gvisor
UTM
Our great sponsors
gvisor | UTM | |
---|---|---|
64 | 242 | |
15,046 | 24,029 | |
2.6% | 2.6% | |
9.9 | 9.5 | |
5 days ago | 5 days ago | |
Go | Swift | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gvisor
-
Maestro: A Linux-compatible kernel in Rust
Isn't gVisor kind of this as well?
"gVisor is an application kernel for containers. It limits the host kernel surface accessible to the application while still giving the application access to all the features it expects. Unlike most kernels, gVisor does not assume or require a fixed set of physical resources; instead, it leverages existing host kernel functionality and runs as a normal process. In other words, gVisor implements Linux by way of Linux."
- Google/Gvisor: Application Kernel for Containers
- GVisor: OCI Runtime with Application Kernel
- How to Escape a Container
-
Faster Filesystem Access with Directfs
This sort of feels like seeing someone riding a bike and saying: why don’t they just get a car? The simple fact is that containers and VMs are quite different. Whether something uses VMX and friends or not is also a red herring, as gVisor also “rolls it own VMM” [1].
[1] https://github.com/google/gvisor/tree/master/pkg/sentry/plat...
-
OS in Go? Why Not
There's two major production-ready Go-based operating system(-ish) projects:
- Google's gVisor[1] (a re-implementation of a significant subset of the Linux syscall ABI for isolation, also mentioned in the article)
- USBArmory's Tamago[2] (a single-threaded bare-metal Go runtime for SOCs)
Both of these are security-focused with a clear trade off: sacrifice some performance for memory safe and excellent readability (and auditability). I feel like that's the sweet spot for low-level Go - projects that need memory safety but would rather trade some performance for simplicity.
-
Tunwg: Expose your Go HTTP servers online with end to end TLS
It uses gVisor to create a TCP/IP stack in userspace, and starts a wireguard interface on it, which the HTTP server from http.Serve listens on. The library will print a URL after startup, where you can access your server. You can create multiple listeners in one binary.
-
How does go playground work?
The playground compiles the program with GOOS=linux, GOARCH=amd64 and runs the program with gVisor. Detailed documentation is available at the gVisor site.
- Searchable Linux Syscall Table for x86 and x86_64
-
Multi-tenancy in Kubernetes
You could use a container sandbox like gVisor, light virtual machines as containers (Kata containers, firecracker + containerd) or full virtual machines (virtlet as a CRI).
UTM
-
Is it impossible to upgrade from 15.1 to 16.3?
If you have TrollStore then install the HV version of UTM to try for yourself: https://github.com/utmapp/UTM/releases/latest/download/UTM.HV.ipa
- UTM – Virtual Machines for iOS and macOS
- Giving up the iPad-only travel dream
-
Exploring Windows XP on macOS ARM64
Researching a little showed that this is basically what can be expected running x86 emulation and the systems will just be wonky and slow, although it was running flawlessly, just slow.
There seem to be ways to use Rosetta2 inside a VM [0] to then translate binaries but I found no official support or documentation (using UTM+QEMU that was), this would be such a cool feature, at least there are discussions about it [1,2]
- [0] https://mybyways.com/blog/using-rosetta-in-a-utm-linux-vm-wi...
-
Run a macOS VM on Apple Silicon from a double-click with Vimy
UTM is open source too though: https://github.com/utmapp/UTM#license
- Is there a way that I can dual boot iPadOS with Windows 11?
- UTM – Run Virtual Machines on iOS
-
UTM for Developers
UTM makes it easy to set up and manage macOS and Windows virtual machines. This can be especially useful for developers such as Tauri contributors who need to test their applications across multiple platforms, or for those looking to experiment with different operating systems without affecting their primary system.
-
What is the best way to run Windows 10 or 11 (whatever is better) on a 2020 MacBook Air M1?
If you don't need high performance and want to use the OS only occasionally, check UTM.app, at https://mac.getutm.app/ (or https://github.com/utmapp/UTM ). Free, open source.
- Lima: A nice way to run Linux VMs on Mac
What are some alternatives?
firecracker - Secure and fast microVMs for serverless computing.
QEMU - Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.
podman - Podman: A tool for managing OCI containers and pods.
macos-virtualbox - Push-button installer of macOS Catalina, Mojave, and High Sierra guests in Virtualbox on x86 CPUs for Windows, Linux, and macOS
wsl-vpnkit - Provides network connectivity to WSL 2 when blocked by VPN
lima - Linux virtual machines, with a focus on running containers
kata-containers - Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
ish - Linux shell for iOS
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Code-Server - VS Code in the browser
containerd - An open and reliable container runtime
terraform-provider-libvirt - Terraform provider to provision infrastructure with Linux's KVM using libvirt