mirror of
https://github.com/containers/youki
synced 2024-11-23 01:11:58 +01:00
Update README.md (#2822)
This commit is contained in:
Toru Komatsu
parent
3841efc1bf
commit
11ca60dc88
128
README.md
128
README.md
@ -2,17 +2,22 @@
|
|||||||
|
|
||||||
[](https://discord.gg/zHnyXKSQFD)
|
[](https://discord.gg/zHnyXKSQFD)
|
||||||
[](https://github.com/containers/youki/graphs/contributors)
|
[](https://github.com/containers/youki/graphs/contributors)
|
||||||
[](https://github.com/containers/youki/actions)
|
[](https://github.com/containers/youki/actions)
|
||||||
[](https://codecov.io/gh/containers/youki)
|
[](https://codecov.io/gh/containers/youki)
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
<img src="docs/youki.png" width="450">
|
<img src="docs/youki.png" width="450">
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
youki is an implementation of the [OCI runtime-spec](https://github.com/opencontainers/runtime-spec) in Rust, similar to [runc](https://github.com/opencontainers/runc).
|
**youki** is an implementation of the [OCI runtime-spec](https://github.com/opencontainers/runtime-spec) in Rust, similar to [runc](https://github.com/opencontainers/runc).
|
||||||
Your ideas are welcome [here](https://github.com/containers/youki/issues/10).
|
Your ideas are welcome [here](https://github.com/containers/youki/issues/10).
|
||||||
|
|
||||||
# Quick Start
|
# π·οΈ About the name
|
||||||
|
|
||||||
|
youki is pronounced as /joΚki/ or yoh-key.
|
||||||
|
youki is named after the Japanese word 'youki', which means 'a container'. In Japanese language, youki also means 'cheerful', 'merry', or 'hilarious'.
|
||||||
|
|
||||||
|
# π Quick Start
|
||||||
|
|
||||||
> [!TIP]
|
> [!TIP]
|
||||||
> You can immediately set up your environment with youki on GitHub Codespaces and try it out.
|
> You can immediately set up your environment with youki on GitHub Codespaces and try it out.
|
||||||
@ -26,22 +31,17 @@ Your ideas are welcome [here](https://github.com/containers/youki/issues/10).
|
|||||||
|
|
||||||
[User Documentation](https://containers.github.io/youki/user/basic_setup.html#quick-install)
|
[User Documentation](https://containers.github.io/youki/user/basic_setup.html#quick-install)
|
||||||
|
|
||||||
# About the name
|
# π― Motivation
|
||||||
|
|
||||||
youki is pronounced as /joΚki/ or yoh-key.
|
|
||||||
youki is named after the Japanese word 'youki', which means 'a container'. In Japanese language, youki also means 'cheerful', 'merry', or 'hilarious'.
|
|
||||||
|
|
||||||
# Motivation
|
|
||||||
|
|
||||||
Here is why we are writing a new container runtime in Rust.
|
Here is why we are writing a new container runtime in Rust.
|
||||||
|
|
||||||
- Rust is one of the best languages to implement the oci-runtime spec. Many very nice container tools are currently written in Go. However, the container runtime requires the use of system calls, which requires a bit of special handling when implemented in Go. This tricky (e.g. _namespaces(7)_, _fork(2)_); with Rust too, but it's not that tricky. And, unlike in C, Rust provides the benefit of memory safety. While Rust is not yet a major player in the container field, it has the potential to contribute a lot: something this project attempts to exemplify.
|
- Rust is one of the best languages to implement the oci-runtime spec. Many very nice container tools are currently written in Go. However, the container runtime requires the use of system calls, which requires a bit of special handling when implemented in Go. This tricky (e.g. _namespaces(7)_, _fork(2)_); with Rust too, but it's not that tricky. And, unlike in C, Rust provides the benefit of memory safety. While Rust is not yet a major player in the container field, it has the potential to contribute a lot: something this project attempts to exemplify.
|
||||||
- youki has the potential to be faster and use less memory than runc, and therefore work in environments with tight memory usage requirements. Here is a simple benchmark of a container from creation to deletion.
|
- youki has the potential to be faster and use less memory than runc, and therefore work in environments with tight memory usage requirements. Here is a simple benchmark of a container from creation to deletion.
