
Runq – Runc-based runtime to run regular Docker images in KVM/Qemu - sandGorgon
https://github.com/gotoz/runq/
======
watermelon0
I would assume Clear Containers[1] are more lightweight solution, and they
also leverage KVM/Qemu for isolation purposes.

[1]
[https://github.com/clearcontainers/runtime](https://github.com/clearcontainers/runtime)

~~~
ofrzeta
Or Kata containers or Hyper.sh. There's so much going on, it's hard to keep up
or even tell the difference. Kata is an initiative by the OpenStack
foundationa and somehow a mix of Clear and Hyper as far as I can tell.

[https://katacontainers.io/](https://katacontainers.io/)

~~~
gnepzhao
Kata is the merge of ClearContainer and Hyper's runV.

Disclosure: I work at Hyper.sh

------
TheAceOfHearts
I'm not very familiarized with this problem space. Could someone explain what
why this is useful, and why you'd want to use it? What are the problems that
it solves? I looked through the README, but I'm a bit lost.

~~~
slobotron
You can use Dockerfile (easy to start, large ecosystem) to build and launch a
VM (presumably more secure).

------
etaioinshrdlu
Ok, I'll say it. I think we need efficient arbitrary depth nesting of
containers.

Sure, it is incredibly bloaty.

But so is the way, say, npm works.

Bloaty apps often provide a ton of programmer convenience.

And history tells us that programmer convenience usually wins.

Docker style development already usually means bundling tons of redundant
dependencies everywhere.

Let's just take that further, and hold your nose.

~~~
stingraycharles
Isn’t that entirely possible with regular containers, but it’s mostly Docker’s
client/server model getting in the way?

I agree with you we need this, though. I’m frequently running CI in Docker,
and this makes launching a new container from CI a pain.

------
etaioinshrdlu
See also: user-mode Linux. I think it's a good idea but it's not really
maintained and never really worked well as far as I know.

Google is also working on a shim that intercepts system calls in userspace to
simulate having more priveledges.

But user mode Linux is a real full kernel!

~~~
omeid2
There is also HyperD:
[https://github.com/hyperhq/hyperd](https://github.com/hyperhq/hyperd)

~~~
gnepzhao
Hyperd has been merged into Kata (katacontainers.io).

------
int0x80
Very nice, but bummer for me is:

    
    
      Limtations (not supported):
        - docker exec
        - docker swarm
    

Specially 'exec' part.

