[X86BSD]

Reminds me of the joke, "How do you get docker to be secure? Run it inside a (FreeBSD) jail."

Having not looked at it that's my guess what they are doing. Everything related to it is in a jail. Making it secure regardless of dockers questionable security.

[floatboth]

Of course jails are the underlying mechanism of that Docker port on FreeBSD that someone did once… But I'm not sure they're using that. Linuxulator is not perfect, and they announced "Docker support" not "imperfect Docker support" :D I bet they're using something like boot2docker in a bhyve VM.

[Fzzr]

That's correct. The first time you use docker it automatically configures a boot2docker VM.

[X86BSD]

I'm trying to find out. Oddly enough searching the FreeNAS docs on the website for "docker" returns nothing.

I've seen reference to jails mostly regarding running docker and to a lesser extent bhyve.

Anyone running running corral or a recent snapshot that can say what secure tech docker is running in?

[okramcivokram]

It's described a bit in the video [1] they seem to use VMs as docker hosts.

[1] https://youtu.be/x4IBKUmC5ns?t=1374