Writing a container in a few lines of Go code, as seen at DockerCon 2017 and on O'Reilly Safari
You need root permissions for this version to work. Or you can adapt it to be a rootless container by as shown in these slides.
Note that the Go code uses some syscall definitions that are only available when building with GOOS=linux.
Container implementation from scratch based on "lizrice/containers-from-scratch"
A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI https://github.com/aquasecurity/trivy
Download slides and read the full abstract here: https://gotoams.nl/2018/sessions/429
RECOMMENDED BOOKS Liz Rice • Container Security • https://amzn.to/3oU4iJe Liz Rice • Kubernetes Security • https://www.oreilly.com/library/view/...
Video URL: https://youtu.be/8fi7uSYlOdc
#gotocon #gotoams #Containers GOTO 2018 • Containers From Scratch • Liz Rice
https://github.com/lizrice/containers-from-scratch.git
Links:
https://www.linuxtechi.com/install-configure-kubernetes-ubuntu-18-04-ubuntu-18-10/
https://golang.org/doc/install?download=go1.14.linux-amd64.tar.gz
Linux:
https://www.kernel.org/doc/Documentation/filesystems/sysfs.txt
https://askubuntu.com/questions/720471/whats-the-sys-directory-for
https://superuser.com/questions/794198/directory-sys-in-linux
https://www.ubuntubuzz.com/2015/09/a-basic-chroot-example-in-ubuntu.html
https://help.ubuntu.com/community/Installation/MinimalCD
Credit: anusah