> Am 20.05.2020 um 06:26 schrieb Greg A. Woods <wo...@planix.com>:
> 
> Sure, doing things smart/clean/elegant is definitely outdated when
> compared to the way many choose to work.  As I said, most seem to see
> the apparent surface simplicity of "docker pull nginx" as elegant
> enough.


I don’t use docker too and i‘m still curious why so many people i talk about 
linux containers confuse containers / lxc with „docker“. docker is just a 
(commercial) application of containers, like lxd, kubernetes, warden, lxc and 
many others today and i dont like that „dockerization of anything“ some people 
hype att because it makes things more inefficient / worse in many / most cases 
where other setups are much more efficient/ economical.

I like to avoid any kind of virtualization / „partitioning“ where possible too, 
but thats just one side of the medal, because in reality there are many 
scenarios where it won’t work without in a economically or way - because the 
application software ecosystem doesnt allow it without and scaling / HA / 
security is a rising factor too.

And i would prefer FreeBSD type jails over LXC if they are available on NetBSD 
btw..

At the end, NetBSD project will have to „decide“ about how much it play a role 
on larger network platform setups even as future „rich“ network equipment (like 
modern NAS or so) where (even with the „renaissance of bare metal“) „container“ 
(BSD jail) like isolation / „basic zoning“ is getting a required tool for 
growing amount of cases in the industry - be by security designs or business 
models etc..

BSD Jails was nearly not known / used (except from few „geeks“) over decades 
and with the availability of linux containers they got back significant 
attention in the last few years.

I dont know how far it would really cost in complexity to the NetBSD stack to 
„just“ get a similar to FreeBSD jails network „chroot isolation“ and 
„(pdeudo)virtual userspace“ (by uid/gid „offsets“ or so) get done (which 
typically uses a existing firewalling / net filter kind of stack (the most 
other required parts for such a basic jailing are still there in NetBSD). I 
can‘t believe that these costs will be higher then the won usability / 
application world it offers in the future, since Jails are not „geek niche“ 
anymore in the IT industry. 


so far,


niels.
—
http://www.syndicat.com

  


Reply via email to