Introducing Podman AI Lab: Developer tooling for working with LLMs
https://developers.redhat.com/articles/2024/05/07/introducing-podman-ai-lab
FreeBSD (and Linux), Podman containers and Large Receive Offload.
By @tara
https://www.tara.sh/posts/2023/2023-09-07_freebsd_linux_podman_and_lro/
Just in case no one has mentioned it lately, #podman is legitimately amazing.
Doug shares a bit of the history of Jails vs. #Containers, and talks about porting #Podman to #FreeBSD.
@jameshubbard RH wants to admin/developers use #podman but not full compatible always have some minor issues.
#Podman on #freebsd is great, but I miss some deeper integration with things like ZFS delegated administration. Most annoyingly, podman creates all volumes on a single ZFS dataset, which means that it would not be possible to add delegated adminstration (e.g. the ability for a container to snapshot and roll back a volume).
Good news: There's a docker storage plugin that does the right thing and Podman supports it.
Bad news: It depends on systemd socket activation.
I've done a quick-and-dirty port to let it run on FreeBSD without systemd:
https://github.com/davidchisnall/docker-zfs-plugin
Longer term, we should support the systemd socket activation protocol. In particular, the model should compose very well with Capsicum, making it fairly trivial to write services that run with least privilege.
I'm only dealing with #docker because #nextcloud 's all-in-one container deployment requires it (it can't natively talk to #podman).
And yes, most of this (not docker) is true open source and I could fix it myself ...
But I wish there was a good collective bug/feature bounty program so we could all pool resources, you know?
Sometimes, I don't want to get dragged down yet another rabbit hole.
@kta I’m really looking forward to release engineering providing the base images. #freebsd VMs work really nicely with #podman on #applesilicon to run FreeBSD containers on macOS. I’ve written some scripts to build the VM:
https://github.com/davidchisnall/container-vm-scripts
And have some patches to Podman that allows it to create and manage the VM:
https://github.com/davidchisnall/podman/tree/freebsd-guest-vm
Doug Rabson's (dfr) work building OCI container images of #FreeBSD for #podman. He unpacks what an OCI compatible container is. And what making light-weight container images of FreeBSD looks like. OCI containers are a pre-requisite for running #Kubernetes natively on FreeBSD. As is a container engine like podman.
slirp4netns is this weird thing for unprivileged network namespaces:
https://github.com/rootless-containers/slirp4netns
It's required by #podman because it runs without root privs.
The #RISCV in #QEMU thing also works with classic #docker, but I'd rather use Podman for improved isolation.
TIL that you can just do this:
dnf install qemu-user-static-riscv slirp4netns podman
podman run --platform=linux/riscv64 -it docker.io/riscv64/ubuntu bash
root@88bb76ac7391:/# uname -a
Linux 88bb76ac7391 6.8.0-0.rc0.20240112git70d201a40823.5.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Jan 12 16:56:17 UTC 2024 riscv64 riscv64 riscv64 GNU/Linux
Note the weird combo of Fedora Rawhide kerneland riscv64 emulated by qemu 🤨
FYI, I've been "sticking" with #toolbx during my current run of #Fedora #Silverblue and NOT using #distrobox, though I am experimenting with #Podman Desktop.
Pretty cool update for toolbx: built-in support for Arch and Ubuntu
#fedora #silverblue #toolbx #podman #containers #archlinux #ubuntu
