TODO : Implement Root-fs extraction
This is a simple mock containerization tool written in Go. It mimics the behavior of basic container operations like pulling an image, unpacking it, and running commands within a new namespace. This tool does not fully replicate Docker's functionality but provides a lightweight alternative for educational purposes.
- Pull Docker images and save them as tar.gz archives.
- Unpack the archives and run commands within new namespaces.
- Use cgroups to limit resources.
- Chroot to the unpacked image root filesystem.
-
run: Run a command inside a new container.
./cnts run <image> <command>
Example:
./cnts run ubuntu /bin/sh
-
child: This is an internal command used by
run. It sets up the new namespaces and executes the command. -
pull: Pull a Docker image and store it as a tar.gz archive.
./cnts pull <image>
Example:
./cnts pull ubuntu
The pull script is a helper bash script to fetch Docker images, export their filesystem, and save it to the assets directory.
#!/bin/bash
set -e
defaultImage="hello-world"
image="${1:-$defaultImage}"
container=$(docker create "$image")
docker export "$container" -o "./assets/${image}.tar.gz" > /dev/null
docker rm "$container" > /dev/null
docker inspect -f '{{.Config.Cmd}}' "$image:latest" | tr -d '[]\n' > "./assets/${image}-cmd"
echo "Image content stored in assets/${image}.tar.gz"-
Build the Go program:
go build -o cnts
-
Make the
pullscript executable:chmod +x pull
-
Use the commands as described above.
Note: You need to run these commands as root:
root@device:~# ./cnts run <image> <command> root@device:~# ./cnts pull <image>
This tool is for educational purposes and is not intended for production use. It demonstrates basic containerization concepts like namespaces and cgroups without the complexity and features of full-fledged container runtimes like Docker.