runc
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification, implemented in Go. This page provides instructions to setup containers using runc.
The tool is meant as a low-level tool and is intended to deal with the plumbing of container. The expectaiton is is it is used by higher level container software (such as Docker and Podman) to provide an interface better suited at common tasks. However, it can be useful for learning how things work, small tests or building your own tooling.
Prerequisites
- Enable cgroups
Set up a minimal container
Here are the steps to create a minimal container using runc and Alpine Linux. This creates an OCI bundle
# apk add runc
# mkdir /opt/busybox-container
# apk --arch x86_64 -X https://dl-cdn.alpinelinux.org/alpine/edge/main/ --root /opt/busybox-container/rootfs --initdb --no-cache --allow-untrusted add busybox
# cd /opt/busybox-container && runc spec
# runc run busybox-1
About
The creation of the root filesystem and the generation of the spec file is creating what is known as an OCI bundle. By using the Alpine Package Keeper (APK), we can create a bundle from pre-built software available for Alpine.
The
runc spec
command generates a config.json file which follows the OCI Runtime Specification. This configuration file can be modified to set-up mounts within the container amongst other settings.
Alternatives
An alternative to runc is crun which is a fast and lightweight fully featured OCI runtime and C library for running containers.
The commands in the example above can be switched to use crun instead and it can be installed with
# apk add crun