A minimal container implementation using Go, leveraging Linux namespaces and cgroups for process isolation. This project was created to gain a better understanding of containers and the Go programming language.
- Linux OS with kernel support for namespaces and cgroups(v2).
- Go
- Root or
sudoaccess may be required for certain operations, especially when working with cgroups.
- Clone the repository:
git clone https://github.com/voukatas/go_container
cd go_container- Download a mini Linux filesystem. For example:
wget https://dl-cdn.alpinelinux.org/alpine/v3.18/releases/x86_64/alpine-minirootfs-3.18.3-x86_64.tar.gz
tar -xzvf alpine-minirootfs-3.18.3-x86_64.tar.gz -C ./alpine_fs- Build the project:
go build -o containerExecute a command inside the container:
sudo ./container run <command_name>For example:
sudo ./container run /bin/sh- This is a basic and educational example of a container and lacks features found in production-ready container solutions like Docker.
- Proper cleanup and handling of cgroups and namespaces are required to avoid system issues.
- Ensure you understand the security implications before using this in a production environment.