Hacker News new | ask | show | jobs
by rahen 1461 days ago
I've been there too, although with NetBSD. Lack of proper virtualization and containerization subsystems eventually became a serious issue and I eventually moved back to Alpine.

Net/OpenBSD still mostly caters to the needs of hobbyists, I seldom see them in production (besides maybe network appliances).
3 comments
matrix12 1461 days ago
NetBSD has nvmm. Qemu is quite fast as as result. I run many distros ontop of it. Plus Xen. My laptop has been running Xen with pv instances for app isolation. Never as fancy as Qubes though.
link
cylinder714 1461 days ago
Thank you for reminding me: I want to study OpenBSD's vmm and vmd virtualization tools, and getting Alpine to run thereon should be fun.
link
aaron_m04 1461 days ago
It was a fair amount of work but I was able to get it running. Fixing the clock drift was by far the hardest part -- I had to install a custom kernel module. Getting networking inside the VM was pretty difficult as well.

Email me at aaronm04{at}iforgotmy.name if you want help.

link
sdze 1461 days ago
Containerization is overrated in the sense, that you can have it all for "free" with chroot in openbsd or jail in freebsd.
link
rahen 1461 days ago
chroots have a filesystem namespace but miss user, process and network namespaces. Besides, the Docker registry is fairly convenient.
link
sdze 1461 days ago
Aha... ? And? What do you want to achieve? That is the question.
link
kstrauser 1461 days ago
FreeBSD jails have those things.
link
rahen 1461 days ago
Jails can use the Docker registry?

The nice thing with Dockerfiles and the Docker registry is how quickly I get a reproducible, stateless, isolated environment for any large, proprietary or foreign app I may need, without resorting to a VM or polluting my system. All it takes is an Ubuntu or CentOS base, pull the apps and its dependencies, throw it away when I'm done while keeping a lean Alpine system underneath.

Jails would require me to set things from scratch each time I need a new app, even for a short while. It's just impractical.

I'm considering Nix as a potential alternative, but it doesn't work on the BSDs yet. If you know a way to run "modern workloads" in a KISS, convenient, Unix-y way, please let me know.

link
nix23 1460 days ago
>I'm considering Nix as a potential alternative, but it doesn't work on the BSDs yet.

https://wiki.freebsd.org/Nix

link
jtth 1461 days ago
BastilleBSD facilitates a lot of these things.
link
sdze 1461 days ago
In Regards to registries:

My "builds" are also reproducible. Why? I run the same build and deploy script each time. Wow.

For me this all is old wine in new pipes. Cold coffee. Registries.

link