Displaying 1 to 12 from 12 results

singularity - Singularity: Application containers for Linux

  •    Go

Singularity is an open source container platform designed to be simple, fast, and secure. Singularity is optimized for EPC and HPC workloads, allowing untrusted users to run untrusted containers in a trusted way. Check out who is using Singularity and some use cases of Singularity on our website.

fuse-overlayfs - FUSE implementation for overlayfs

  •    C

An implementation of overlay+shiftfs in FUSE for rootless containers. Read-only mode is not supported, so it is always required to specify an upperdir and a workingdir.

orca-build - Build OCI images from Dockerfiles.

  •    Python

This was a SUSE Hackweek project and is mainly intended to be a simple tool for users that might want to create images as a rootless user, or to play around with a simple PoC of how various OCI technologies can interact with each other. The usage is kinda like docker build. You provide it a build context that contains a Dockerfile and orca-build does the rest. I plan to add support for some more of the docker build flags in the near future, but at the moment it works pretty well.

ctnr - rootless runc-based container engine

  •    Go

ctnr is a CLI built on top of runc to manage and build OCI images as well as containers on Linux. ctnr aims to ease system container creation and execution as unprivileged user. Also ctnr is a tool to experiment with runc features. Container networking is limited. With plain ctnr/runc only the host network can be used. The standard CNI plugins require root privileges. One workaround is to map ports on the host network using PRoot* accepting bad performance. A better solution is to use slirp4netns which emulates the TCP/IP stack in a user namespace efficiently. It can be used with ctnr via the slirp-cni-plugin. Once container initialization is also moved into a user namespace with slirp the standard CNI plugins can be used again. For instance the bridge can be used to achieve communication between containers (see user-mode networking).

rootlesscontaine.rs - Website to track the progress of rootless containers.

  •    HTML

rootlesscontaine.rs is a single-purpose website for tracking the progress of rootless container support in various projects. I'm not good at this whole "web development" gig, so I apologise for everything. If you want to actually compile the site for publishing, just run hugo --source=site. The output will be in docs.

rootlesskit - kind of Linux-native "fake root" utility, made for mainly running Docker and Kubernetes as an unprivileged user

  •    Go

rootlesskit is a kind of Linux-native "fake root" utility, made for mainly running Docker and Kubernetes as an unprivileged user. rootlesskit does an equivalent of unshare(1) and newuidmap(1)/newgidmap(1) in a single command, for creating unprivileged user_namespaces(7) and mount_namespaces(7) with subuid(5) and subgid(5).

slirp4netns - User-mode networking for unprivileged network namespaces

  •    C

slirp4netns provides user-mode networking ("slirp") for unprivileged network namespaces. slirp4netns allows connecting a network namespace to the Internet in a completely unprivileged way, by connecting a TAP device in a network namespace to the usermode TCP/IP stack ("slirp").

usernetes - Moby (aka Docker) & Kubernetes, installable under $HOME, without the root privileges

  •    Dockerfile

Usernetes aims to provide a binary distribution of Moby (aka Docker) and Kubernetes that can be installed under a user's $HOME and does not require the root privileges. Usernetes executes Moby (aka Docker) and Kubernetes without the root privileges by using unprivileged user_namespaces(7), mount_namespaces(7), and network_namespaces(7).

podman-static - Dockerized podman build

  •    Dockerfile

This image provides an easy way to try out podman and a base for nested containerization scenarios where the child container should run as unprivileged user. Containers must be run as --privileged. The container process is still started with the root user to allow the entrypoint script to change the storage volume mount point's (/podman/.local/share/containers/storage) owner to the unprivileged podman user.

podman-compose - a script to run docker-compose.yml using podman

  •    Python

For the real thing (multi-node clusters) check any production OpenShift/Kubernetes distribution like OKD. This project is still underdevelopment.

sysbox-ee - Sysbox Enterprise-Edition repository

  •    Shell

Sysbox Enterprise Edition (Sysbox-EE) is the enterprise version of the open-source Sysbox container runtime, developed by Nestybox.

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.