Implementation of OCI containers on Jails/Bhyve with support for podman and buildah.
Contact: Doug Rabson <dfr@rabson.org>
The Open Container Initiative (OCI) develops open industry standards for cloud native container formats and runtimes, ensuring platform consistency. An OCI working group is defining these standards for FreeBSD, with implementations using jails and potentially lightweight VMs with FreeBSD’s bhyve hypervisor (which would allow support for other operating systems besides FreeBSD in a container on a FreeBSD host).
Doug Rabson, a FreeBSD project member, has developed ocijail, an experimental OCI-compatible runtime for FreeBSD jails. This tool is designed to integrate with container management systems like Podman and Buildah, providing a comprehensive container management experience.
Benefits of Running Applications in OCI Containers:
- Standardization: Ensures compatibility and interoperability across different environments, simplifying development and deployment.
- Portability: Encapsulates applications and dependencies, allowing them to run consistently on any OCI-supporting environment.
- Efficiency: Lightweight and efficient, enabling quick startup times and optimal resource usage, reducing overhead compared to traditional VMs.
- Isolation: It provides strong isolation similar to VMs but with less overhead, making it ideal for microservices and modern architectures. It ensures secure, independent application operation, prevents conflicts, and enhances system stability.
Doug Rabson’s GitHub repository hosts the initial code for integration with Podman and Buildah. You can watch Doug Rabson’s talk on the implementation of ocijail during Container Plumbing Day before Open Source Summit Seattle here.
Doug also wrote an article about pre-built OCI FreeBSD container image implementation options. The FreeBSD Project envisions that this distribution will be managed using existing container image infrastructure, e.g., Docker Hub or the GitHub container registry, or potentially, by hosting an image registry in FreeBSD-owned infrastructure.
More Information: ocijail (GitHub)