This project seems great, but I feel there's something wrong with the submitted article title, it sounds weird (plus, there's no mention of Docker on the linked page). Sure, you can draw parallels between Docker and what FreeBSD jails and tools built on top do, but it would be fairer to say Docker is a Linux based alternative to jails, and not as powerful (as far as I understand Linux kernel infrastructure that Docker uses). The crucial difference is that jails are really a security feature in FreeBSD (and if you're not using them in production you're probably doing it wrong), whereas Docker is primarily deployment oriented (please correct me if I'm wrong about Docker here). Various jail management tools give you a nice, easy to use, set of deployment features on top.
The thing is that it is Docker that 'seems' to be leading the container movement right now, being a mainstream tool, even though Jails were available earlier and as of now seem to be more powerful than LXC.
Also, Jails are not only security feature, but can be as good deployment feature, as Docker, if not better - it all depends what you want to do with them, and you can do a lot. I called CBSD an alternative to Docker, because Docker is more widely known, and Jails/FreeBSD/CBSD might interest someone as an viable and mature alternative to Docker/Linux.
Well, I had a hunch it was for this reason. I usually get grumpy when an arguably superior solution is presented as an 'alternative' to something that's just more popular because it's easier that way for people to grok what it's all about. But on the other hand, I've never been good at marketing, so who am I to complain. :)
Docker and Jails are not directly comparable, the same way Docker and raw lxc are not directly comparable. Docker operates at a higher level of abstraction, and uses lxc as a low-level sandboxing tool. It could (and soon will) offer a choice of multiple sandboxing backends beyond lxc, for example simple chroot (for older linux kernels), openvz, libvirt, etc.
There are also people experimenting with using Jails and Solaris zones as a backend to docker.
From what I'm reading, this project cbsd sounds like a more direct competitor of docker + a future jails backend.
Yeah, don't get me wrong, I think Docker is great. I remember when I first heard about it thinking "Finally, something approaching jails functionality in Linux." Of course, I know it's a different level of abstraction and all that. My comments were more directed at the underlying Linux infrastructure Docker uses. Granted, I may well be wrong, it's been a long time since I was seriously in Linux land (i.e. not just a mindless day-to-day user), I'm not current with hard technicalities so it's totally possible that I'm being unjust to LXC.
I'm happy to hear about plans for different backends, the jails one would be awesome if it comes to fruition.
That's possible because most of the technology behind CBSD is a intergated part of FreeBSD system for quite some time now: Jails have been there for ages, ZFS support dates back to 7.x with becoming default in 10.0-RELEASE. Sudo is not in default install, but sqlite should be there, as it is being used in the system (if I am correct, at least by pkg, the new package manager).
> but sqlite should be there, as it is being used in the system (if I am correct, at least by pkg, the new package manager).
AFAIK, no. PKGNG is intentionally not part of base, it's meant to always remain in ports. The reason is that it allows pkg developers to iterate quickly (and this ties nicely into the recent ports infrastructure overhaul efforts). Once something is part of base and goes into a RELEASE it pretty much has to stay frozen apart for security fixes, and this was deemed not flexible enough for pkg. The only thing in base is a shim pkg which on first invocation installs the real thing from ports (and, I think, later just routes everything to it, unless you remove it or change PATH). So nothing in base uses sqlite and it's in ports/packages.
It's the default alright, but that has nothing to do with it being in the base (yes, it's an exception to the rule). You can look it up on the freebsd-ports@, there were somewhat heated discussions concerning this and some other issues. Unless I've missed something, this decision hasn't changed.
Right, that's what I said---there's a shim pkg in base to install pkg proper from ports. The real pkg is in ports so it can receive continuous upgrades, which wouldn't be possible in a RELEASE (or STABLE for the most part) if it were in base.
LXC is similar to jails and bhyve is more like KVM, so Docker would be the appropriate comparison for a jail management tool. Also, I wouldn't consider bhyve/KVM to be necessarily better than jails/LXC; one has better isolation and the other has better performance.
ISPs have been big users of FreeBSD. While HN is a lot of startups going on about agile, continuous integration, Jenkins, etc., those of us in enterprise and ISP environments like stability and little change.
When deploying a new mail system for 100k users, for example, I want to set it up, get it working perfectly, and then not have to touch it (exception: security updates, of course) for the next few years.
FreeBSD is rock solid and lets you do just that. FreeBSD 8.0-RELEASE was announced in November 2009, if memory serves, and I still have DNS servers running 8.x that I rarely have to touch (and won't have to until June 30, 2015). It Just Works(TM).
> Isn't one of Dockers killer features the layered file system?
Use can mount anything you like to any mount point in jails. (Even without ZFS, with ZFS it's a different story.) I don't know about this CBSD, but ejail and qjail (similar tools) do that for you — they mount some “base” system in jail. Then you mount what you want, pkg install what want etc
> I wonder if they're really rooting for a docker coming to their environment.
WHAT? No, it's with docker GNU/Linux is finally going to have something like jails, which FreeBSD have has for decades.
Linux in there is probably just because of CloudFlare. I had no idea what was HN running on until that outage a week or so ago with the switching of servers etc. A Tell HN about the incident says they were using UFS and now switched to ZFS, and that can only mean FreeBSD.
Further, it may interest you to know that we (JohnCompanies) used FreeBSD and jail to provide the first VPS services, back in fall of 2001. The VPS as we know it (which appears to be dying in the world of EC2-style instances) came into existence as a direct result of jail.
 Yes, Verio did have that bizarro VPS-like service that cost an arm and a leg a year or so earlier, but the VPS as you think of it was first provided (AFAIK) by JohnCompanies in 2001.
Years ago I've been using Jails with nullfs mounted filesystems to avoid copying data for multiple containers. Nowdays you've ZFS, powerful snapshot system with copy-on-write, clones, remote snapshot streaming and many others. Killer feature.
And what is FreeBSD being used for? Oh boy, where to start...