zoobab 2 hours ago

We had chroot since 1979, nobody managed to build a docker like wrapper for chroot which do not require netns?

  • vbezhenar an hour ago

    Docker is a genius idea which looks obvious in retrospect, but someone need to invent it.

    Docker is more than just chroot. You also need: overlay file system; OCI registry and community behind it, to create thousands of useful images. And, of course, the whole idea of creating images layer by layer and using immutable images to spawn mutable containers.

    I don't actually think that you need network or process isolation. In terms of isolation, chroot is enough for most practical needs. Network and process isolations are nice to have, but they are not essential.

    • akdev1l 34 minutes ago

      network isolation is very important too, that’s what lets people run 4 containers all listening on port 80

      process isolation is less prominent

  • interroboink an hour ago

    FreeBSD has had jails since version 4 (~year 2000), fwiw.

    Much of the technology was there, but Docker was able to achieve a critical mass, with streamlined workflows. Perhaps as much a social phenomenon as a technical one?

    • Yeroc 44 minutes ago

      I think the real genius of Docker was the image packaging. The pieces were there but delivery and scripting it all wasn't easy.

  • ronsor an hour ago

    Chroot has significantly less isolation than Linux namespaces as used by Docker.