Introduction to crun, a fast and low-memory footprint container runtime

Click for: original source

Check out crun, an OCI-compliant alternative to runc for Linux container runtime. By Dan Walsh (Red Hat), Valentin Rothberg (Red Hat), Giuseppe Scrivano (Red Hat).

runc is a Go language-based tool that reads a runtime specification and configures the Linux kernel. It eventually creates and starts container processes. As it turns out, Go might not have been the best programming language for this task. Go does not have good support for the fork/exec model of computing. Go’s threading model expects programs to fork a second process and then to exec immediately.

Unlike Go, C is not multi-threaded by default, and was built and designed around the fork/exec model. C is also a much lower level language and interacts very well with the Linux kernel. Depending on the container configuration, crun can be twice as fast as runc.

Some additional features of crun:

  • Sharing files by group for rootless containers
  • Controlling stdout and stderr of OCI hooks
  • Crun supports running older versions of systemd on cgroup v2
  • Crun as a library
  • Extensibility of crun
  • Crun is more portable

crun is an excellent alternative to runc for the OCI runtime. It proves the power of standards like the OCI runtime specification and the open source way. Follow the article for more information about memory consumption and simple benchmarks. Good read!

[Read More]

Tags containers open-source software-architecture devops linux