Boxr container runtime

boxr came out of researching how Kubernetes actually launches a container. As with I assume many people, I had used Docker and Kubernetes for years, and knew that containerd was somehow involved. But I wanted to understand how, exactly, the operating system is able to isolate processes and enforce resource quotas. I set out to replace runc with my own custom code, and a CLI wrapper that could replace docker/podman for basic CLI interactions.

What I learned, though, was that 1) systems programming is hard; 2) systems programming is even harder when you’re using Go to move between namespaces. I still have more to do in the project, but the work so far is documented in its own site, https://connergorman.com/boxr.