linux container - ghdrako/doc_snipets GitHub Wiki

• https://akashrajpurohit.com/blog/build-your-own-docker-with-linux-namespaces-cgroups-and-chroot-handson-guide/
• https://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html
• https://blog.quarkslab.com/digging-into-linux-namespaces-part-2.html
• https://blog.quarkslab.com/digging-into-runtimes-runc.html
• https://blog.quarkslab.com/digging-into-the-oci-image-specification.html

The OCI (Open Container Initiative) was then created in response to the need for standardization and structured governance. The OCI project ended up with two specifications - the Runtime Specification (runtime-spec) and the Image Specification (image-spec). The former defined a detailed API for the developers of runtimes to follow. The libcontainer project was donated to OCI and the first standardized runtime following the runtime-spec was created - runc. It represents a fully compatible API on top of libcontainer allowing users to directly spawn and manage containers.

Today container runtimes are often divided into two categories - low-level (runc, gVisor, Firecracker) and high-level (containerd, Docker, CRI-O, podman).

Container registry

• Quay.io

Build container from scrach

• https://hub.docker.com/_/scratch