libcontainer: joining forces under one roof
TRANSCRIPT
![Page 1: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/1.jpg)
Andrey Vagin <[email protected]>
Libcontainer: joining forces under one roof
Docker Moscow Meetup 2015
![Page 2: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/2.jpg)
2
Agenda
● History
● Linux Container
● Docker and LXC
● Libcontainer
● Libct
● Questions
![Page 3: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/3.jpg)
3
History
● Parallels Virtuozzo Containers
● Linux-VServer
● OpenVZ
● LXC
● Linux-utils (unshare, nsenter)
● SystemD (systemd-nspawn)
● Libcontainer (Docker)
OpenVZ2005
LXC2008
Libcontainer2014
Virtuozzo2001
systemdLinux-utils2009
VServer
![Page 4: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/4.jpg)
4
Linux Containers
Namespace
Cgroups
● Cgroups limits resources
– Cpu
– Memory
– Blkio
– Freeze
● Namespaces isolates environment
– MNT, PID, NET, IPC, USER, UTS
![Page 5: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/5.jpg)
5
Hierarchy
Docker
LXC
![Page 6: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/6.jpg)
6
Libcontainer
● Avoid external dependencies
● Create a library to joining forces
– Docker, Google, Parallels, RedHat, etc
● Support other container technologies (OpenVZ, jails, zones)
● Reuse in other projects (not only in Go)
![Page 7: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/7.jpg)
7
Hierarchy
Docker
LXC
execdriver
Libcontainer
Linux Kernel
![Page 8: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/8.jpg)
8
API
● Factory
– Create(), Load()
● Process
– Env, capabilities, cwd
● Container
– Namespaces, cgroup
– ID(), Start(), Destroy()
– Pause()/Resume()
– Stats(), Processes()
![Page 9: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/9.jpg)
9
Libct
– Libct is a containers management library which provides convenient API for frontend programs to rule a container during its whole lifetime
● In C
● Bindings for other languages (Go, Python)
![Page 10: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/10.jpg)
10
Hierarchy
Docker
LXC
execdriver
Libcontainer
Linux Libct
Linux OpenVZ
Linux Kernel OpenVZ Linux Kernel
![Page 11: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/11.jpg)
11
The current state and future plans
● Implement the new API for Libcontainer (DONE)
● Migrate Docker to use the new API
● Integrate Libct into Libcontainer
![Page 12: Libcontainer: joining forces under one roof](https://reader038.vdocuments.mx/reader038/viewer/2022110122/55a522231a28abb4348b47ce/html5/thumbnails/12.jpg)
12
Q&A
● https://github.com/docker/libcontainer
● https://github.com/xemul/libct
● Andrey Vagin <[email protected]>
Thank you