[an-oh-cheer] Another OCI Runtime.
An experimental Linux container runtime, implementing the OCI Runtime Spec.
Note
This is a personal project to explore how container runtimes work. It's not production-ready. If you're looking for a production-ready alternative to runc, I think youki is pretty cool.
The process of building this is being documented in a series of blog posts which you can read here: Building a container runtime from scratch in Go.
- Implement the OCI Runtime Spec and pass all tests in the OCI Runtime Spec test suite.
- Implement the containerd shim API.
- Implement the Kubernetes CRI API and pass all tests in the CRI validation test suite.
- Download the tarball for your architecture from Releases.
- Extract the
anocirbinary from the tarball into somewhere in$PATH, e.g.~/.local/bin. - View docs by running
anocir --helporanocir COMMAND --help.
Caution
Some features may require sudo and make changes to your system. Take appropriate precautions.
By default, the Docker daemon uses the runc container runtime. anocir can be used as a drop-in replacement for runc.
You can find detailed instructions on how to configure alternative runtimes in the Docker docs. If you just want to quickly experiment, the following should suffice:
# 1. Stop any running Docker service
sudo systemctl stop docker.service
# 2. Start the Docker Daemon with added anocir runtime
sudo dockerd --add-runtime anocir=PATH_TO_ANOCIR_BINARY
# 3. Run a container using the anocir runtime
docker run -it --runtime anocir busybox sh
The anocir CLI implements the OCI Runtime Command Line Interface spec. You can view the docs by running anocir --help or anocir [COMMAND] --help.
Feel free to leave any comments/suggestions/feedback in issues.
Prerequisite: Compiler for Go installed (instructions).
git clone git@github.com:nixpig/anocir.gitcd anocirmake buildmv tmp/bin/anocir ~/.local/bin
I'm developing anocir on the following environment. Even with the same set up, YMMV.
Linux vagrant 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64 x86_64 x86_64 GNU/Linuxgo version go1.25.5 linux/amd64Docker version 27.3.1, build ce12230
You can spin up this VM from the included Vagrantfile, just run vagrant up.
See OCI.md for details of tests.
- Start the dev VM:
vagrant up --provision && vagrant ssh - Build the anocir binary:
cd /anocir && make build-oci
- Build the test executables:
cd /anocir/test/runtime-tools && make runtimetest validation-executables
- Run the test suite:
sudo RUNTIME=/anocir/tmp/bin/anocir /anocir/test/scripts/oci-integration.sh
While this project was built entirely from scratch, inspiration was taken from existing runtimes, in no particular order: