distribution
containerd
distribution | containerd | |
---|---|---|
15 | 125 | |
8,395 | 16,336 | |
1.2% | 1.1% | |
9.4 | 9.9 | |
4 days ago | 6 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
distribution
-
How Do I Actually Use Docker?
To transfer the image between your local machine and the server, you'll need a registry such as Docker Hub or GitHub Container Registry. (Technically you can compress images and distribute them as files but it's more of a headache than it's worth) There are plenty of registries that will allow you to host private images if that's a concern for you, but it will be harder to find a free/cheap solution. You can also host your own registry using the Distribution Project. But be warned that while hosting a basic registry is really easy, locking it down can be a pain because of the lack of well maintained and easy to use projects.
-
Go doesn’t do any magical stuff and I love that
The open source repository my colleague and I reference in this talk can be seen at https://github.com/distribution/distribution/
-
Good options for HA docker registry?
FWIW, the open source registry application itself is essentially stateless. You just run multiple copies of it and point all of them at the same storage for a High Availability setup. If you have GlusterFS, you can mount it to the local filesystem and use the filesystem storage driver, though you may need to tweak settings for it to function properly (example).
- Self-Hosting container registry
-
Ask HN: Has anyone self/on-prem hosted a container registry
It's always been one of those items deep down on the "to consider" list, and my rationale was that there really aren't any straight-forward solutions for this and with Gitlab and Github offering their own registries it was never a problem.
But yesterday I found out that Docker's Registry core (Distribution) [0] is OpenSource (and used by other registries too!), but I haven't seen many mentions of it until then. I've checked out their documentation and it seems solid.
So, what is your experience with self-hosting registries be it Distribution, Harbour or something else. Any hidden PITA? I myself will spin Distribution up on the dev env and see how it goes!
[0]: https://github.com/distribution/distribution
-
What is "registry"?
The original registry "distribution" project (which is the base of Docker Hub, Harbor, etc) was donated to the CNCF: https://github.com/distribution/distribution
-
Harbor + Kubernetes = Self-Hosted Container Registry
Evaluated this a couple of weeks back. Ended up going for registry:2 aka distribution/distribution + https://github.com/cesanta/docker_auth + https://github.com/Quiq/docker-registry-ui
-
Docker desktop no longer free for large companies
> There's a standards conversion going on where we can trace the provenance of each and every layer of the image, we can start signing those layers, and with that metadata, we can start doing automated decisioning, automated reporting, automated visibility into what's been done to that image at each step of the lifecycle.
Docker's CEO is being disingenuous. When you deploy a Docker container, you specify the image ID. The ID looks like a SHA-256 digest and even starts with the string 'sha256' but it is an arbitrary value generated by the docker daemon on the local machine. The ID is not a hash of the image contents [0]. In other words, docker images are not content-addressed.
Since docker images are not content-addressed, your image registry and image transfer tools can subvert the security of your production systems. The fix is straightforward: make an image ID be the SHA-256 digest of the image contents, which is the same everywhere: on your build system, image registry, test system, and production hosts. This fix will increase supply chain security for all Docker users. It is massive low-hanging fruit.
Now Docker will add image signatures without first making images content-addressed. Their decision makes sense only if their goal is to make money and not make a secure product. I cannot trust a company with such priorities.
[0] https://github.com/distribution/distribution/issues/1662
-
Any lightweight docker registry host suggestion?
no docker distribution please, https://github.com/distribution/distribution seems hard to run and config.
-
Suggestions for self hosted container registries?
I’ve not used it myself but it does look like the Docker registry itself is open source https://docs.docker.com/registry/deploying/ and https://github.com/distribution/distribution
containerd
-
Exploring 5 Docker Alternatives: Containerization Choices for 2024
Containerd and nerdctl
-
The Road To Kubernetes: How Older Technologies Add Up
Kubernetes on the backend used to utilize docker for much of its container runtime solutions. One of the modular features of Kubernetes is the ability to utilize a Container Runtime Interface or CRI. The problem was that Docker didn't really meet the spec properly and they had to maintain a shim to translate properly. Instead users could utilize the popular containerd or cri-o runtimes. These follow the Open Container Initiative or OCI's guidelines on container formats.
-
Fun with Avatars: Containerize the app for deployment & distribution | Part. 2
Container Engine: A runtime that executes and manages containers. Docker and containerd are popular container engines.
-
Complexity by Simplicity - A Deep Dive Into Kubernetes Components
Multiple container runtimes are supported, like conatinerd, cri-o, or other CRI compliant runtimes.
-
macOS Containers v0.0.1
This is a failed attempt to upstream part of containerd changes: https://github.com/containerd/containerd/pull/8789
Other part of containerd changes waits for gods-know-what: https://github.com/containerd/containerd/pull/9054
But I haven't gave up yet.
- Latest versions of Docker cause memory leak in MySQL 5.7
-
Kubernetes Setup With WSL Control Plane and Raspberry Pi Workers
containerd is required by kubernetes to handle containers on its behalf. A big thanks to the HostAfrica blog for the information on setting containerd up for debain. So the containerd install will need to happen on both the WSL2 instance and the Raspberry Pis. For WSL2 you can just install containerd directly:
-
Bingo of the Kubernetes problems I found myself debugging over the past weeks. AMA :p
The context deadline exceeded: unknown is also in containerd, and is a known problem.
-
Hi peeps, I am getting error installing docker. Now let me give you some context. I was trying to install docker on the google colab notebook. As google colab is ubuntu under the hood. So I just followed the docker linux terminal installation commands.
Get:1 https://download.docker.com/linux/ubuntu focal/stable amd64 containerd.io amd64 1.6.21-1 [28.3 MB]
-
Docker Explained - Again
Docker Desktop adds a bunch of stuff to simplify local development and that’s why it has a larger memory footprint. You don’t use that when deploying but something like https://containerd.io/.
What are some alternatives?
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
podman - Podman: A tool for managing OCI containers and pods.
Portus - Authorization service and frontend for Docker registry (v2)
cri-o - Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Dragonfly - This repository has be archived and moved to the new repository https://github.com/dragonflyoss/Dragonfly2.
Moby - The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
podman-compose - a script to run docker-compose.yml using podman
distribution-library-image
colima - Container runtimes on macOS (and Linux) with minimal setup
machine
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.