I don’t really understand this article. The framing (comparing a shared-kernel virtualisation technology to a container orchestration one) doesn’t really make sense and then it doesn’t compare them because they’re totally different categories of things. About the only useful take-home is that FreeBSD jails can be used as the isolation technology for containers, but that the bits of the stack for doing this are still quite immature on FreeBSD.
FreeBSD Jails OS Level Virtualization is available since 2000. Docker (and containers as a term) OS Level Virtualization is available since 2014. 14 years later. Yet - Linux got all the credit for it. There are some things that Kubernetes (or OpenShift) simplifies with its web (or not) management. But in the end its the same type of technology.
No to mention that FreeBSD Jails themselves are SECURE and SEPARATED from each other while Docker (or other Linux containers based on namespaces and cgroups) need additional layer of security to achieve the same separation with SELinux or AppArmor for example.
I don’t really understand this article. The framing (comparing a shared-kernel virtualisation technology to a container orchestration one) doesn’t really make sense and then it doesn’t compare them because they’re totally different categories of things. About the only useful take-home is that FreeBSD jails can be used as the isolation technology for containers, but that the bits of the stack for doing this are still quite immature on FreeBSD.
What there is to understand really?
FreeBSD Jails OS Level Virtualization is available since 2000. Docker (and containers as a term) OS Level Virtualization is available since 2014. 14 years later. Yet - Linux got all the credit for it. There are some things that Kubernetes (or OpenShift) simplifies with its web (or not) management. But in the end its the same type of technology.
No to mention that FreeBSD Jails themselves are SECURE and SEPARATED from each other while Docker (or other Linux containers based on namespaces and cgroups) need additional layer of security to achieve the same separation with SELinux or AppArmor for example.
Not to even mention that VNET allows FreeBSD Jails to have entirely separate network stack while Linux offers NONE of that.