Samuel Karp Samuel Karp , an Amazon engineer developing Bottlerocket Linux distribution and container isolation technologies for AWS, is developing on jail -environments FreeBSD new runtime runj to provide isolated running of containers designed according to the Open Container Initiative (OCI) specification. The project is positioned as an experimental one, developed in free time from the main work and is still at the prototype stage. The code is written in the Go language and is distributed under the BSD license.
Once developed to the proper level, OCI compatibility will potentially allow runjs to be used to replace the default runtime on Docker and Kubernetes systems, using FreeBSD instead of Linux to run containers. From the OCI runtime, implemented commands to create, delete, start, force terminate and assessing the condition of containers. The container stuffing is created based on the standard or stripped-down FreeBSD environment.
Since the OCI specification does not yet support FreeBSD, the project has developed a number of additional parameters related to configuring jail and FreeBSD, which are planned to be submitted for inclusion in OCI core spec . To manage jail, the jail, jls, jexec, kill and ps utilities from FreeBSD are used, without directly accessing system calls. Future plans highlight the addition of support for resource cap management through the RCTL kernel interface.
In addition to its own runtime runj, an experimental layer is also being developed in the project repository for use with the containerd toolkit (standard Docker runtime), modified for FreeBSD support.
A special utility is provided to convert FreeBSD rootfs to an OCI-compatible container image. In the future, the created image can be imported into containerd.