Skip to content
/ cfs-rs Public

Very minimal container runtime in Rust. Implementation of Containers from Scratch but in Rust, based on Liz Rice's talks.

5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

camerondurham/cfs-rs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
check
check
 
 
src
src
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
Makefile
Makefile
 
 
dev-notes.md
dev-notes.md
 
 
readme.md
readme.md
 
 

Repository files navigation

containers from scratch - in rust

Minimal re-implementation of lizrice/containers-from-scratch in Rust.

why?

Liz Rice gave several fantastic talks at DockerCon and other events named Containers from Scratch. In these talks, she impressively live-codes a minimal container runtime in about 100 lines of Golang.

Many important container tools such as docker/engine, opencontainers/runc, etc are written in Golang. Golang is a great tool for building and running containers and I love the language. However, safely handling syscalls in the language can sometimes be tricky. Rust offers a safe, memory-efficient and memory-safe wrapper around the syscall C-bindings and enforces strict error handling. Due to these safety improvements, I believe Rust is a good choice to reimplement Liz Rice's cfs example. Also, I'm trying to find any excuse to write Rust!

In this repository, I've attempted to write a very minimal container runtime, based Liz Rice's original Golang implementation.

Note: I'm pretty new to Rust and this is not idiomatic code. If you have any suggestions, please send a PR or ping me on Discord!

Credit:

usage

This will only work on a Unix system. I developed in WSL2.

# build the Docker container
make build

# run a shell
make run

# run args in the mini-container!
cfs args...

examples

How do you know this is working?

example 0: new hostname

# run hostname in the Docker container
root@e8f49cd2ff70:/home# hostname
e8f49cd2ff70

# run hostname in the cfs container: we've changed hostnames
root@e8f49cd2ff70:/home# cfs run hostname
cfs-container

example 1: isolated process view

# run ps in the container
root@cb3e7658f63f:/usr/src/cfs# ps
  PID TTY          TIME CMD
    1 pts/0    00:00:00 sh
    7 pts/0    00:00:00 bash
    8 pts/0    00:00:00 ps

# run ps in cfs: the container thinks cfs is PID 1
root@cb3e7658f63f:/home# cfs run ps
  PID TTY          TIME CMD
    1 ?        00:00:00 cfs
    2 ?        00:00:00 ps

example 2: restricted view of mounts (still need to fill in output)

# run mount in the container
root@cb3e7658f63f:/home# cfs run mount

About

Very minimal container runtime in Rust. Implementation of Containers from Scratch but in Rust, based on Liz Rice's talks.

Topics

linux docker rust learning containers container rust-lang linux-containers container-runtime

Resources

Readme
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Languages