Docker for FreeBSD 10.2

[cellini]

I am trying to get Docker to run on FreeBSD, but I'm experiencing an error.

anders@bsdserver:~ % docker run -t -i centos /bin/bash
ELF binary type "0" not known.
ELF binary type "0" not known.
jail: exec /bin/bash: Exec format error
jail: /bin/bash: failed

I was following the article from Ix-systems where it is written that I should work for 10.2

Feel free to move the post if this isn't the right forum section

 

[SirDice]

According to the wiki (https://wiki.freebsd.org/Docker) it requires 11-CURRENT (due to the needed 64 bit Linux compatibility). But it may have been backported already. Do you have a link to the article you followed?

 

[junovitch@]

PR 201299 is out there for the MFC of the 2.6.32 and 64-bit compatibility work and it hasn't been done yet.

I agree the article link would be helpful as I thought 11-CURRENT was the only option at this time. If Docker does work in a limited capacity on 10.2-RELEASE, by any chance is this CentOS 7? Keep in mind CentOS 7 is amd64 only. A Docker with i386 CentOS 6 might actually work.

 

[troublemaker]

Why use Docker when you have jails?

 

[cellini]

https://www.ixsystems.com/whats-new/docker-done-right/
If I understand right it would actually be docker in jail then I guess it can't be too bad.

 

[troublemaker]

https://www.ixsystems.com/whats-new/docker-done-right/
If I understand right it would actually be docker in jail then I guess it can't be too bad.

Ah, I didn't know that. I thought Docker only ran on containers. Good to know.

 

[SirDice]

Looking at the PR it seems the change never made it in 10.2-RELEASE. It may be added to 10-STABLE some time soon.

 

[cellini]

Yes it looks like that, I tried running it on 11-CURRENT and the CentOS container works but
docker pull jbarlow83/ocrmypdf did not work, but that might be the 64 bit Linux layer

Any idea when the new Linux compatible layer is coming to FreeBSD?

Was wondering if I was going to try to port it to FreeBSD, but not sure where to start, and when I have time for it.

 

[Oko]

Ah, I didn't know that. I thought Docker only ran on containers. Good to know.

Dockers no longer use Linux containers as their back end. Please check out Docker's back-end flavor of the day website for today's hot new back-end. What can you do? Typical Linux stuff. Who is going to wait 15-20 years to have mature technology like Solaris Zones or FreeBSD Jails?

 

[junovitch@]

Yes it looks like that, I tried running it on 11-CURRENT and the CentOS container works but
docker pull jbarlow83/ocrmypdf did not work, but that might be the 64 bit Linux layer

Any idea when the new Linux compatible layer is coming to FreeBSD?

Was wondering if I was going to try to port it to FreeBSD, but not sure where to start, and when I have time for it.

There is the patch in PR 201299 mentioned above that you can try. Reading the comments it does seem like developers more familiar on the topic feel it's not quite ready yet. It might hit 10-STABLE at some point but the next release on the schedule is 11.0-RELEASE in July 2016.

 

[Beastie7]

I'm having trouble understanding what exactly Docker is. Is it like an orchestration framework? How is it different than, say iocage?

 

[ced]

I'm having trouble understanding what exactly Docker is. Is it like an orchestration framework? How is it different than, say iocage?

It's kind of a very userfriendly wrapper for containers and jails as well as it is a very easy way to share and find whatever is built in a jail or container.

Say, your team developed a webapp that has quite a bit of prerequisites to run optimal. A user/customer of your app may be able to install all prereqs but it could take quite some time. Especially to have all versions correct. Your team did all R&D on Centos, but your customer installed Fedora. Let's say nginx's versioning is slightly different because of different patchlevels..whatever..And then we're only talking about nginx.. not even how folders are chmodded etc..anyway..you get the point..