|
||||||
| Runtime | Time (mean Β± Ο) | Range (min β¦ max) |
|
| Runtime | Time (mean Β± Ο) | Range (min β¦ max) | vs youki(mean) | Version |
|
||||||
| :-----: | :-----------------: | :-----------------: |
|
| -------- | -------- | -------- | -------- | -------- |
|
||||||
| youki | 198.4 ms Β± 52.1 ms | 97.2 ms β¦ 296.1 ms |
|
| youki | 111.5 ms Β± 11.6 ms | 84.0 ms Β± 142.5 ms | 100% | 0.3.3 |
|
||||||
| runc | 352.3 ms Β± 53.3 ms | 248.3 ms β¦ 772.2 ms |
|
| runc | 224.6 ms Β± 12.0 ms | 190.5 ms Β± 255.4 ms | 200% | 1.1.7 |
|
||||||
| crun | 153.5 ms Β± 21.6 ms | 80.9 ms β¦ 196.6 ms |
|
| crun | 47.3 ms Β± 2.8 ms | 42.4 ms Β± 56.2 ms | 42% | 1.15 |
|
||||||
<details>
|
<details>
|
||||||
<summary>Details about the benchmark</summary>
|
<summary>Details about the benchmark</summary>
|
||||||
|
|
||||||
@ -55,36 +55,16 @@ Here is why we are writing a new container runtime in Rust.
|
|||||||
|
|
||||||
```console
|
```console
|
||||||
$ ./youki info
|
$ ./youki info
|
||||||
Version 0.0.1
|
Version 0.3.3
|
||||||
Kernel-Release 5.11.0-41-generic
|
Commit 4f3c8307
|
||||||
Kernel-Version #45-Ubuntu SMP Fri Nov 5 11:37:01 UTC 2021
|
Kernel-Release 6.5.0-35-generic
|
||||||
|
Kernel-Version #35~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Tue May 7 09:00:52 UTC 2
|
||||||
Architecture x86_64
|
Architecture x86_64
|
||||||
Operating System Ubuntu 21.04
|
Operating System Ubuntu 22.04.4 LTS
|
||||||
Cores 12
|
Cores 16
|
||||||
Total Memory 32025
|
Total Memory 63870
|
||||||
Cgroup setup hybrid
|
Cgroup setup unified
|
||||||
Cgroup mounts
|
Cgroup mounts
|
||||||
blkio /sys/fs/cgroup/blkio
|
|
||||||
cpu /sys/fs/cgroup/cpu,cpuacct
|
|
||||||
cpuacct /sys/fs/cgroup/cpu,cpuacct
|
|
||||||
cpuset /sys/fs/cgroup/cpuset
|
|
||||||
devices /sys/fs/cgroup/devices
|
|
||||||
freezer /sys/fs/cgroup/freezer
|
|
||||||
hugetlb /sys/fs/cgroup/hugetlb
|
|
||||||
memory /sys/fs/cgroup/memory
|
|
||||||
net_cls /sys/fs/cgroup/net_cls,net_prio
|
|
||||||
net_prio /sys/fs/cgroup/net_cls,net_prio
|
|
||||||
perf_event /sys/fs/cgroup/perf_event
|
|
||||||
pids /sys/fs/cgroup/pids
|
|
||||||
unified /sys/fs/cgroup/unified
|
|
||||||
CGroup v2 controllers
|
|
||||||
cpu detached
|
|
||||||
cpuset detached
|
|
||||||
hugetlb detached
|
|
||||||
io detached
|
|
||||||
memory detached
|
|
||||||
pids detached
|
|
||||||
device attached
|
|
||||||
Namespaces enabled
|
Namespaces enabled
|
||||||
mount enabled
|
mount enabled
|
||||||
uts enabled
|
uts enabled
|
||||||
@ -93,60 +73,34 @@ Here is why we are writing a new container runtime in Rust.
|
|||||||
pid enabled
|
pid enabled
|
||||||
network enabled
|
network enabled
|
||||||
cgroup enabled
|
cgroup enabled
|
||||||
$ ./youki --version
|
Capabilities
|
||||||
youki version 0.0.1
|
CAP_BPF available
|
||||||
commit: 0.0.1-0-0be33bf
|
CAP_PERFMON available
|
||||||
$ runc -v
|
CAP_CHECKPOINT_RESTORE available
|
||||||
runc version 1.0.0-rc93
|
|
||||||
commit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
|
|
||||||
spec: 1.0.2-dev
|
|
||||||
go: go1.13.15
|
|
||||||
libseccomp: 2.5.1
|
|
||||||
$ crun --version
|
|
||||||
crun version 0.19.1.45-4cc7
|
|
||||||
commit: 4cc7fa1124cce75dc26e12186d9cbeabded2b710
|
|
||||||
spec: 1.0.0
|
|
||||||
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
|
|
||||||
```
|
```
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
- I have fun implementing this. In fact, this may be the most important.
|
- I have fun implementing this. In fact, this may be the most important.
|
||||||
|
|
||||||
# Related project
|
# π Status of youki
|
||||||
|
|
||||||
|
**youki** has aced real-world use cases, including containerd's e2e test, and is now adopted by several production environments.
|
||||||
|
We have [our roadmap](https://github.com/orgs/containers/projects/15).
