June 27, 2024
Presenter: Doug Rabson
Doug Rabson led the session on OCI containers, which delved into integrating Open Container Initiative (OCI) standards into FreeBSD. This topic is critical as containers are essential in modern application deployment and management.
Doug Rabson began by providing an overview of the current state of FreeBSD support for OCI containers, noting that while FreeBSD has long supported containers through its jail and vnet features, the ecosystem around OCI containers requires further development. “FreeBSD has been able to do containers for a long time, but we need to align better with OCI standards to make our containers more compatible and easier to use,” Rabson remarked.
One of the main challenges discussed was better networking support for containers. Rabson pointed out that while containerd had been ported to FreeBSD, it lacked comprehensive networking support, which is crucial for many real-world workloads. “Networking support for containers is currently lagging, but efforts are underway to improve container networking and support for CNI plugins and CRI to support Kubernetes on FreeBSD better,” he explained.
Rabson highlighted the importance of creating official FreeBSD container images. These images are necessary for building and testing environments reliably, particularly for use cases involving tools like Podman. He shared, “The podman port builds in their CI, but we can’t test it in CI because it needs a base image that they can’t trust by their rules until we have a FreeBSD-owned and supported trustable image.”
The session also discussed the importance of leveraging package base to create smaller, more efficient container images. This approach would allow developers to build minimal images tailored to specific applications, reducing overhead and improving performance. Rabson noted, “Using package base helps us break up the monolith of base, allowing for more streamlined and efficient container images.”
Regarding infrastructure, Rabson emphasized the need for a streamlined process for building and managing container images. He talked about ongoing efforts to port Kubernetes components to FreeBSD, including kubeadm and kube-proxy, which are essential for running Kubernetes clusters. “I’ve been working on upstreaming the CRI work that I’ve done and getting the rest of the components for FreeBSD on Kubernetes reviewed and upstreamed,” Rabson detailed.
A key takeaway from the session was the need for community involvement in shaping the future of FreeBSD container support. Rabson encouraged attendees to share their use cases and challenges, stating, “User stories are really important. We need to know what problems people are trying to solve with a FreeBSD container infrastructure to ensure our developments are aligned with their needs”.
The session on OCI containers highlighted the significant progress and challenges in integrating container technologies with FreeBSD. Rabson’s presentation showed the importance of community feedback and collaboration in achieving these goals, ensuring that FreeBSD continues to evolve as a competitive platform for containerized applications.