|James Mills 50ffc525a1||5 days ago|
|.chglog||1 year ago|
|.vscode||3 weeks ago|
|archive||2 years ago|
|cgroups||7 days ago|
|cli||5 days ago|
|cmd/box||7 days ago|
|container||1 week ago|
|dns||2 years ago|
|docs||2 weeks ago|
|filesystem||2 weeks ago|
|image||1 year ago|
|internal||1 week ago|
|ipam||1 week ago|
|nat||1 week ago|
|network||1 week ago|
|reexec||2 years ago|
|tests||7 days ago|
|tools||2 weeks ago|
|utils||1 week ago|
|.DS_Store||1 week ago|
|.drone.yml||7 days ago|
|.gitignore||7 days ago|
|.goreleaser.yml||1 week ago|
|CHANGELOG.md||1 week ago|
|LICENSE||2 years ago|
|Makefile||7 days ago|
|README.md||2 weeks ago|
|go.mod||7 days ago|
|go.sum||7 days ago|
|preflight.sh||7 days ago|
box -- Containers in a Box
box is a command-lint utility (non-daemon) written in Go
for creating Linux containers and sandboxing processes.
box is basically a
tiny version of docker, it uses neither containerd
box only implements a
sub-set of features you may be used to coming from Docker or similar.
- Control Groups for resource restriction (CPU, Memory, Swap, PIDs)
- Namespace for global system resources isolation (Mount, UTS, Network, IPS, PID)
- Union File System for branches to be overlaid in a single coherent file system. (OverlayFS)
- Isolated Networking each container get its own networking and ip address automatically (IPAM)
- Pulling OCI images from the Docker Hub
- Builtin basic Networking and IPAM
- and not much else...
If you have a Go development environment setup with
$GOPATH/bin/ in your
the following will just work™ 😀
go get -u git.mills.io/prologic/box
Otherwise you can build from source using
git (You still need the Go compiler):
git clone https://git.mills.io/prologic/box.git cd box make
There are pre-built binaries I publish regularly to the Releases page you can download and install. Example:
wget https://git.mills.io/prologic/box/releases/download/0.0.4/box_0.0.4_linux_amd64.tar.gz tar xvf box_0.0.4_linux_amd64.tar.gz
box requires elevated privileges in order to create new namespaces and
control groups, it must be run as
root or with an effective uid of
You can either run
box as root, or you can install the binary with the suid
chmod u+s box
# box --help A tiny tool for managing containers and sandbox processes Usage: box [command] Available Commands: exec Run a command inside a existing Container. help Help about any command images List local images ps List Containers pull Pulls an OCI compatible image from a registry rm Removes a Container. run Run a command inside a new Container. stop Stops a Container. version Display the version of box and exit Flags: -D, --debug Enable debug logging -h, --help help for box Use "box [command] --help" for more information about a command.
box run alpine /bin/sh box run alpine # same as above due to alpine default command
/bin/ch -c 'echo "Hwllo World"':
box run alpine -- /bin/sh -c 'echo "Hello World"'
-- is important here as this acts as the "flag terminator" for
box CLI and the
run sub-command and allows you to then use
command-line options that are passed to your images' entrypoint.
IP Address Management (IPAM)
box has a builtin IPAM (IP Address Management) that has a hard
coded subnet of
box0 bridge (switch) is setup for all
containers (automatically) and containers are put into their own isolated
Network Namespace and assigned an IP Address out of this subnet automatically
(without requiring DHCP).
Currently there is no support for using a different subnet or assigning static IP Addresses to containers at this time.
External Networking and Port Mapping
box uses nftables to create and manipulate NAT rules to allow containers
access to external networks (MASQUERADE) and mapping ports from the host to
the container (DNAT).
box injects the host's
/etc/resolv.conf into a newly formed container so
as long as DNS Resolution works on your host, it will work inside containers too.
box is/does NOT:
- designed to be minimal and lightweight.
- designed to be used in critical production workloads (yet).
- have any orchestrator(s) for managing services.
- have any multi-host or clustering support of any kind.
- have any support for volumes besides bind-mount(s) from the host
- have any other features you'd expect from Docker, Docker Swarm or Kubernetes.
box is licensed under the MIT License.