> Am 20.05.2020 um 06:26 schrieb Greg A. Woods <wo...@planix.com>:
>
> Sure, doing things smart/clean/elegant is definitely outdated when
> compared to the way many choose to work. As I said, most seem to see
> the apparent surface simplicity of "docker pull nginx" as elegant
> enough.
I don’t use docker too and i‘m still curious why so many people i talk about
linux containers confuse containers / lxc with „docker“. docker is just a
(commercial) application of containers, like lxd, kubernetes, warden, lxc and
many others today and i dont like that „dockerization of anything“ some people
hype att because it makes things more inefficient / worse in many / most cases
where other setups are much more efficient/ economical.
I like to avoid any kind of virtualization / „partitioning“ where possible too,
but thats just one side of the medal, because in reality there are many
scenarios where it won’t work without in a economically or way - because the
application software ecosystem doesnt allow it without and scaling / HA /
security is a rising factor too.
And i would prefer FreeBSD type jails over LXC if they are available on NetBSD
btw..
At the end, NetBSD project will have to „decide“ about how much it play a role
on larger network platform setups even as future „rich“ network equipment (like
modern NAS or so) where (even with the „renaissance of bare metal“) „container“
(BSD jail) like isolation / „basic zoning“ is getting a required tool for
growing amount of cases in the industry - be by security designs or business
models etc..
BSD Jails was nearly not known / used (except from few „geeks“) over decades
and with the availability of linux containers they got back significant
attention in the last few years.
I dont know how far it would really cost in complexity to the NetBSD stack to
„just“ get a similar to FreeBSD jails network „chroot isolation“ and
„(pdeudo)virtual userspace“ (by uid/gid „offsets“ or so) get done (which
typically uses a existing firewalling / net filter kind of stack (the most
other required parts for such a basic jailing are still there in NetBSD). I
can‘t believe that these costs will be higher then the won usability /
application world it offers in the future, since Jails are not „geek niche“
anymore in the IT industry.
so far,
niels.
—
http://www.syndicat.com
