From nobody Sun Apr 16 03:00:03 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PzZgW5JvNz45dFx for ; Sun, 16 Apr 2023 03:00:39 +0000 (UTC) (envelope-from 93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com) Received: from s1-b515.socketlabs.email-od.com (s1-b515.socketlabs.email-od.com [142.0.181.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PzZgV6q7lz4Kyg for ; Sun, 16 Apr 2023 03:00:38 +0000 (UTC) (envelope-from 93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=tundraware.com header.s=slkey header.b=kpwQjYK3; dkim=pass header.d=email-od.com header.s=dkim header.b=wg2OHNsu; spf=pass (mx1.freebsd.org: domain of 93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com designates 142.0.181.21 as permitted sender) smtp.mailfrom=93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com; dmarc=pass (policy=reject) header.from=tundraware.com DKIM-Signature: v=1; a=rsa-sha256; d=tundraware.com;s=slkey; c=relaxed/relaxed; q=dns/txt; t=1681614039; x=1684206039; h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:in-reply-to:to:from:content-language:references:subject:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to; bh=cE55szWBkit4N4pxyFQhsbZ0hMacr8NwzMXYV3lygbU=; b=kpwQjYK3+QctHC1p+z3ujCiMo2r/pFl7mJ91xA+sUUKmTrtmxSZ61xx4VerAWgwZgARf6uqAod4nz+hD6E1cG8WDu2mxcXlXRRUbxdiLf1WDmS6qdqUT+xeBEkfQIXil5vh643WLpU9XyBh5Zed3iJwXVwwbSSNXZYrlthxrKJjuTy/zvFpcFhmh+XfC/ppuUQirOC1lo749o25GCcAib5g9/00fnxX8deI/DyHWJyJ/aw9yMslIpyQYDkI3DrIGLRY2sqc4oJVJjn4udUtWL1769IjEBlI+8voXhhHCkWjgfnjRC8/qt3K+f6FA/c6d1C846krChP0X6T2EvUkGDQ== DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1681614039; x=1684206039; h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:in-reply-to:to:from:content-language:references:subject:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to; bh=cE55szWBkit4N4pxyFQhsbZ0hMacr8NwzMXYV3lygbU=; b=wg2OHNsuEXaXZl7SCeVzuht/BvBlNS69sTPnCCJsge+o5sgx7LofOLpb2dNQNP5zRT223KCNVWT/YuT2jqa2/yHO5yx5q+hB/GW78qehUpMTLEhQC9SaYSepK7/Rj2kCLORIcBW+a3n184yfiHn4AisY4XwSGu9/LHwt3X2upGs= X-Thread-Info: OTNhYi4xMi5jM2E4MDAwNDQ5YjdhYy5mcmVlYnNkLXF1ZXN0aW9ucz1mcmVlYnNkLm9yZw== Received: from r1.us-west-2.aws.in.socketlabs.com (r1.us-west-2.aws.in.socketlabs.com [142.0.190.1]) by mxh4.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sat, 15 Apr 2023 23:00:28 -0400 Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) by r1.us-west-2.aws.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sat, 15 Apr 2023 23:00:27 -0400 Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.17.1/8.17.1) with ESMTPSA id 33G308xO000409 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Sat, 15 Apr 2023 22:00:08 -0500 (CDT) (envelope-from tundra@tundraware.com) Message-ID: Date: Sat, 15 Apr 2023 22:00:03 -0500 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: Docker References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net> <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com> <6002f636-310b-a9fd-b82f-346618976983@timpreston.net> Content-Language: en-US From: Tim Daneliuk To: freebsd-questions In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Sat, 15 Apr 2023 22:00:08 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 33G308xO000409 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-5.246, required 6, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, NICE_REPLY_A -2.35) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Spamd-Result: default: False [-3.70 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; DMARC_POLICY_ALLOW(-0.50)[tundraware.com,reject]; FORGED_SENDER(0.30)[tundra@tundraware.com,93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com]; R_DKIM_ALLOW(-0.20)[tundraware.com:s=slkey,email-od.com:s=dkim]; R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; FROM_NEQ_ENVFROM(0.00)[tundra@tundraware.com,93ab.82.c3a8000449b7ac.e9eaa2330d45ce8aeffd1bcdc9bf441a@email-od.com]; RCVD_IN_DNSWL_NONE(0.00)[142.0.181.21:from,142.0.190.1:received]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:53658, ipnet:142.0.180.0/22, country:US]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[tundraware.com:+,email-od.com:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_COUNT_THREE(0.00)[4]; DWL_DNSWL_NONE(0.00)[email-od.com:dkim] X-Rspamd-Queue-Id: 