A tiny toy container runtime written in 200 lines of C.
mycontainer runs smoothly with the following prerequisites:
makegccipdocker- Linux distribution with control group v2
The following build instructions were tested under Ubuntu 22.04.
First, we should make a rootfs for our container. There are many ways to build rootfs from scratch, namely, busybox, shell command lines, and etc. In this document, I will demostrate an unusual way to build a rootfs, which take advantages of docker images.
-
export an archive from a docker image(centos for example)
docker export $(docker create centos) --output="centos.tar"
-
extract the archive to a directory
mkdir rootfs tar -xf centos.tar -C rootfs
-
check the rootfs
$ ls rootfs bin etc lib lost+found mnt proc run srv tmp var dev home lib64 media opt root sbin sys usr
-
edit macro
ROOT_PATHinmain.c, change it to the absolute path of your own rootfs-#define ROOT_PATH "/home/haooops/Documents/CST/Projects/mycontainer/rootfs" +#define ROOT_PATH "/absolute/path/to/your/own/rootfs"
-
compile and run
make run
The shell will ask for your root password. After entering the password, the container will start up.
-
check if the container is in a new PID namespace
ps -e
the shell will show:
[root@75a80a52 /]# ps -e PID TTY TIME CMD 1 ? 00:00:00 bash 12 ? 00:00:00 ps
-
check the network
ip a
the shell will show:
[root@75a80a52 /]# ip a 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether f2:bc:91:44:c8:40 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.82/16 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::f0bc:91ff:fe44:c840/64 scope link valid_lft forever preferred_lft forever
The container is at ip address
172.17.0.82/16.