Date: Sun, 9 Apr 2023 16:04:54 +0200 From: Mario Marietto <marietto2008@gmail.com> To: Tim Preston <tim@timpreston.net> Cc: Paul Mather <paul@gromit.dlib.vt.edu>, John Levine <johnl@iecc.com>, FreeBSD Mailing List <freebsd-questions@freebsd.org>, tomek@cedro.info Subject: Re: Docker Message-ID: <CA%2B1FSij9j922Nvv1Vhn43HznwpyGT99UZsU674G9hHWzR=UhvQ@mail.gmail.com> In-Reply-To: <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--00000000000044848d05f8e7c0c3 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable It seems that docker now can run on FreeBSD natively,not with the collaboration of bhyve. What do you think ? He says : "Yes, OCI Containers on FreeBSD. What was proposed ages ago as Do= cker done right" <https://www.truenas.com/blog/docker-done-right/>; https://productionwithscissors.run/2022/09/04/containerd-linux-on-freebsd/ On Tue, Apr 4, 2023 at 4:23=E2=80=AFAM Tim Preston <tim@timpreston.net> wro= te: > It can be done, with a bit of manual tinkering. > > Here is a gist which explains how to run Docker in a CentOS 8 VM (under > bhyve). > > https://gist.github.com/tehpeh/7e5329d295eca9539e6462f36b6ce9c0 > > It's a bit out of date but the general idea would be the same for CentOS > stream, Alpine etc: install Docker, enable the service, open > firewall/networking, nfs mount a local directory. This is pretty much wha= t > Docker for Mac does. > > If you're looking for the Docker hub image repository equivalent for > FreeBSD, take a look at Bastille templates or Potluck ( > https://potluck.honeyguide.net/). > > However, and this is only my personal opinion, a pre-baked container imag= e > repository is a bad idea. Apart from the security issues and recent drama > around Docker shutting down free accounts, container images are often set > up with default parameters not useful in a production environment (or eve= n > your specific dev environment) and are built against a particular kernel > version, so may not run as expected on a different kernel version. > > Again, only my opinion, but you're much better off building your own, > private, images targeting the particular OS/Kernel version you use in > dev/staging/production. In summary, prefer Dockerfiles over pre-built > images. > > I think the conversation we really need to have is not about copying > Docker, but instead how do we consistently create, run, and scale jails > across multiple FreeBSD hosts easily. > > Tim > > > On 2/4/23 02:54, Paul Mather wrote: > > On Mar 29, 2023, at 1:34 AM, John Levine <johnl@iecc.com> <johnl@iecc.com= > wrote: > > > It appears that Tomek CEDRO <tomek@cedro.info> <tomek@cedro.info> said: > > if there are lots of images for linux docker, and docker is linux only > solution, there is no reason to talk about it on bsd or even offer some > sort of images of bsd for linux right? > > Docker runs on MacOS with a linux emulation layer. FreeBSD already has > some linux emulation so in principle one could do the same thing, but > it'd be a lot of work for dubious benefit. > > I disagree it would be of dubious benefit. MacOS is a Tier 1 platform in= the Docker ecosystem. Using Docker Desktop on macOS makes using Docker an= d Kubernetes for development work very easy on that platform, meaning you c= an stay in the environment you prefer. MacOS is not Linux, but the impleme= ntation on there is to use a shim Linux VM via the built-in macOS hyperviso= r (which, IIRC, is a derivative of bhyve). > > It would be great if the same thing could be done on FreeBSD. It would b= e beneficial if there was a supported docker machine driver for bhyve on Fr= eeBSD. Right now, I believe the road to running Linux containers on FreeBS= D is to use the VirtualBox docker machine driver, which is a bit heavyweigh= t (in terms of added dependencies) for my liking. It would be nice if bhyv= e could be used to run the shim Linux VM. > > Other than that, much of the tooling to run Docker and Kubernetes is alre= ady in ports. But, those (e.g., in the case of Kubernetes) need to point t= o non-FreeBSD systems that are running the actual containers, pods, etc. I= t would be nice to be able to do it all on FreeBSD, at least for developmen= t and kicking-the-tyres purposes. > > Cheers, > > Paul. > > > > --=20 Mario. --00000000000044848d05f8e7c0c3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>It seems that docker now can run on FreeBSD natively,= not with the collaboration of bhyve. What do you think ?