Giter Site home page Giter Site logo

execc's Introduction

execc

execc is a simple example of a container runtime. It simply runs a command in a container. It uses the cgcreate, cgexec, cgset, cgdelete, unshare, and chroot commands to initialize the container.

The uuidgen, and bc commands are also required.

A newer version of unshare that supports --fork, --user, --pid and --mount-proc is recommended.

Prerequisites

The following are required.

  • bash
  • unshare
  • cgcreate
  • cgexec
  • cgset
  • cgdelete
  • uuidgen
  • bc

Most of these other than 'bc' and 'libcgroup-tools' are installed already on most systems. Install them like so:

$ sudo apt-get install libcgroup-tools bc

Usage

$ ./execc --help
Usage: execc [OPTION]... [COMMAND]
Execute COMMAND in a container. COMMAND is executed in it's
own set of namespaces and given a cgroup if limit options
are specified.
Example: execc -c 100 -m 100000000 /bin/sh

WARNING: This runtime is not stable and should not be used
in anything resembling a production environment.

Cgroup options:
 -c, --cpu=MILLICORES      CPU limit for the container in
                           number of milli-cores.
 -m, --memory=BYTES        Memory limit for the container
                           in bytes.

Namespace options:
 --rootfs=PATH             Run the container with it's root set
                           to specified root filesystem path.
                           If the specified path is a tar
                           archive, it will be unpacked to
                           a temporary directory and that
                           will be used as the root filesystem.
                           Default: /
 --mount=(true|false)      Run the container in its own mounts
                           namespace. Default: true
 --ipc=(true|false)        Run the container in its own IPC
                           namespace. Default: true
 --uts=(true|false)        Run the container in its own UTS
                           namespace. Default: true
 --net=(true|false)        Run the container in its own network
                           namespace. Default: true

Examples

Run a shell in a busybox container limited to 100 milli-cores and 1 megabyte of memory.

$ mkdir rootfs
$ docker export $(docker create busybox) | gzip -c > busybox.tar.gz
$ sudo execc -c 100 -m 1000000 --rootfs busybox.tar.gz /bin/sh
/ # echo "Hello from inside a container!"
Hello from inside a container!
#

Similar projects

  • bocker - Docker in ~100 lines of bash

Disclaimer

This is not an official Google product.

execc's People

Contributors

ianlewis avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.