1
0
mirror of https://github.com/containers/youki synced 2024-11-23 01:11:58 +01:00

Update README.md (#2822)

This commit is contained in:
Toru Komatsu 2024-06-27 15:06:32 +09:00 committed by GitHub
parent 3841efc1bf
commit 11ca60dc88
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

130
README.md

@ -2,17 +2,22 @@
[![Discord](https://img.shields.io/discord/849943000770412575.svg?logo=discord)](https://discord.gg/zHnyXKSQFD) [![Discord](https://img.shields.io/discord/849943000770412575.svg?logo=discord)](https://discord.gg/zHnyXKSQFD)
[![GitHub contributors](https://img.shields.io/github/contributors/containers/youki)](https://github.com/containers/youki/graphs/contributors) [![GitHub contributors](https://img.shields.io/github/contributors/containers/youki)](https://github.com/containers/youki/graphs/contributors)
[![Github CI](https://github.com/containers/youki/actions/workflows/main.yml/badge.svg?branch=main)](https://github.com/containers/youki/actions) [![Github CI](https://github.com/containers/youki/actions/workflows/basic.yml/badge.svg?branch=main)](https://github.com/containers/youki/actions)
[![codecov](https://codecov.io/gh/containers/youki/branch/main/graph/badge.svg)](https://codecov.io/gh/containers/youki) [![codecov](https://codecov.io/gh/containers/youki/branch/main/graph/badge.svg)](https://codecov.io/gh/containers/youki)
<p align="center"> <p align="center">
<img src="docs/youki.png" width="450"> <img src="docs/youki.png" width="450">
</p> </p>
youki is an implementation of the [OCI runtime-spec](https://github.com/opencontainers/runtime-spec) in Rust, similar to [runc](https://github.com/opencontainers/runc). **youki** is an implementation of the [OCI runtime-spec](https://github.com/opencontainers/runtime-spec) in Rust, similar to [runc](https://github.com/opencontainers/runc).
Your ideas are welcome [here](https://github.com/containers/youki/issues/10). Your ideas are welcome [here](https://github.com/containers/youki/issues/10).
# Quick Start # 🏷️ About the name
youki is pronounced as /joʊki/ or yoh-key.
youki is named after the Japanese word 'youki', which means 'a container'. In Japanese language, youki also means 'cheerful', 'merry', or 'hilarious'.
# πŸš€ Quick Start
> [!TIP] > [!TIP]
> You can immediately set up your environment with youki on GitHub Codespaces and try it out. > You can immediately set up your environment with youki on GitHub Codespaces and try it out.
@ -26,23 +31,18 @@ Your ideas are welcome [here](https://github.com/containers/youki/issues/10).
[User Documentation](https://containers.github.io/youki/user/basic_setup.html#quick-install) [User Documentation](https://containers.github.io/youki/user/basic_setup.html#quick-install)
# About the name # 🎯 Motivation
youki is pronounced as /joʊki/ or yoh-key.
youki is named after the Japanese word 'youki', which means 'a container'. In Japanese language, youki also means 'cheerful', 'merry', or 'hilarious'.
# Motivation
Here is why we are writing a new container runtime in Rust. Here is why we are writing a new container runtime in Rust.
- Rust is one of the best languages to implement the oci-runtime spec. Many very nice container tools are currently written in Go. However, the container runtime requires the use of system calls, which requires a bit of special handling when implemented in Go. This tricky (e.g. _namespaces(7)_, _fork(2)_); with Rust too, but it's not that tricky. And, unlike in C, Rust provides the benefit of memory safety. While Rust is not yet a major player in the container field, it has the potential to contribute a lot: something this project attempts to exemplify. - Rust is one of the best languages to implement the oci-runtime spec. Many very nice container tools are currently written in Go. However, the container runtime requires the use of system calls, which requires a bit of special handling when implemented in Go. This tricky (e.g. _namespaces(7)_, _fork(2)_); with Rust too, but it's not that tricky. And, unlike in C, Rust provides the benefit of memory safety. While Rust is not yet a major player in the container field, it has the potential to contribute a lot: something this project attempts to exemplify.
