
Linux Container Internals - archrabbit
http://rabbitstack.github.io/operating%20systems/linux-containers-internals-part-i/
======
kragniz
Writing the basics of a container runtime is easier than it sounds. Last
summer I was curious how they work and wrote something simple in python that
can run docker images:

[https://github.com/kragniz/omochabako/blob/master/omochabako](https://github.com/kragniz/omochabako/blob/master/omochabako)

[https://asciinema.org/a/77296?speed=2&autoplay=true](https://asciinema.org/a/77296?speed=2&autoplay=true)

I learned a lot doing this, and I'd recommend it to anyone who's interested
about containers.

~~~
pooktrain
Thanks for sharing!

When you set out to do this, had you studied docker's source code at all? Or
did you just have a basic understanding of containers? Other than the link
from OP, are there any resources you'd recommend to get one to the point where
you have enough understanding of the concepts without having to "cheat" and
look at the docker implementation?

I want to do this too, but it's not as much fun if you need to go to the
source due to not understanding the fundamentals.

~~~
kragniz
I started with a basic understanding about the parts involved, but not so much
how they fit together. Most of the necessary information came from the lwn
series of articles posted in another comment:
[https://lwn.net/Articles/531114/](https://lwn.net/Articles/531114/)

The actual namespace stuff was easy, the harder part was pivoting the root fs
and figuring out all the things to mount. At some point I looked at the source
for systemd-nspawn, but I forget exactly what for.

------
tyingq
A great resource to understand how Linux containers work is "Linux containers
in 500 lines of code": [https://blog.lizzie.io/linux-containers-
in-500-loc.html](https://blog.lizzie.io/linux-containers-in-500-loc.html)

Or, if you just want to skip to the code: [https://blog.lizzie.io/linux-
containers-in-500-loc/contained...](https://blog.lizzie.io/linux-containers-
in-500-loc/contained.c)

~~~
liaoyw
bocker([https://github.com/p8952/bocker](https://github.com/p8952/bocker)) is
also very good for understanding containers

------
corbet
If you want more information on how Linux namespaces work, there's an
extensive series of articles on LWN at
[https://lwn.net/Articles/531114/](https://lwn.net/Articles/531114/)

------
dankohn1
For a very high level overview, I really like this essay:

You Could Have Invented Container Runtimes: An Explanatory Fantasy

[https://medium.com/@gtrevorjay/you-could-have-invented-
conta...](https://medium.com/@gtrevorjay/you-could-have-invented-container-
runtimes-an-explanatory-fantasy-764c5b389bd3#.npqdu2abx)

------
jbb67
Which language is the sample code written in? Looks.... awful.

~~~
mhh__
Rust?

~~~
simcop2387
Looking at the blog's source, yes rust (and the code looks like rust also).

[https://github.com/rabbitstack/rabbitstack.github.io/blob/ma...](https://github.com/rabbitstack/rabbitstack.github.io/blob/master/operating%20systems/linux-
containers-internals-part-i/index.html#L177)

