runc(1)
A CLI tool for spawning and running containers according to the OCI Runtime Specification.
Synopsis
runc [OPTION]... COMMAND [ARG]...Description
runc is a lightweight, portable Open Container Initiative (OCI) runtime. It runs containers from OCI bundle directories containing a config.json specification file and a root filesystem. runc is used by container engines like Docker and containerd to actually execute containers on Linux systems.
Containers are created, started, and managed via subcommands. Each container runs in isolation with its own filesystem, network namespace, and process tree. runc handles low-level Linux kernel features like cgroups, namespaces, and seccomp to enforce isolation.
Common options
| Flag | What it does |
|---|---|
--bundle, -b | Path to OCI bundle directory (containing config.json); defaults to current directory |
--root | Root directory for container state (default /run/runc) |
--cgroup-manager | Cgroup manager to use: systemd or cgroupfs (default cgroupfs) |
--debug | Enable debug output to stderr |
--log | Path to write log messages to |
--log-format | Log format: text or json (default text) |
--systemd-cgroup | Use systemd for cgroup management and detection |
--rootless | Run runc in rootless mode |
Examples
Create a container named 'mycontainer' from the OCI bundle in the current directory (creates but doesn't start)
runc create mycontainerStart a previously created container named 'mycontainer'
runc start mycontainerCreate and start a container in one command, blocking until the container exits
runc run mycontainerExecute a new process (/bin/sh) inside an already-running container
runc exec mycontainer /bin/shList all containers managed by runc with their PID and status
runc listDelete a stopped container and its state from the runc root directory
runc delete mycontainerRun a container using a specific bundle path and custom root directory
runc --bundle /path/to/bundle --root /var/run/runc run testctrPause a running container and then resume it
runc pause mycontainer && runc resume mycontainer