We had chroot since 1979, nobody managed to build a docker like wrapper for chroot which do not require netns?
ronsor•29m ago
Chroot has significantly less isolation than Linux namespaces as used by Docker.
interroboink•5m ago
FreeBSD has had jails since version 4 (~year 2000), fwiw.
Much of the technology was there, but Docker was able to achieve a critical mass, with streamlined workflows. Perhaps as much a social phenomenon as a technical one?
vbezhenar•2m ago
Docker is a genius idea which looks obvious in retrospect, but someone need to invent it.
Docker is more than just chroot. You also need: overlay file system; OCI registry and community behind it, to create thousands of useful images. And, of course, the whole idea of creating images layer by layer and using immutable images to spawn mutable containers.
I don't actually think that you need network or process isolation. In terms of isolation, chroot is enough for most practical needs. Network and process isolations are nice to have, but they are not essential.
zoobab•1h ago
ronsor•29m ago
interroboink•5m ago
Much of the technology was there, but Docker was able to achieve a critical mass, with streamlined workflows. Perhaps as much a social phenomenon as a technical one?
vbezhenar•2m ago
Docker is more than just chroot. You also need: overlay file system; OCI registry and community behind it, to create thousands of useful images. And, of course, the whole idea of creating images layer by layer and using immutable images to spawn mutable containers.
I don't actually think that you need network or process isolation. In terms of isolation, chroot is enough for most practical needs. Network and process isolations are nice to have, but they are not essential.