Jails vs Podman vs VM

martinrame · Wednesday at 5:34 PM

At our company, we’ve been building and deploying our products inside 13.4 jails. However, since new customer installations are now running on FreeBSD 15, we no longer have access to 13.4 jails. As a result, the 13.4 builds we create on our own servers do not run on our customers’ newer systems.

Given this situation, we’re evaluating alternatives such as containers (Podman) or virtual machines.

That said, I still prefer jails because their overhead is minimal. For example, a VM typically requires a large zvol, compared to a simple ZFS dataset for a jail.

Has anyone run into a similar situation? How did you solve it?

Leonardo

POSIX.1 · Wednesday at 5:49 PM

You should be able to run any jails created with a lesser or equal version than the jail-host's version.

hedwards · Wednesday at 6:23 PM

I take it you're referring to thin jails there as thick jails, from what I can work out, aren't that much different in terms of size and resources from podman or docker containers. I'm still working out how to do it, but from what I've read you can even export those to OCI compliant containers these days. I wouldn't personally bother with VMs unless you need the extra level of isolation and/or ability to easily move the VM to a different computer.

martinrame · Thursday at 12:40 PM

Thank you all. We are evaluating OCI containers and they look neat from the user point of view, you just pull the container and start on a new server, the same for updates.
But before jumping in, is there a case in favor of jails against containers?.

drhowarddrfine · Thursday at 1:19 PM

Thanks for the question. I'm struggling to understand the whole Linux containers on FreeBSD myself. I was going to start a thread--and I probably still should--but I'll sit and watch this one.

martinrame · Thursday at 1:47 PM

drhowarddrfine said:
Thanks for the question. I'm struggling to understand the whole Linux containers on FreeBSD myself. I was going to start a thread--and I probably still should--but I'll sit and watch this one.

Yes, the great news since Podman and OCI containers is now we can release FreeBSD based containers, not Linux anymore.

JohnK · Thursday at 2:07 PM

Couldn't you always just tar up a (thick) jail on one system and share it with another?

JohnK · Thursday at 2:12 PM

I'm sort of in the process of "skipping a release" (-i.e. I'm still on 14.<something> on my servers) so I'm not all that caught up on the OCI stuff, but I really like to create and use scripts to do my setups. Sharing of scripts was always an option too.

rcbsdpge · 2026-02-07T07:17:04+0000

Is DockerHub the official community registry of choice for official FreeBSD containers or is it https://freebsd.org hosted

See
Post in thread 'Simple container registry hosting on FreeBSD'
https://forums.freebsd.org/threads/simple-container-registry-hosting-on-freebsd.98539/post-742738

martinrame · 2026-02-07T17:21:07+0000

As we use Gitea, we'll create a private registry there. I'll comment how the whole process works.