documentation
roadmap
documentation | roadmap | |
---|---|---|
5 | 49 | |
454 | 1,447 | |
- | 1.2% | |
6.1 | 2.6 | |
almost 3 years ago | 2 months ago | |
Shell | ||
Apache License 2.0 | Creative Commons Zero v1.0 Universal |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
documentation
-
Speed boost achievement unlocked on Docker Desktop 4.6 for Mac
Both Kata Containers and UTM support virtio-fs, so this is not strictly true. The former can be used as a stand-in replacement for the runtime used by docker desktop[1]. With the latter, one could use a UTM-backed guest as a docker runtime in macOS[2] or run docker directly on the guest[3].
[1] https://github.com/kata-containers/documentation/blob/master...
[2] https://www.codeluge.com/post/setting-up-docker-on-macos-m1-...
[3] https://www.lifeintech.com/2021/11/03/docker-performance-on-...
-
Kubernetes Security Checklist 2021
For services with increased security requirements, it is recommended to use a low-level run-time with a high degree of isolation (gVisior, Kata-runtime)
-
Kata Containers on GKE?
On the official Kata repo, I found a tutorial only for manually deployed Kubernetes on GCE.
-
Monitoring Elixir Apps on Fly.io with Prometheus and PromEx
This is new and may not be used much, but it is possible to use part of Kata with part of Firecracker. https://github.com/kata-containers/documentation/wiki/Initia...
-
Docker Without Docker
If it's using firecracker, it's probably using KVM virtualization while ensuring that the memory the VM consumes is not pinned... that is, that the VM can be swapped out of memory. For reference, firecracker was created by AWS to run and secure AWS Lambda. The hypervisor is written in rust and uses seccomp to eliminate unnecessary system calls. They open sourced it a few years back.
What you gain is a stronger security boundary. Just FYI, since 2019, you can also do this in Kubernetes using Kata containers which will happily shim firecracker. The setup is not simple though.
https://github.com/kata-containers/documentation/wiki/Initia...
Overall, fly.io building infrastructure on this pattern is fantastic and making it accessible is fantastic. Looking forward to seeing how this continues to evolve and am happy to see more infra build on top of firecracker. Very exciting!
roadmap
- Docker considering flatpak and snap apps for Linux (please upvote)
-
Apple unveils M3, M3 Pro, and M3 Max, the most advanced chips for a PC
x86-64 containers?
https://github.com/docker/roadmap/issues/384 is still open. :(
-
Debugging Slim Containers: A quick tutorial using the "Docker Labs Debug Tools" extension
Request features or give feedback: https://github.com/docker/roadmap/issues/524
-
"The docker container stop command is deprecated" - is this true?
Nothing in the road map [Github] returned by searching 'stop'.
-
How do I get real client IP inside docker container for logging to the database
Further reading online revealed that host network mode is not available for swarm started with docker stack deploy. (Possible related open issue: github link).
-
Serious Question: why use Docker Desktop? (from a Linux user)
Single-click k8s install. Extensions. Init. And there are people who just prefer an app-based experience for their own reasons - I think it was the most "upvoted" request ever on their public roadmap.
-
Ask HN: Is MacBook Pro 14 M1 16/512 still a great choice?
In case you need to run x86 containers: Docker has Rosetta support now but it's buggy.
https://github.com/docker/roadmap/issues/384
Without Rosetta it uses relatively slow Qemu emulation.
-
Docker's deleting Open Source images and here's what you need to know
https://github.com/docker/roadmap/issues/44
So, at the moment, any public organization images are doomed to be lost, if they won't pay.
-
How's the M2 Max for Docker development?
I've been watching this GitHub issue for damn near 3 years. Filesystem performance is pretty bad, depending on what you're doing. I had to kludge together workarounds to my DX at my last role where we used Docker for development. It was really, really painful and distracting.
-
Launch HN: Moonrepo (YC W23) – Open-source build system
[2] https://github.com/docker/roadmap/issues/7
What are some alternatives?
grype - A vulnerability scanner for container images and filesystems
podman-compose - a script to run docker-compose.yml using podman
kubevirt - Kubernetes Virtualization API and runtime in order to define and manage virtual machines.
microk8s - MicroK8s is a small, fast, single-package Kubernetes for datacenters and the edge.
simplenetes - The sns tool is used to manage the full life cycle of your Simplenetes clusters. It integrates with the Simplenetes Podcompiler project podc to compile pods.
multipass - Multipass orchestrates virtual Ubuntu instances
oci-seccomp-bpf-hook - OCI hook to trace syscalls and generate a seccomp profile
swarmkit - A toolkit for orchestrating distributed systems at any scale. It includes primitives for node discovery, raft-based consensus, task scheduling and more.
krane - Kubernetes RBAC static analysis & visualisation tool
rancher - Complete container management platform
cvehound - Check linux sources dump for known CVEs.
toolbox - The Docker Toolbox