Date: Thu, 13 Apr 2023 14:22:40 +0100 From: Steve O'Hara-Smith <steve@sohara.org> To: Mario Marietto <marietto2008@gmail.com> Cc: Alejandro Imass <aimass@yabarana.com>, Paul Pathiakis <pathiaki2@yahoo.com>, Tim Preston <tim@timpreston.net>, freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Docker Message-ID: <20230413142240.11d3b8c6baab7286678f3de2@sohara.org> In-Reply-To: <CA%2B1FSiiCG-iugAbSoNC2r5WXCJvgi6pj3jG74jCwukhNtb_XGA@mail.gmail.com> References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> <CA%2B1FSij9j922Nvv1Vhn43HznwpyGT99UZsU674G9hHWzR=UhvQ@mail.gmail.com> <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net> <CA%2B1FSijc%2B-OLNsyFNdR=jP3VzMi4zUE92i5iv9Pfg6AryDy_KQ@mail.gmail.com> <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com> <CA%2B1FSihVrJ8cZ4ZU6mMr0sKJsZ98V4fh2vpDLugw7MGj-%2BEBPg@mail.gmail.com> <CA%2B1FSijL50mQ-HveBA4HZeNkSoaORv=aty-15nNLzn9amzY_nw@mail.gmail.com> <6002f636-310b-a9fd-b82f-346618976983@timpreston.net> <CA%2B1FSigV_pPwVW%2BDd8WZYGcNQVt7%2BYOcsnJFoRhS6jL5A636pg@mail.gmail.com> <20230412150350.12f97eb2c9dd566b8c8702d2@sohara.org> <CA%2B1FSihVPCQ6tp8u=aqnLyyOPpCMrnhYGcC8bCUgRbFHTdY5sA@mail.gmail.com> <1535315680.2770963.1681309684072@mail.yahoo.com> <CAHieY7RFe0P85twcs1NiiAvTTr4oGPJEtXEkufsXswQt3ECGvg@mail.gmail.com> <CA%2B1FSiiCG-iugAbSoNC2r5WXCJvgi6pj3jG74jCwukhNtb_XGA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 13 Apr 2023 13:31:02 +0200 Mario Marietto <marietto2008@gmail.com> wrote: > The point of my argumentation is not if FreeBSD has or not good tools for > containerizing and securing applications. It has. Point is that the users > that don't know FreeBSD are tied to their own tools and rarely want to > change them. Almost everyone wants to change. But trying,experimenting and > changing something in the workflow is important,because every tool has bad > and good sides. There are many docker images already to be used on the net > and this will save a lot of time and effort and money for a lot of people. The problem with using the docker images available online is that these are *linux* filesystem overlay images. Docker only provides the mechanism for creating and assembling those images into runtime environments. The business of running them is handled by LXC via containerd. So in order to achieve what you want there would need to be: 1: Support for jails in containerd or support for LXC on FreeBSD. 2: Support for a *lot* more of the up to date Linux system calls (current emulation is for a 4.4.0 kernel. 3: Support for the filesystem layering used by Docker. 4: (the easy bit) A port of docker. This comes up a lot - but nobody ever wants to do the work which is why it never happens. It appears that none of the FreeBSD developers want this (fair enough they have other things on their minds and FreeBSD is a volunteer effort), and that none of the people who want this care enough to step up and do the work or raise a fund to pay someone to do it. -- Steve O'Hara-Smith <steve@sohara.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20230413142240.11d3b8c6baab7286678f3de2>