Container from scratch: building a Linux container from the ground up

Tux logo It's all about containers these days. Containers are a fundamental part of the microservices model of development, providing isolated runtimes for application components. Containers can run one operating system version inside another, maintain self-contained applications that would otherwise conflict with their hosts, and allow multiple versions of the same application to be tested on the same machine.

In the Linux world, there are many technologies for building and running containers: LXC, Docker, buildah, podman, and others. If containers are useful, then assemblies of containers are even more useful. There are a number of frameworks for orchestrating large numbers of containers -- Kubernetes is probably the best-known.

Container managers like podman seem hugely sophisticated and, indeed, they are. However, the core features that all these tools rely on are, in fact, built into the Linux kernel already. What the tools really do is to provide convenient, friendly interfaces to kernel services like namespaces, virtual networks, and control groups.

This series of articles sets out to demonstrate how a Linux container infrastructure works, using only command-line tools. We won't be able to build general-purpose, production-quality container tooling this way, but we will be able to understand exactly how the mainstream tools do what they do.

If you want to run the demonstrations in these articles you'll need the following:

These articles assume a fairly high level of Linux knowledge. I assume that the reader is comfortable working at the command line, and doing configuration by editing text files. I've really written these articles for developers and administrators who already use tools like podman, and want to know more about how they work. If you've never used containers before, this probably isn't the place to start -- I'd suggest getting familiar with podman as a first step.