Rather than telling the difference between how command line utilities take arguments and how the file structure is differently laid out, I expected the article to present FreeBSD advantages and to tell me which software works on FreeBSD.
I don't use *Nix for the desktop but I would love to find out that FreeBSD allows me to run Kubernetes, Elastic Search, Redis. That I can achieve more throughput with FreeBSD, that Postgres and MongoDB are more performant than on Linux and that the system is more reliable than Linux.
How ls and grep works on FreeBSD is no concern of mine. But running Docker is.
K8s and Docker are purely Linux things. Use Linux for that. Its like you would say "I really like these Jails, on which Linux distribution I can run them on?" :) On FreeBSD You use Jails and Bhyve.
Which I happen to know. But it was an example. If I am going to switch to FreeBSD it has to run the software I need, not to merely provide alternatives. And it has to do it better.
Saying that FreeBSD has jails as an alternative is akin to saying Linux has Gimp as an alternative to Photoshop. Not many are going to switch operating systems to use Gimp instead of Photoshop.
Docker is just namespaces and cgroups. You do not have separation between host and the containers on Linux - you need additional software for that - like AppArmor or SELinux. The FreeBSD Jails are secure and separated from the host on the contrary. FreeBSD Host can access Jails but Jails can not access Host resources - unless consciously configured to do so.
As for the usage ... FreeBSD Jails can have their OWN network stack (with own firewall and interfaces) while Docker can only use Linux network namespaces.
You can launch/start a single process Jail and a single process Docker - here they are similar. You can also unpack entire operating system userland in both and it will also run - with own packages database etc.
Okay, thanks for the information! Sounds like I would still prefer jails.
Managing Docker always sounded complicated compared to managing jails. It is literally just a configuration file and a copy of userland on the file system. If you are a little clever, you can share the userland and additionally create templates which are really just some directories on your file system with additional stuff you want to put in.
Docker is more on ease of use and distribution. Convince over all major parties (Windows, MacOS, Linux). Docker Compose for building interconnected services ( it even does dns resolution for you, so you can reach your services by short names not caring on IPs).
Then it become natural for teams to share dockerfiles as way for sharing environment setups in all the same way.
Using `docker run something` requires zero to none knowledge of the OS, Networks (nat included), packages. Everything will be auto downloaded.
Okay, interesting! I want to be in control of all those things(OS, Networks(nat included), packages).
I roll my own packages using poudriere that I then distribute using FreeBSDs binary package management system... to my jails. XD
That way I get a coherent well configured system everywhere.
And hundreds of thousands of devs [nowdays we say developer, really meaning web related developer like Javascript] don't care.
They want be in control of their API, but not boring sysadmins stuff.
Jails are targeting sysadmins, thus Docker wins the adoption.
Like cars with manual transmission.
> But the manual transmission is dying out. Just 41 out of the 327 new car models sold in the United States in 2020, or 13%, are offered with a manual transmission, according to data from Edmunds. That is a tremendous drop from less than a decade ago. In 2011, 37% percent came with manuals.
I don't think the analogy to manual transmission is correct - The way I have configured poudriere/pkg it's very rare I have to intervene, unlike with a manual transmission where the driver is directly involved in the control loop.
But since I am in charge of the control loop, I can change it any time I please.
Right now I am changing my poudriere configuration for the first time in years to build my packages using LibreSSL instead of OpenSSL. Sure, it requires some tinkering(not alot though) but that tinkering is completely optional on my part.
I find transmission sample in good correlation of decreased jails (manual, sysadmin way transmission) usage and increased docker usage (automated gearbox tooling).
Yet I have practical question for every Jails user, especially when I see "I did..." statements, like in yours:
>The way I have configured poudriere/pkg
How it works for _team_, how it works for "we", where common ground is expected. I have seen teams of 5-10 using Docker as base ground for their dev (local laptops with Windows, MacOS,Linux)/stage/prod envs, but I have not heard on any of such kind with Jails over last 10 years.
I hardly can imagine that without forcing everyone to switch to FreeBSD as daily driver. Can you share experience of your team?
As you require Docker/k8s there is not much that can be done here - just stick to Linux (or use them in a FreeBSD Bhyve VM but we know its better to just use Linux).
Just like with your Photoshop (or Lightroom) example - if you need to run one - you use macOS or Windows for that - Linux also not possible here.
