From nobody Thu Apr 13 12:58:51 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Py05v295Bz44xxs for ; Thu, 13 Apr 2023 12:59:31 +0000 (UTC) (envelope-from miguelmclara@gmail.com) Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Py05t6J7gz3lD2 for ; Thu, 13 Apr 2023 12:59:30 +0000 (UTC) (envelope-from miguelmclara@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-lj1-x236.google.com with SMTP id n22so13602213ljq.8 for ; Thu, 13 Apr 2023 05:59:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681390768; x=1683982768; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WJymTps835dtNC6WrES3mPLOfzACme/tmWRhE0jxq2g=; b=Z0Xjg1g+H1GlduLOvR6itIjH2d+WrF/8u3tME9xq0NeTU+1O+F4oX9O0C/5xl2ty6r Mi5XwssgSIBffPOd1epP0IrQ4nmxEhBs8Z4bO+Yp0adizBh2aO+M4MH5MoXgOTMK7fti zSpDR0Mnx6bACUZQxNzBBEKN47b0vw47wdD1WIVjOFGYD2hNE57/QPJBgmcXJm2CRlu2 fArx4c6osyhmWRuAAGIRSCab162cDC30OIXn7edKSffWyE+4mSLS/JyUzmrTq5JguhHu RRbGLy9/h7CbnTfArm9HsuRXHmD6qTMshgyZ2GbaSrtj0MULxX4O3JpxjTZXJxi3+YQq s5Sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681390768; x=1683982768; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WJymTps835dtNC6WrES3mPLOfzACme/tmWRhE0jxq2g=; b=W97ZGLPgayufwpDDO6e5s+vjPzgWF444RXkK1d+X6R9eR2iXaF4MJbaud2JjBNm2Eo TROiXcfaqliss8n5scaqeE9HgGA9eokvc33rJnYGNch628jr7xe8iyjXhyk9IDlATVPq F0PwviNtbRPoSsN0yRCFWTwE91p4e0KqDpbNv2Wb14AG7fox9nzNhWv4KR1txDdTPhUy DZyn9rvCGNpRuictemK1aU9FPoxnBDCWn7xHxCdLCRABrKKwObmKb8i61hIAXponA6DS y51YlthZKX9muBgyRgiIIkfC47YRgqh0wdhPi8Hxc6jqRgGapmEYtGVYcH1hyMsZHOb9 rfPw== X-Gm-Message-State: AAQBX9eB7BeDpKB+vj5c9H2qh6PGQrK7ZoGMnyOxoFaB7W/JmfD2DBpk 8c9fsYc80IHM/C2UJi6OZUlhp99Zhx76B0jlH8s= X-Google-Smtp-Source: AKy350YMDmnf6scOuWwgIsYkkaYHVXXinvEbUSNh814b5ddg8FU72mqB3TsGWPo745jXDvk8FVIY028RGnmfmDiSAAU= X-Received: by 2002:a2e:90d3:0:b0:2a7:8295:cd00 with SMTP id o19-20020a2e90d3000000b002a78295cd00mr685218ljg.7.1681390768284; Thu, 13 Apr 2023 05:59:28 -0700 (PDT) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net> <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com> <6002f636-310b-a9fd-b82f-346618976983@timpreston.net> <20230412150350.12f97eb2c9dd566b8c8702d2@sohara.org> <1535315680.2770963.1681309684072@mail.yahoo.com> In-Reply-To: From: Miguel C Date: Thu, 13 Apr 2023 13:58:51 +0100 Message-ID: Subject: Re: Docker To: Mario Marietto Cc: Alejandro Imass , Paul Pathiakis , "Steve O'Hara-Smith" , Tim Preston , freebsd-questions Content-Type: multipart/alternative; boundary="00000000000078e9d805f9374b2e" X-Rspamd-Queue-Id: 4Py05t6J7gz3lD2 X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N --00000000000078e9d805f9374b2e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable 100% Agree with this, and the fact is there have been cases where there is that tolerance and there are maintainers making efforts to bring "linux" things to freeBSD even if via linux emulation. Docker has been mentioned many times in mailing lists and forums and there is always comments like "but why jails are much better" etc, sometimes not only intolerant but rude reply that serve only to drive people away IMHO. I also don't get why is that so complicated, is it just cause FreeBSD's maintainers/community don't want to even consider docker on FreeBSD? Couldn't we just run docker on bhyve? I'm sure it would serve the "just want to test this image purpose" but I suspect there will be some issues with Filesytem/network, not issues per say, but more like it likely takes some work to get this to run in easy manner, but I think I've seen mentions of using sshfs or zvols to make this part easier. MacOS and Windows use virtualization anyway, sure Docker "DESKTOP" is supported but docker, but they are still using a VM at the end of the day and handle the filesystem/network stuff for the user. I've never tried this my self but I don't think it should be that super complicated unless you plan to run docker on prod envs, I think here, the argument that "right tool for the job" is very valid.... I use docker on my macOS but I'm not going to run things in prod in macbooks ofc, I will still use Linux, K8s etc. Perhaps the FreeBSD foundation could invest a bit in getting a tool to easy the way of running docker through bhyve, I do believe this would be good for user adoption, but probably there are other priorities. On Thu, Apr 13, 2023 at 12:32=E2=80=AFPM Mario Marietto wrote: > The point of my argumentation is not if FreeBSD has or not good tools for > containerizing and securing applications. It has. Point is that the users > that don't know FreeBSD are tied to their own tools and rarely want to > change them. Almost everyone wants to change. But trying,experimenting an= d > changing something in the workflow is important,because every tool has ba= d > and good sides. There are many docker images already to be used on the ne= t > and this will save a lot of time and effort and money for a lot of people= . > This is a fact. And I think that it happened because Docker is...good. > FreeBSD has tools like docker,but the mass production of containerized > images never happened. So,would we ask ourselves the reason ? Maybe > something has not gone well. I use Linux and FreeBSD and I "love" both > these systems. Linux has a larger user base than FreeBSD. A larger user > base may mean more innovations in a small time,a faster bug correction an= d > so on. > > I think that mostly advantages from the implementation of docker on > FreeBSD will come from the user base. Mostly for those users that come fr= om > linux or other OS and that already use docker and kubernetes. I don't thi= nk > those users are a small number. Those users could jump to FreeBSD if Dock= er > / Kubernetes are implemented in FreeBSD. This could be the straw that > broke the camel's back. You argue that the jails are working already > great and that they should use them. I argue that the freebsd community > could have a more tolerant behavior to the users that could jump to the > FreeBSD world and they should not force them to learn only new technologi= es > at first. To have some important tools which work on multiple systems mea= ns > having a good business card. So,in the end I ask to myself and to you : > FreeBSD needs to grow in terms of community ? Does it need to be > populated by a bigger number of users that will come from another OS base > community ? > > On Thu, Apr 13, 2023 at 10:17=E2=80=AFAM Alejandro Imass > wrote: > >> >> >> On Wed, Apr 12, 2023 at 4:28=E2=80=AFPM Paul Pathiakis >> wrote: >> >>> I believe the simplest thing would be to wrap jails or iocage in an >>> interface that looks like and behaves Docker-like. >>> >>> >> and Bastille! >> >> >>> >>> > > -- > Mario. > --00000000000078e9d805f9374b2e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
100% Agree with this, and the fact is there= have been cases where there is that tolerance and there are maintainers ma= king efforts to bring "linux" things to freeBSD even if via linux= emulation.

