Closed andrewhowdencom closed 7 years ago
picatz
commented
7 years ago I really like the idea! 🚢 🐳 📦
If there's a Dockerfile to run the application as well, may there should be an explanation for how to use it with a short lil' blurb in the README to let people know that it's there and explain why it's there.
👍 Sweet biscuits.
andrewhowdencom
commented
7 years ago Holaa. Glad you like it! I added some additional documentation. I also converted the README to unix line endings; I hope you'll forgive the code style change, but I lint fairly hard on this machine and it's easier to fix it than to disable lints.
The justification for various things is in the commits. Let me know if you'd like to change stuff
andrewhowdencom
commented
7 years ago Ah there's a stupid derp. Let me rebase.
andrewhowdencom
commented
7 years ago Fixed
ring0lab
commented
7 years ago @andrewhowdencom :+1: I like it.
Linux containers are a primitive for executing processes in a sandbox environment through a combination of linux namespaces and cgroups. Docker is the most popular implementation of this abstraction, and comes with a reasonable behaviour in which it isolates a process with these namespaces and with seccomp, but does not (by default) apply cgroup limits. However, it offers a nice chroot style environment where the application can be trivially spun up and executed.
This commit adds a Dockerfile, which will successfully build the program and allow it to be executed. Instructions for executing it are documented in comments in the Dockerfile itself, but should be familiar to most regular docker users.