- youki has the potential to be faster and use less memory than runc, and therefore work in environments with tight memory usage requirements. Here is a simple benchmark of a container from creation to deletion. - youki has the potential to be faster and use less memory than runc, and therefore work in environments with tight memory usage requirements. Here is a simple benchmark of a container from creation to deletion.
| Runtime | Time (mean Β± Οƒ) | Range (min … max) | | Runtime | Time (mean Β± Οƒ) | Range (min … max) | vs youki(mean) | Version |
| :-----: | :-----------------: | :-----------------: | | -------- | -------- | -------- | -------- | -------- |
| youki | 198.4 ms Β± 52.1 ms | 97.2 ms … 296.1 ms | | youki | 111.5 ms Β± 11.6 ms | 84.0 ms Β± 142.5 ms | 100% | 0.3.3 |
| runc | 352.3 ms Β± 53.3 ms | 248.3 ms … 772.2 ms | | runc | 224.6 ms Β± 12.0 ms | 190.5 ms Β± 255.4 ms | 200% | 1.1.7 |
| crun | 153.5 ms Β± 21.6 ms | 80.9 ms … 196.6 ms | | crun | 47.3 ms Β± 2.8 ms | 42.4 ms Β± 56.2 ms | 42% | 1.15 |
<details> <details>
<summary>Details about the benchmark</summary> <summary>Details about the benchmark</summary>
- A command used for the benchmark - A command used for the benchmark
@ -55,36 +55,16 @@ Here is why we are writing a new container runtime in Rust.
```console ```console
$ ./youki info $ ./youki info
Version 0.0.1 Version 0.3.3
Kernel-Release 5.11.0-41-generic Commit 4f3c8307
Kernel-Version #45-Ubuntu SMP Fri Nov 5 11:37:01 UTC 2021 Kernel-Release 6.5.0-35-generic
Kernel-Version #35~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Tue May 7 09:00:52 UTC 2
Architecture x86_64 Architecture x86_64
Operating System Ubuntu 21.04 Operating System Ubuntu 22.04.4 LTS
Cores 12 Cores 16
Total Memory 32025 Total Memory 63870
Cgroup setup hybrid Cgroup setup unified
Cgroup mounts Cgroup mounts
blkio /sys/fs/cgroup/blkio
cpu /sys/fs/cgroup/cpu,cpuacct
cpuacct /sys/fs/cgroup/cpu,cpuacct
cpuset /sys/fs/cgroup/cpuset
devices /sys/fs/cgroup/devices
freezer /sys/fs/cgroup/freezer
hugetlb /sys/fs/cgroup/hugetlb
memory /sys/fs/cgroup/memory
net_cls /sys/fs/cgroup/net_cls,net_prio
net_prio /sys/fs/cgroup/net_cls,net_prio
perf_event /sys/fs/cgroup/perf_event
pids /sys/fs/cgroup/pids
unified /sys/fs/cgroup/unified
CGroup v2 controllers
cpu detached
cpuset detached
hugetlb detached
io detached
memory detached
pids detached
device attached
Namespaces enabled Namespaces enabled
mount enabled mount enabled
uts enabled uts enabled
@ -93,60 +73,34 @@ Here is why we are writing a new container runtime in Rust.
pid enabled pid enabled
network enabled network enabled
cgroup enabled cgroup enabled
$ ./youki --version Capabilities
youki version 0.0.1 CAP_BPF available
commit: 0.0.1-0-0be33bf CAP_PERFMON available
$ runc -v CAP_CHECKPOINT_RESTORE available
runc version 1.0.0-rc93
commit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
spec: 1.0.2-dev
go: go1.13.15
libseccomp: 2.5.1
$ crun --version
crun version 0.19.1.45-4cc7
commit: 4cc7fa1124cce75dc26e12186d9cbeabded2b710
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
``` ```
</details> </details>
- I have fun implementing this. In fact, this may be the most important. - I have fun implementing this. In fact, this may be the most important.
