Docker Done Right

Written by Michael Dexter on .

Yes, that is a bold statement. The Docker application containment architecture is all the rage right now and FreeBSD just may prove to be the ultimate Docker platform thanks to its 15+ years of containment experience and the unrivaled OpenZFS file system.

As one Twitter user put it, “#docker has now had more security issues within a year then
#freebsd #jails has had since 2000. Good job #techbros.”

Indeed, Docker has never been pitched as a security technology but rest assured, Docker on FreeBSD institutionally imprisons and secures Docker images using FreeBSD’s proven Jail infrastructure. FreeBSD Jails have been used in production since their inception to contain applications and full systems and are exactly what Docker needs. Docker itself has migrated away from Linux LXC containers in favor of the cross-platform libcontainer and of all the pluggable choices, FreeBSD’s Jail stands out as one of the best. FreeBSD also offers the bhyve and Xen hypervisors to provide you yet more options for containing your Linux-native and FreeBSD-native Docker deployments.

Then comes storage. Docker images are designed to be read-only and disposable until instructed otherwise. If only there were a file system that institutionalized lightning-fast snapshotting and cloning…

That file system exists! It’s called OpenZFS and FreeBSD has supported it since FreeBSD 7.0. This not only means you get the institutionalized snapshotting and cloning that suit Docker so well, but also the unrivaled data integrity protection that OpenZFS offers. If you care about your data, you care about OpenZFS.

Hands-on Docker

To try Docker on FreeBSD, you will need a recent snapshot such as 10.2 BETA or 11-CURRENT. Note that you should change “zroot” to match your system’s zpool.

 # pkg install docker-freebsd ca_root_nss
 # zfs create -o mountpoint=/usr/docker zroot/docker
 # service docker onestart
 Starting docker…

 # docker pull centos

 # docker images
 centos latest 7322fbe74aa5 4 weeks ago 172.2 MB

 # docker run -t -i centos /bin/bash
 [root@ /]# uname -a
 Linux 2.6.32 FreeBSD 11.0-CURRENT #5 r285594: Tue Jul 14 23:30:11 EDT 2015
 x86_64 x86_64 x86_64 GNU/Linux

Suddenly… CentOS!

Where the wheels really hit the pavement is with a peek under the hood at the Jail and ZFS output of our Docker Jail and OpenZFS dataset:

 # jls
   JID IP Address Hostname Path
     3 /usr/docker/zfs/graph/920bc5fbb45c

 # zfs list
       119M 107G 6.02M /usr/docker
       8K 107G 112M legacy
 init 128K 107G 112M legacy

This output should be familiar to FreeBSD users and is becoming familiar to more and more GNU/Linux users every day.

For an expanded example of Docker on FreeBSD, consult the FreeBSD Wiki:

FreeBSD is poised to be go-to Docker platform thanks to FreeBSD’s proven Jail and OpenZFS features and iXsystems has shipped over ten thousand systems with the best support for these features available anywhere. We can also build out your GNU/Linux-based Docker deployment and ship thousands of GNU/Linux systems every year. Give us a call to learn how we can take your Docker deployment to the next level and beyond.

Michael Dexter

The Dev Team Shows Off Upcoming FreeNAS 10 | Tales from BSDCan | Issue #23

Written by Annie Zhang on .

Hello FreeNAS Users,

This month, the Dev Team shares some insight on the upcoming FreeNAS 10 and a FreeNAS user talks about using FreeNAS in a production environment.

This issue of the newsletter is dedicated to the memory of Marius Busch, one of our most prominent forum and IRC contributors. On behalf of the FreeNAS Team & community, we’d
like to extend our condolences to the family and friends of Marius Busch.

The FreeNAS Team
FreeNAS 10: A Developer’s Perspective

Jordan Hubbard, FreeNAS Project Lead and iXsystems CTO, wrote an article to explain how the underlying architecture of FreeNAS 10 makes it more user-friendly and developer-friendly. Read more >>

FreeBSD Journal
FreeNAS in Production

After taking the FreeNAS training classes, Dale Josephson set up a FreeNAS system in a production environment and wrote up a summary of his experience. Read more >>.

