I'm a bit unclear what you mean by "advertised use cases" of TrueNAS sandboxes. They're officially unsupported beyond "we probably won't break this functionality that we're making available to power users". iX describes them as:
I think you got confused about Truenas official Apps and associated catalogs (not Jailmaker as you seem to be suggesting above), because you were saying that we all see our own use cases, and then the rest of what you say is not really on topic I think. This was not meant to be a docker vs whatever other containerisation you happen to like discussion. So I am simply supporting my argument by pointing out that the way that the use cases for scale are presented is not exclusive to the enterprise / small business but includes the home user use case (e.g. Plex) which doesn't lend itself well to kubernetes etc. In this use case, it isn't really working well. You could potentially justify that if you want to argue the IX target market is enterprise 'ish' and thats why they're sticking to kubernetes then fair enough, but enterprise wouldn't be running plex. See my point? And then if enterprise were using it, they'd be doing some other kind of kubernetes anyway, not this hybrid type thing we've got.
Further, I agree, running multiple jails with multiple dockers is ridiculous, which is exactly my point and exactly why I wrote it. Yet if you accept that there are plenty of us that want docker and are used to having docker with it's individually abstracted apps, this is again my point. Why must we have all this extra complication simply because for some reason IX don't want to run docker.
But anyway since you raise it, I did see an
official survey from IX on redit a few weeks ago, for what features we wanted next - the response was Docker + Compose was most desired by a small margin. I attribute that to the user base, also I didn't see it so I didn't vote. I think this also speaks to the user base quite accurately in that it's probably about 50/50 explaining why there's a bit of passion around the topic. :D
And to quote another person on this forum, "IMHO, there's something to be said for having jails that can start and stop independently of the others in addition to potentially having different versions of mono (as radarr goes dotnet and sonarr doesn't yet), python or whatever is needed. (yes I know you can theoretically mix versions in a single jail, but, blergh... not for me)". Couldn't agree more - seems like just additional, unnecessary complexity for the sake of what exactly I don't know yet.
From an iXsystems perspective, they're broadly promoted as "like Core jails" more than anything. And as an "unofficial" suggestion they point to jailmaker - which again doesn't mention Plex anywhere at the top-level. There's one mention of plex/jellyfin as an example of passing storage through to the sandbox.
Have people mentioned running plex in a sandbox on these forums? probably? Does that constitute an advertised use case from iX? Probably not.
I think the fact that they offer support for these containers and referring to them as official in that support thread (which I think used to be a label against them in the App Store thingy previously too) with plenty of not enterprise containers is evidence enough, but there have also been emails I've received, interviews to some extent and I'm sure we could dig enough of it up to make the point. Further worsening the wound and perhaps it's just bad English, but IX actually advertise that docker is included with scale in multiple places. Anyway, I am trying to figure out what your motivation is for arguing this point. Perhaps you can enlighten me, it doesn't seem related to the topic, but I could be wrong.
The point of the sandbox feature is to be a lightweight replacement for linux VMs with better ability to share and access system resources for "most" use cases. Light enough that - if you want - you can run a bunch of single-purpose jails/sandboxes in parallel if that's your jam.
Sure, but not really the topic of this thread I think?
They aren't being "promoted" as replacements for apps because they aren't (using sandboxes as an app framework would bring more packaging and maintenance work in-house, which makes no sense.).
I think you're trying to say that possibly why ix isn't offering docker (despite advertising that they do) is because you think it would be too much maintenance for them? Which may be true, but they could add docker unsupported like the jailmaker script just as easy.
It feels like you're overthinking things a bit, especially NOT coming from a CORE background (which is still the majority of installations)
I think
you're overthinking things a bit. This has nothing to do with the topic of the thread as far as I can see. Feel free to enlighten me though, I'm quite open to being wrong.
- There's a large legacy CORE base that is used to having "jails" (and also have been trained to NOT trust click-to-run plugins across the long term.). Sandboxes provide something ranging from "essential tool" to "safety blanket" to segments of this audience.
- There's a vocal group of users who "just want to run docker" or otherwise want to use their NAS/Server in ways that are outside of the realm of the "appliance" that iX delivers (also circling back to group 1)
- At the most basic, sandboxes are simply a way to provide an appliance, but with a controlled way for the end-user to do what they want on it without compromising all consistency, reliability, etc. benefits that go into making an appliance.
Yes, I think I suggested this in my original post.
Sandboxes are a feature that throws a lifeline to group 1 who IX clearly wants to move over to scale and delivers to group 2 a way to "just do what they want" (in a way that CORE has been doing forever, other than the limitations of the freebsd platform). That there's a big chunk of group 2 that's unhappy with the app implementation is unfortunate, but lack of sandbox has been a sticking point for core users forever.
This WAS one of my questions in the original post. This may be a reason why. It still doesn't however explain why IX is resisting docker.
And finally, this is quite a long thread now, my apologies if my rushed typing has come across offensive anywhere, it is not intended and would be a mistake. I love these good discussion where we can all learn from each other.
Marshalleq.