Docker has been mentioned many times i= n mailing lists and forums and there is always comments like "but why = jails are much better" etc, sometimes not only intolerant but rude rep= ly that serve only to drive people away IMHO.

I al= so don't get why is that so complicated, is it just cause FreeBSD's= maintainers/community don't want to even consider docker on FreeBSD? C= ouldn't we just run docker on bhyve? I'm sure it would serve the &q= uot;just want to test this image purpose" but I suspect there will be = some issues with Filesytem/network, not issues per say, but more like it li= kely takes some work to get this to run in easy manner, but I think I'v= e seen mentions of using sshfs or zvols to make this part easier.

MacOS and Windows use virtualization anyway, sure Docker &q= uot;DESKTOP" is supported but docker, but they are still using a VM at= the end of the day and handle the filesystem/network stuff for the user.
I've never tried this my self but I don't think it= should be that super complicated unless you plan to run docker on prod env= s, I think here, the argument that "right tool for the job" is ve= ry valid.... I use docker on my macOS but I'm not going to run things i= n prod in macbooks ofc, I will still use Linux, K8s etc.

Perhaps the FreeBSD foundation could invest a bit in getting a tool to eas= y the way of running docker through bhyve, I do believe this would be good = for user adoption, but probably there are other priorities.



On Thu, Apr 13, 2023 at 12:32=E2=80=AFPM Mario Marietto <marietto2008@gmail.com> wrot= e:
The point of my argumentation is not if FreeBSD has or not good to= ols for containerizing and securing applications. It has. Point is that the= users that don't know FreeBSD are tied to their own tools and rarely w= ant to change them. Almost everyone wants to change. But trying,experimenti= ng and changing something in the workflow is important,because every tool h= as bad and good sides. There are many docker images already to be used on t= he net and this will save a lot of time and effort and money for a lot of p= eople. This is a fact. And I think that it happened because Docker is...goo= d. FreeBSD has tools like docker,but the mass production of containerized i= mages never happened. So,would we ask ourselves the reason ? Maybe somethin= g has not gone well. I use Linux and FreeBSD and I "love" both th= ese systems. Linux has a larger user base than FreeBSD. A larger user base = may mean more innovations in a small time,a faster bug correction and so on= .

I think that mostly advantages from the imp= lementation of docker on FreeBSD will come from the user base. Mostly=20 for those users that come from linux or other OS and that already use=20 docker and kubernetes. I don't think those users are a small number.=20 Those users could jump to FreeBSD if Docker / Kubernetes are implemented in FreeBSD. This could be the straw that broke the camel= 's back. You argue that the jails are working already great and = that they should use them. I argue that the freebsd community could have a = more tolerant behavior to the users that could jump to the FreeBSD world and th= ey should not force them to learn only new technologies at first. To have s= ome important tools which work on multiple systems means having a good business card. So,in the=20 end I ask to myself and to you : FreeBSD needs to grow in terms of co= mmunity ? Does it need to be populated by a bigger number of users t= hat will come from another OS base community ?

On= Thu, Apr 13, 2023 at 10:17=E2=80=AFAM Alejandro Imass <aimass@yabarana.com> wrote:=


On Wed, Apr 12, 2023 at 4:28=E2=80=AFPM Paul Pathiak= is <pathiaki2@y= ahoo.com> wrote:
I believe the simplest thing would be to wrap jail= s or iocage in an interface that looks like and behaves Docker-like.
<= div dir=3D"ltr">

and = Bastille!
=C2=A0


--
Mario.
--00000000000078e9d805f9374b2e--