{"id":13423384,"url":"https://github.com/containers/crun","last_synced_at":"2025-05-12T20:49:45.284Z","repository":{"id":37411983,"uuid":"103446460","full_name":"containers/crun","owner":"containers","description":"A fast and lightweight fully featured OCI runtime and C library for running containers","archived":false,"fork":false,"pushed_at":"2025-05-08T21:22:46.000Z","size":5923,"stargazers_count":3327,"open_issues_count":31,"forks_count":346,"subscribers_count":52,"default_branch":"main","last_synced_at":"2025-05-08T22:28:17.708Z","etag":null,"topics":["containers","iot","iot-cloud","linux","oci","oci-runtime","runc","runtime","wasm-oci"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/containers.png","metadata":{"files":{"readme":"README.md","changelog":"NEWS","contributing":"CONTRIBUTING.md","funding":null,"license":"COPYING","code_of_conduct":"CODE-OF-CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-09-13T20:20:58.000Z","updated_at":"2025-05-08T21:22:50.000Z","dependencies_parsed_at":"2023-12-04T11:27:31.503Z","dependency_job_id":"8e48d29d-9818-40c0-9ab1-9c671d02bfdf","html_url":"https://github.com/containers/crun","commit_stats":{"total_commits":2327,"total_committers":119,"mean_commits":"19.554621848739497","dds":0.5612376450365277,"last_synced_commit":"05c4ea19412e77770f3959bec4ac4bd33be46776"},"previous_names":[],"tags_count":82,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/containers%2Fcrun","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/containers%2Fcrun/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/containers%2Fcrun/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/containers%2Fcrun/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/containers","download_url":"https://codeload.github.com/containers/crun/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253820417,"owners_count":21969519,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containers","iot","iot-cloud","linux","oci","oci-runtime","runc","runtime","wasm-oci"],"created_at":"2024-07-31T00:00:33.333Z","updated_at":"2025-05-12T20:49:45.239Z","avatar_url":"https://github.com/containers.png","language":"C","readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/crun.svg\" width=\"450\" height=\"450\"\u003e\n\u003c/p\u003e\n\n[![Coverity Status](https://scan.coverity.com/projects/17787/badge.svg)](https://scan.coverity.com/projects/giuseppe-crun)\n[![CodeQL](https://github.com/containers/crun/workflows/CodeQL/badge.svg)](https://github.com/containers/crun/actions?query=workflow%3ACodeQL)\n\nA fast and low-memory footprint OCI Container Runtime fully written in\nC.\n\ncrun conforms to the OCI Container Runtime specifications\n(\u003chttps://github.com/opencontainers/runtime-spec\u003e).\n\n## Documentation\n\nThe user documentation is available [here](crun.1.md).\n\n## Why another implementation?\n\nWhile most of the tools used in the Linux containers ecosystem are\nwritten in Go, I believe C is a better fit for a lower level tool like a\ncontainer runtime. runc, the most used implementation of the OCI runtime\nspecs written in Go, re-execs itself and use a module written in C for\nsetting up the environment before the container process starts.\n\ncrun aims to be also usable as a library that can be easily included in\nprograms without requiring an external process for managing OCI\ncontainers.\n\n## Performance\n\ncrun is faster than runc and has a much lower memory footprint.\n\nThis is the elapsed time on my machine for running sequentially 100\ncontainers, the containers run `/bin/true`:\n\n|               |    crun |   runc |       % |\n| ------------- | ------: | -----: | ------: |\n| 100 /bin/true | 0:01.69 | 0:3.34 | \\-49.4% |\n\ncrun requires fewer resources, so it is also possible to set stricter\nlimits on the memory allowed in the container:\n\n```console\n# podman --runtime /usr/bin/runc run --rm --memory 4M fedora echo it works\nError: container_linux.go:346: starting container process caused \"process_linux.go:327: getting pipe fds for pid 13859 caused \\\"readlink /proc/13859/fd/0: no such file or directory\\\"\": OCI runtime