Libcontainer: joining forces under one roof

Andrey Vagin <[email protected]>

Libcontainer: joining forces under one roof

Docker Moscow Meetup 2015

2

Agenda

● History

● Linux Container

● Docker and LXC

● Libcontainer

● Libct

● Questions

3

History

● Parallels Virtuozzo Containers

● Linux-VServer

● OpenVZ

● LXC

● Linux-utils (unshare, nsenter)

● SystemD (systemd-nspawn)

● Libcontainer (Docker)

OpenVZ2005

LXC2008

Libcontainer2014

Virtuozzo2001

systemdLinux-utils2009

VServer

4

Linux Containers

Namespace

Cgroups

● Cgroups limits resources

– Cpu

– Memory

– Blkio

– Freeze

● Namespaces isolates environment

– MNT, PID, NET, IPC, USER, UTS

5

Hierarchy

Docker

LXC

6

Libcontainer

● Avoid external dependencies

● Create a library to joining forces

– Docker, Google, Parallels, RedHat, etc

● Support other container technologies (OpenVZ, jails, zones)

● Reuse in other projects (not only in Go)

7

Hierarchy

Docker

LXC

execdriver

Libcontainer

Linux Kernel

8

API

● Factory

– Create(), Load()

● Process

– Env, capabilities, cwd

● Container

– Namespaces, cgroup

– ID(), Start(), Destroy()

– Pause()/Resume()

– Stats(), Processes()

9

Libct

– Libct is a containers management library which provides convenient API for frontend programs to rule a container during its whole lifetime

● In C

● Bindings for other languages (Go, Python)

10

Hierarchy

Docker

LXC

execdriver

Libcontainer

Linux Libct

Linux OpenVZ

Linux Kernel OpenVZ Linux Kernel

11

The current state and future plans

● Implement the new API for Libcontainer (DONE)

● Migrate Docker to use the new API

● Integrate Libct into Libcontainer

12

Q&A

● https://github.com/docker/libcontainer

● https://github.com/xemul/libct

● Andrey Vagin <[email protected]>

Thank you

https://github.com/docker/libcontainer

https://github.com/xemul/libct

mailto:[email protected]

Software

Libcontainer: joining forces under one roof