Skip to content

Scanf-s/container-runtime

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.devcontainer
.devcontainer
 
 
scripts
scripts
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
DOCS.md
DOCS.md
 
 
Dockerfile
Dockerfile
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

Container Runtime

Simple container runtime implementation in Rust.

This repository contains a study-purpose container runtime written in Rust. It isolates the filesystem, processes, user namespace, and hardware resources.

How to run

Recommended: run this project inside the devcontainer. The runtime uses Linux namespaces, cgroup v2, pivot_root, and privileged mount operations.

1. Build Dev Image

make dev-image

2. Prepare Rootfs

make rootfs

3. Run Container Runtime

cargo run -- run ./rootfs --cpus 1.0 --mem 536870912 --pids 1024 --uid 1000 --gid 1000 /bin/sh

Inside the container, check:

id      # uid=0(root), gid=0(root)
ps -a   # only container-local processes
mount   # isolated rootfs and procfs

Concept

See the detailed document in DOCS.md.

About

Simple, study purpose container runtime implementation in Rust. Implemented container virtualization with cgroups v2 for resource isolation, unshare for process and namespace isolation and pivot_root for filesystem isolation from host system

Topics

rust container-runtime

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages