Skip to content

Instantly share code, notes, and snippets.

@psgganesh

psgganesh/00-main.go

Last active March 20, 2023 08:01
Show Gist options
  • Save psgganesh/16ae2088a309b647cbd039e1cecb0baf to your computer and use it in GitHub Desktop.
Save psgganesh/16ae2088a309b647cbd039e1cecb0baf to your computer and use it in GitHub Desktop.
Download ZIP
Containers handbook
Raw
00-main.go
package main
import "os"
import "fmt"
// docker run image <cmd> <params>
// go run main.go run <cmd> <params>
func main() {
switch os.Args[1] {
case "run":
run()
default:
panic("bad command")
}
}
func run() {
// Printing the param which was provided
fmt.Printf("Running %v\n", os.Args[2:])
}
func must(err error) {
if err != nil {
panic(err)
}
}
Raw
01-main.go
package main
import "os"
import "fmt"
import "os/exec"
// docker run image <cmd> <params>
// go run main.go run <cmd> <params>
func main() {
switch os.Args[1] {
case "run":
run()
default:
panic("bad command")
}
}
func run() {
// Printing the param which was provided
fmt.Printf("Running %v\n", os.Args[2:])
// But we want to execute, hence...
cmd := exec.Command(os.Args[2], os.Args[3:]...)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
cmd.Run()
}
func must(err error) {
if err != nil {
panic(err)
}
}
Raw
02-main.go
package main
import "os"
import "fmt"
import "os/exec"
// docker run image <cmd> <params>
// go run main.go run <cmd> <params>
func main() {
switch os.Args[1] {
case "run":
run()
default:
panic("bad command")
}
}
func run() {
// Printing the param which was provided
fmt.Printf("Running %v\n", os.Args[2:])
// But we want to execute, hence...
cmd := exec.Command(os.Args[2], os.Args[3:]...)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
// But ps is same, we want to containerize, and run /bin/bash, hence...
cmd.SysProcAttr = &syscall.SysProcAttr {
CloneFlags: syscall.CLONE_NEWUTS,
}
cmd.Run()
}
func must(err error) {
if err != nil {
panic(err)
}
}
Raw
03-main.go
package main
import "os"
import "fmt"
import "os/exec"
// docker run image <cmd> <params>
// go run main.go run <cmd> <params>
func main() {
switch os.Args[1] {
case "run":
run()
default:
panic("bad command")
}
}
func run() {
// Printing the param which was provided
fmt.Printf("Running %v\n", os.Args[2:])
// But we want to execute, hence...
cmd := exec.Command(os.Args[2], os.Args[3:]...)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
// But ps is same, we want to containerize, and run /bin/bash, hence...
cmd.SysProcAttr = &syscall.SysProcAttr {
CloneFlags: syscall.CLONE_NEWUTS,
}
// But hostname and paths are same, hence....
// CANT DO BEFORE RUN --> syscall.Sethostname([]byte("container"))
cmd.Run()
// CANT DO AFTER RUN --> syscall.Sethostname([]byte("container"))
// Hence, clone as another function func child...
}
func must(err error) {
if err != nil {
panic(err)
}
}
Raw
README.md

Containers From Scratch • Liz Rice • GOTO 2018 - https://www.youtube.com/watch?v=8fi7uSYlOdc

Slides and video

Namespaces - Control what you can see

  • What you can see
  • Created with syscalls (the below list depends on particular version of your linux kernel)
    • Unix Timesharing system
    • Process IDs
    • Mounts
    • Network
    • User IDs
    • InterProcess Comms

This is a big part of what makes a container - a Container. It's restricting the view of what the process have / has about the things that are going on in that machine.

Control Group: Control what you can use

IBM - VM vs Containers - https://www.youtube.com/watch?v=cjXI-yxqGTI

Raw
main.go
package main
import (
"os"
"os/exec"
"syscall"
)
func main() {
switch os.Args[1] {
case "run":
run()
case "child":
child()
default:
panic("what")
}
}
func run() {
cmd := exec.Command("/proc/self/exe", append([]string{"child"}, os.Args[2:]...)...)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
cmd.SysProcAttr = &syscall.SysProcAttr{
Cloneflags: syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID,
}
must(cmd.Run())
}
func child() {
cmd := exec.Command(os.Args[2], os.Args[3:]...)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
must(syscall.Chroot("/home/rootfs"))
must(os.Chdir("/"))
must(syscall.Mount("proc", "proc", "proc", 0, ""))
must(cmd.Run())
}
func must(err error) {
if err != nil {
panic(err)
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment