RunC
RunC is a Command line tool for spawning and running
containers according to the OCI specification.This is a docker container format
and runtime that is being donated to the OCI.
What is a OCI?
Open Container initiative defines specifications for building
tools that help in building,
transporting and preparing container images to run.
The OCI consists of 2 specifications,
Runtime Specification ( runtime-spec ) defines how to
run a filesystem bundle that is available on the disk. Generally an OCI
implementation will first download the OCI image, unpack the image into a OCI
Runtime file system bundle. At this point we can run this Runtime bundle using
a Oci Runtime.
Image specification (image-spec) defines how to create an OCI Image. The image is created
by a build system which will give a image manifest, file
system and image configuration.
The manifest file will have details about the content of the
file system , dependencies of the
image like link to other file systems etc which will make up
the final image.
The Image configuration will have application arguments, env variables etc. All these combined to form an OCI image
How to use RunC to run Containers?
1. Download the runC library based on the platform from here
using,
wget
https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
2. Create a directory structure
mkdir runC
cd runC
mkdir test-container
cd test-container
3. Download a busybox docker container image and export the image to the rootfs filesystem
like, docker export $(docker create busybox) | tar -C rootfs -xvf -
Now we will see a directory by the name rootfs with multiple files and directories inside
4. Run the runC spec command from the download library using,
[root@manja17-I13330 test-container]# /root/runc/runc.amd64 spec
[root@manja17-I13330 test-container]# ll
total 4
-rw-r--r-- 1 root root 2614 Jul 26 07:27 config.json
drwxr-xr-x 12 root root 137 Jul 26 07:09 rootfs
A spec file is created by the name config.json. Check the file to see the configurations details
for the image.
[root@manja17-I13330 test-container]# cat config.json
{
"ociVersion":
"1.0.0",
"process":
{
"terminal":
true,
"user":
{
"uid":
0,
"gid":
0
},
"args":
[
"sh"
],
"env":
[
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm"
],
"cwd":
"/",
"capabilities":
{
"bounding":
[
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE"
],
"effective":
[
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE"
],
*********
If you check the config.json, we can see what this container
does and how it will run etc.Run the container using the runC command as,
[root@manja17-I13330 test-container]# /root/runc/runc.amd64 run container1
/ # ps ux
PID USER
TIME COMMAND
1 root
0:00 sh
6
root 0:00 ps ux
/ # exit
Run the container background using,
[root@manja17-I13330 test-container]# /root/runc/runc.amd64 run container1 &
[root@manja17-I13330 test-container]# /root/runc/runc.amd64 list
We will see the containers running listed
All commands that we run is based on the Container ID. lets
run some more commands as
[root@manja17-I13330 runc]# ./runc.amd64 ps container1
UID PID PPID
C STIME TTY
TIME CMD
root 21033 21025 0 00:20 ? 00:00:00 sh
[root@manja17-I13330 runc]# ./runc.amd64 exec container1 free
total used free shared buffers cached
Mem: 8175444 8013024 162420 0 2776 5760124
-/+ buffers/cache: 2250124 5925320
Swap: 0 0 0
More to Come, Happy Learning :-)
No comments :
Post a Comment