An exercise in self-isolation using PHP
- linux 3.8+
- util-linux package
- PHP 7.0+
- ext-posix
- Clone this repository
- Pick a minimal rootfs of your choice and copy its contents to the
images/[name of the image]folder. Some root filesystems you may try:- Ubuntu
- CentOS
- Alpine
- Most images on LXC's Jenkins should work fine.
./phocker run [image] [command]to launch a container and execute the command in it../phocker exec [container] [command]to execute a command on a running container.
pedro@host ~/dev/pmmaga/phocker $ ./phocker run alpine ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
pedro@host ~/dev/pmmaga/phocker $ ./phocker run alpine ps
PID TTY TIME CMD
1 ? 00:00:00 php
6 ? 00:00:00 sh
7 ? 00:00:00 ps
pedro@host ~/dev/pmmaga/phocker $ echo "Hello phocker!" | ./phocker run alpine cat --
Hello phocker!
pedro@host ~/dev/pmmaga/phocker $ ./phocker run ubuntu /bin/bash
root@phocker:/# whoami
root
root@phocker:/# hostname
phocker
root@phocker:/# exit
exit
The containers are not removed after exiting. Periodical cleanup of the containers/ folder may be advisable.
Heavily inspired by Liz Rice's talk Containers from scratch and the corresponding repository I set out to try to accomplish the same using PHP.
It also helped me better understand the process behind the isolation achieved by container runtime engines.