Your team could save it as a docker container and push it to a central repository. Could be your own local one, it could be the official external docker repo. Whenever anyone wants to deploy your webapp, they can run docker pull webapp and it will pull the latest version of your webapp container to their system. Essentially, a docker run webapp will start that container/jail running Centos, with the exact nginx version that's been tested by QA in your team, all folder permissions are perfect and all the rest is exactly configured and setup how it was intended to be running. No matter which OS it's running on. As long as it supports docker, it will run how your team wanted it. And it can run as many times as you want... if you make a script that starts docker run webapp 250 times, you'll have it running 250 times.
So jails have been there for quite a while, way longer than Linux containers ever were, but docker has filled a sweetspot that wasn't there before. It made containers accessible, maybe even usable, for the masses.

Hope that clarifies things a bit

 

[Oko]

It's kind of a very userfriendly wrapper for containers and jails as well as it is a very easy way to share and find whatever is built in a jail or container.

No it is not! Docker has nothing to do with Jails and they no longer have anything to do with Linux containers.

 

[ced]

No it is not! Docker has nothing to do with Jails and they no longer have anything to do with Linux containers.

Yes and no... Originally docker was a wrapper for lxc-containers. Nowadays it's using its own 'libcontainer' using namespaces, cgroups and union filesystems. However it can still use the default lxc if you'd want to.
Also, for the BSD version, jails are very much used:

The following docker run:

freebsd-box% docker run -t -i lexaguskov/freebsd /bin/csh
# uname -a
FreeBSD  10.2-RELEASE FreeBSD 10.2-RELEASE #0 r286666: Wed Aug 12 15:26:37 UTC 2015     root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64
#

Gives this jls output:

$ jls
   JID  IP Address      Hostname                      Path
     3  172.17.0.3                                    /usr/docker/zfs/graph/9f8f2ed78c4a
$

But to run Linux based containers, we need to be running FreeBSD 11.0 or later.. .

More can be found here: https://docs.docker.com/engine/introduction/understanding-docker/

 

[Oko]

Yes and no... Originally docker was a wrapper for lxc-containers. Nowadays it's using its own 'libcontainer' using namespaces, cgroups and union filesystems. However it can still use the default lxc if you'd want to.
Also, for the BSD version, jails are very much used:

The following docker run:

freebsd-box% docker run -t -i lexaguskov/freebsd /bin/csh
# uname -a
FreeBSD  10.2-RELEASE FreeBSD 10.2-RELEASE #0 r286666: Wed Aug 12 15:26:37 UTC 2015     root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64
#

gives this 'jls' output:

$ jls
   JID  IP Address      Hostname                      Path
     3  172.17.0.3                                    /usr/docker/zfs/graph/9f8f2ed78c4a
$

But to run linux based containers, we need to be running FreeBSD 11.0 or later.. .

More can be found here: https://docs.docker.com/engine/introduction/understanding-docker/

I have heard the best description of Linux Dockers from a government technocrat a week ago in D.C. He said something along these lines. "We have heard of Solaris Zones and Crossbow 15 years ago but the rumors were that it was really difficult to configure. However it sounded so useful that we had to come up with something similar (Dockers) which is easy to use". I didn't bother to find out what were the rumors about FreeBSD jails in D.C. In reality Dockers are most similar to PC-BSD PBIs and are solving identical technical problem.

 

[ced]

Similar but not quite the same. A Docker container can actually be a full OS running on any other OS supporting docker, but it could be a few megabytes sized golang app that also runs on any Docker supporting OS. This is something jails can't do today, and the PBI's AFAIK also can't (yet) run a FreeBSD-based PBI on an OpenBSD system. So, not there yet.

I like Docker.. But I like BSD a lot as well.. until recent, those two didn't marry very well..now things are changing. Hopefully for the good. I'd love to see the folks over at CoreOS ditch their Gentoo-based base-system in favor of a BSD flavour.

Anyway, we're sidetracking. I guess I should stop ranting before moderators come kick me out - the new forum member I happen to be
The above info should be enough info for anyone who wants to get Docker up and running on FreeBSD as well as docs where to find more information about its inner workings.

 

[Oko]

similar but not quite the same.. a docker container can actually be a full OS running on any other OS supporting docker, but it could be a few megabytes sized golang app that also runs on any docker supporting OS. This is something jails can't do today, and the PBI's afaik also can't (yet) run a FreeBSD-based PBI on an OpenBSD system. So..not there yet.

