Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Write Container Runtime in Go

Avatar for tomocy tomocy
October 28, 2019
Programming
4
3.3k

Write Container Runtime in Go

Presented in Go Conference 2019 Autumn

https://gocon.jp/sessions/write_container_runtime_in_go/

Avatar for tomocy

tomocy

October 28, 2019
Tweet

More Decks by tomocy

See All by tomocy
Work around Dart custom lint rule
Avatar for tomocy tomocy
1
510

Other Decks in Programming

See All in Programming
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
Avatar for MomokoShirakawa momok47
0
170
GISエンジニアから見たLINKSデータ
Avatar for nokonoko1203 nokonoko1203
0
190
HTTPプロトコル正しく理解していますか? 〜かわいい猫と共に学ぼう。ฅ^•ω•^ฅ ニャ〜
Avatar for ♛Heitor Hirose hekuchan
2
640
MDN Web Docs に日本語翻訳でコントリビュート
Avatar for uutan1108 ohmori_yusuke
0
500
CSC307 Lecture 02
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
760
なるべく楽してバックエンドに型をつけたい!(楽とは言ってない)
Avatar for HIBIKI CUBE hibiki_cube
0
110
AI 駆動開発ライフサイクル(AI-DLC):ソフトウェアエンジニアリングの再構築 / AI-DLC Introduction
Avatar for kanamsasa kanamasa
11
5.5k
コントリビューターによるDenoのすゝめ / Deno Recommendations by a Contributor
Avatar for petamoriken / 森建 petamoriken
0
170
React 19でつくる「気持ちいいUI」- 楽観的UIのすすめ
Avatar for Hiroshi Morishige himorishige
11
5.4k
AI Agent Dojo #4: watsonx Orchestrate ADK体験
Avatar for Akira Onishi (IBM) oniak3ibm
PRO
0
130
例外処理とどう使い分ける?Result型を使ったエラー設計 #burikaigi
Avatar for Takuma Kajikawa kajitack
16
5.5k
副作用をどこに置くか問題:オブジェクト指向で整理する設計判断ツリー
Avatar for Koya Masuda koxya
1
450

Featured

See All Featured
Lessons Learnt from Crawling 1000+ Websites
Avatar for Charles Meaden charlesmeaden
PRO
0
1k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
Avatar for Mine Cetinkaya-Rundel minecr
0
120
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
200
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
730
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
355
21k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.8k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
Avatar for Aleyda Solis aleyda
0
1.8k
AI in Enterprises - Java and Open Source to the Rescue
Avatar for ivargrimstad ivargrimstad
0
1.1k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
12
1k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
Avatar for konakalab konakalab
0
340
Ten Tips & Tricks for a 🌱 transition
Avatar for Manu Carrasco Molina stuffmc
0
51
Stewardship and Sustainability of Urban and Community Forests
Avatar for Eric Wiseman pwiseman
0
100

Transcript

  1. Write Container Runtime in Go Go Conference 2019 Autumn Koki

    Tomoshige (@towocy)

  2. Write Container Runtime in Go

  3. Write Container Runtime in Go

  4. ίϯςφϥϯλΠϜʹ͍ͭͯ

  5. ίϯςφٕज़ ίϯςφϥϯλΠϜͱ ίϯςφΠϝʔδ

  6. ίϯςφϥϯλΠϜ OCI runtimeʹ४ڌ͍ͯ͠Δ

  7. OCIʢOpen Container Initiativeʣ ίϯςφٕज़ͷඪ४ن֨Λ ࡞੒͢ΔͨΊͷஂମ

  8. None

  9. runtime.me ίϯςφϥϯλΠϜͱͯ͠ͷ ঢ়ଶͱৼΔ෣͍ https://github.com/opencontainers/runtime-spec/blob/master/runtime.md

  10. Query State state <container-id> Create create <container-id> <path-to-bundle> Start start

    <container-id> Kill kill <container-id> <signal> Delete delete <container-id>
  11. None

