8b0:4864:20::1130 as permitted sender) smtp.mailfrom=paulbeard@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-yw1-x1130.google.com with SMTP id 00721157ae682-54fb615ac3dso176007347b3.2 for ; Sat, 15 Apr 2023 20:36:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681616185; x=1684208185; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=441bdz92AdqqzWffhq7+uULDsRQ7FxiQFPU3X2tAZes=; b=lN9DQz8zSBejHg0O3b60rmb2NZemV3OmpdFX2jhbs8KmnwXAb1Q0ntj+f7dEue828B bHhDZ2uie+uAz2QcWKxho7IVGJeTIqC6ZD/ia+panHJt4jrH1Xiur7XtjZK3jK6ovO9N fXRCmJS9VCi4A8/4eGBjZQ3rNBhtOHDPLrRcPfneaCeaCfbREpZwsDzbSIBGMTTs+Y80 PZbM7/U7exz51eLEIOVrIs+UK0kewdt7mVEDlyF6/x+ui2s9r7Nk+Yo4j/p6QQdgtG4L t67hGSOZEebTU5a07RLP1psDLziXnODogkFEb96KIxzvmH8F+Sf9h578hsonk/0D2RL3 3kqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681616185; x=1684208185; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=441bdz92AdqqzWffhq7+uULDsRQ7FxiQFPU3X2tAZes=; b=OZ69lEHcup8ya0hewk9Y27/g9uc0AY+Yz8luR2KrNXxAWu870Ju/KSKr3THunTLk7X dwe08/Jjts/AePCPvTTehwakcv1eZy8WniyXXpjOq+Il5ZkZdqtwm9k/uR6Tt+sZSy4x UR4qNxxE8LmqV000urt+VF42MgRMqOMZwGgOzHcT/IODJgHZcLlYmvbnrl7gMcZEIHiZ /jkeZ0g5Sy3DUVOhGNRkMeDR5aPyjZUqertEmRpPpFP5mwBM5MyA8woodb+/XitFfLl+ 3IiQxYoPwe6PCnht0qKbpd2RL2JRsjZA1XBaX3ZIPPfxV+2vtZT7MDk+1tSGwGt8NixT gbkw== X-Gm-Message-State: AAQBX9ehPbh5b6UQnwOiE9CKqjr0yhwQDUZgfyNDU6mt8e4r+eBC9Y6D a9EBLQFDQtwDGYOfCHLA3l7t8pdVMTye1OKa0SRjzU1U X-Google-Smtp-Source: AKy350b8IVnd6/0dHHyQ8PkFpQCsPom3/x6U5pGU5V09nO8A0Vd3nVwrAp4asFKkpAi4AhnvRtYOaIwypKe6dcMf1mY= X-Received: by 2002:a81:ed11:0:b0:54f:a986:3f94 with SMTP id k17-20020a81ed11000000b0054fa9863f94mr6679862ywm.3.1681616185166; Sat, 15 Apr 2023 20:36:25 -0700 (PDT) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net> <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com> <6002f636-310b-a9fd-b82f-346618976983@timpreston.net> In-Reply-To: From: paul beard Date: Sat, 15 Apr 2023 20:36:13 -0700 Message-ID: Subject: Re: Docker To: freebsd-questions Content-Type: multipart/alternative; boundary="0000000000005d8f4e05f96bc7f5" X-Spamd-Result: default: False [-4.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20221208]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1130:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FREEMAIL_ENVFROM(0.00)[gmail.com]; RCVD_TLS_LAST(0.00)[]; TO_DN_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FREEMAIL_FROM(0.00)[gmail.com]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; MID_RHS_MATCH_FROMTLD(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] X-Rspamd-Queue-Id: 4PzbSp1yKyz3pww X-Spamd-Bar: --- X-ThisMailContainsUnwantedMimeParts: N --0000000000005d8f4e05f96bc7f5 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I haven't read every message in this thread but I have read enough to wonder, what problem are you trying to solve, OP? FreeBSD's market cap or share price doesn't seem to be a factor here so what is the motivation? I have used FreeBSD since 4.11, skipped a few releases and am currently running 12.4 in a VM on an iMac. So virtualization isn't a foreign concept though I know VirtualBox isn't Docker, anymore than Linux is FreeBSD or MacOS. It sounds to me like OP should fork FreeBSD into DockerBSD and see how the uptake is there. Does Docker need to run on FreeBSD? Is there some deficiency that FreeBSD can address? Or is this some effort to increase FreeBSD's "mindshare" in the marketplace? I think anyone with any tech smarts knows FreeBSD exists (as well as OpenBSD and NetBSD), just as IT directors know macOS exists even as they sign a PO for more WIndows licenses. But if Linux works with Docker and the tech staff understand Docker and Linux, why would they want Docker on FreeBSD? In short, as I saw in an email .sig back when I worked hands on in tech,=E2=80=A6are you trying to win an argument or solve a problem? On Sat, Apr 15, 2023 at 8:01=E2=80=AFPM Tim Daneliuk wrote: > On 4/12/23 08:38, Mario Marietto wrote: > > ---> Docker will NEVER run on FreeBSD, because Docker is built on > technologies which only exist in the Linux kernel. > > > > I don't agree with this. In my humble opinion Docker can run