How Container Filesystem Works: Building a Docker-Like Container from Scratch

gethly|5 months ago

Whenever topic of Docker inner-workings comes up, I am always reminded by this video https://www.youtube.com/watch?v=HPuvDm8IC-4

phrotoma|5 months ago

Absolutely epic. Her career can be divided into two halves, before she did this talk and afterwards. What a crazy thing to do live on stage.

aussieguy1234|5 months ago

Layered file systems (multiple filesystems mounted on the same mount point) used to be used for making CD's and DVD's "writeable".

nightfly|5 months ago

"re"-writable

zoobab|5 months ago

We had chroot since 1979, nobody managed to build a docker like wrapper for chroot which do not require netns?

vbezhenar|5 months ago

Docker is a genius idea which looks obvious in retrospect, but someone need to invent it.

Docker is more than just chroot. You also need: overlay file system; OCI registry and community behind it, to create thousands of useful images. And, of course, the whole idea of creating images layer by layer and using immutable images to spawn mutable containers.

I don't actually think that you need network or process isolation. In terms of isolation, chroot is enough for most practical needs. Network and process isolations are nice to have, but they are not essential.

ronsor|5 months ago

Chroot has significantly less isolation than Linux namespaces as used by Docker.

spullara|5 months ago

Solaris Zones (follow on to Solaris Containers) was pretty amazing.

https://en.wikipedia.org/wiki/Solaris_Containers

interroboink|5 months ago

FreeBSD has had jails since version 4 (~year 2000), fwiw.

Much of the technology was there, but Docker was able to achieve a critical mass, with streamlined workflows. Perhaps as much a social phenomenon as a technical one?

aussieguy1234|5 months ago

Bocker, docker in 100 lines of bash https://github.com/p8952/bocker

32 comments