container-selinux
colima
Our great sponsors
container-selinux | colima | |
---|---|---|
2 | 110 | |
232 | 16,793 | |
1.3% | - | |
7.6 | 8.2 | |
4 days ago | 14 days ago | |
Roff | Go | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
container-selinux
-
Rootless podman, SELiinux and volumes
Secondly, I'm not sure of your distro, since in another thread you said you use Ubuntu but typically SELinux is not shipped with Ubuntu. Usually Fedora/RedHat uses SELinux and Debian/Ubuntu use AppArmor. However, on RedHat systems there is a container-selinux package that containes policy files for handling containers, and installing it made a lot of my container-related alerts with SELinux disappear after I added it. I'm not sure if there's a similar package for Ubuntu.
-
Podman Desktop: A Free OSS Alternative to Docker Desktop
Yeah, use ps -Z PID (from outside of a container) to check its label.
Some other useful sources of info - the container_selinux man page tells you about container_t. And an index of Dan Walsh's blog posts about containers & SELinux can be found in the README of <https://github.com/containers/container-selinux>.
colima
-
Lcl.host: fast, easy HTTPS in your local dev environment
If you don't need a GUI, the following combo works pretty well:
- https://github.com/abiosoft/colima
- https://github.com/peterldowns/localias
-
Damn Small Linux 2024
You might look into CoLima as a way to get started.
https://github.com/abiosoft/colima?tab=readme-ov-file
Its user interface is Docker-like, using containers.
For full desktop, I've only used the commercial app "Parallels", which can set up an Ubuntu desktop for you. Also Fedora and Alpine and Debian I believe.
But
> I don't really have any resources to share. I just know how to boot a vmlinuz with an initramfs using QEMU, and decided to download the Linux kernel source code and try compiling it.
I highly recommend working through Linux from Scratch and possibly the Gentoo Handbook. It's a journey.
-
Howto: WASM runtimes in Docker / Colima
I could not find any guide how to add WASM container capability to Docker running on Colima. This guide provides a few Colima templates for exactly this, which adds WasmEdge, Wasmtime and Wasmer runtime types.
-
RamRamRamEveryoneSleepingOnDocker
Colima runs much faster on Macos: https://github.com/abiosoft/colima
-
Podman Desktop v1.5 with Compose onboarding and enhanced Kubernetes pod data
After docker desktop became unusable, I jumped to colima and never looked back. I still use the docker runtime in it (the non-proprietary part) but it also supports containerd. On Mac it's just a "brew install colima" and then "colima start"
I also install the compose and ecr credentials plug-ins (since I use ecr for my container registry.) It has the full functionality of docker desktop minus the UI, which I never used anyways.
https://github.com/abiosoft/colima
-
K3s – Lightweight Kubernetes
On my M1 Pro system, I have nothing but positive things to say about the experience of using Colima (https://github.com/abiosoft/colima). Quick to set up and fast to use.
- abiosoft/colima
-
UTM – Virtual Machines for iOS and macOS
I'd say Lima and Colima should be enough for most use cases:
https://lima-vm.io/
https://github.com/abiosoft/colima
-
Lazydocker
The bash/zsh equivalent wouldn't be too hard, but I use fish.
[0] https://github.com/abiosoft/colima, https://hn.algolia.com/?q=https%3A%2F%2Fgithub.com%2Fabiosof...
[1] https://orbstack.dev [3], https://hn.algolia.com/?q=https%3A%2F%2Forbstack.dev
[2] https://github.com/abiosoft/colima#customizing-the-vm and https://github.com/abiosoft/colima/blob/main/docs/FAQ.md#edi...
[3] I’m on OrbStack now, but it isn’t so much better at how I use Docker than Colima is that I think that it’s an instant buy, especially with the planned subscription model. If I used anything other than the Docker integration, I might think it's better, but as of right now, no.
I also have some issues with its insistence on asking for elevated permissions. I will never grant permission[4] to make a symlink to the "standard" Docker socket; context and `$DOCKER_HOST` work well enough. It should not ask if the permission hasn't been given once. I also worry about other "advanced" features that may need an elevated permissions helper[5].
[4] https://github.com/orbstack/orbstack/issues/281#issuecomment...
[5] https://github.com/orbstack/orbstack/issues/281#issuecomment... and following
- FLaNK Stack Weekly for 17 July 2023
What are some alternatives?
pods - Keep track of your podman containers
lima - Linux virtual machines, with a focus on running containers
vfkit
Podman Desktop - Podman Desktop - A graphical tool for developing on containers and Kubernetes
crc - CRC is a tool to help you run containers. It manages a local OpenShift 4.x cluster, Microshift or a Podman VM optimized for testing and development purposes
minikube - Run Kubernetes locally
firecracker - Secure and fast microVMs for serverless computing.
rd - Container Management and Kubernetes on the Desktop
podman - Podman: A tool for managing OCI containers and pods.
wsl-vpnkit - Provides network connectivity to WSL 2 when blocked by VPN
multipass - Multipass orchestrates virtual Ubuntu instances