From nobody Sun Apr 16 15:04:45 2023
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Pztlb6Tyfz45Vv7
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Sun, 16 Apr 2023 15:05:15 +0000 (UTC)
	(envelope-from 93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com)
Received: from s1-b515.socketlabs.email-od.com (s1-b515.socketlabs.email-od.com [142.0.181.21])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4PztlZ6LVPz3R7j
	for <freebsd-questions@freebsd.org>; Sun, 16 Apr 2023 15:05:14 +0000 (UTC)
	(envelope-from 93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=tundraware.com header.s=slkey header.b=Trq7gwYY;
	dkim=pass header.d=email-od.com header.s=dkim header.b="Ij/2R2L8";
	spf=pass (mx1.freebsd.org: domain of 93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com designates 142.0.181.21 as permitted sender) smtp.mailfrom=93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com;
	dmarc=pass (policy=reject) header.from=tundraware.com
DKIM-Signature: v=1; a=rsa-sha256; d=tundraware.com;s=slkey;
	c=relaxed/relaxed; q=dns/txt; t=1681657515; x=1684249515;
	h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:in-reply-to:from:references:to:content-language:subject:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to;
	bh=pBETrSMNFi7ToQYyHwu+liPqpRk98fypV8FUvGB+lqg=;
	b=Trq7gwYYbLOzABmMVUfxY5J5bwXPZhs3PKOjETSG8ex6Oz1VOTkx7BmIUPhuOi4Y3deWDIEq6sjqzhHDxfryrI/FxEGzb9YifziSC75mQP1078oS81zkc+UqyUzOq4T/8mKWNqrEKfB58Bw4aYoOnoKcpeJK43rKmThfDpvrE7h+10+ZVevTnBp8ihHjfOJP4JvcrdQpTA2sSZAo8eHomyLoOB88S9PUPq5N2MNmZgLgQdh4cIHsHMxaeAODCFBiCJPDZQMwk/U6s87tE4K+kRPyhnJedGWXoNVPy5MEujPbcaHVZZhxvt+Oak8AvZvrP/9dAx+IPQNgq1hsp8n61A==
DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim;
	c=relaxed/relaxed; q=dns/txt; t=1681657515; x=1684249515;
	h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:in-reply-to:from:references:to:content-language:subject:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to;
	bh=pBETrSMNFi7ToQYyHwu+liPqpRk98fypV8FUvGB+lqg=;
	b=Ij/2R2L8P3+TpWte1R7/HOb0IyO7qMhneT3HYwjEWDrSL+zYLbyFm24Ow49J+Gi572AS+UjeU0wewx3+F0Mpw7eRujF2r08PP6Dksg5Azhu2/pqSrCgCgmTvND8+9lFMWGyuhW5+Val18g7mM1hq1E1a+3yi8evQ6cLtsYX3qEI=
X-Thread-Info: OTNhYi4xMi5jM2E4MDAwNDUyMDc4Yy5mcmVlYnNkLXF1ZXN0aW9ucz1mcmVlYnNkLm9yZw==
Received: from r2.h.in.socketlabs.com (r2.h.in.socketlabs.com [142.0.180.12]) by mxh4.email-od.com
	with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sun, 16 Apr 2023 11:05:01 -0400
Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) by r2.h.in.socketlabs.com
	with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sun, 16 Apr 2023 11:05:01 -0400
Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73])
	(authenticated bits=0)
	by oceanview.tundraware.com (8.17.1/8.17.1) with ESMTPSA id 33GF4pfD064885
	(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO)
	for <freebsd-questions@freebsd.org>; Sun, 16 Apr 2023 10:04:51 -0500 (CDT)
	(envelope-from tundra@tundraware.com)
Message-ID: <6cbc4a9e-bbb0-bedb-2941-9511c4232312@tundraware.com>
Date: Sun, 16 Apr 2023 10:04:45 -0500
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
Sender: owner-freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.10.0
Subject: Re: Docker
Content-Language: en-US
To: FreeBSD Mailing List <freebsd-questions@freebsd.org>
References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org>
 <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu>
 <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net>
 <CA+1FSij9j922Nvv1Vhn43HznwpyGT99UZsU674G9hHWzR=UhvQ@mail.gmail.com>
 <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net>
 <CA+1FSijc+-OLNsyFNdR=jP3VzMi4zUE92i5iv9Pfg6AryDy_KQ@mail.gmail.com>
 <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com>
 <CA+1FSihVrJ8cZ4ZU6mMr0sKJsZ98V4fh2vpDLugw7MGj-+EBPg@mail.gmail.com>
 <CA+1FSijL50mQ-HveBA4HZeNkSoaORv=aty-15nNLzn9amzY_nw@mail.gmail.com>
 <6002f636-310b-a9fd-b82f-346618976983@timpreston.net>
 <CA+1FSigV_pPwVW+Dd8WZYGcNQVt7+YOcsnJFoRhS6jL5A636pg@mail.gmail.com>
 <d0da9627-3ff7-fcca-f9dc-6c2d1c874ef2@tundraware.com>
 <9efb1204ede36008eb1bc83b6048d9c41ea2ab86.camel@riseup.net>
From: Tim Daneliuk <tundra@tundraware.com>
In-Reply-To: <9efb1204ede36008eb1bc83b6048d9c41ea2ab86.camel@riseup.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Sun, 16 Apr 2023 10:04:51 -0500 (CDT)
X-TundraWare-MailScanner-Information: Please contact the ISP for more information
X-TundraWare-MailScanner-ID: 33GF4pfD064885
X-TundraWare-MailScanner: Found to be clean
X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted),
	SpamAssassin (not cached, score=-3.886, required 6,
	autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90,
	NICE_REPLY_A -0.98, T_SCC_BODY_TEXT_LINE -0.01)
X-TundraWare-MailScanner-From: tundra@tundraware.com
X-Spam-Status: No
X-Spamd-Result: default: False [-3.70 / 15.00];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	DMARC_POLICY_ALLOW(-0.50)[tundraware.com,reject];
	FORGED_SENDER(0.30)[tundra@tundraware.com,93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com];
	R_DKIM_ALLOW(-0.20)[tundraware.com:s=slkey,email-od.com:s=dkim];
	R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20];
	MIME_GOOD(-0.10)[text/plain];
	MIME_TRACE(0.00)[0:+];
	FROM_NEQ_ENVFROM(0.00)[tundra@tundraware.com,93ab.82.c3a8000452078c.b88e050e4603b8e75a48e3f13eb06e01@email-od.com];
	RCVD_IN_DNSWL_NONE(0.00)[142.0.181.21:from];
	MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org];
	RCVD_TLS_LAST(0.00)[];
	ASN(0.00)[asn:53658, ipnet:142.0.180.0/22, country:US];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	TO_DN_ALL(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	ARC_NA(0.00)[];
	DKIM_TRACE(0.00)[tundraware.com:+,email-od.com:+];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
	RCVD_COUNT_THREE(0.00)[4];
	DWL_DNSWL_NONE(0.00)[email-od.com:dkim]
X-Rspamd-Queue-Id: 4PztlZ6LVPz3R7j
X-Spamd-Bar: ---
X-ThisMailContainsUnwantedMimeParts: N