  12. Standard Go Project Layout /cmd https://github.com/golang-standards/project-layout#cmd

  13. None

  14. CLI pkg github.com/urfave/cli

  15. None
  16. None
  17. None
  18. None
  19. None

  20. InterfaceͰͷந৅Խ ࢖༻ऀଆ͕ ٻΊΔৼΔ෣͍Λఆٛ͢Δ https://github.com/golang/go/wiki/CodeReviewComments#interfaces

  21. None

  22. ίϯςφϥϯλΠϜͷ࣮૷ʹ͍ͭͯ

  23. ίϯςφϥϯλΠϜ ϗετOS্ͷ Ϧιʔεִ͕཭ɺ੍ݶ͞Εͨϓϩηε

  24. ‘Contain’er ʙΛด͡ࠐΊΔ

  25. ίϯςφϥϯλΠϜ How to contain a process

  26. https://employment.en-japan.com/engineerhub/entry/2019/02/05/103000#ίϯςφͱ͸ ΧʔωϧϦιʔεɺϑΝΠϧγεςϜͷִ཭ Namespaceɺchroot/pivot_root ϋʔυ΢ΣΞϦιʔεͷ੍ݶ cgroup ݖݶͷ੍໿ Capabilityɺseccomp

  27. None

  28. Fork

  29. Fork ਌ϓϩηε ࢠϓϩηε

  30. Fork ਌ϓϩηε ࢠϓϩηε Contain

  31. None

  32. Build Constraints ϑΝΠϧ໊Ͱ Ϗϧυର৅Λ෼͚Δ https://golang.org/pkg/go/build/#hdr-Build_Constraints

  33. None
  34. None
  35. None
  36. None

  37. Fork ਌ϓϩηε ࢠϓϩηε Contain

  38. https://github.com/rrreeeyyy/container-internship/tree/master/02#linux-namespaces IPC ϓϩηεؒ௨৴Ͱ࢖͏Ϧιʔε Network ωοτϫʔΫσόΠεɺϧʔςΟϯάςʔϒϧ Mount ϑΝΠϧγεςϜπϦʔ PID ϓϩηε ID

    User Ϣʔβ IDɺάϧʔϓ ID UTS nodenameɺdomainname
  39. None

  40. Fork

  41. None

  42. Filesystem bundle config.jsonͱrootfs https://github.com/opencontainers/runtime-spec/blob/master/bundle.md

  43. ࢠϓϩηεͷϧʔτ༻ʹ

  44. ࢠϓϩηεͷϧʔτ༻ʹ mount͍ͯ͘͠

  45. ࢠϓϩηεͷϧʔτ༻ʹ mount͍͖ͯ͠ ͦͯ͠pivot_root͢Δ

  46. ࢠϓϩηεʹ͸ / ʹݟ͑Δ

  47. cgroup ϓϩηεʹରͯ͠ ڞ௨ͷϦιʔε؅ཧΛ͢Δ https://gihyo.jp/admin/serial/01/linux_containers/0003

  48. None
  49. None
  50. None
  51. None
  52. None
  53. None
  54. None
  55. None
  56. None
  57. None
  58. None
  59. None

  60. Write Container Runtime in Go

  61. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

  62. https://github.com/opencontainers/runtime-spec/blob/master/runtime.md https://github.com/opencontainers/runtime-spec/blob/master/bundle.md https://github.com/golang-standards/project-layout#cmd https://github.com/golang/go/wiki/CodeReviewComments#interfaces https://employment.en-japan.com/engineerhub/entry/2019/02/05/103000#ίϯςφͱ͸ https://golang.org/pkg/go/build/#hdr-Build_Constraints https://github.com/rrreeeyyy/container-internship/tree/master/02#linux-namespaces https://employment.en-japan.com/engineerhub/entry/2019/02/05/103000 https://github.com/tomocy/gocon ࢀߟจݙ

    https://speakerdeck.com/kyohmizu/windowskontenaru-men?slide=26 https://speakerdeck.com/tenforward/cndt2019 https://sil.hatenablog.com/entry/why-container-is-secure