Building a Minimal, Rootless Container in Rust
Hosted by
Tokyo Rust
In-Person
Address available to attendees
Ready to join in on the fun?
Agenda
• 30 minutes open chat
• 90 minutes interactive talk & questions
• 30 minutes open chat
Have you ever used Docker and wondered "what is actually going on?"
Containers often feel a bit mysterious - many of us use them daily without a clear understanding of what they actually are or how they work.
In this talk, we’ll demystify containers by building a minimal, rootless container in Rust in roughly 100 lines of code.
Along the way, we’ll:
・clarify what separates containers from virtual machines,
・explore how process isolation works on Linux
・understand why running containers without root privileges is a meaningful security improvement.
Using Rust and the nix crate, we’ll interact directly with Linux kernel primitives in a way that stays both low-level and readable. Rust’s compiler-enforced honesty - explicit error handling, visible unsafe boundaries, and typed system call interfaces - makes the mechanics of container isolation difficult to ignore.
Presentations
Carlo Quick
Building a Minimal, Rootless Container in Rust
Carlo Quick is a former teacher turned software engineer here in Tokyo. He's currently building Bento, a container runtime from scratch in Rust, to understand how containers work under the hood.
Bento: https://github.com/CarloQuick/bento
LinkedIn: https://linkedin.com/in/carloquick
Platform Sponsors
Don't let broken lines of code, busted API calls, and crashes ruin your app. Join the 4M developers and 90K organizations who consider Sentry “not bad” when it comes to application monitoring. Use code “guild” for 3 free months of the team plan.
https://sentry.io
Torc is a community-first platform bringing together remote-first software engineer and developer opportunities from across the globe. Join a network that’s all about connection, collaboration, and finding your next big move — together.
Join our community today!
Ready to join in on the fun?
Platform Sponsors
Don't let broken lines of code, busted API calls, and crashes ruin your app. Join the 4M developers and 90K organizations who consider Sentry “not bad” when it comes to application monitoring. Use code “guild” for 3 free months of the team plan.
https://sentry.io
Torc is a community-first platform bringing together remote-first software engineer and developer opportunities from across the globe. Join a network that’s all about connection, collaboration, and finding your next big move — together.
Join our community today!
Building a Minimal, Rootless Container in Rust
Hosted by
Tokyo Rust
In-Person
Address available to attendees
Agenda
• 30 minutes open chat
• 90 minutes interactive talk & questions
• 30 minutes open chat
Have you ever used Docker and wondered "what is actually going on?"
Containers often feel a bit mysterious - many of us use them daily without a clear understanding of what they actually are or how they work.
In this talk, we’ll demystify containers by building a minimal, rootless container in Rust in roughly 100 lines of code.
Along the way, we’ll:
・clarify what separates containers from virtual machines,
・explore how process isolation works on Linux
・understand why running containers without root privileges is a meaningful security improvement.
Using Rust and the nix crate, we’ll interact directly with Linux kernel primitives in a way that stays both low-level and readable. Rust’s compiler-enforced honesty - explicit error handling, visible unsafe boundaries, and typed system call interfaces - makes the mechanics of container isolation difficult to ignore.
Presentations
Carlo Quick
Building a Minimal, Rootless Container in Rust
Carlo Quick is a former teacher turned software engineer here in Tokyo. He's currently building Bento, a container runtime from scratch in Rust, to understand how containers work under the hood.
Bento: https://github.com/CarloQuick/bento
LinkedIn: https://linkedin.com/in/carloquick
Get in touch!
hi@guild.host