libkrun
container-shell
| libkrun | container-shell | |
|---|---|---|
| 9 | 6 | |
| 1,244 | 68 | |
| 5.8% | - | |
| 9.5 | 5.1 | |
| 3 days ago | 5 months ago | |
| Rust | Shell | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libkrun
-
Anylinuxfs – mount any Linux filesystem read/write on a Mac
Hi, the author here. Thanks for sharing! My solution is based on https://github.com/containers/libkrun (the microVM hypervisor for Linux and Mac) and NFS. I wanted to take advantage of virtualization instead of any macFUSE experimental drivers and just make it easy to use. I'm also keeping an eye on https://developer.apple.com/documentation/fskit which could be an interesting alternative in the future (once stabilized).
-
Hyperlight: Virtual machine-based security for functions at scale
libkrun (on Linux) is probably a closer comparison (though still not quite the same). https://github.com/containers/libkrun
- My VM is lighter (and safer) than your container
-
Krunvm – Create MicroVMs from OCI Images
These specific microVMs are managed by: https://github.com/containers/libkrun#goals-and-non-goals (linked directly to project scopes).
In summary though (others redacted):
# Goals - Execute Docker Containers as QEMU MicroVMs
-
Show HN: krunvm – Create and run lightweight VMs from OCI images
The key is that libkrun (https://github.com/containers/libkrun), the library that krunvm uses for running the VMs, as recently integrated support for Hypervisor.framework on ARM64, in addition to KVM.
As for buildah, the Homebrew repo contains a build that includes this PR (https://github.com/containers/storage/pull/811).
container-shell
-
Fake VS Code Extension on NPM Spreads Multi-Stage Malware
I use orbstack for lightweight containers, and https://github.com/jrz/container-shell for each project or experiment. Lightweight chrooted environments using containers. Firewalls only protect the network stack.
-
Automate Project Environments with Devbox and Direnv
Very nice. I'll def. check it out.
I've created https://github.com/jrz/container-shell myself, which has a similar mindset, but is based on docker and is just a single bash script.
-
My VM is lighter (and safer) than your container
Not really, you'd still need a proper chroot / etc.
Check out https://github.com/jrz/container-shell
-
Lcl.host: fast, easy HTTPS in your local dev environment
Just use orbstack, it gives you https and hostnames.
Shameless plug: https://github.com/jrz/container-shell in combination with orbstack. Isolated dev environment, easy to use, local tools, https
-
Over 100k Infected Repos Found on GitHub
Check out https://github.com/jrz/container-shell it is one of the use cases. Not a VM but a docker container
- Show HN: container-shell – containers as chroot sandbox on steroids
What are some alternatives?
firecracker - Secure and fast microVMs for serverless computing.
nixos-unified-template - A multi-platform Nix configuration template optimized as development environment, based on nixos-unified.
libkrunfw - A dynamic library bundling the guest payload consumed by libkrun
Quark - A secure container runtime with CRI/OCI interface
kata-containers - Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
firecracker-container