Correct, K8s and Docker will only work one single platform, namely Linux and Windows. No, wait, that's two. K8s and Docker can only possibly run on these two platforms: Linux, Windows and macOS. Ok, let me start over. The three platforms that support K8s and Docker are Linux, Windows, macOS and Oracle Solaris[1]. That's not... ok, the FOUR and ONLY four platforms that can run K8s and Docker are Linux, Windows, macOS, Illumos[2], Solaris, SmartOS, and FreeBSD.[3] How many did I say?
K8s and Docker run anywhere someone is driven to make them run.
[2] https://illumos.org/docs/about/features/
"LX-branded zones provide the Linux system call interface, allowing you to run most Linux application binaries without recompiling them for illumos. This facility is available in several illumos distributions, including SmartOS and OmniOS."
"The Docker platform runs natively on Linux (on x86-64, ARM and many other CPU architectures) and on Windows (x86-64)."[1]
macOS Docker performance leaves much to be desired, but this is moving goal posts and suggestive of infinite ignorance: nothing other than Docker on Linux is acceptable. But Docker is just software and it will work wherever, and it has its limitations and plenty of competition to do what it doesn't do or does poorly. Die on the Docker Linux hill if you wish, but, last I checked, platform agnostics are versatile, more marketable, and more valuable, while penguinistas have become all too common. "Give me Philips head screwdrivers or give me death! How can you still use flathead drivers? Or star bit drivers? LOL You're not even screwing seriously. Real men use Phillips." Same thing, really. When you need tools to work, you'll take care of them. But precious few, if any, actually worship them.
Chances are that PostgreSQL will be more performant on FreeBSD, but that would require a wee-bit of very specific fine-tuning for specific workload pgsql is doing and it would ultimately be thanks to ZFS, which I think is default on FreeBSD ( would work on linux as well, if setup correctly ). See here for more info on how and why's - https://people.freebsd.org/~seanc/postgresql/scale15x-2017-p...
I have used jails, though a slightly harder to set up, once setup it works great. I used it to open up ssh to an empty jail as a kind of file server. Mainly to sftp files to that I change on my laptop at a remote site. This is in the days before the "cloud".
I am always mystified why FreeBSD and Jails never took off as "the" cloud environment.
I think you know that Docker is built on cgroups, which is a Linux kernel feature and that as a result it will work as badly as it does on other things that are not Linux.
Many FreeBSD user do care about jails, but they’re certainly not as easy to use as docker and so they’re not (anymore) going to get anyone rushing to drop Linux and move to FreeBSD.
Docker spanked a ton of VC money hosting the worlds software to create the smooth developer experience that we’ve come to expect from them. I don’t really see how an open source project is supposed to compete with that. Particularly as, whilst they gained a lot of mindshare, they don’t show any signs of getting their money back.
> I don’t really see how an open source project is supposed to compete with that.
Two parts here.
Part 1
docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.
Moby is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.
Seems to be OpenSource project for me.
Part 2
Jails were first introduced in FreeBSD version 4.0, that was released on March 14, 2000.
while Docker was publicly released on March 2013. 13 years of advance to give developers what they need. To give enterprises what they need. To get the hype at least.
From my POV - more than enough time to create solution on this. TrueNAS did for NASes.
The VNET enabled FreeBSD Jails (separate network stack) are more complicated - at start only - you need to get to know how to use the new epair(4) VNET interfaces etc.
It's probably easier for specific use cases where Jails better be compared to LXD and when you need "system" inside your VE (virtual environment)/Jail. And that's not what docker targeting much.
For the even simple real life use case, I and my team had for running tests over our site with https://www.sitespeed.io/ :
Use our Docker container to get an environment with Firefox, Chrome, Edge, XVFB and sitespeed.io up and running as fast as you can download them. They work extremely well together with Graphite/InfluxDB and Grafana that you can use to monitor your web site.
docker run --rm -v "$(pwd):/sitespeed.io" sitespeedio/sitespeed.io:26.1.0 https://www.supersite.io/
Our fronted dev and SEO guys can do from their MacOS/Windows machines with 0 knowledge of Linux and docker, just by copypaste the command in _under_ 5 minutes.
Achieving the same with Jails in even 1 hour is beyond my imagination.
Still struggling to hear any real life good samples of team work with Jails instead of Docker.
I don't use *Nix for the desktop but I would love to find out that FreeBSD allows me to run Kubernetes, Elastic Search, Redis. That I can achieve more throughput with FreeBSD, that Postgres and MongoDB are more performant than on Linux and that the system is more reliable than Linux.
How ls and grep works on FreeBSD is no concern of mine. But running Docker is.