container-selinux
vfkit
Our great sponsors
container-selinux | vfkit | |
---|---|---|
2 | 1 | |
232 | 91 | |
1.3% | - | |
7.6 | 8.8 | |
4 days ago | 4 days ago | |
Roff | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
container-selinux
-
Rootless podman, SELiinux and volumes
Secondly, I'm not sure of your distro, since in another thread you said you use Ubuntu but typically SELinux is not shipped with Ubuntu. Usually Fedora/RedHat uses SELinux and Debian/Ubuntu use AppArmor. However, on RedHat systems there is a container-selinux package that containes policy files for handling containers, and installing it made a lot of my container-related alerts with SELinux disappear after I added it. I'm not sure if there's a similar package for Ubuntu.
-
Podman Desktop: A Free OSS Alternative to Docker Desktop
Yeah, use ps -Z PID (from outside of a container) to check its label.
Some other useful sources of info - the container_selinux man page tells you about container_t. And an index of Dan Walsh's blog posts about containers & SELinux can be found in the README of <https://github.com/containers/container-selinux>.
vfkit
-
Podman Desktop: A Free OSS Alternative to Docker Desktop
You can try running https://github.com/crc-org/crc with the podman preset (!) to test it. It would not be exactly the same how podman machine will use it eventualky, but might help to give an idea of performance or issues we can imorove on first. We have seen a lot of users being more than content as it also works in a vpn environment. Note that the CRC tool primarily aims at OpenShift deployment... This is a different preset (resource intensive). Only available as an installer with our tray (sorry about this).
The driver we use is https://github.com/crc-org/vfkit and I am sure Christophe could share a method to just run the VM with our driver. HMU by email if you prefer.
What are some alternatives?
pods - Keep track of your podman containers
crc - CRC is a tool to help you run containers. It manages a local OpenShift 4.x cluster, Microshift or a Podman VM optimized for testing and development purposes
firecracker - Secure and fast microVMs for serverless computing.
colima - Container runtimes on macOS (and Linux) with minimal setup
podman - Podman: A tool for managing OCI containers and pods.
wsl-vpnkit - Provides network connectivity to WSL 2 when blocked by VPN
Podman Desktop - Podman Desktop - A graphical tool for developing on containers and Kubernetes
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Docker Compose - Define and run multi-container applications with Docker
kind - Kubernetes IN Docker - local clusters for testing Kubernetes