FreeNAS at BSDCan

The FreeNAS Team is back from this year’s BSDCan with a recap of the events and photos with the founder of FreeNAS from Day 1 & Day 2 of the event.

6 Reasons Why TrueNAS is Replacing NetApp and EMC – Free Webinar

We invite you to join Matt Olander, Co-Founder of iXsystems, in a free webinar about TrueNAS. Find out why people are making the switch from big-name, legacy storage vendors to TrueNAS. Read more >>

FreeNAS Certification Classes

We offer a free Intro to FreeNAS class that runs every day. For those of you interested in learning more about advanced topics, we also offer paid, fully interactive classes. Read more >>

Live Events

  • July 20-24OSCon in Portland, OR
  • August 21-22Texas Linuxfest in Austin, TX
  • August 30-September 3VMworld in San Francisco, CA
TechTip #19

FreeNAS jails can provide many custom services but they cannot be used as a

Join the Team

iXsystems, the company that sponsors FreeNAS, is looking for a few good people to join our team. Interested? The full list of available positions can be found on our website.

Links of the Month
RIP Marius Busch, “Marbus90″

Marius Busch, better known as “Marbus90″ in the FreeNAS community, passed away earlier this week. Marius was an active member of the #freenas channel and forums. His expertise helped hundreds of users build and set up their own servers. RIP, you will be missed. Read More>>

FreeNAS 10: Early M2 Preview

Written by dru on .

In the last post, Jordan provided an overview of the FreeNAS 10 middleware and architecture. In this post, we’ll provide a sneak peak at the upcoming M2 milestone by demonstrating how to install and navigate this version of FreeNAS 10. This is useful if you are curious about the status of the M2 milestone and it is required if you wish to spin up a development environment. The next post will demonstrate how to install the necessary development tools once you have M2 installed.

As of this writing, the M2 milestone is expected to be complete on August 15, at which time a public demo will be available. This means that M2 is under rapid development and that any screenshots and instructions shown in this blog post may change. While the M1 milestone, which ended in mid-June, concentrated on the design of the middleware, the primary goals of the M2 milestone are to provide the following functionality:

  • Installer.
  • Network configuration.
  • Pool creation.
  • The ability to create at least one type of share, but hopefully both NFS and AFP.
  • Usable dashboard, including drag-around functionality.
  • System configuration as well as power management, reboot/logout, and update management.

Mockups are available so that you can preview the layout of each UI element and you can track the status of the ongoing work at the FreeNAS 10 bug tracker.

It is recommended to install M2 into a virtual environment as it is still very much in the testing/preview stage. When creating the virtual machine, make sure that the virtual disk to install into is at least 16GB in size and that you create at least one more virtual disk to use as storage.

Installation images are available from and, at this time, the installation is identical to the instructions for 9.3. Once installed, the system should boot into a prompt:


You may or may not automatically receive an IP address. In this example, the system did not. In this case, type shell which will open up a root command prompt (this is similar to clicking Shell on a FreeNAS 9.3 system). If the network does have a DHCP server, use these commands to try to get a lease, replacing em0 with the name of the interface:

killall dhclient

/sbin/dhclient em0

If the DHCP lease fails or there is not a DHCP server, manually set an IP address that is appropriate for the network and will not conflict with other IP addresses. Again, replace em0 with the interface name.

/sbin/ifconfig em0

Once you have an IP address, point your browser to it. You should receive a login screen.


Type root into the “Username” field and press enter. The icon in the far upper right with a green dot and the word “root” indicates that you are logged in as the root user. Click that icon if you wish to “Logout”.

The left frame contains the configurable elements. Those in white text are under active development and their functionality will increase and bugs will decrease as M2 progresses. If an element looks different than its mockup, its layout is still under active development. Any element with grey text has not been added yet, meaning that it will appear as development on M2 progresses.

If you click “API Docs”, a new tab will open with links describing the RPC Interfaces, Events, Tasks, and JSON schemas used by FreeNAS 10.

If you click “Toggle Debug Tools”, a new frame will open at the bottom of the browser:


Click “Terminal” to open a root shell. A drop-down menu is available in that tab for selecting the shell type.

As M2 matures and stablizes, future blog posts will demonstrate its features.