on FreeBSD= . > For sure,not using the same technology that it uses on Linux. > > By way of introduction, I have been a BSD user before it ever existed > in any form on x86 machinery, starting with Sun workstations and a variet= y > of machinery thereafter. My first version of FreeBSD was 1.0 and I have > also > done Linux platform engineering approaching 20 years now. Finally, I > have lead teams to deliver Kubernetes/Docker implementation for a > $1 Billion US commercial interest. > > I have stayed out of this mostly because I hate listening to internet > "experts" running Linux on their RPis who think they are 1st class > systems engineers. Also, I generally try to be nice. But some of the > commentary here show a lack fundamental clarity about what docker > is, how it is implemented, and why it is used. So, lets see if we can > shine some light on this: > > 1. Docker is many things. It is a virtually private filespace running ov= er > a common Linux kernel. In this regard, it's basically a high- > class version of chroot. And this COULD be reimplemented > notionally on FreeBSD. That's roughly what jails do as I recall. > > 2. Trying to run docker binaries on a FreeBSD kernel might be > a good science experiment but it would likely be inefficient > and unstable without a ton of work because the kernel > architectures of FreeBSD and Linux are fundamentally different. > > There are potentially ways to do this - say running FreeBSD and > Linux kernels as Mach servers and then writing a bunch of > userland glue to make it look like docker is running on FreeBSD. > But it is a nonsensical idea. It's doesn't solve a problem > that needs fixing. > > 3. But docker is far more than this, as the term is normally used. > It is an entire ecosystem built in layers on top of core > containerization. Among these include Kubernetes, Swarm, and > Anthos/Istio just for starters. Then there's all the third party > tooling to deploy an manage microservices written using these > various systems. > > These aren't toys or some hobby hackery, they are commercial grade > bet-your-business capabilities that aren't going to run on some > cross-OS experiment. They represent likely 100s of thousands of man > hours > of work and 10s of millions in expenditure and that's not going to > get replicated on a volunteer basis anytime soon. > > 4. You're not going to see docker on FreeBSD in any meaningful way becaus= e > it's not worth doing and doesn't solve a significant problem begging > to get fixed. > > 5. Professionals use all the tools in the toolbox when/as > they make sense. FreeBSD and Linux coexist happily in some of the > biggest data centers in the world. There are commercial NAS > products written in FreeBSD, for instance, that are plugged into > networks running hundreds or even thousands of Linux servers. > The point is, you don't have to choose one, you can choose both. > > 6. But if you want to have a go at this, here's a way to get started. > > - Write a userland abstraction for FreeBSD that looks, feels, and > runs like native docker. > > - Build *reliable and self annealing* IPCs between that abstraction > and an actual Linux machine which is truly running docker. Make > sure it isn't noticeably slower than just running straight on > Linux. > > - When you have this done, you will have given FreeBSD users the > docker experience you claim is desperately needed. > > - Now all you have to do is port Kubernetes, Swarm, and Isto/Anthos > over to get the world to come to FreeBSD. Good luck ... > > --=20 Paul Beard / www.paulbeard.org/ --0000000000005d8f4e05f96bc7f5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I haven't read every message in this thread but I have= read enough to wonder, what problem are you trying to solve, OP? FreeBSD&#= 39;s market cap or share price doesn't seem to be a factor here so what= is the motivation? I have used FreeBSD since 4.11, skipped a few releases = and am currently running 12.4 in a VM on an iMac. So virtualization=C2=A0is= n't a foreign concept though I know VirtualBox isn't Docker, anymor= e than Linux is FreeBSD or MacOS.=C2=A0