And what other operating system besides GNU/LInux supports Docker? Security is not even afterthought in the land of Dockers.
As of Jails they do have their problems. As observed 6 years ago Jails are completely wrong security concept from the pure mathematical point of view

However in the practice they mostly work aside that major security exploits affecting Sony Playstation 4. I don's see that Dockers run on any operating system besides GNU/Linux. Docker are invented on GNU Linux in part to combat distro "diversity". You know all that 900 something Ubuntu derivatives with different wall papers. BSDs have no distros for most part (PC-BSD/TrueOS, GhostBSD, and former DesktopBSD being exceptions). FreeBSD, NetBSD, OpenBSD, and DragonFly are four completely different OS which are all UNIX like and decedents of BSD 4.4 light but that is where similarity stops.
Why would I expected anything coded on DF or Open to run on Free an opposite.

I like docker.. But I like BSD a lot as well.. until recent, those two didn't marry very well..now things are changing. Hopefully for the good. I'd love to see the folks over at CoreOS ditch their gentoo-based base-system in favour of a BSD flavour.

I don't but I use them when I get paid to do it. My crystal ball is telling me that 5 years from now nobody will care about Dockers just like nobody cares about RaiserFS or whatever was the next best file system coming out of Linux. My feeling that at the end of the day somebody will pay big money for Solaris Zones and Crossbow to be implemented on Linux and then Zones will become user friendly over night just like SGI ported XFS to Linux to use file system analogy again.

 

[Oko]

Docker runs on bare metal on Joyent's SmartOS.

Which takes us back to that "Solaris Zones and Crossbow 15 complicated stuff". I think It would have been much easier for people to use Solaris, Illuminos, or SmartOS if you like than reinvent hot water on Linux.

 

[ced]

It's kinda like Apple and their stuff..it's not that they necessarily invented new stuff..but they made it in such way it's very approachable and damn intuitive to use. Docker may not be that secure, but by now it's proven to be popular with so many people. Either it will become better, or a more secure alternative being just as userfriendly will come along. Isn't that how it's always going?

 

[alexandari]

Docker runs on FreeBSD 11. However, "Error response from daemon: Cannot pause container 65997041c1ca: pause is not supported for jail execdriver." Awesome.

 

[SirDice]

Docker on FreeBSD is experimental. Limitations of the 64bit Linux compatibility subsystem will impact some Linux ABI containers and your testing and feedback is appreciated to help resolve any such issues.

The freebsd-virtualization mailing list, as well as the IRC channels #freebsd-docker and #bhyve on chat.freenode.net are good places to participate.

https://wiki.freebsd.org/Docker

 

[Oko]

Docker runs on FreeBSD 11. However, "Error response from daemon: Cannot pause container 65997041c1ca: pause is not supported for jail execdriver." Awesome.

What are you trying to accomplish by using Docker on FreeBSD? What problems are you trying to address?

 

[alexandari]

What are you trying to accomplish by using Docker on FreeBSD? What problems are you trying to address?

I'm trying to make something of the FreeBSD I have installed at the moment. Everything is either not working, has no community support (except probably this forum, I'm a BSD noob) or doesn't really impress me. No disrespect, I am trying to learn something new. That's why I was trying to run Docker on FreeBSD. I'm a Linux guy BTW.

 

[tobik@]

I'd try something that is FreeBSD native and not experimental like sysutils/iocage.

I suggest you open new threads and tell us what problems you have so that we can try to fix them or point you at the right docs.

You can find other FreeBSD support channels in the handbook: https://www.freebsd.org/doc/handbook/eresources.html
and on IRC: https://wiki.freebsd.org/IrcChannels

 

[mnd999]

Would be interested to know where we stand with Docker on 10.3, now we have 64bit Linux support. I've installed the docker-freebsd port and it will run FreeBSD docker images fine. Linux images complain that the kernel is too old, not sure if that's just because it's checking for 11-CURRENT or whether there are still some features missing.