command not found error\n\n# podman --runtime /usr/bin/crun run --rm --memory 512k fedora echo it works\nit works\n```\n\n## Dependencies\n\nThese dependencies are required for the build:\n\n### Fedora\n\n```console\n$ sudo dnf install -y \\\n    autoconf automake gcc git-core glibc-static go-md2man \\\n    libcap-devel libseccomp-devel libtool make pkg-config \\\n    python python-libmount systemd-devel yajl-devel\n```\n\n### RHEL/CentOS Stream 9\n\n```console\n$ sudo dnf config-manager --set-enabled crb\n$ sudo dnf install -y \\\n    autoconf automake gcc git-core glibc-static go-md2man \\\n    libcap-devel libseccomp-devel libtool make pkg-config \\\n    python python-libmount systemd-devel yajl-devel\n```\n\n### RHEL/CentOS Stream 10\n\n```console\n$ sudo dnf config-manager --set-enabled crb\n$ sudo dnf install -y \\\n    autoconf automake gcc git-core glibc-static go-md2man \\\n    libcap-devel libseccomp-devel libtool make pkg-config \\\n    python python-libmount systemd-devel\n```\n\nNOTE that you need to add `--enable-embedded-yajl` to `./configure` flags below.\n\n### Ubuntu\n\n```console\n$ sudo apt-get install -y make git gcc build-essential pkgconf libtool \\\n   libsystemd-dev libprotobuf-c-dev libcap-dev libseccomp-dev libyajl-dev \\\n   go-md2man autoconf python3 automake\n```\n\n### Alpine\n\n```console\n# apk add gcc automake autoconf libtool gettext pkgconf git make musl-dev \\\n    python3 libcap-dev libseccomp-dev yajl-dev argp-standalone go-md2man\n```\n\n### Tumbleweed\n\n```console\n# zypper install make automake autoconf gettext libtool gcc libcap-devel \\\nsystemd-devel libyajl-devel libseccomp-devel python3 go-md2man \\\nglibc-static;\n```\n\nNote that Tumbleweed requires you to specify libseccomp's header file location\nas a compiler flag.\n\n```console\n# ./autogen.sh\n# ./configure CFLAGS='-I/usr/include/libseccomp'\n# make\n```\n\n## Build\n\nUnless you are also building the Python bindings, Python is needed only\nby libocispec to generate the C parser at build time, it won't be used\nafterwards.\n\nOnce all the dependencies are installed:\n\n```console\n$ ./autogen.sh\n$ ./configure\n$ make\n```\n\nTo install into default PREFIX (`/usr/local`):\n\n```console\n$ sudo make install\n```\n\n### Shared Libraries\n\nThe previous build instructions do not enable shared libraries, therefore you will be unable to use libcrun. If you wish to build the shared libraries you can change the previous `./configure` statement to `./configure --enable-shared`.\n\n## Static build\n\nIt is possible to build a statically linked binary of crun by using the\nofficially provided\n[nix](https://nixos.org/nixos/packages.html?attr=crun\u0026channel=unstable\u0026query=crun)\npackage and the derivation of it [within this repository](nix/). The\nbuilds are completely reproducible and will create a x86\\_64/amd64\nstripped ELF binary for [glibc](https://www.gnu.org/software/libc).\n\n### Nix\n\nTo build the binaries by locally installing the nix package manager:\n\n```console\n$ curl -L https://nixos.org/nix/install | sh\n$ git clone --recursive https://github.com/containers/crun.git \u0026\u0026 cd crun\n$ nix build -f nix/\n$ ./result/bin/crun --version\n```\n\n### Ansible\n\nAn [Ansible Role](https://github.com/alvistack/ansible-role-crun) is\nalso available to automate the installation of the above statically\nlinked binary on its supported OS:\n\n```console\n$ sudo su -\n# mkdir -p ~/.ansible/roles\n# cd ~/.ansible/roles\n# git clone https://github.com/alvistack/ansible-role-crun.git crun\n# cd ~/.ansible/roles/crun\n# pip3 install --upgrade --ignore-installed --requirement requirements.txt\n# molecule converge\n# molecule verify\n```\n\n## Lua bindings\n\nA Lua binding is available. See [the README](lua/README.md) for more information.\n","funding_links":[],"categories":["C","OCI runtimes:","linux","Runtimes \u0026 Platforms","Runtime"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcontainers%2Fcrun","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcontainers%2Fcrun","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcontainers%2Fcrun/lists"}