undefined | Better HN

0 pointsWesolyKubeczek2y ago0 comments

> reasonably fast.

But still not "as fast as it gets". And I want it to be as fast as it gets.

0 comments

Neither is using macfuse as a stand in for overlayfs and bind mounts.

My point is "as fast as it gets" is using MacOS how MacOS is designed: ie, through sandboxing and not containerization that pretends the MacOS userspace is Linux. It's not Linux.

There is a fundamental trade off between isolation and performance. You cannot securely share resources without overhead.

slonopotamus2y ago

FUSE is only used for bind mounts. If you write to a directory that belongs to container, you get the raw speed of host OS.

duped2y ago

How do you support layers without overlayfs?

slonopotamus2y ago

It's not me, it's containerd "native" snapshotter. It turns to be efficient on macOS thanks to `clonefile` syscall.

j / k navigate · click thread line to collapse

0 comments

duped2y ago

Neither is using macfuse as a stand in for overlayfs and bind mounts.

My point is "as fast as it gets" is using MacOS how MacOS is designed: ie, through sandboxing and not containerization that pretends the MacOS userspace is Linux. It's not Linux.

There is a fundamental trade off between isolation and performance. You cannot securely share resources without overhead.

slonopotamus2y ago

FUSE is only used for bind mounts. If you write to a directory that belongs to container, you get the raw speed of host OS.

duped2y ago

How do you support layers without overlayfs?

slonopotamus2y ago

It's not me, it's containerd "native" snapshotter. It turns to be efficient on macOS thanks to `clonefile` syscall.

j / k navigate · click thread line to collapse