4PzZgV6q7lz4Kyg X-Spamd-Bar: --- X-ThisMailContainsUnwantedMimeParts: N On 4/12/23 08:38, Mario Marietto wrote: > ---> Docker will NEVER run on FreeBSD, because Docker is built on technologies which only exist in the Linux kernel. > > I don't agree with this. In my humble opinion Docker can run on FreeBSD. For sure,not using the same technology that it uses on Linux. By way of introduction, I have been a BSD user before it ever existed in any form on x86 machinery, starting with Sun workstations and a variety of machinery thereafter. My first version of FreeBSD was 1.0 and I have also done Linux platform engineering approaching 20 years now. Finally, I have lead teams to deliver Kubernetes/Docker implementation for a $1 Billion US commercial interest. I have stayed out of this mostly because I hate listening to internet "experts" running Linux on their RPis who think they are 1st class systems engineers. Also, I generally try to be nice. But some of the commentary here show a lack fundamental clarity about what docker is, how it is implemented, and why it is used. So, lets see if we can shine some light on this: 1. Docker is many things. It is a virtually private filespace running over a common Linux kernel. In this regard, it's basically a high- class version of chroot. And this COULD be reimplemented notionally on FreeBSD. That's roughly what jails do as I recall. 2. Trying to run docker binaries on a FreeBSD kernel might be a good science experiment but it would likely be inefficient and unstable without a ton of work because the kernel architectures of FreeBSD and Linux are fundamentally different. There are potentially ways to do this - say running FreeBSD and Linux kernels as Mach servers and then writing a bunch of userland glue to make it look like docker is running on FreeBSD. But it is a nonsensical idea. It's doesn't solve a problem that needs fixing. 3. But docker is far more than this, as the term is normally used. It is an entire ecosystem built in layers on top of core containerization. Among these include Kubernetes, Swarm, and Anthos/Istio just for starters. Then there's all the third party tooling to deploy an manage microservices written using these various systems. These aren't toys or some hobby hackery, they are commercial grade bet-your-business capabilities that aren't going to run on some cross-OS experiment. They represent likely 100s of thousands of man hours of work and 10s of millions in expenditure and that's not going to get replicated on a volunteer basis anytime soon. 4. You're not going to see docker on FreeBSD in any meaningful way because it's not worth doing and doesn't solve a significant problem begging to get fixed. 5. Professionals use all the tools in the toolbox when/as they make sense. FreeBSD and Linux coexist happily in some of the biggest data centers in the world. There are commercial NAS products written in FreeBSD, for instance, that are plugged into networks running hundreds or even thousands of Linux servers. The point is, you don't have to choose one, you can choose both. 6. But if you want to have a go at this, here's a way to get started. - Write a userland abstraction for FreeBSD that looks, feels, and runs like native docker. - Build *reliable and self annealing* IPCs between that abstraction and an actual Linux machine which is truly running docker. Make sure it isn't noticeably slower than just running straight on Linux. - When you have this done, you will have given FreeBSD users the docker experience you claim is desperately needed. - Now all you have to do is port Kubernetes, Swarm, and Isto/Anthos over to get the world to come to FreeBSD. Good luck ...