Running Linux containers (e.g., Docker) on macOS is currently implemented with using Hypervisor.framework (or similar VMM) by hosting a (thin) Linux guest, and users operate it from the host macOS via same command-line interface. We go beyond this complete framework by exploiting library-OS/unikernel idea in a container runtime. We ported containerd to macOS first (*1), which is currently under review, and run Linux applications with Linux Kernel Library (LKL), a library version of Linux kernel, which have no compatibility concerns as LKL is derived from Linux kernel. As a bonus, we benefit from the extensibility of the kernel components of Linux containers (as Kata containers does), while keeping low resource footprint of containers (as Nabla or other unikernels implementations can).
Because the containerd port is still undergoing, we aim this talk at giving a broader view the pull request, with why we've been worked on for this direction, how it internally works, what benefit we can obtain, and where we are moving forward. We will also give a simple demonstration of running Linux containers on macOS (on Intel but hopefully on arm64 if it's getting ready).
*1 https://github.com/containerd/containerd/pull/4526
Speakers: Hajime Tazaki