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# π Related project
|
||||||
|
|
||||||
- [containers/oci-spec-rs](https://github.com/containers/oci-spec-rs) - OCI Runtime and Image Spec in Rust
|
- [containers/oci-spec-rs](https://github.com/containers/oci-spec-rs) - OCI Runtime and Image Spec in Rust
|
||||||
|
|
||||||
# Status of youki
|
# π¨ Design and implementation of youki
|
||||||
|
|
||||||
youki is not at the practical stage yet. However, it is getting closer to practical use, running with docker and passing all the default tests provided by [opencontainers/runtime-tools](https://github.com/opencontainers/runtime-tools).
|
|
||||||
|
|
||||||
|
|
||||||
| Feature | Description | State |
|
|
||||||
|:---------------------:|:-----------------------------------------------:| :-------------------------------------------------------------------------------------------------: |
|
|
||||||
| Containerd | Running via Containerd | β
|
|
|
||||||
| Docker | Running via Docker | β
|
|
|
||||||
| Podman | Running via Podman | β
|
|
|
||||||
| pivot_root | Change the root directory | β
|
|
|
||||||
| Mounts | Mount files and directories to container | β
|
|
|
||||||
| Namespaces | Isolation of various resources | β
|
|
|
||||||
| Capabilities | Limiting root privileges | β
|
|
|
||||||
| Cgroups v1 | Resource limitations, etc | β
|
|
|
||||||
| Cgroups v2 | Improved version of v1 | Support is complete except for devices. WIP on [#230](https://github.com/containers/youki/issues/230) |
|
|
||||||
| Systemd cgroup driver | Setting up a cgroup using systemd | β
|
|
|
||||||
| Seccomp | Filtering system calls | β
|
|
|
||||||
| Hooks | Add custom processing during container creation | β
|
|
|
||||||
| Rootless | Running a container without root privileges | β
|
|
|
||||||
| OCI Compliance | Compliance with OCI Runtime Spec | β
50 out of 50 test cases passing |
|
|
||||||
| CRIU Integration | Functionality to checkpoint/restore containers | Initial checkpoint support as described in [#641](https://github.com/containers/youki/pull/641) |
|
|
||||||
|
|
||||||
# Design and implementation of youki
|
|
||||||
|
|
||||||
The User and Developer Documentation for youki is hosted at [https://containers.github.io/youki/](https://containers.github.io/youki/)
|
The User and Developer Documentation for youki is hosted at [https://containers.github.io/youki/](https://containers.github.io/youki/)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Getting Started
|
# π¬ Getting Started
|
||||||
|
|
||||||
Local build is only supported on Linux.
|
Local build is only supported on Linux.
|
||||||
For other platforms, please use the [Vagrantfile](#setting-up-vagrant) that we have prepared. You can also spin up a fully preconfigured development environment in the cloud with [GitHub Codespaces](https://docs.github.com/en/codespaces/getting-started/quickstart).
|
For other platforms, please use the [Vagrantfile](#setting-up-vagrant) that we have prepared. You can also spin up a fully preconfigured development environment in the cloud with [GitHub Codespaces](https://docs.github.com/en/codespaces/getting-started/quickstart).
|
||||||
@ -322,15 +276,9 @@ cd youki
|
|||||||
just youki-dev # or youki-release
|
just youki-dev # or youki-release
|
||||||
```
|
```
|
||||||
|
|
||||||
# Community
|
# π₯ Community and Contibuting
|
||||||
|
|
||||||
We also have an active [Discord](https://discord.gg/h7R3HgWUct) if you'd like to come and chat with us.
|
Please refer to [our community page](https://containers.github.io/youki/community/introduction.html).
|
||||||
|
|
||||||
# Contribution
|
|
||||||
|
|
||||||
This project welcomes your PR and issues.
|
|
||||||
For example, refactoring, adding features, correcting English, etc.
|
|
||||||
If you need any help, you can contact me on [Twitter](https://twitter.com/utam0k).
|
|
||||||
|
|
||||||
Thanks to all the people who already contributed!
|
Thanks to all the people who already contributed!
|
||||||
|
|
||||||
|
|||||||
Loadingβ¦
Reference in New Issue
Block a user