build images with runc

[unclejack]

This would enable the exploration of different ideas around the build process. It would also make it possible to produce images for runc.

[erikh]

This is something I really want to do. Here's a plan of attack:

We keep a running list of layers that we're currently operating on. Then, we manage a single mount using overlayfs stacking to mount them. we write to the top layer. Once the build has successfully completed, we tar the layers.

As for a build cache, if we were to specify a dir and rename each new mount with the SHA of the contents of the directory, as long as we don't rely on it at tar time we should have plenty to key off of for dirs to manage. This would also make the cache local and retargettable offering some additional options.

I don't see runc being used for more than the run statement, we have the OCI and docker image manipulation code available to us so we can use that for the rest. Managing the overlayfs mounts will be key.

A key problem with runc is that it doesn't have any networking, which is fine for many situations but certainly not optimal. Something to consider if we're going to go all-in on this.

The builder has been broken out into a building context and an execution context, so you could do this work on the side if you wanted.

[diclophis]

Is there any value in leveraging some of the "multi container build-strategy" technology found in this project? https://github.com/haconiwa/haconiwa

[erikh]

@diclophis I'm on vacation; sorry about the late reply!

Since this is a C-based project it would be especially hard to cherry-pick this functionality.

You may or may not also be aware of GitHub.com/docker/libcontainer which is what powers docker and is written in go (which is what box uses). It is very mature software at this point. If I were to go down this road I would probably do that.