From owner-freebsd-virtualization@freebsd.org Thu Jan 31 07:50:48 2019 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07DA4134B4D6 for ; Thu, 31 Jan 2019 07:50:48 +0000 (UTC) (envelope-from mark@exonetric.com) Received: from relay.exonetric.net (relay0.exonetric.net [178.250.72.161]) by mx1.freebsd.org (Postfix) with ESMTP id 6812B75C58 for ; Thu, 31 Jan 2019 07:50:47 +0000 (UTC) (envelope-from mark@exonetric.com) Received: from [10.48.7.245] (188.29.165.144.threembb.co.uk [188.29.165.144]) by relay.exonetric.net (Postfix) with ESMTPSA id A59F32B09B; Thu, 31 Jan 2019 07:50:45 +0000 (GMT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: The status of docker From: Mark Blackman X-Mailer: iPhone Mail (16C101) In-Reply-To: Date: Thu, 31 Jan 2019 07:50:45 +0000 Cc: Stefan Bethke , freebsd-virtualization@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <94964BDE-7B14-424B-88A5-4D8F4A9AAC56@exonetric.com> References: <089e330d-2761-2440-3b7f-dd22e9088af5@gjunka.com> <929CF558-E8CC-4F7D-9C30-DDD63C17861D@lassitu.de> To: Grzegorz Junka X-Rspamd-Queue-Id: 6812B75C58 X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [4.44 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MV_CASE(0.50)[]; NEURAL_SPAM_SHORT(0.70)[0.696,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[exonetric.com]; AUTH_NA(1.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_MEDIUM(1.00)[0.997,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: exonetric.com.in.heluna.com]; NEURAL_SPAM_LONG(0.98)[0.981,0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:12290, ipnet:178.250.72.0/21, country:GB]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.27)[ipnet: 178.250.72.0/21(1.11), asn: 12290(0.34), country: GB(-0.09)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jan 2019 07:50:48 -0000 What problem are you trying to solve with docker? > On 30 Jan 2019, at 20:36, Grzegorz Junka wrote: >=20 >> On 27/01/2019 13:59, Stefan Bethke wrote: >>> Am 19.01.2019 um 15:24 schrieb Grzegorz Junka : >>> Hello, does anyone know the current status of docker on FreeBSD? Wiki ht= tps://wiki.freebsd.org/Docker states it's experimental. The last commit in h= ttps://github.com/kvasdopil/docker/tree/freebsd-compat is also from 2015. >>>=20 >>> There in fact are two ports, freebsd-docker (from 2015) and docker (18.0= 6). What's the difference between them and which one should I use to run doc= ker images on FreeBSD host? >> I believe at this point in time, all you can do is have a Linux machine s= omewhere (for example, in a local Bhyve VM), and use the Docker command line= client from FreeBSD to manage it. That=E2=80=99s what sysutils/docker is fo= r. >>=20 >>> Has this project been completed and now only needs testing, or has it be= en abandoned, or maybe the approach has changed and I am looking in a wrong p= lace? >> It looks abandoned, unfortunately. And looking at the entire container i= nfrastructure, reviving it would require a significant effort. For example, i= t most real-life usage scenarios, you want to be able to manipulate IPFW/PF e= ntries to forward ports from a host interface into a container, which would r= equire special plugins for Docker, or a compatibility shim that allows Docke= r to use iptables APIs/ABIs. >>=20 >> Going even further, pretty much everything in the ecosystem (k8s, etc.) a= ssumes it's running on top of a Linux kernel including a number of managemen= t APIs that are not (completely) emulated on FreeBSD. >>=20 >> While I would love to see proper Docker support in FreeBSD, I=E2=80=99m n= ot sure its even the right thing to aim for. In Docker production environmen= ts, people generally try to pare down the host OS to the absolute minimum, a= nd at that point, what benefit would you derive from FreeBSD as a host? >>=20 >> Similarly, why would you want to run FreeBSD-ABI containers, specifically= ? One of the benefits of the container ecosystem is that there are many read= y-made images you can build on. Having to re-invent all of this seems of lit= tle benefit to me. >=20 > There is nothing docker-like in FreeBSD. Sure, we have jails and bhyve but= they are faaar from the convenience and support of docker containers that y= ou can pull directly from docker hub and have a complete application running= in a few lines of code. >=20 > I am working on a project which uses two containers to run the back end - o= ne is a customized container running Stellar + a DB and one running an off-t= he-shelf container with PostgreSQL. The middle layer is nodejs+GraphQL and f= ront-end is React. It takes literally 30 minutes on a MacBook Pro from the m= oment you git clone sources from github to when you have the complete develo= pment environment running. >=20 > However, I spent a day trying to make it run in FreeBSD bhyve. Half of tha= t time took preparing the FreeBSD host and installing and configuring a Linu= x host for containers in bhyve. But once everything was installed, nothing a= ctually worked because the docker containers couldn't communicate with each o= ther for some reason. I suspected some network issues within the Linux host a= nd spent the other half of that time trying to sort it out. >=20 > Now if you consider that the cost of a MacBook Pro is a few days worth of w= ork, why bother spending time (and money) trying develop the code on a FreeB= SD? And if an AWS VM or other hardware is able to run the same already confi= gured docker environment from a Mac, why bother spending time (and money) tr= ying to run it on a FreeBSD server instead of a Linux server? >=20 > Currently the only reasons when someone might actually consider running Fre= eBSD server are: ZFS and/or jails (but for that you may also need to add Ill= uminOS and SmartOS to the list of choices) or when you already have teams/sy= stems running FreeBSD. Ports are not a reason for choosing FreeBSD because A= rch Linux also supports a rolling release model. >=20 > In many ways FreeBSD reminds me Amiga - I tried to use it for development,= not just as a hobby at home, but also during my studies or work, and I was v= ery proud when I could achieve, often with great effort, what others on IBM P= C (and now Linux) had for granted. But at some point the effort of going aga= inst the flow was becoming too expensive, not only in terms of money or time= , but also in more difficult to measure terms of missing opportunities. >=20 > I realize that running docker natively on FreeBSD is difficult and may see= m pointless. But for me it's a matter of using FreeBSD or not. If I can make= it working, maybe with some reasonable effort, that would be great and I wo= uld try. But if not, well, then it's hasta la vista, baby (for this project f= or now). >=20 > GrzegorzJ >=20 > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freeb= sd.org"