It sounds to me like O= P should fork FreeBSD into DockerBSD and see how the uptake is there. Does = Docker need to run on FreeBSD? Is there some deficiency that FreeBSD can ad= dress? Or is this some effort to increase=C2=A0FreeBSD's "mindshar= e" in the marketplace? I think anyone with any tech smarts knows FreeB= SD exists (as well as OpenBSD and NetBSD), just as IT directors know macOS = exists even as they sign a PO for more WIndows licenses. But if Linux works= with Docker and the tech staff understand Docker and Linux, why would they= want Docker on FreeBSD?=C2=A0

In short, as I saw = in an email .sig back when I worked hands on in tech,=E2=80=A6are you tryin= g to win an argument or solve a problem?=C2=A0


On Sat, Apr 15, 2023 at 8:01=E2=80=AFPM Tim Daneliuk <tundra@tundraware.com> wrote:
On 4/12/23 08:38, Mario Marietto wrote:
> ---> Docker will NEVER run on FreeBSD, because Docker is built on t= echnologies which only exist in the Linux kernel.
>
> I don't agree with this. In my humble opinion Docker can run on Fr= eeBSD. For sure,not using the same technology that it uses on Linux.

By way of introduction, I have been a BSD user before it ever existed
in any form on x86 machinery, starting with Sun workstations and a variety<= br> of machinery thereafter. My first version of FreeBSD was 1.0 and I have als= o
done Linux platform engineering approaching 20 years now.=C2=A0 Finally, I<= br> have lead teams to deliver Kubernetes/Docker implementation for a
$1 Billion US commercial interest.

I have stayed out of this mostly because I hate listening to internet
"experts" running Linux on their RPis who think they are 1st clas= s
systems engineers.=C2=A0 Also, I generally try to be nice.=C2=A0 But some o= f the
commentary here show a lack fundamental clarity about what docker
is, how it is implemented, and why it is used.=C2=A0 So, lets see if we can=
shine some light on this:

1. Docker is many things.=C2=A0 It is a virtually private filespace running= over
=C2=A0 =C2=A0 a common Linux kernel.=C2=A0 In this regard, it's basical= ly a high-
=C2=A0 =C2=A0 class version of chroot.=C2=A0 And this COULD be reimplemente= d
=C2=A0 =C2=A0 notionally on FreeBSD.=C2=A0 That's roughly what jails do= as I recall.

2. Trying to run docker binaries on a FreeBSD kernel might be
=C2=A0 =C2=A0 a good science experiment but it would likely be inefficient<= br> =C2=A0 =C2=A0 and unstable without a ton of work because the kernel
=C2=A0 =C2=A0 architectures of FreeBSD and Linux are fundamentally differen= t.

=C2=A0 =C2=A0 There are potentially ways to do this - say running FreeBSD a= nd
=C2=A0 =C2=A0 Linux kernels as Mach servers and then writing a bunch of
=C2=A0 =C2=A0 userland glue to make it look like docker is running on FreeB= SD.
=C2=A0 =C2=A0 But it is a nonsensical idea.=C2=A0 It's doesn't solv= e a problem
=C2=A0 =C2=A0 that needs fixing.

3. But docker is far more than this, as the term is normally used.
=C2=A0 =C2=A0 It is an entire ecosystem built in layers on top of core
=C2=A0 =C2=A0 containerization. Among these include Kubernetes, Swarm, and<= br> =C2=A0 =C2=A0 Anthos/Istio just for starters.=C2=A0 Then there's all th= e third party
=C2=A0 =C2=A0 tooling to deploy an manage microservices written using these=
=C2=A0 =C2=A0 various systems.

=C2=A0 =C2=A0 These aren't toys or some hobby hackery, they are commerc= ial grade
=C2=A0 =C2=A0 bet-your-business capabilities that aren't going to run o= n some
=C2=A0 =C2=A0 cross-OS experiment.=C2=A0 They represent likely 100s of thou= sands of man hours
=C2=A0 =C2=A0 of work and 10s of millions in expenditure and that's not= going to
=C2=A0 =C2=A0 get replicated on a volunteer basis anytime soon.

4. You're not going to see docker on FreeBSD in any meaningful way beca= use
=C2=A0 =C2=A0 it's not worth doing and doesn't solve a significant = problem begging
=C2=A0 =C2=A0 to get fixed.

5. Professionals use all the tools in the toolbox when/as
=C2=A0 =C2=A0 they make sense.=C2=A0 FreeBSD and Linux coexist happily in s= ome of the
=C2=A0 =C2=A0 biggest data centers in the world.=C2=A0 There are commercial= NAS
=C2=A0 =C2=A0 products written in FreeBSD, for instance, that are plugged i= nto
=C2=A0 =C2=A0 networks running hundreds or even thousands of Linux servers.=
=C2=A0 =C2=A0 The point is, you don't have to choose one, you can choos= e both.

6. But if you want to have a go at this, here's a way to get started.
=C2=A0 =C2=A0 -=C2=A0 Write a userland abstraction for FreeBSD that looks, = feels, and
=C2=A0 =C2=A0 =C2=A0 =C2=A0runs like native docker.

=C2=A0 =C2=A0 -=C2=A0 Build *reliable and self annealing* IPCs between that= abstraction
=C2=A0 =C2=A0 =C2=A0 =C2=A0and an actual Linux machine which is truly runni= ng docker.=C2=A0 Make
=C2=A0 =C2=A0 =C2=A0 =C2=A0sure it isn't noticeably slower than just ru= nning straight on
=C2=A0 =C2=A0 =C2=A0 =C2=A0Linux.

=C2=A0 =C2=A0 -=C2=A0 When you have this done, you will have given FreeBSD = users the
=C2=A0 =C2=A0 =C2=A0 =C2=A0docker experience you claim is desperately neede= d.

=C2=A0 =C2=A0 - Now all you have to do is port Kubernetes, Swarm, and Isto/= Anthos
=C2=A0 =C2=A0 =C2=A0 over to get the world to come to FreeBSD.=C2=A0 Good l= uck ...



--
Pa= ul Beard / www.paul= beard.org/
--0000000000005d8f4e05f96bc7f5--