Date: Sun, 6 Jan 2019 11:43:42 -0700 From: Alan Somers <asomers@freebsd.org> To: Wojciech Puchar <wojtek@puchar.net> Cc: Cy Schubert <Cy.Schubert@cschubert.com>, Hackers freeBSD <freebsd-hackers@freebsd.org>, Igor Mozolevsky <igor@hybrid-lab.co.uk>, Enji Cooper <yaneurabeya@gmail.com> Subject: Re: Strategic Thinking (was: Re: Speculative: Rust for base system components) Message-ID: <CAOtMX2hvB9p9WJ2rBw8QLgpm6tvv9VVRDLdTJ0J07XNTfT14DQ@mail.gmail.com> In-Reply-To: <alpine.BSF.2.20.1901061929510.48074@puchar.net> References: <201901051953.x05JrucZ071109@slippy.cwsent.com> <alpine.BSF.2.20.1901061929510.48074@puchar.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 6, 2019 at 11:31 AM Wojciech Puchar <wojtek@puchar.net> wrote: > > > At $JOB my customers are migrating from AIX, Solaris and even Windows > > to Linux and from traditional Linux to microservices run under > why this "microservices" - which are simply complete programs without > dependencies (or should be) - cannot be run simply as processes on > different user accounts? Several reasons: 1) Separate accounts don't provide as much security as separate containers. Capsicum does, but people aren't used to using Capsicum yet. And who can blame them? Writing a Capsicum program is harder than writing a normal program and deploying it in a container. 2) Fragmentation. The Linux world is much more fragmented than the FreeBSD world. It's hard to write a program that will work correctly on every Linux distro without modification. So people bundle their applications with entire userlands as a container image. That reduces its external dependencies to just the Linux kernel. Bloated, yes. But easy. 3) Fashion. You may not care about the latest IT craze, but a lot of IT departments do. And you can't change their minds all by yourself. If FreeBSD is to be used by people who deploy microservices, then it needs to do what they want. That means it needs Docker or something similar (IT admins won't want to learn ezjail if they're already comfortable with Docker), or we need to convince people to use CloudABI. CloudABI has the potential to outperform containers. It just hasn't gained traction yet. -Alan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2hvB9p9WJ2rBw8QLgpm6tvv9VVRDLdTJ0J07XNTfT14DQ>