<br></div><div><div= class=3D"gmail-_3cjCphgls6DH-irkVaA0GM"><div class=3D"gmail-_292iotee39Lmt= 0MkQZ2hPV gmail-RichTextJSON-root"><p class=3D"gmail-_1qeIAgB0cPwnLhDF9XSiJ= M">He says : "Yes, OCI Containers on FreeBSD. What was proposed ages a= go as <a href=3D"https://www.truenas.com/blog/docker-done-right/" class=3D"= gmail-_3t5uN8xUmg0TOwRCOGQEcU" rel=3D"noopener nofollow ugc" target=3D"_bla= nk">Docker done right"</a></p></div></div></div><div><a href=3D"https:= //productionwithscissors.run/2022/09/04/containerd-linux-on-freebsd/">https= ://productionwithscissors.run/2022/09/04/containerd-linux-on-freebsd/</a></= div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_at= tr">On Tue, Apr 4, 2023 at 4:23=E2=80=AFAM Tim Preston <<a href=3D"mailt= o:tim@timpreston.net">tim@timpreston.net</a>> wrote:<br></div><blockquot= e class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px s= olid rgb(204,204,204);padding-left:1ex"> =20 =20 =20 <div> It can be done, with a bit of manual tinkering.<br> <br> Here is a gist which explains how to run Docker in a CentOS 8 VM (under bhyve). <br> <br> <a href=3D"https://gist.github.com/tehpeh/7e5329d295eca9539e6462f36b6ce= 9c0" target=3D"_blank">https://gist.github.com/tehpeh/7e5329d295eca9539e646= 2f36b6ce9c0</a><br> <br> It's a bit out of date but the general idea would be the same for CentOS stream, Alpine etc: install Docker, enable the service, open firewall/networking, nfs mount a local directory. This is pretty much what Docker for Mac does.<br> <br> If you're looking for the Docker hub image repository equivalent fo= r FreeBSD, take a look at Bastille templates or Potluck (<a href=3D"https://potluck.honeyguide.net/" target=3D"_blank">https://= potluck.honeyguide.net/</a>).<br> <br> However, and this is only my personal opinion, a pre-baked container image repository is a bad idea. Apart from the security issues and recent drama around Docker shutting down free accounts, container images are often set up with default parameters not useful in a production environment (or even your specific dev environment) and are built against a particular kernel version, so may not run as expected on a different kernel version.<br> <br> Again, only my opinion, but you're much better off building your own, private, images targeting the particular OS/Kernel version you use in dev/staging/production. In summary, prefer Dockerfiles over pre-built images.<br> <br> I think the conversation we really need to have is not about copying Docker, but instead how do we consistently create, run, and scale jails across multiple FreeBSD hosts easily.<br> <br> Tim<br> <br> <br> <div>On 2/4/23 02:54, Paul Mather wrote:<br> </div> <blockquote type=3D"cite"> <pre>On Mar 29, 2023, at 1:34 AM, John Levine <a href=3D"mailto:johnl= @iecc.com" target=3D"_blank"><johnl@iecc.com></a> wrote: </pre> <blockquote type=3D"cite"> <pre>It appears that Tomek CEDRO <a href=3D"mailto:tomek@cedro.info= " target=3D"_blank"><tomek@cedro.info></a> said: </pre> <blockquote type=3D"cite"> <pre>if there are lots of images for linux docker, and docker is = linux only solution, there is no reason to talk about it on bsd or even offer some sort of images of bsd for linux right? </pre> </blockquote> <pre>Docker runs on MacOS with a linux emulation layer. FreeBSD al= ready has some linux emulation so in principle one could do the same thing, but it'd be a lot of work for dubious benefit. </pre> </blockquote> <pre>I disagree it would be of dubious benefit. MacOS is a Tier 1 pl= atform in the Docker ecosystem. Using Docker Desktop on macOS makes using = Docker and Kubernetes for development work very easy on that platform, mean= ing you can stay in the environment you prefer. MacOS is not Linux, but th= e implementation on there is to use a shim Linux VM via the built-in macOS = hypervisor (which, IIRC, is a derivative of bhyve). It would be great if the same thing could be done on FreeBSD. It would be = beneficial if there was a supported docker machine driver for bhyve on Free= BSD. Right now, I believe the road to running Linux containers on FreeBSD = is to use the VirtualBox docker machine driver, which is a bit heavyweight = (in terms of added dependencies) for my liking. It would be nice if bhyve = could be used to run the shim Linux VM. Other than that, much of the tooling to run Docker and Kubernetes is alread= y in ports. But, those (e.g., in the case of Kubernetes) need to point to = non-FreeBSD systems that are running the actual containers, pods, etc. It = would be nice to be able to do it all on FreeBSD, at least for development = and kicking-the-tyres purposes. Cheers, Paul. </pre> </blockquote> <br> </div> </blockquote></div><br clear=3D"all"><br><span class=3D"gmail_signature_pre= fix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature">Mario.<br></d= iv> --00000000000044848d05f8e7c0c3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B1FSij9j922Nvv1Vhn43HznwpyGT99UZsU674G9hHWzR=UhvQ>