On 4/16/23 03:14, Ralf Mardorf wrote:
> On Sat, 2023-04-15 at 22:00 -0500, Tim Daneliuk wrote:
>> Docker is many things.  It is a virtually private filespace running over
>> a common Linux kernel.  In this regard, it's basically a high-
>> class version of chroot.
> 
> Used with intellect and application-related I like Linux, chroot,
> systemd-nspawn and hypervisors a lot. However, the countless container
> approaches flooding linux are just odd workarounds in order not to have
> to deal with fundamental things that would have to be changed. At some
> point adding a layer above a layer above a layer above layer becomes
> pure madness.

To all intents and purposes, the only thing that matters are
docker and Kubernetes (and maybe Swarm).  All the rest of it is - at
least for the moment - various science experiments that can be ignored for
production computing.

Docker alone makes a ton of sense for simple/small microservice
and deployment problems.  I wrote some tooling for this smaller case.
See:

     https://gitbucket.tundraware.com/tundra/dockersand

Kubernetes makes a lot of sense when you're running microservices
at hundreds- or thousands- scale.   But at the scale, you have to
find a way to simplify service discovery, observability, a operational
integrity.  That's what Istio/Anthos sidecars are for.  These tools
have been proven in very large scale deployments by people like
Netflix and Lyft.

My point is that these extra pieces of tooling are not really "layers"
such much as ways to manage running containers at large scale.  They
are not needed or recommend for smaller use cases.