Advancing Cloud Native Containers on FreeBSD: Podman Testing Highlights

The FreeBSD community continuously innovates to enhance the Project’s capabilities and support cloud native applications. As part of this effort, the FreeBSD OCI Runtime Extension Working Group recently completed a time-boxed testing program for the experimental implementation of Podman, an OCI-compliant container engine, on FreeBSD. This program ran from September 2, 2024, to October 11, 2024, intending to assess the current state of Podman on FreeBSD and gather insights to guide future development.

• Read: End of Project Report: Podman Testing on FreeBSD (GitHub)

Exploring Containers on FreeBSD

Due to their portability and efficiency, containers have become essential for modern application deployment. It’s a natural progression to bring these advantages to FreeBSD. To achieve this, Doug Rabson developed ocijail, an experimental OCI-compatible runtime for FreeBSD jails. Ocijail integrates with container management tools like Podman and Buildah, giving FreeBSD users a familiar environment for managing containers while leveraging FreeBSD’s security and performance.

This project tested the integration of Podman with FreeBSD’s ZFS storage, networking, and container management tools and sets the foundation for FreeBSD to become a reliable platform for OCI-compliant containers.

Scope of Testing and Key Achievements

The testing program evaluated several core areas of container management on FreeBSD and yielded important achievements in the process:

• Podman Implementation: A port of Podman to FreeBSD, enabling an OCI-compliant container management stack.
• Container Runtime: Utilized ocijail to run containers within FreeBSD jails, ensuring strong isolation and security.
• Storage Drivers: Tested both ZFS and VFS storage drivers, with ZFS proving to be the most efficient and reliable option for container management.
• Networking Capabilities: Successfully implemented Docker-style networking using CNI plugins, allowing seamless integration with networked services.
• Cross-Platform Compatibility: Achieved compatibility with Linux-style OCI images, enabling FreeBSD to support a broad range of containerized applications and enhancing cross-platform container portability.
• Build Tools: Integrated Buildah, enabling participants to create custom container images and evaluate container creation workflows.
• User Feedback: Insights from participants identified areas for improvement, particularly in refining container management tools and networking stability.

Participants used FreeBSD 13.1 or later and were encouraged to implement ZFS as the primary storage driver. They tested various workloads, pulled base container images from repositories, and deployed sample applications, helping ensure that FreeBSD could meet the demands of modern containerized environments.

Community-Driven Testing

The success of this project was driven by community participation. Over the six-week testing period, participants with various levels of experience, from seasoned Podman users to those new to containers on FreeBSD, helped evaluate the system. Feedback was collected through GitHub and during weekly office hours, providing valuable insights into user needs, container performance, and the overall experience.

Participants tested different workloads, created containers with Buildah, and explored FreeBSD’s container storage options with ZFS. This feedback has already influenced the direction of ongoing development and will help improve container support moving forward.

The testing program has confirmed that FreeBSD can support cloud native workloads through OCI-compliant containers. By using Podman and ocijail together, users will benefit from a container experience that aligns with industry standards while maintaining the strengths of the FreeBSD platform.

As FreeBSD continues to improve its container support, the next steps will focus on enhancing networking stability, improving rootless container functionality, and ensuring seamless integration with orchestration tools like Kubernetes. These improvements are targeted for a production-ready release by mid-2025.

Why FreeBSD Matters in the Cloud Native World

FreeBSD provides a reliable and secure foundation, making it an ideal platform for containers. By adopting OCI standards, FreeBSD enables developers to create and deploy containers that run consistently across different environments. Using jails, ZFS, and lightweight VMs offers strong isolation with minimal overhead, making FreeBSD a flexible and efficient choice for cloud native applications. Moreover, the ability to run Linux-style OCI images further enhances FreeBSD’s cross-platform compatibility, making it an attractive option for developers who need a platform that can seamlessly run applications across diverse environments.

The Podman testing program represents an important milestone in FreeBSD’s journey toward cloud native container support. Although the official testing period has ended, development will continue with planned further advancements throughout 2024. We encourage the community to stay engaged and help shape the future of containers on FreeBSD.

Acknowledgements

We extend our thanks to Doug Rabson for his work on ocijail, and to all participants in the testing program for their valuable feedback, which has been instrumental in advancing container technology on FreeBSD.

Contribute to the FreeBSD Project

Whether you’re mentoring, promoting FreeBSD, or participating in forums and mailing lists, your efforts drive innovation and growth of the Project. Support the FreeBSD project today by joining our vibrant community and helping build our long-standing and growing open source ecosystem! Enhance FreeBSD by improving documentation, addressing bug reports, submitting code, and engaging in discussions. Every contribution, big or small, helps evolve FreeBSD into a more stable, secure, and performant open source operating system. 

About the FreeBSD Foundation

The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community. Accepting donations from individuals and businesses, the Foundation uses funds to develop features, employ software engineers, improve build and test infrastructure, advocate for FreeBSD through in-person and online events, and provide training and educational material. Representing the FreeBSD Project in legal affairs, the Foundation stands as the recognized entity for contracts, licenses, and other legal arrangements and is entirely donation supported. Learn more at freebsdfoundation.org.