This tutorial was developed with the the geeky linux community and friends in mind who would like to understand the inner workings of a container at a deeper level. This is achieved simply by using linux commands and operations that isolate an application or process using the concepts that gave birth to the idea of containers such as cgroups and namespaces. Using a layered file system approach we explore volumes, images, processes, networking and more without a particular container runtime such as Docker, Containerd, Rkt, lxd/lxc etc.
I try to explain as much as I can or point to the right documentation or even man pages to make things as clear as possible. Even though, this tutorial requires a lot of linux knowlegde and was not meant for linux beginners.
Keep in mind also that this is for educational purposes only and is not intended by any means to be used on any kind of corporate environment.
- Vagrant image Centos 7.5
- Btrfs - To be used as storage driver for the writtable container layer.
- bridge-utils package to inspect bridges and interfaces
You can try this tutorial in any platform running Centos 7 as long as you provide a secondary volume to be used by btrfs as the container file system storage.
Some of the commands on this tutorial may cause damage to your system therefore I recommend to run them on a virtual machine separated for this purpose.
If you want to use Vagrant to run the virtual machine for you here are the requirements:
- A computer with 8 GB of ram.
- An extra 1G of disk
- libvirt/qemu installed on your linux host
- vagrant libvirt plugin also installed for your vagrant environment
- or, as an alternative, virtualbox
How to do it:
- Clone the project:
git clone git@github.com:acmenezes/container-the-hard-way.git
- run
cd container-the-hard-way
- run
vagrant up
and you should have a VM running for you in a couple of minutes
If you would like to know more about vagrant check Hashicorp's Vagrant docs here.
- Preparing the container work directory
- Creating the Container Image
- Creating the "Container Layer"
- Using Different namespaces
- Setting up the container network