The official FreeBSD images have been renamed, but for some reason the person publishing did not supply a description in the 'Overview'. Perhaps this can be corrected along with some actual documentation in the Handbook. I know this work has to be done by volunteers but it really does need at least some rudimentary documentation from those that built these tools so that others can improve the documentation after they have gained a working knowledge.
Discover official Docker images from FreeBSD, an Open Source publisher on Docker Hub. Visit their profile and explore images they maintain.
hub.docker.com
The previous image descriptions are described in
https://freebsdfoundation.org/freebsd-container-images/ . The image sizes are a clue to how much functionality they have.
- “static” which contains just SSL certificates and timezone data. This can be used as a basis for statically linked applications.
- “base” which extends “static” by adding a selection of shared libraries to support a wide variety of dynamically linked applications
- “minimal” which adds the FreeBSD-runtime package and package management as before
- “small” which adds FreeBSD-utilities for broader support of shell-based applications.
I have been an early adopter/experimenter of Podman OCI Containers on FreeBSD but I could never quite achieve what I needed to do to use them instead of jails or porting existing Linux Docker containers to native FreeBSD versions. I either went back to building a FreeBSD jail or using Docker on Linux. The main reason being for this was
a lack of good official documentation in the FreeBSD Handbook, particularly when it came to networking and firewalling.
However, I have recently found a project that appears to have leapfrogged the official effort. I am sure you will find that the Daemonless project will be of use to you. I will be giving FreeBSD Podman another go now that Daemonless have solved my problem with undocumented FreeBSD container networking.
Discover why we built Daemonless. We are bridging the gap between the stability of FreeBSD Jails and the convenience of OCI containerization for developers.
daemonless.io
One thing that is noticeably different is 'dbuild' which I will have to learn. I am comfortable with Dockerfile/docker-compose/Scout and liked Podman because moving from Docker appeared to be easy and trouble free, it is not. There are similarities, but it does require spending time to learn the differences and accept them. I am sufficiently open minded to give dbuild a chance and stray outside of my comfort zone on Docker. If dbuild is the tool to make FreeBSD Podman work well, then I need to try it.
Master the full lifecycle of FreeBSD OCI images with dbuild. Automate native builds, cumulative integration tests, SBOM generation, and multi-arch registry pushes.
daemonless.io
If like me you like to read Docker files to see how a container is built, there does not appear to be any in the Daemonless container builds. I will have to learn how this works as I don't like the idea of not knowing what is actually inside my containers. There is a sbom.json published in each of their container repos which is informative but I can't see the sequence or how config files are added. I guess it will be some time before vulnerability analysis tools will be available to read the SBOM.