# Related project # πŸ“ Status of youki
**youki** has aced real-world use cases, including containerd's e2e test, and is now adopted by several production environments.
We have [our roadmap](https://github.com/orgs/containers/projects/15).
![youki demo](docs/demo.gif)
# πŸ”— Related project
- [containers/oci-spec-rs](https://github.com/containers/oci-spec-rs) - OCI Runtime and Image Spec in Rust - [containers/oci-spec-rs](https://github.com/containers/oci-spec-rs) - OCI Runtime and Image Spec in Rust
# Status of youki # 🎨 Design and implementation of youki
youki is not at the practical stage yet. However, it is getting closer to practical use, running with docker and passing all the default tests provided by [opencontainers/runtime-tools](https://github.com/opencontainers/runtime-tools).
![youki demo](docs/demo.gif)
| Feature | Description | State |
|:---------------------:|:-----------------------------------------------:| :-------------------------------------------------------------------------------------------------: |
| Containerd | Running via Containerd | βœ… |
| Docker | Running via Docker | βœ… |
| Podman | Running via Podman | βœ… |
| pivot_root | Change the root directory | βœ… |
| Mounts | Mount files and directories to container | βœ… |
| Namespaces | Isolation of various resources | βœ… |
| Capabilities | Limiting root privileges | βœ… |
| Cgroups v1 | Resource limitations, etc | βœ… |
| Cgroups v2 | Improved version of v1 | Support is complete except for devices. WIP on [#230](https://github.com/containers/youki/issues/230) |
| Systemd cgroup driver | Setting up a cgroup using systemd | βœ… |
| Seccomp | Filtering system calls | βœ… |
| Hooks | Add custom processing during container creation | βœ… |
| Rootless | Running a container without root privileges | βœ… |
| OCI Compliance | Compliance with OCI Runtime Spec | βœ… 50 out of 50 test cases passing |
| CRIU Integration | Functionality to checkpoint/restore containers | Initial checkpoint support as described in [#641](https://github.com/containers/youki/pull/641) |
# Design and implementation of youki
The User and Developer Documentation for youki is hosted at [https://containers.github.io/youki/](https://containers.github.io/youki/) The User and Developer Documentation for youki is hosted at [https://containers.github.io/youki/](https://containers.github.io/youki/)
![Architecture](docs/.drawio.svg) ![Architecture](docs/.drawio.svg)
# Getting Started # 🎬 Getting Started
Local build is only supported on Linux. Local build is only supported on Linux.
For other platforms, please use the [Vagrantfile](#setting-up-vagrant) that we have prepared. You can also spin up a fully preconfigured development environment in the cloud with [GitHub Codespaces](https://docs.github.com/en/codespaces/getting-started/quickstart). For other platforms, please use the [Vagrantfile](#setting-up-vagrant) that we have prepared. You can also spin up a fully preconfigured development environment in the cloud with [GitHub Codespaces](https://docs.github.com/en/codespaces/getting-started/quickstart).
@ -322,15 +276,9 @@ cd youki
just youki-dev # or youki-release just youki-dev # or youki-release
``` ```
# Community # πŸ‘₯ Community and Contibuting
We also have an active [Discord](https://discord.gg/h7R3HgWUct) if you'd like to come and chat with us. Please refer to [our community page](https://containers.github.io/youki/community/introduction.html).
# Contribution
This project welcomes your PR and issues.
For example, refactoring, adding features, correcting English, etc.
If you need any help, you can contact me on [Twitter](https://twitter.com/utam0k).
Thanks to all the people who already contributed! Thanks to all the people who already contributed!