This repo contains a script to create a basic Linux container using Bash. The steps include configuring Linux cgroups, creating network namespaces, and setting up a root filesystem. Executing the script will create the container and start an interactive shell inside it.
Here is a breakdown of the create.sh script functionalities:
- Create
Filesystem: Downloads and extracts the Alpine Linux miniroot filesystem into /mnt/mycontainer. Creates a /proc directory inside the container's filesystem. - Set Up
cgroups: Creates a cgroup named mycontainer for memory and CPU. - Set Up
Network Namespace:- Creates a network namespace called mycontainer_ns.
- Creates a virtual Ethernet (veth) pair, veth0 and veth1.
- Assigns veth1 to the mycontainer_ns namespace.
- Configures IP addresses for veth0 and veth1.
- Run
unsharewithin the network namespace to create a new mount namespace, a new PID namespace, and mounts the proc filesystem, thenchrootsinto the container's filesystem and starts a shell.
This script essentially sets up a basic containerized environment with network isolation and a separate process namespace. The demo also shows the network communication from container to host and vice versa, this is done with the veth configuration in create.sh.
- Linux machine with kernel version >= 5.8
libcgroup-devanddebootstrap
Install the following
sudo apt update && sudo apt upgrade -y
sudo apt install -y libcgroup-dev debootstrapTo create the container
sudo ./create.shTo delete the container
sudo ./delete.sh